Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/_tTeAtXHz-vVQIELoSUZSVJfmPc.roa
File: _tTeAtXHz-vVQIELoSUZSVJfmPc.roa (raw, json)
Hash identifier: iaIp1cUNhAHANMsElPCXllEYMOT6W79hKFT61DMxFeA=
Subject key identifier: FE:D4:DE:02:D5:C7:CF:EB:D5:40:81:0B:A1:25:19:49:52:5F:98:F7
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FBEBE2DFFC55C9CE49E54DC283F37
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/_tTeAtXHz-vVQIELoSUZSVJfmPc.roa
Signing time: Thu 02 Jan 2025 05:49:24 +0000
ROA not before: Thu 02 Jan 2025 05:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56361
IP address blocks: 31.148.40.0/21 maxlen: 24
31.148.52.0/22 maxlen: 24
31.148.56.0/21 maxlen: 24
31.148.104.0/21 maxlen: 24
31.148.112.0/21 maxlen: 24
31.148.192.0/22 maxlen: 24
93.170.192.0/21 maxlen: 24
93.171.34.0/23 maxlen: 24
93.171.36.0/22 maxlen: 24
95.46.166.0/23 maxlen: 24
95.46.168.0/22 maxlen: 24
95.46.172.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Mar 2025 13:52:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:be:be:2d:ff:c5:5c:9c:e4:9e:54:dc:28:3f:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fed4de02d5c7cfebd540810ba1251949525f98f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:2c:6a:ff:fb:7b:40:d1:a6:40:42:1a:53:ec:
a4:fd:e2:d3:53:75:21:4e:25:15:52:9e:78:28:a3:
dd:80:77:d0:69:4a:d7:86:3e:dc:a0:d2:8d:f4:be:
58:55:f0:95:16:72:7a:d0:5f:3c:c9:04:02:1c:d4:
a0:02:94:ca:11:60:a4:c9:3c:54:17:09:e8:74:b1:
52:63:c7:b2:29:81:b5:75:80:df:10:6c:f6:4e:63:
7d:68:c0:b8:51:ee:07:95:59:61:e0:9e:e8:15:3b:
ef:7e:e0:b4:42:c8:cd:9e:6d:bf:c8:0a:a6:a3:ae:
db:24:e6:04:29:86:9b:1a:10:d5:2b:a8:a0:ea:c7:
8c:c8:22:34:01:f3:f6:d1:57:8a:a7:78:be:d3:4a:
0a:61:86:df:be:65:cb:ac:44:30:3b:58:32:cb:7f:
84:a1:07:5a:26:01:7e:9e:6f:8b:12:dd:1e:52:fd:
a0:98:2b:cf:b5:3c:88:f7:b3:0c:00:2d:75:05:4c:
15:25:b0:6d:86:46:cc:6a:57:db:cb:58:e7:7d:b8:
cb:b7:6f:e1:1c:c6:fe:67:f7:b7:0b:03:65:fb:ce:
01:8e:0e:02:52:95:d6:d2:ee:02:d3:d4:95:99:0d:
e4:98:ce:80:54:be:b1:8f:dc:bb:af:e6:f6:af:88:
34:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:D4:DE:02:D5:C7:CF:EB:D5:40:81:0B:A1:25:19:49:52:5F:98:F7
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/_tTeAtXHz-vVQIELoSUZSVJfmPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.40.0/21
31.148.52.0-31.148.63.255
31.148.104.0-31.148.119.255
31.148.192.0/22
93.170.192.0/21
93.171.34.0-93.171.39.255
95.46.166.0-95.46.175.255
Signature Algorithm: sha256WithRSAEncryption
3f:ee:02:28:7f:dc:78:a4:4e:ab:d2:78:99:b9:6f:0c:7e:28:
53:bb:65:01:7b:8c:32:91:14:1d:27:4f:1b:35:50:64:51:08:
c6:75:52:71:0e:93:ff:e4:98:07:f4:85:7a:42:b7:56:18:8b:
3d:8a:9b:24:76:9f:9c:c5:9c:e4:c3:39:ce:d2:92:b3:38:b4:
d1:12:04:ec:77:4e:cc:3f:f4:bb:b0:74:7e:ae:22:ab:28:80:
e5:f4:07:5b:9d:59:a1:90:02:88:16:75:4f:58:01:9f:c8:33:
99:d1:3f:8d:93:b2:4d:97:4d:d3:0d:5c:50:fa:92:98:84:4d:
66:7f:b0:ad:0d:21:8d:dd:6d:36:c0:0c:bb:46:a3:5a:17:97:
95:71:23:99:af:35:05:47:3c:94:bc:0f:12:b2:3d:bc:ee:de:
17:fe:20:fc:fc:1e:ff:b6:d4:c7:cd:9e:e1:94:77:4f:d1:4c:
a2:3b:98:d8:14:1e:7f:70:2c:f8:6d:e1:b9:6d:23:d2:01:aa:
ff:65:d9:91:9c:3e:4b:99:54:b3:3a:fd:6d:61:12:f1:db:11:
9c:c6:6e:8f:91:16:3d:32:75:a1:d2:d0:98:41:72:96:47:35:
dd:be:ad:02:59:6b:ac:52:e8:46:74:db:e2:8c:37:83:8c:bc:
03:55:0b:e7
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZQlj76+Lf/FXJzknlTcKD83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWQ0ZGUwMmQ1YzdjZmViZDU0MDgxMGJhMTI1MTk0OTUyNWY5OGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5yxq//t7QNGmQEIaU+yk/eLTU3Uh
TiUVUp54KKPdgHfQaUrXhj7coNKN9L5YVfCVFnJ60F88yQQCHNSgApTKEWCkyTxU
FwnodLFSY8eyKYG1dYDfEGz2TmN9aMC4Ue4HlVlh4J7oFTvvfuC0QsjNnm2/yAqm
o67bJOYEKYabGhDVK6ig6seMyCI0AfP20VeKp3i+00oKYYbfvmXLrEQwO1gyy3+E
oQdaJgF+nm+LEt0eUv2gmCvPtTyI97MMAC11BUwVJbBthkbMalfby1jnfbjLt2/h
HMb+Z/e3CwNl+84Bjg4CUpXW0u4C09SVmQ3kmM6AVL6xj9y7r+b2r4g05QIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFP7U3gLVx8/r1UCBC6ElGUlSX5j3MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvX3RUZUF0WEh6LXZWUUlFTG9TVVpTVkpmbVBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQDH5QoMAwD
BAIflDQDBAYflAAwDAMEAx+UaAMEAx+UcAMEAh+UwAMEA12qwDAMAwQBXasiAwQD
XasgMAwDBAFfLqYDBARfLqAwDQYJKoZIhvcNAQELBQADggEBAD/uAih/3HikTqvS
eJm5bwx+KFO7ZQF7jDKRFB0nTxs1UGRRCMZ1UnEOk//kmAf0hXpCt1YYiz2KmyR2
n5zFnOTDOc7SkrM4tNESBOx3Tsw/9LuwdH6uIqsogOX0B1udWaGQAogWdU9YAZ/I
M5nRP42Tsk2XTdMNXFD6kpiETWZ/sK0NIY3dbTbADLtGo1oXl5VxI5mvNQVHPJS8
DxKyPbzu3hf+IPz8Hv+21MfNnuGUd0/RTKI7mNgUHn9wLPht4bltI9IBqv9l2ZGc
PkuZVLM6/W1hEvHbEZzGbo+RFj0ydaHS0JhBcpZHNd2+rQJZa6xS6EZ02+KMN4OM
vANVC+c=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:41:18 2025 by rpki-client