Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Ko3rEklug3rUDEVhQEpLj1d3gYM.roa
File: Ko3rEklug3rUDEVhQEpLj1d3gYM.roa (raw, json)
Hash identifier: bycmuR5QSoSjC9/ESqSx3UUCWWVLHt16eq5CicycpgE=
Subject key identifier: 2A:8D:EB:12:49:6E:83:7A:D4:0C:45:61:40:4A:4B:8F:57:77:81:83
Certificate issuer: /CN=3718b734349bf327d9453b96501e44b192e55142
Certificate serial: 0196B4AF503ED14D6766673EA8EE44EB8BB3
Authority key identifier: 37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Ko3rEklug3rUDEVhQEpLj1d3gYM.roa
Signing time: Fri 09 May 2025 10:55:10 +0000
ROA not before: Fri 09 May 2025 10:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.14.37.0/24 maxlen: 24
31.14.38.0/23 maxlen: 23
45.132.27.0/24 maxlen: 24
185.155.54.0/23 maxlen: 24
185.155.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 May 2025 09:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b4:af:50:3e:d1:4d:67:66:67:3e:a8:ee:44:eb:8b:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3718b734349bf327d9453b96501e44b192e55142
Validity
Not Before: May 9 10:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a8deb12496e837ad40c4561404a4b8f57778183
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5d:50:30:b1:cf:68:f1:46:bc:30:b8:13:7b:
39:95:a3:ad:45:d1:2b:2d:59:ef:ef:fa:ad:f9:e4:
7a:cf:68:bb:43:d1:dc:9c:02:13:14:de:e3:eb:1d:
d0:5c:5f:49:5e:61:af:8b:90:a1:20:68:d1:66:3c:
d4:d4:44:ce:68:65:d4:49:f6:d1:af:86:9a:17:6c:
a6:d5:09:c4:ec:19:6d:7a:1f:f2:0f:0b:73:f5:35:
3a:a8:2a:84:40:8b:47:22:f7:c6:78:42:cf:3f:ee:
56:47:75:d1:c3:21:c5:5e:16:72:b8:a6:81:13:7a:
b2:0e:b9:5a:60:3f:9d:27:78:45:00:af:a9:a5:b8:
ba:78:9c:9d:93:79:09:5f:08:7c:29:9f:5b:ae:31:
fc:1e:4b:6a:19:2c:48:45:22:61:cb:77:a3:d9:d6:
3b:8d:29:43:f5:08:e1:83:e6:02:4e:dd:fe:90:2b:
a2:62:b5:e5:0f:14:c8:c7:13:7f:13:46:8e:f0:6d:
0f:99:ab:ac:51:76:4e:ef:d6:08:eb:e6:3e:7b:d3:
1b:aa:50:37:92:d0:b4:88:71:d2:87:3b:a0:1e:e1:
60:94:f0:80:81:38:d7:c9:84:5e:e0:05:2f:1d:fc:
77:24:6f:26:b1:66:66:05:f4:54:10:72:4d:76:f6:
36:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:8D:EB:12:49:6E:83:7A:D4:0C:45:61:40:4A:4B:8F:57:77:81:83
X509v3 Authority Key Identifier:
keyid:37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Ko3rEklug3rUDEVhQEpLj1d3gYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.37.0-31.14.39.255
45.132.27.0/24
185.155.54.0/23
Signature Algorithm: sha256WithRSAEncryption
80:4b:ab:83:92:2d:ab:96:4a:d8:17:0c:a1:c3:e7:de:de:ef:
49:88:ce:64:08:c5:60:17:0c:74:86:9b:05:8c:50:8e:bb:a0:
83:48:99:4f:10:1f:fb:8f:10:98:57:54:8c:ce:0a:16:f7:8e:
6f:22:33:22:3a:db:6c:bc:58:0e:47:b4:e7:b6:84:79:64:a4:
0d:b9:d5:57:9f:54:3d:1e:08:df:13:90:23:c2:95:07:2c:0d:
a1:34:e1:61:d8:4a:c5:c6:8a:bf:b2:97:1b:20:fa:9e:b8:64:
9c:99:fe:6d:35:48:e9:48:7c:f5:c9:91:be:a0:30:fe:e7:6d:
6a:66:26:b1:8f:c1:e3:25:ec:bd:b2:d6:08:5a:a8:12:db:91:
94:06:d2:cd:1f:7a:6f:ee:2c:d6:40:d5:98:a5:a2:45:aa:ff:
f6:cf:f0:7b:79:ff:74:35:ee:c8:bb:75:06:b6:16:a8:88:af:
33:31:0e:58:bb:8a:49:24:a7:d8:aa:a9:bc:02:59:37:b1:e2:
a2:ea:6a:8f:c6:b7:05:34:27:cc:6f:37:0c:d0:b1:cf:89:a6:
87:7f:27:13:49:30:79:02:4d:c3:da:e1:2a:f8:a9:e9:2d:de:
0a:df:31:36:b7:ff:cc:a8:b1:78:cd:2d:79:6c:a3:38:e7:22:
26:42:f5:94
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZa0r1A+0U1nZmc+qO5E64uzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MThiNzM0MzQ5YmYzMjdkOTQ1M2I5NjUwMWU0NGIxOTJl
NTUxNDIwHhcNMjUwNTA5MTA1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYThkZWIxMjQ5NmU4MzdhZDQwYzQ1NjE0MDRhNGI4ZjU3Nzc4MTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmV1QMLHPaPFGvDC4E3s5laOtRdEr
LVnv7/qt+eR6z2i7Q9HcnAITFN7j6x3QXF9JXmGvi5ChIGjRZjzU1ETOaGXUSfbR
r4aaF2ym1QnE7Blteh/yDwtz9TU6qCqEQItHIvfGeELPP+5WR3XRwyHFXhZyuKaB
E3qyDrlaYD+dJ3hFAK+ppbi6eJydk3kJXwh8KZ9brjH8HktqGSxIRSJhy3ej2dY7
jSlD9Qjhg+YCTt3+kCuiYrXlDxTIxxN/E0aO8G0PmausUXZO79YI6+Y+e9MbqlA3
ktC0iHHShzugHuFglPCAgTjXyYRe4AUvHfx3JG8msWZmBfRUEHJNdvY2IQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCqN6xJJboN61AxFYUBKS49Xd4GDMB8GA1UdIwQY
MBaAFDcYtzQ0m/Mn2UU7llAeRLGS5VFCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjct
YzgyM2NjOGYzODM3LzEvS28zckVrbHVnM3JVREVWaFFFcExqMWQzZ1lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjctYzgyM2NjOGYzODM3
LzEvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAfDiUD
BAMfDiADBAAthBsDBAG5mzYwDQYJKoZIhvcNAQELBQADggEBAIBLq4OSLauWStgX
DKHD597e70mIzmQIxWAXDHSGmwWMUI67oINImU8QH/uPEJhXVIzOChb3jm8iMyI6
22y8WA5HtOe2hHlkpA251VefVD0eCN8TkCPClQcsDaE04WHYSsXGir+ylxsg+p64
ZJyZ/m01SOlIfPXJkb6gMP7nbWpmJrGPweMl7L2y1ghaqBLbkZQG0s0fem/uLNZA
1ZilokWq//bP8Ht5/3Q17si7dQa2FqiIrzMxDli7ikkkp9iqqbwCWTex4qLqao/G
twU0J8xvNwzQsc+Jpod/JxNJMHkCTcPa4Sr4qekt3grfMTa3/8yosXjNLXlsozjn
IiZC9ZQ=
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:16:41 2025 by rpki-client