Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/I0ODijKB5njX6-jPxxLN-Lgh-0g.roa
File: I0ODijKB5njX6-jPxxLN-Lgh-0g.roa (raw, json)
Hash identifier: JGjKpWE30wXWCTY5D7fW6sEQxucZsybXplVJc7dhqHU=
Subject key identifier: 23:43:83:8A:32:81:E6:78:D7:EB:E8:CF:C7:12:CD:F8:B8:21:FB:48
Certificate issuer: /CN=662f55d377127f28ce26b78fd83becf41becad4b
Certificate serial: 0195C441EDC0DCB623A5C5665EE1E63C5080
Authority key identifier: 66:2F:55:D3:77:12:7F:28:CE:26:B7:8F:D8:3B:EC:F4:1B:EC:AD:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zi9V03cSfyjOJreP2Dvs9BvsrUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/I0ODijKB5njX6-jPxxLN-Lgh-0g.roa
Signing time: Sun 23 Mar 2025 18:26:49 +0000
ROA not before: Sun 23 Mar 2025 18:26:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49683
IP address blocks: 31.25.234.0/24 maxlen: 24
31.25.235.0/24 maxlen: 24
31.25.236.0/22 maxlen: 24
171.22.172.0/24 maxlen: 24
171.22.173.0/24 maxlen: 24
171.22.174.0/24 maxlen: 24
171.22.175.0/24 maxlen: 24
185.44.64.0/24 maxlen: 24
185.44.65.0/24 maxlen: 24
185.44.66.0/24 maxlen: 24
185.44.67.0/24 maxlen: 24
185.85.240.0/24 maxlen: 24
185.85.241.0/24 maxlen: 24
185.85.242.0/24 maxlen: 24
185.85.243.0/24 maxlen: 24
185.116.236.0/24 maxlen: 24
185.116.237.0/24 maxlen: 24
185.116.239.0/24 maxlen: 24
185.122.164.0/24 maxlen: 24
185.122.165.0/24 maxlen: 24
185.122.166.0/24 maxlen: 24
185.122.167.0/24 maxlen: 24
185.168.192.0/24 maxlen: 24
185.168.193.0/24 maxlen: 24
185.168.194.0/24 maxlen: 24
185.168.195.0/24 maxlen: 24
185.184.68.0/24 maxlen: 24
185.184.69.0/24 maxlen: 24
185.184.70.0/24 maxlen: 24
185.184.71.0/24 maxlen: 24
185.189.56.0/24 maxlen: 24
185.189.57.0/24 maxlen: 24
185.189.58.0/24 maxlen: 24
185.189.59.0/24 maxlen: 24
2a0a:2f00:1::/48 maxlen: 48
2a0a:2f00:2::/48 maxlen: 48
2a0a:2f00:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 23 Mar 2025 19:43:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c4:41:ed:c0:dc:b6:23:a5:c5:66:5e:e1:e6:3c:50:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=662f55d377127f28ce26b78fd83becf41becad4b
Validity
Not Before: Mar 23 18:26:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2343838a3281e678d7ebe8cfc712cdf8b821fb48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9d:aa:1e:b0:0c:7b:91:80:17:19:8d:9b:f3:
e3:3a:96:71:f4:14:24:21:86:bb:09:e2:50:26:bd:
86:2d:18:ee:09:8a:b7:bc:d6:bb:8c:78:e9:b5:4a:
01:cb:07:c2:25:89:b5:93:f9:ca:86:35:e9:71:09:
9f:9b:6a:d5:17:c3:ef:bf:6b:cb:d3:3f:52:01:a0:
11:19:69:38:15:63:be:7e:4e:fe:b3:a2:77:5c:57:
a8:1b:b8:8a:28:fe:3f:d7:63:70:d3:3b:d7:7d:6d:
38:a4:26:b8:51:61:dc:69:58:3e:60:1c:0d:7f:83:
f7:ea:3f:96:f2:6d:5e:98:6b:1f:ab:0d:e2:c5:7e:
27:3d:cb:62:2e:55:a7:f9:31:99:93:89:fa:0f:c4:
1d:e0:0e:c2:7b:cb:80:c5:79:82:f4:44:f4:63:1e:
7f:5d:d6:74:c0:95:ef:f2:55:9e:15:5a:59:0b:86:
97:13:e9:fb:4a:ad:81:37:f4:67:d9:70:4b:27:bb:
43:c2:d9:6c:4d:ff:05:f3:f1:e3:07:34:7c:79:55:
5d:c9:49:70:ba:92:56:f7:b6:34:75:ec:2a:61:6e:
c6:2e:eb:0b:c4:54:87:90:fe:b2:3d:30:3c:22:92:
8e:a8:62:04:f4:92:09:c9:21:75:68:f2:f4:aa:80:
66:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:43:83:8A:32:81:E6:78:D7:EB:E8:CF:C7:12:CD:F8:B8:21:FB:48
X509v3 Authority Key Identifier:
keyid:66:2F:55:D3:77:12:7F:28:CE:26:B7:8F:D8:3B:EC:F4:1B:EC:AD:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zi9V03cSfyjOJreP2Dvs9BvsrUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/I0ODijKB5njX6-jPxxLN-Lgh-0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/Zi9V03cSfyjOJreP2Dvs9BvsrUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.234.0-31.25.239.255
171.22.172.0/22
185.44.64.0/22
185.85.240.0/22
185.116.236.0/23
185.116.239.0/24
185.122.164.0/22
185.168.192.0/22
185.184.68.0/22
185.189.56.0/22
IPv6:
2a0a:2f00:1::-2a0a:2f00:3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6b:98:52:77:a2:de:6f:12:a1:63:96:72:1e:b6:6b:0d:a0:14:
68:12:6b:f8:bd:fb:7a:43:32:f3:1b:5d:51:95:0f:ec:82:61:
ef:b6:d4:14:da:f6:06:ca:55:02:d9:d5:b6:a4:e6:53:4a:3b:
db:be:4d:bd:0a:9e:1b:28:dd:e3:59:44:a3:c4:83:5d:b7:30:
59:f7:1f:c2:a2:32:f9:6a:20:b1:61:f8:12:cc:39:82:2a:cf:
1c:8c:4c:95:f4:53:af:b4:1c:f9:9a:7a:41:09:16:35:80:19:
75:19:2e:e6:14:a0:67:5d:47:aa:86:9b:2b:55:0b:c4:47:42:
89:26:a1:de:05:8c:08:14:e8:90:8b:2d:db:0a:32:6a:58:d2:
36:e3:dd:cd:45:2c:46:1f:d2:73:30:35:9b:0a:5f:e6:93:b1:
ef:c9:d5:70:17:3f:91:b9:52:5e:7c:6f:fc:a4:41:c8:26:89:
ed:2c:95:04:89:de:7d:1a:e3:3a:37:23:72:97:3c:f2:4a:2e:
fe:dc:16:65:07:6b:13:98:ac:b3:26:a1:6f:23:f5:fc:ba:a1:
75:42:0f:18:8d:2e:66:ac:fb:e4:9a:1d:e5:93:f1:64:8e:7b:
d8:74:e1:26:d0:62:15:ec:b1:ba:26:f9:ca:b0:10:39:fe:87:
d1:f3:26:ef
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZXEQe3A3LYjpcVmXuHmPFCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MmY1NWQzNzcxMjdmMjhjZTI2Yjc4ZmQ4M2JlY2Y0MWJl
Y2FkNGIwHhcNMjUwMzIzMTgyNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzQzODM4YTMyODFlNjc4ZDdlYmU4Y2ZjNzEyY2RmOGI4MjFmYjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvp2qHrAMe5GAFxmNm/PjOpZx9BQk
IYa7CeJQJr2GLRjuCYq3vNa7jHjptUoBywfCJYm1k/nKhjXpcQmfm2rVF8Pvv2vL
0z9SAaARGWk4FWO+fk7+s6J3XFeoG7iKKP4/12Nw0zvXfW04pCa4UWHcaVg+YBwN
f4P36j+W8m1emGsfqw3ixX4nPctiLlWn+TGZk4n6D8Qd4A7Ce8uAxXmC9ET0Yx5/
XdZ0wJXv8lWeFVpZC4aXE+n7Sq2BN/Rn2XBLJ7tDwtlsTf8F8/HjBzR8eVVdyUlw
upJW97Y0dewqYW7GLusLxFSHkP6yPTA8IpKOqGIE9JIJySF1aPL0qoBmsQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFCNDg4oygeZ41+voz8cSzfi4IftIMB8GA1UdIwQY
MBaAFGYvVdN3En8ozia3j9g77PQb7K1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmk5VjAzY1NmeWpPSnJlUDJEdnM5QnZzclVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zODhjNzAtZTRjNy00MjBkLTgxODgt
OGJlMTQ2MjUzMzU2LzEvSTBPRGlqS0I1bmpYNi1qUHh4TE4tTGdoLTBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zODhjNzAtZTRjNy00MjBkLTgxODgtOGJlMTQ2MjUzMzU2
LzEvWmk5VjAzY1NmeWpPSnJlUDJEdnM5QnZzclVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBKBAIAATBEMAwDBAEfGeoD
BAQfGeADBAKrFqwDBAK5LEADBAK5VfADBAG5dOwDBAC5dO8DBAK5eqQDBAK5qMAD
BAK5uEQDBAK5vTgwGgQCAAIwFDASAwcAKgovAAABAwcCKgovAAAAMA0GCSqGSIb3
DQEBCwUAA4IBAQBrmFJ3ot5vEqFjlnIetmsNoBRoEmv4vft6QzLzG11RlQ/sgmHv
ttQU2vYGylUC2dW2pOZTSjvbvk29Cp4bKN3jWUSjxINdtzBZ9x/CojL5aiCxYfgS
zDmCKs8cjEyV9FOvtBz5mnpBCRY1gBl1GS7mFKBnXUeqhpsrVQvER0KJJqHeBYwI
FOiQiy3bCjJqWNI2493NRSxGH9JzMDWbCl/mk7HvydVwFz+RuVJefG/8pEHIJont
LJUEid59GuM6NyNylzzySi7+3BZlB2sTmKyzJqFvI/X8uqF1Qg8YjS5mrPvkmh3l
k/FkjnvYdOEm0GIV7LG6JvnKsBA5/ofR8ybv
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:39:06 2025 by rpki-client