Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/qd0s5aeJk8HFA4RIXp1JhA5DKeA.roa
File: qd0s5aeJk8HFA4RIXp1JhA5DKeA.roa (raw, json)
Hash identifier: DchS5djAYzqDf3vsdM2qlMv2xs3yUQpZGH93fcbUTs0=
Subject key identifier: A9:DD:2C:E5:A7:89:93:C1:C5:03:84:48:5E:9D:49:84:0E:43:29:E0
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 0194258FA15CAC138A1477447492E7EED2AD
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/qd0s5aeJk8HFA4RIXp1JhA5DKeA.roa
Signing time: Thu 02 Jan 2025 05:49:17 +0000
ROA not before: Thu 02 Jan 2025 05:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48309
IP address blocks: 31.25.104.0/22 maxlen: 22
31.25.108.0/24 maxlen: 24
31.25.109.0/24 maxlen: 24
31.25.110.0/23 maxlen: 23
37.191.64.0/20 maxlen: 24
37.191.80.0/22 maxlen: 24
37.191.84.0/23 maxlen: 24
37.191.86.0/24 maxlen: 24
37.191.88.0/22 maxlen: 22
37.191.88.0/23 maxlen: 24
37.191.92.0/22 maxlen: 24
188.136.128.0/24 maxlen: 24
188.136.129.0/24 maxlen: 24
188.136.130.0/24 maxlen: 24
188.136.131.0/24 maxlen: 24
188.136.132.0/24 maxlen: 24
188.136.133.0/24 maxlen: 24
188.136.134.0/24 maxlen: 24
188.136.135.0/24 maxlen: 24
188.136.140.0/22 maxlen: 24
188.136.141.0/24 maxlen: 24
188.136.142.0/24 maxlen: 24
188.136.143.0/24 maxlen: 24
188.136.144.0/22 maxlen: 22
188.136.144.0/24 maxlen: 24
188.136.145.0/24 maxlen: 24
188.136.146.0/24 maxlen: 24
188.136.147.0/24 maxlen: 24
188.136.149.0/24 maxlen: 24
188.136.150.0/24 maxlen: 24
188.136.151.0/24 maxlen: 24
188.136.152.0/24 maxlen: 24
188.136.153.0/24 maxlen: 24
188.136.154.0/24 maxlen: 24
188.136.155.0/24 maxlen: 24
188.136.156.0/24 maxlen: 24
188.136.157.0/24 maxlen: 24
188.136.159.0/24 maxlen: 24
188.136.160.0/24 maxlen: 24
188.136.161.0/24 maxlen: 24
188.136.162.0/24 maxlen: 24
188.136.163.0/24 maxlen: 24
188.136.164.0/24 maxlen: 24
188.136.165.0/24 maxlen: 24
188.136.166.0/24 maxlen: 24
188.136.167.0/24 maxlen: 24
188.136.168.0/24 maxlen: 24
188.136.169.0/24 maxlen: 24
188.136.170.0/24 maxlen: 24
188.136.171.0/24 maxlen: 24
188.136.172.0/24 maxlen: 24
188.136.173.0/24 maxlen: 24
188.136.175.0/24 maxlen: 24
188.136.185.0/24 maxlen: 24
188.136.187.0/24 maxlen: 24
188.136.189.0/24 maxlen: 24
188.136.190.0/24 maxlen: 24
188.136.191.0/24 maxlen: 24
188.136.196.0/24 maxlen: 24
188.136.200.0/24 maxlen: 24
188.136.209.0/24 maxlen: 24
188.136.210.0/24 maxlen: 24
188.136.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 Jan 2025 10:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:a1:5c:ac:13:8a:14:77:44:74:92:e7:ee:d2:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Jan 2 05:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9dd2ce5a78993c1c50384485e9d49840e4329e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:3a:fe:c5:6a:1a:02:1a:b7:92:ec:08:2f:2f:
96:e6:0b:e6:eb:b7:7c:eb:f3:70:ab:b1:57:b7:a0:
80:78:0d:5a:8a:41:8c:92:e5:45:61:0a:6b:dc:52:
6b:bc:b8:7f:c0:46:79:31:fa:6c:26:46:17:43:64:
10:4d:19:64:b9:93:a7:f5:29:b4:88:ff:43:26:8b:
97:eb:d7:19:2f:33:d2:b4:db:3c:c7:8a:f4:1e:ec:
e3:a3:4b:79:2c:8f:92:54:42:92:bc:4a:84:dc:99:
84:ed:dd:a0:f4:34:68:a7:b0:87:15:27:d7:82:8e:
4a:af:a8:39:bd:58:a4:59:85:b6:7c:36:61:cb:86:
bc:16:e7:cc:23:ba:5d:f0:66:d5:b2:3a:9a:69:5a:
71:84:d1:00:da:64:29:ac:86:1d:d6:16:47:82:53:
55:b0:7a:77:f5:98:42:0b:b7:85:21:da:73:9b:b6:
78:4c:d8:22:13:0a:87:d7:fa:5a:e5:d3:47:20:67:
a4:47:23:4f:76:42:a7:12:ea:18:d5:c6:d1:7b:29:
8d:ff:d3:1d:04:05:e0:5d:de:67:a0:e0:c5:4e:b6:
2b:20:5d:7e:18:69:10:45:11:ee:11:b1:a3:b6:1a:
68:55:24:2f:d8:a8:57:4d:51:72:36:76:d7:ee:13:
c2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:DD:2C:E5:A7:89:93:C1:C5:03:84:48:5E:9D:49:84:0E:43:29:E0
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/qd0s5aeJk8HFA4RIXp1JhA5DKeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.104.0/21
37.191.64.0-37.191.86.255
37.191.88.0/21
188.136.128.0/21
188.136.140.0-188.136.147.255
188.136.149.0-188.136.157.255
188.136.159.0-188.136.173.255
188.136.175.0/24
188.136.185.0/24
188.136.187.0/24
188.136.189.0-188.136.191.255
188.136.196.0/24
188.136.200.0/24
188.136.209.0-188.136.211.255
Signature Algorithm: sha256WithRSAEncryption
19:b2:a5:3c:1e:dc:bb:44:c3:c5:0b:c5:c5:b0:5e:67:be:a4:
52:0d:ca:82:59:69:9d:7b:85:2b:19:7b:f0:a4:45:6b:1e:60:
9a:01:cd:f2:03:4b:91:8a:b0:85:1f:c9:11:8f:3c:70:8b:6a:
75:d0:78:b2:a5:28:dd:b0:57:38:28:63:8f:fb:ef:90:e4:10:
1a:bf:0e:04:92:0c:9b:30:24:a7:9f:87:44:f4:c6:e1:89:56:
40:21:34:48:16:9e:26:e0:ea:98:5a:e9:81:15:09:72:47:7f:
4c:7d:27:94:c5:be:04:40:c5:95:9c:b4:cc:c3:72:bc:26:ba:
92:df:8b:6f:7b:ce:63:44:38:5b:be:5c:09:01:31:dd:2a:43:
0f:8e:b3:0f:6b:73:45:2a:f4:d5:b5:7d:cd:b1:7c:fd:1e:44:
8f:15:04:86:9f:c8:3d:76:a8:69:a9:6f:c9:1a:cc:e7:c7:dd:
d4:44:3c:12:8a:f3:61:b9:cf:aa:d2:49:96:34:71:cc:c0:a2:
3e:ed:5e:55:6f:3c:b2:e9:52:d4:49:44:ac:c5:3b:e7:80:7e:
09:a3:5a:2f:86:b3:c0:9c:28:21:07:a2:1a:2f:97:11:6e:70:
b7:27:70:20:0c:16:4f:ea:53:e9:58:4b:9b:c4:f3:70:21:61:
38:4c:8b:92
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZQlj6FcrBOKFHdEdJLn7tKtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjUwMTAyMDU0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWRkMmNlNWE3ODk5M2MxYzUwMzg0NDg1ZTlkNDk4NDBlNDMyOWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Tr+xWoaAhq3kuwILy+W5gvm67d8
6/Nwq7FXt6CAeA1aikGMkuVFYQpr3FJrvLh/wEZ5MfpsJkYXQ2QQTRlkuZOn9Sm0
iP9DJouX69cZLzPStNs8x4r0Huzjo0t5LI+SVEKSvEqE3JmE7d2g9DRop7CHFSfX
go5Kr6g5vVikWYW2fDZhy4a8FufMI7pd8GbVsjqaaVpxhNEA2mQprIYd1hZHglNV
sHp39ZhCC7eFIdpzm7Z4TNgiEwqH1/pa5dNHIGekRyNPdkKnEuoY1cbReymN/9Md
BAXgXd5noODFTrYrIF1+GGkQRRHuEbGjthpoVSQv2KhXTVFyNnbX7hPCzwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFKndLOWniZPBxQOESF6dSYQOQyngMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvcWQwczVhZUprOEhGQTRSSVhwMUpoQTVES2VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAMf
GWgwDAMEBiW/QAMEACW/VgMEAyW/WAMEA7yIgDAMAwQCvIiMAwQCvIiQMAwDBAC8
iJUDBAG8iJwwDAMEALyInwMEAbyIrAMEALyIrwMEALyIuQMEALyIuzAMAwQAvIi9
AwQGvIiAAwQAvIjEAwQAvIjIMAwDBAC8iNEDBAK8iNAwDQYJKoZIhvcNAQELBQAD
ggEBABmypTwe3LtEw8ULxcWwXme+pFINyoJZaZ17hSsZe/CkRWseYJoBzfIDS5GK
sIUfyRGPPHCLanXQeLKlKN2wVzgoY4/775DkEBq/DgSSDJswJKefh0T0xuGJVkAh
NEgWnibg6pha6YEVCXJHf0x9J5TFvgRAxZWctMzDcrwmupLfi297zmNEOFu+XAkB
Md0qQw+Osw9rc0Uq9NW1fc2xfP0eRI8VBIafyD12qGmpb8kazOfH3dREPBKK82G5
z6rSSZY0cczAoj7tXlVvPLLpUtRJRKzFO+eAfgmjWi+Gs8CcKCEHohovlxFucLcn
cCAMFk/qU+lYS5vE83AhYThMi5I=
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:52:58 2025 by rpki-client