Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/umBacrXXnvO9kAqL_GJCxt76ops.roa
File: umBacrXXnvO9kAqL_GJCxt76ops.roa (raw, json)
Hash identifier: mjOtCsTkBc+l5PkuHV2ekSJZPvlwGzPCt6JduI4Tkpo=
Subject key identifier: BA:60:5A:72:B5:D7:9E:F3:BD:90:0A:8B:FC:62:42:C6:DE:FA:A2:9B
Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial: 0196C1174746594591D995B625816EE716D8
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/umBacrXXnvO9kAqL_GJCxt76ops.roa
Signing time: Sun 11 May 2025 20:44:10 +0000
ROA not before: Sun 11 May 2025 20:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208485
IP address blocks: 31.133.88.0/24 maxlen: 24
31.133.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 May 2025 16:13:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c1:17:47:46:59:45:91:d9:95:b6:25:81:6e:e7:16:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Validity
Not Before: May 11 20:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba605a72b5d79ef3bd900a8bfc6242c6defaa29b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:df:39:78:01:03:23:cf:be:40:9f:a5:b2:d0:
1d:02:93:8f:c8:cb:ff:2a:8f:08:88:b7:5c:5c:8c:
88:4e:d8:79:f3:f0:ea:ba:4e:41:6f:7a:d8:63:91:
3f:ba:2a:e8:95:77:05:5a:ed:39:97:4a:d1:65:7b:
64:a0:95:a6:5c:06:a1:17:18:97:de:97:28:bc:34:
68:0f:92:95:9c:eb:e3:71:a7:ba:75:29:bc:bc:15:
ad:66:79:a3:f9:85:53:90:5a:1b:2f:53:07:e3:cb:
a6:68:ec:c5:7e:28:53:d7:bc:27:88:a4:22:84:b8:
c2:e6:b7:2c:5f:17:d3:06:8e:73:89:20:8a:94:46:
77:85:17:c1:50:d9:51:96:59:57:e6:e2:89:31:35:
1e:5a:33:9e:6a:1c:9f:ff:68:3c:4f:86:85:30:46:
30:aa:1d:4c:3f:01:b3:d0:27:2d:63:25:63:c2:c1:
da:0a:11:66:0d:c2:7c:cf:af:5c:19:fe:63:ee:ef:
cb:08:d7:1a:25:b2:73:c2:4f:38:c4:ba:a5:9e:78:
a7:48:c5:48:18:10:b9:c0:11:92:f8:09:17:ca:c4:
a9:0b:ce:e0:d9:43:9f:32:41:d4:10:94:78:71:d7:
30:8b:4c:e6:1f:f7:5a:42:ca:bd:77:8e:cd:6e:65:
0f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:60:5A:72:B5:D7:9E:F3:BD:90:0A:8B:FC:62:42:C6:DE:FA:A2:9B
X509v3 Authority Key Identifier:
keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/umBacrXXnvO9kAqL_GJCxt76ops.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.88.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:41:06:f8:45:81:1b:e6:2f:d3:b0:3b:33:40:4d:df:fc:0a:
e7:64:60:35:ea:64:36:97:4b:fa:10:e0:53:de:46:dc:f9:6e:
3f:bc:9d:0f:a3:e2:c7:74:0e:53:a0:70:d2:49:aa:87:65:e6:
e7:5c:78:b5:a3:d6:20:9e:f4:84:07:f9:6f:62:1d:0c:2a:63:
16:8f:8f:73:4a:a5:e4:fc:26:0a:72:98:e3:32:43:9f:4c:c8:
5a:ea:3b:13:e1:ea:c2:58:75:ac:21:c4:9f:d2:29:a0:79:67:
3e:46:b1:c3:ac:96:5f:7e:7c:13:89:6d:e8:9d:1a:38:dc:02:
8c:73:61:61:7e:9a:46:d3:98:d2:7f:02:47:cd:3a:1d:c2:13:
03:a7:a9:2f:42:5f:87:17:81:d0:9d:03:93:71:5d:a6:98:a3:
1f:ab:f2:55:fa:02:a2:eb:c1:d7:52:aa:46:9d:ba:1e:82:4d:
2e:86:e2:5d:20:05:52:80:c0:2c:66:16:4d:f4:69:16:3e:20:
cd:d6:d8:4a:48:e8:40:e2:6d:e3:1d:98:44:ac:3a:f8:26:92:
0f:8c:09:7f:35:9a:b3:64:59:62:36:d2:e1:ee:51:6f:90:d7:
54:86:bd:d0:be:2f:60:c3:12:f9:e2:cf:22:38:64:e5:f3:ae:
08:a6:ec:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbBF0dGWUWR2ZW2JYFu5xbYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjUwNTExMjA0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTYwNWE3MmI1ZDc5ZWYzYmQ5MDBhOGJmYzYyNDJjNmRlZmFhMjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw985eAEDI8++QJ+lstAdApOPyMv/
Ko8IiLdcXIyITth58/Dquk5Bb3rYY5E/uirolXcFWu05l0rRZXtkoJWmXAahFxiX
3pcovDRoD5KVnOvjcae6dSm8vBWtZnmj+YVTkFobL1MH48umaOzFfihT17wniKQi
hLjC5rcsXxfTBo5ziSCKlEZ3hRfBUNlRlllX5uKJMTUeWjOeahyf/2g8T4aFMEYw
qh1MPwGz0CctYyVjwsHaChFmDcJ8z69cGf5j7u/LCNcaJbJzwk84xLqlnninSMVI
GBC5wBGS+AkXysSpC87g2UOfMkHUEJR4cdcwi0zmH/daQsq9d47NbmUPVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLpgWnK1157zvZAKi/xiQsbe+qKbMB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvdW1CYWNyWFhudk85a0FxTF9HSkN4dDc2b3BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBH4VYMA0G
CSqGSIb3DQEBCwUAA4IBAQA8QQb4RYEb5i/TsDszQE3f/ArnZGA16mQ2l0v6EOBT
3kbc+W4/vJ0Po+LHdA5ToHDSSaqHZebnXHi1o9YgnvSEB/lvYh0MKmMWj49zSqXk
/CYKcpjjMkOfTMha6jsT4erCWHWsIcSf0imgeWc+RrHDrJZffnwTiW3onRo43AKM
c2FhfppG05jSfwJHzTodwhMDp6kvQl+HF4HQnQOTcV2mmKMfq/JV+gKi68HXUqpG
nboegk0uhuJdIAVSgMAsZhZN9GkWPiDN1thKSOhA4m3jHZhErDr4JpIPjAl/NZqz
ZFliNtLh7lFvkNdUhr3Qvi9gwxL54s8iOGTl864IpuzS
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:48:36 2025 by rpki-client