Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/d99947-2298-422f-9da0-fe0d28b68cd5/1/XOTI7w_Ppz1j2kZ1MJwbbN-KWlI.roa
File: XOTI7w_Ppz1j2kZ1MJwbbN-KWlI.roa (raw, json)
Hash identifier: KmRT5CbCLirPk4nA9mo6+wpu9JQbx8/qzLOU40wVVTg=
Subject key identifier: 5C:E4:C8:EF:0F:CF:A7:3D:63:DA:46:75:30:9C:1B:6C:DF:8A:5A:52
Certificate issuer: /CN=06e4bbdab896e66113f351b4d9c82df50e66a712
Certificate serial: 019734162D2DD7C6B9C7273A4C889F16E4C5
Authority key identifier: 06:E4:BB:DA:B8:96:E6:61:13:F3:51:B4:D9:C8:2D:F5:0E:66:A7:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BuS72riW5mET81G02cgt9Q5mpxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/d99947-2298-422f-9da0-fe0d28b68cd5/1/XOTI7w_Ppz1j2kZ1MJwbbN-KWlI.roa
Signing time: Tue 03 Jun 2025 04:39:17 +0000
ROA not before: Tue 03 Jun 2025 04:39:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12837
IP address blocks: 31.24.214.0/24 maxlen: 24
91.196.196.0/24 maxlen: 24
2a03:6306::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 03 Jun 2025 13:54:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:34:16:2d:2d:d7:c6:b9:c7:27:3a:4c:88:9f:16:e4:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06e4bbdab896e66113f351b4d9c82df50e66a712
Validity
Not Before: Jun 3 04:39:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ce4c8ef0fcfa73d63da4675309c1b6cdf8a5a52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8c:5d:b9:dd:d6:97:39:c9:21:e2:5c:12:c6:
61:dd:15:93:fb:78:67:37:36:cf:11:b9:16:8e:bf:
fb:de:70:fe:de:ca:a3:ae:60:0c:e0:be:5c:ab:ca:
75:9f:de:f2:8e:c7:41:78:0f:90:39:9a:0f:c9:61:
42:27:7a:fc:f0:06:34:60:ef:03:d9:77:bb:cc:1f:
ba:bc:ce:49:db:e6:f3:06:20:b7:bf:53:5b:28:32:
ee:8b:96:c5:6a:d6:80:62:ce:13:05:5a:ca:30:b4:
40:25:a0:b6:0a:2e:6a:85:bb:3b:ac:87:25:cf:ed:
67:e8:f1:ae:f8:f9:f5:bb:57:17:20:88:6f:3c:53:
52:4f:d3:88:8b:8b:a6:c4:54:f7:cf:eb:34:ff:48:
30:13:c9:58:22:bc:c5:bb:49:4a:99:57:b2:08:ee:
87:9b:d7:f9:5f:9f:7e:f4:87:7c:eb:e4:9d:69:d0:
ae:28:d6:54:9d:d0:6d:ec:64:eb:48:ca:6d:d7:a8:
50:84:13:16:09:13:dc:95:db:53:c1:6c:68:6f:ec:
a5:f8:7e:43:a2:70:29:ae:f8:fd:c8:92:80:66:d9:
bf:31:55:60:7b:12:f6:a6:fb:b4:73:76:d7:94:ac:
b5:e6:a4:f2:2f:9d:d0:cd:cc:45:51:39:f6:a6:3d:
7f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:E4:C8:EF:0F:CF:A7:3D:63:DA:46:75:30:9C:1B:6C:DF:8A:5A:52
X509v3 Authority Key Identifier:
keyid:06:E4:BB:DA:B8:96:E6:61:13:F3:51:B4:D9:C8:2D:F5:0E:66:A7:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BuS72riW5mET81G02cgt9Q5mpxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/d99947-2298-422f-9da0-fe0d28b68cd5/1/XOTI7w_Ppz1j2kZ1MJwbbN-KWlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/d99947-2298-422f-9da0-fe0d28b68cd5/1/BuS72riW5mET81G02cgt9Q5mpxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.214.0/24
91.196.196.0/24
IPv6:
2a03:6306::/32
Signature Algorithm: sha256WithRSAEncryption
92:6d:f1:4c:d8:c0:af:9a:f0:76:00:2b:19:4b:c3:7c:3d:ec:
18:d3:91:ce:8c:83:2b:76:8d:c4:d1:b0:be:7c:d2:7a:28:b4:
7a:7a:ee:8f:1b:f9:a2:13:50:ab:4f:65:ba:34:9f:a3:85:2b:
50:1a:e2:34:9e:1d:d0:71:b6:c9:d4:0a:8c:3c:48:82:b7:55:
5a:8e:91:26:1f:7f:3c:56:d9:f9:08:49:8a:f4:8c:e9:51:3c:
11:65:d1:2d:3a:b5:af:81:70:96:35:64:12:15:21:3f:cb:f5:
8a:75:34:c1:82:37:1f:52:f5:20:b7:79:ec:d3:da:7c:0f:c6:
5f:f5:47:cc:5f:74:2b:49:cf:dd:0b:0a:e1:37:97:95:62:4a:
89:f6:1a:c6:cb:f8:fa:7b:ca:c6:d1:f5:54:b0:dc:b2:98:c9:
db:88:fe:1d:6f:4a:3b:56:37:6b:fc:9b:4b:63:0e:aa:10:3c:
80:6e:54:3e:9c:a3:10:13:cd:2e:b4:02:4a:70:b6:a8:60:73:
0d:92:67:59:6d:d5:09:b9:98:b5:06:83:8e:45:a7:da:2b:4a:
d5:38:6d:9e:cf:e7:76:53:cb:d7:16:bd:a2:2c:46:f5:b5:34:
ca:5a:4d:c2:b2:89:e8:a3:26:45:9e:96:d5:97:02:90:a2:c8:
6b:fc:53:b6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZc0Fi0t18a5xyc6TIifFuTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZTRiYmRhYjg5NmU2NjExM2YzNTFiNGQ5YzgyZGY1MGU2
NmE3MTIwHhcNMjUwNjAzMDQzOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2U0YzhlZjBmY2ZhNzNkNjNkYTQ2NzUzMDljMWI2Y2RmOGE1YTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYxdud3WlznJIeJcEsZh3RWT+3hn
NzbPEbkWjr/73nD+3sqjrmAM4L5cq8p1n97yjsdBeA+QOZoPyWFCJ3r88AY0YO8D
2Xe7zB+6vM5J2+bzBiC3v1NbKDLui5bFataAYs4TBVrKMLRAJaC2Ci5qhbs7rIcl
z+1n6PGu+Pn1u1cXIIhvPFNST9OIi4umxFT3z+s0/0gwE8lYIrzFu0lKmVeyCO6H
m9f5X59+9Id86+SdadCuKNZUndBt7GTrSMpt16hQhBMWCRPcldtTwWxob+yl+H5D
onAprvj9yJKAZtm/MVVgexL2pvu0c3bXlKy15qTyL53QzcxFUTn2pj1/awIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFzkyO8Pz6c9Y9pGdTCcG2zfilpSMB8GA1UdIwQY
MBaAFAbku9q4luZhE/NRtNnILfUOZqcSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnVTNzJyaVc1bUVUODFHMDJjZ3Q5UTVtcHhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9kOTk5NDctMjI5OC00MjJmLTlkYTAt
ZmUwZDI4YjY4Y2Q1LzEvWE9USTd3X1BwejFqMmtaMU1Kd2JiTi1LV2xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9kOTk5NDctMjI5OC00MjJmLTlkYTAtZmUwZDI4YjY4Y2Q1
LzEvQnVTNzJyaVc1bUVUODFHMDJjZ3Q5UTVtcHhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAHxjWAwQA
W8TEMA0EAgACMAcDBQAqA2MGMA0GCSqGSIb3DQEBCwUAA4IBAQCSbfFM2MCvmvB2
ACsZS8N8PewY05HOjIMrdo3E0bC+fNJ6KLR6eu6PG/miE1CrT2W6NJ+jhStQGuI0
nh3QcbbJ1AqMPEiCt1VajpEmH388Vtn5CEmK9IzpUTwRZdEtOrWvgXCWNWQSFSE/
y/WKdTTBgjcfUvUgt3ns09p8D8Zf9UfMX3QrSc/dCwrhN5eVYkqJ9hrGy/j6e8rG
0fVUsNyymMnbiP4db0o7Vjdr/JtLYw6qEDyAblQ+nKMQE80utAJKcLaoYHMNkmdZ
bdUJuZi1BoOORafaK0rVOG2ez+d2U8vXFr2iLEb1tTTKWk3CsonooyZFnpbVlwKQ
oshr/FO2
-----END CERTIFICATE-----
Generated at Sat Jun 14 14:58:37 2025 by rpki-client