Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Vok2BCscAsoYR5w7Nj-aACxQqzI.roa
File: Vok2BCscAsoYR5w7Nj-aACxQqzI.roa (raw, json)
Hash identifier: YphHsWMVbugz66E5nnR6EKhwjtRX2/SKY9xJS9Ns1/c=
Subject key identifier: 56:89:36:04:2B:1C:02:CA:18:47:9C:3B:36:3F:9A:00:2C:50:AB:32
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FB5EFA55E08ABF46B4A5BA8EAB04A
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Vok2BCscAsoYR5w7Nj-aACxQqzI.roa
Signing time: Thu 02 Jan 2025 05:49:22 +0000
ROA not before: Thu 02 Jan 2025 05:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50025
IP address blocks: 31.148.208.0/22 maxlen: 24
31.148.240.0/22 maxlen: 24
93.170.160.0/22 maxlen: 24
93.171.188.0/22 maxlen: 24
146.158.16.0/22 maxlen: 24
146.158.68.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Feb 2025 17:26:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:b5:ef:a5:5e:08:ab:f4:6b:4a:5b:a8:ea:b0:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=568936042b1c02ca18479c3b363f9a002c50ab32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4e:00:08:7e:1b:f8:82:f0:cf:c2:b7:ec:b1:
15:c4:8d:0f:68:48:b1:ae:ee:54:38:8c:b8:e1:8c:
f9:5c:ce:ec:e4:32:2b:42:ea:ba:b0:99:10:68:c1:
dc:91:6b:93:f3:60:64:b8:2d:85:18:6d:77:00:d8:
39:c0:e4:a6:d1:16:cf:19:41:7d:d3:3f:d5:29:8a:
91:fc:8c:f6:00:7f:4d:ed:66:b1:78:32:10:3a:89:
28:78:12:13:54:7f:1d:a1:14:b4:bb:74:d9:a8:e3:
43:28:f9:0f:5c:af:04:05:19:48:e5:62:c9:41:d7:
c8:e7:99:ba:ab:52:91:91:86:2b:76:d2:88:ba:58:
81:95:b1:e6:bb:9e:91:a7:8b:8b:46:c9:5d:cd:9d:
e7:61:74:33:29:7c:b1:5b:92:e0:ee:51:09:83:bc:
82:eb:f1:08:f6:8b:f4:17:98:73:3e:45:8e:8b:b9:
a5:c7:a7:b4:bc:bd:33:2b:f2:04:33:d1:62:d7:53:
6c:74:18:66:f7:5e:d7:f5:f8:6c:4c:e1:33:0f:19:
3b:c1:fe:66:d8:7e:96:54:72:30:26:ad:4a:84:b3:
0c:16:ad:98:12:46:1d:f1:47:48:ad:88:38:94:96:
67:4f:99:31:d9:6d:ef:0c:22:a7:10:c1:e8:0f:a3:
d7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:89:36:04:2B:1C:02:CA:18:47:9C:3B:36:3F:9A:00:2C:50:AB:32
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Vok2BCscAsoYR5w7Nj-aACxQqzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.208.0/22
31.148.240.0/22
93.170.160.0/22
93.171.188.0/22
146.158.16.0/22
146.158.68.0/22
Signature Algorithm: sha256WithRSAEncryption
54:64:fc:83:95:40:33:da:69:46:81:dd:2d:31:21:ee:25:51:
dc:1d:c9:d3:d2:9c:91:a0:88:73:43:09:ea:61:a4:89:84:01:
1b:90:89:60:81:43:83:91:3a:b6:55:b2:b2:e0:0c:55:e3:ac:
8e:d8:1b:7b:46:7f:e7:ff:10:b9:65:1b:f2:c0:e9:7b:6f:85:
76:00:8f:a3:d3:e0:4d:4e:ee:fb:d8:89:47:a9:65:82:91:9d:
21:96:a3:35:63:d3:b4:e3:0a:06:91:2b:83:e6:36:3b:9b:16:
58:5e:6d:a9:92:1b:a8:c6:12:dd:ed:e5:07:a4:ff:01:65:2e:
88:d8:d7:a9:69:7a:8b:e7:6b:6c:62:a8:ab:79:8a:51:19:a0:
0b:10:c3:b9:ca:f4:a0:ae:27:29:b9:0b:ce:ee:e3:63:01:41:
a8:28:47:80:f0:9c:15:e1:ae:3e:3b:10:6d:cc:2b:ba:84:65:
1d:e9:61:6b:fa:ce:65:ee:c7:59:e3:c0:d1:a6:8e:a8:4f:ec:
17:5c:8d:56:4e:41:ce:3c:77:77:0b:b5:f2:91:74:46:31:5b:
0f:af:ac:a1:cf:d7:ae:3b:de:4c:d0:b2:4b:54:c3:b2:8f:8d:
1d:c4:68:28:8d:c0:35:10:7b:10:5e:94:ad:56:5d:bd:24:33:
fe:b4:d3:2f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQlj7XvpV4Iq/RrSluo6rBKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Njg5MzYwNDJiMWMwMmNhMTg0NzljM2IzNjNmOWEwMDJjNTBhYjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmk4ACH4b+ILwz8K37LEVxI0PaEix
ru5UOIy44Yz5XM7s5DIrQuq6sJkQaMHckWuT82BkuC2FGG13ANg5wOSm0RbPGUF9
0z/VKYqR/Iz2AH9N7WaxeDIQOokoeBITVH8doRS0u3TZqONDKPkPXK8EBRlI5WLJ
QdfI55m6q1KRkYYrdtKIuliBlbHmu56Rp4uLRsldzZ3nYXQzKXyxW5Lg7lEJg7yC
6/EI9ov0F5hzPkWOi7mlx6e0vL0zK/IEM9Fi11NsdBhm917X9fhsTOEzDxk7wf5m
2H6WVHIwJq1KhLMMFq2YEkYd8UdIrYg4lJZnT5kx2W3vDCKnEMHoD6PX7QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFaJNgQrHALKGEecOzY/mgAsUKsyMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvVm9rMkJDc2NBc29ZUjV3N05qLWFBQ3hRcXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCH5TQAwQC
H5TwAwQCXaqgAwQCXau8AwQCkp4QAwQCkp5EMA0GCSqGSIb3DQEBCwUAA4IBAQBU
ZPyDlUAz2mlGgd0tMSHuJVHcHcnT0pyRoIhzQwnqYaSJhAEbkIlggUODkTq2VbKy
4AxV46yO2Bt7Rn/n/xC5ZRvywOl7b4V2AI+j0+BNTu772IlHqWWCkZ0hlqM1Y9O0
4woGkSuD5jY7mxZYXm2pkhuoxhLd7eUHpP8BZS6I2NepaXqL52tsYqireYpRGaAL
EMO5yvSgricpuQvO7uNjAUGoKEeA8JwV4a4+OxBtzCu6hGUd6WFr+s5l7sdZ48DR
po6oT+wXXI1WTkHOPHd3C7XykXRGMVsPr6yhz9euO95M0LJLVMOyj40dxGgojcA1
EHsQXpStVl29JDP+tNMv
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:46:22 2025 by rpki-client