Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/AhfcB7wtAki1g6Q0egsXRwwXsqQ.roa
File: AhfcB7wtAki1g6Q0egsXRwwXsqQ.roa (raw, json)
Hash identifier: hVSlOxHLxormyVnKrt825LXRBQ3CFJ7o4+otP8BgaJA=
Subject key identifier: 02:17:DC:07:BC:2D:02:48:B5:83:A4:34:7A:0B:17:47:0C:17:B2:A4
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194259006FFB835BE054FFA3F0F6FC9AF9F
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/AhfcB7wtAki1g6Q0egsXRwwXsqQ.roa
Signing time: Thu 02 Jan 2025 05:49:43 +0000
ROA not before: Thu 02 Jan 2025 05:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210188
IP address blocks: 31.148.246.0/24 maxlen: 24
93.170.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Mar 2025 15:03:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:90:06:ff:b8:35:be:05:4f:fa:3f:0f:6f:c9:af:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0217dc07bc2d0248b583a4347a0b17470c17b2a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f6:f1:c8:ee:fe:1c:d2:df:84:bc:15:b7:18:
27:93:5f:99:19:23:a7:d7:1b:cc:b1:ab:39:93:a9:
51:e7:a2:74:8f:b4:91:3a:38:1d:3a:89:5e:3e:1e:
08:da:9d:35:95:11:f0:47:49:0a:2d:a3:11:c8:24:
37:20:ab:39:37:d4:cd:84:53:56:40:45:22:9f:1e:
ae:4d:9f:be:96:1c:8b:d9:8b:0f:2d:9e:66:ef:66:
97:e3:e5:6f:10:5f:1d:e5:09:36:21:1d:d7:36:51:
e6:40:22:2d:10:08:17:8b:1a:ac:a2:fe:15:30:d2:
2a:fb:67:4f:d9:e3:12:3f:27:b2:86:83:ea:53:ba:
53:fa:02:70:25:bb:ad:84:12:fe:21:a4:8f:4a:29:
8d:8b:41:53:6f:8c:09:b6:6a:fd:51:fe:18:3f:a7:
c1:51:0b:6b:d2:40:3b:59:ae:ec:75:d7:35:e2:50:
c6:95:85:8c:66:50:b0:e8:0a:e4:88:11:cd:3e:b5:
3d:69:7e:b9:12:33:30:08:9c:2c:ca:41:a9:ac:40:
8f:0f:95:38:a9:8e:ac:1b:99:82:1f:b0:c4:22:ba:
e2:3c:53:33:08:47:ff:9a:99:a6:56:1e:5f:e4:8a:
5b:59:ae:ed:13:83:a2:53:e0:9c:c0:5a:ac:5a:e6:
f0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:17:DC:07:BC:2D:02:48:B5:83:A4:34:7A:0B:17:47:0C:17:B2:A4
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/AhfcB7wtAki1g6Q0egsXRwwXsqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.246.0/24
93.170.100.0/24
Signature Algorithm: sha256WithRSAEncryption
26:9a:90:41:58:e3:ba:91:47:6e:39:cb:4e:53:75:92:c9:8c:
87:59:b3:7f:fe:85:c1:22:32:61:b0:68:a3:83:f4:c9:e7:2b:
eb:75:6f:01:e1:a6:3f:c0:13:17:9f:c9:85:2d:0b:c9:45:48:
f2:1e:64:a9:6c:7b:26:f7:5d:e0:4d:3f:41:c5:ee:33:0a:b6:
02:20:10:a0:78:9d:cb:ff:96:ce:ab:0f:64:46:55:23:c8:72:
0a:3b:be:f5:d1:4f:70:0d:d9:7e:d6:48:ea:b4:e3:1f:b7:41:
a6:c3:c4:6e:1b:7b:48:69:20:de:b5:3f:cb:83:2e:94:c3:f3:
dd:77:df:e4:1c:77:b1:9a:45:5a:32:2f:ef:3f:2b:b2:28:db:
10:b6:02:32:97:6e:46:45:aa:c5:66:00:81:f3:cc:5c:69:ed:
3f:8e:c6:b0:84:de:e0:4f:6b:21:0a:f3:22:24:24:d2:60:70:
cb:9c:81:62:75:17:0a:a2:57:18:85:84:f6:95:cb:6a:75:58:
59:12:48:13:57:4b:b8:89:89:c5:44:72:cc:01:fe:6c:09:d8:
99:2b:5e:dc:0a:77:3c:ff:50:94:33:63:1c:de:cd:f2:10:01:
76:d4:0a:ac:f1:ad:27:84:23:1a:f5:83:07:62:43:52:d7:0a:
83:71:65:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlkAb/uDW+BU/6Pw9vya+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjE3ZGMwN2JjMmQwMjQ4YjU4M2E0MzQ3YTBiMTc0NzBjMTdiMmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfbxyO7+HNLfhLwVtxgnk1+ZGSOn
1xvMsas5k6lR56J0j7SROjgdOolePh4I2p01lRHwR0kKLaMRyCQ3IKs5N9TNhFNW
QEUinx6uTZ++lhyL2YsPLZ5m72aX4+VvEF8d5Qk2IR3XNlHmQCItEAgXixqsov4V
MNIq+2dP2eMSPyeyhoPqU7pT+gJwJbuthBL+IaSPSimNi0FTb4wJtmr9Uf4YP6fB
UQtr0kA7Wa7sddc14lDGlYWMZlCw6ArkiBHNPrU9aX65EjMwCJwsykGprECPD5U4
qY6sG5mCH7DEIrriPFMzCEf/mpmmVh5f5IpbWa7tE4OiU+CcwFqsWubwMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAIX3Ae8LQJItYOkNHoLF0cMF7KkMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvQWhmY0I3d3RBa2kxZzZRMGVnc1hSd3dYc3FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH5T2AwQA
XapkMA0GCSqGSIb3DQEBCwUAA4IBAQAmmpBBWOO6kUduOctOU3WSyYyHWbN//oXB
IjJhsGijg/TJ5yvrdW8B4aY/wBMXn8mFLQvJRUjyHmSpbHsm913gTT9Bxe4zCrYC
IBCgeJ3L/5bOqw9kRlUjyHIKO7710U9wDdl+1kjqtOMft0Gmw8RuG3tIaSDetT/L
gy6Uw/Pdd9/kHHexmkVaMi/vPyuyKNsQtgIyl25GRarFZgCB88xcae0/jsawhN7g
T2shCvMiJCTSYHDLnIFidRcKolcYhYT2lctqdVhZEkgTV0u4iYnFRHLMAf5sCdiZ
K17cCnc8/1CUM2Mc3s3yEAF21Aqs8a0nhCMa9YMHYkNS1wqDcWVx
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:41:37 2025 by rpki-client