Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/c22c08-56a7-42d4-bea5-877dda192379/1/aJjCEIUd-zmGz3mGZNGjk1hjCBk.roa
File: aJjCEIUd-zmGz3mGZNGjk1hjCBk.roa (raw, json)
Hash identifier: lB/mrtm0cwV0rvXrxZQU8uuXfNJ+qHrjbmx1F9T2uYs=
Subject key identifier: 68:98:C2:10:85:1D:FB:39:86:CF:79:86:64:D1:A3:93:58:63:08:19
Certificate issuer: /CN=8eaded0b83fa4e31ce0a0840eb429ba8a9f18e39
Certificate serial: 018D136664F1C82C88F44F1247A832953690
Authority key identifier: 8E:AD:ED:0B:83:FA:4E:31:CE:0A:08:40:EB:42:9B:A8:A9:F1:8E:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jq3tC4P6TjHOCghA60KbqKnxjjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/c22c08-56a7-42d4-bea5-877dda192379/1/aJjCEIUd-zmGz3mGZNGjk1hjCBk.roa
Signing time: Tue 16 Jan 2024 17:51:34 +0000
ROA not before: Tue 16 Jan 2024 17:51:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54113
IP address blocks: 185.31.16.0/24 maxlen: 24
185.31.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 19:22:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:66:64:f1:c8:2c:88:f4:4f:12:47:a8:32:95:36:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eaded0b83fa4e31ce0a0840eb429ba8a9f18e39
Validity
Not Before: Jan 16 17:51:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6898c210851dfb3986cf798664d1a39358630819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:49:79:28:d2:8e:8d:91:a5:20:74:76:53:06:
d4:ce:ca:56:9a:7d:fb:04:73:40:de:89:a0:54:2c:
c6:ba:e8:16:8a:5f:d5:8e:c9:8e:f5:a1:63:c1:b6:
19:d4:5a:ff:1f:b7:df:1e:7a:76:9e:f5:f2:b9:6b:
cb:11:6a:75:46:38:20:50:65:0d:d8:d5:f7:3e:61:
b7:5d:d9:54:68:f4:3a:22:2b:b8:3e:8e:37:24:af:
86:66:25:30:e9:d6:14:5e:d2:bd:01:f8:92:b3:7b:
bf:f3:ad:82:a0:0e:27:3f:a5:d6:48:14:f4:98:d3:
6b:4e:4e:01:c0:f6:d5:0c:61:fa:2d:5a:ff:6d:13:
de:e4:3b:04:a8:12:29:4b:eb:79:cc:3c:ca:65:66:
34:6c:8e:ec:cb:37:37:d0:a4:fa:ff:ec:7d:32:14:
35:85:2a:02:d7:22:c2:d4:e2:e8:e9:1c:d9:3a:01:
1b:bd:36:20:96:75:56:ca:a3:28:22:88:cb:e7:cc:
ec:42:85:f4:4c:ab:e1:da:1c:58:fc:28:0e:fc:77:
d3:97:2e:59:13:17:7b:7f:c3:21:cd:7a:d5:99:2f:
e4:58:f9:64:83:d8:52:4b:08:78:98:20:86:ba:97:
72:ca:77:23:50:07:c3:74:56:45:6e:6a:b1:27:80:
60:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:98:C2:10:85:1D:FB:39:86:CF:79:86:64:D1:A3:93:58:63:08:19
X509v3 Authority Key Identifier:
keyid:8E:AD:ED:0B:83:FA:4E:31:CE:0A:08:40:EB:42:9B:A8:A9:F1:8E:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jq3tC4P6TjHOCghA60KbqKnxjjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c22c08-56a7-42d4-bea5-877dda192379/1/aJjCEIUd-zmGz3mGZNGjk1hjCBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c22c08-56a7-42d4-bea5-877dda192379/1/jq3tC4P6TjHOCghA60KbqKnxjjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.16.0/24
185.31.19.0/24
Signature Algorithm: sha256WithRSAEncryption
44:d3:a4:8b:16:45:0b:8d:98:d7:dc:12:be:6a:e8:88:80:db:
2c:2e:c8:f5:10:11:ce:c9:11:60:2f:cd:2b:af:f5:4d:95:8d:
69:4b:ae:7d:9e:8a:66:10:0c:d8:9a:94:24:dd:ab:fd:ca:f0:
61:63:f0:e8:bb:e0:7b:b2:cb:51:3d:bf:28:1a:0c:b8:64:96:
ab:99:66:0a:b0:f6:8e:31:36:6f:01:6a:6a:d9:1f:08:7d:af:
18:18:7d:fe:a9:f5:4d:7b:3a:80:41:b6:1f:a4:23:7c:9a:fb:
5e:d7:15:5b:a0:05:e4:f2:42:ee:43:a5:a3:f5:7d:2b:9b:46:
b9:33:28:e0:c8:5f:0c:ff:f9:7e:53:1e:e1:35:3e:23:be:1d:
b5:ee:1a:b3:bd:fb:67:a3:63:71:21:ed:bf:38:b5:b0:f7:45:
ac:1c:e6:1b:91:f9:42:8d:58:fd:bf:a3:f1:55:e8:ec:d8:77:
08:1c:c2:ae:ce:77:cd:53:66:5c:8f:cd:3a:1f:37:6c:ef:f3:
ca:d0:08:8a:91:51:b8:9a:03:fa:8c:7e:af:8f:11:58:4d:87:
8d:b0:eb:d9:29:f9:70:85:83:84:c5:62:9f:e6:97:31:83:fa:
7b:50:66:5d:9c:44:d4:e2:fa:01:ce:a8:6e:2c:59:f8:5b:7d:
7c:b6:a7:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0TZmTxyCyI9E8SR6gylTaQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYWRlZDBiODNmYTRlMzFjZTBhMDg0MGViNDI5YmE4YTlm
MThlMzkwHhcNMjQwMTE2MTc1MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODk4YzIxMDg1MWRmYjM5ODZjZjc5ODY2NGQxYTM5MzU4NjMwODE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUl5KNKOjZGlIHR2UwbUzspWmn37
BHNA3omgVCzGuugWil/VjsmO9aFjwbYZ1Fr/H7ffHnp2nvXyuWvLEWp1RjggUGUN
2NX3PmG3XdlUaPQ6Iiu4Po43JK+GZiUw6dYUXtK9AfiSs3u/862CoA4nP6XWSBT0
mNNrTk4BwPbVDGH6LVr/bRPe5DsEqBIpS+t5zDzKZWY0bI7syzc30KT6/+x9MhQ1
hSoC1yLC1OLo6RzZOgEbvTYglnVWyqMoIojL58zsQoX0TKvh2hxY/CgO/HfTly5Z
Exd7f8MhzXrVmS/kWPlkg9hSSwh4mCCGupdyyncjUAfDdFZFbmqxJ4BgfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGiYwhCFHfs5hs95hmTRo5NYYwgZMB8GA1UdIwQY
MBaAFI6t7QuD+k4xzgoIQOtCm6ip8Y45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanEzdEM0UDZUakhPQ2doQTYwS2JxS254amprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9jMjJjMDgtNTZhNy00MmQ0LWJlYTUt
ODc3ZGRhMTkyMzc5LzEvYUpqQ0VJVWQtem1HejNtR1pOR2prMWhqQ0JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9jMjJjMDgtNTZhNy00MmQ0LWJlYTUtODc3ZGRhMTkyMzc5
LzEvanEzdEM0UDZUakhPQ2doQTYwS2JxS254amprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuR8QAwQA
uR8TMA0GCSqGSIb3DQEBCwUAA4IBAQBE06SLFkULjZjX3BK+auiIgNssLsj1EBHO
yRFgL80rr/VNlY1pS659nopmEAzYmpQk3av9yvBhY/Dou+B7sstRPb8oGgy4ZJar
mWYKsPaOMTZvAWpq2R8Ifa8YGH3+qfVNezqAQbYfpCN8mvte1xVboAXk8kLuQ6Wj
9X0rm0a5MyjgyF8M//l+Ux7hNT4jvh217hqzvftno2NxIe2/OLWw90WsHOYbkflC
jVj9v6PxVejs2HcIHMKuznfNU2Zcj806Hzds7/PK0AiKkVG4mgP6jH6vjxFYTYeN
sOvZKflwhYOExWKf5pcxg/p7UGZdnETU4voBzqhuLFn4W318tqfC
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:17:17 2025 by rpki-client