Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/5ac21d-7616-4eef-85d7-63b52aa7f8da/1/D1iY7CUKmT0bye-mhOCv0ObixFw.roa
File: D1iY7CUKmT0bye-mhOCv0ObixFw.roa (raw, json)
Hash identifier: WLhou9oXzXtfqFO5AmVtAcWrrEx4v85bgcpFK3UQ108=
Subject key identifier: 0F:58:98:EC:25:0A:99:3D:1B:C9:EF:A6:84:E0:AF:D0:E6:E2:C4:5C
Certificate issuer: /CN=b732762a5e861e976de53d14786f39e3a669681b
Certificate serial: 0194988E3EA06A0DE91D7330E7615E5B6D74
Authority key identifier: B7:32:76:2A:5E:86:1E:97:6D:E5:3D:14:78:6F:39:E3:A6:69:68:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tzJ2Kl6GHpdt5T0UeG8546ZpaBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/5ac21d-7616-4eef-85d7-63b52aa7f8da/1/D1iY7CUKmT0bye-mhOCv0ObixFw.roa
Signing time: Fri 24 Jan 2025 13:44:06 +0000
ROA not before: Fri 24 Jan 2025 13:44:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41327
IP address blocks: 31.185.96.0/24 maxlen: 24
93.94.88.0/21 maxlen: 24
185.61.168.0/22 maxlen: 24
185.157.228.0/22 maxlen: 24
2a03:b020::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 25 Jan 2025 07:12:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:98:8e:3e:a0:6a:0d:e9:1d:73:30:e7:61:5e:5b:6d:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b732762a5e861e976de53d14786f39e3a669681b
Validity
Not Before: Jan 24 13:44:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f5898ec250a993d1bc9efa684e0afd0e6e2c45c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a2:48:d9:9f:ad:93:88:07:76:07:ff:08:05:
c6:e4:4e:c9:d2:ed:24:5c:1e:61:f2:20:90:08:0c:
a0:8c:45:a6:68:ac:98:28:da:8b:fb:aa:c6:1b:e1:
6d:60:fb:64:0d:f2:ec:64:1c:44:40:de:94:11:f5:
98:59:3b:90:d0:a8:03:7a:02:47:e5:24:c4:7a:dc:
a8:07:95:51:64:67:39:11:e8:f7:78:7b:78:98:82:
c3:be:cd:24:c6:26:b0:e7:67:95:95:5f:c1:9e:7f:
97:14:f6:f9:3e:37:a7:27:cd:03:75:23:c1:d3:1e:
f6:69:80:08:de:59:e9:c7:54:c6:43:7a:6a:b3:3a:
43:b7:e1:ec:a2:55:c9:93:e8:6d:69:53:66:8b:82:
ae:fc:13:21:76:10:b5:cd:60:2c:24:33:4a:a2:0f:
7d:8b:c6:fb:70:04:b5:e1:94:72:48:37:1d:13:8d:
0a:06:c7:21:1a:78:e3:cf:69:c6:cb:5e:15:9b:c5:
0d:09:9e:c4:5c:1f:c2:93:2a:7f:fb:c2:19:0a:d8:
20:e5:3a:2b:a5:97:1c:c7:da:bc:d7:96:a4:dc:10:
a7:10:68:81:56:e0:ab:63:7e:f4:1a:2b:fb:38:9e:
43:99:ef:f7:13:99:0d:a4:84:4d:12:3e:59:91:95:
01:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:58:98:EC:25:0A:99:3D:1B:C9:EF:A6:84:E0:AF:D0:E6:E2:C4:5C
X509v3 Authority Key Identifier:
keyid:B7:32:76:2A:5E:86:1E:97:6D:E5:3D:14:78:6F:39:E3:A6:69:68:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tzJ2Kl6GHpdt5T0UeG8546ZpaBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5ac21d-7616-4eef-85d7-63b52aa7f8da/1/D1iY7CUKmT0bye-mhOCv0ObixFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5ac21d-7616-4eef-85d7-63b52aa7f8da/1/tzJ2Kl6GHpdt5T0UeG8546ZpaBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.96.0/24
93.94.88.0/21
185.61.168.0/22
185.157.228.0/22
IPv6:
2a03:b020::/29
Signature Algorithm: sha256WithRSAEncryption
5e:17:94:d4:d4:c9:4c:6e:d2:46:30:67:b1:7e:c6:40:bc:53:
b1:67:6d:c1:55:c0:ad:0e:71:62:8f:8b:2a:ce:9a:57:f0:69:
55:63:7e:fe:55:30:98:70:7f:d9:4f:ae:f8:83:f9:fb:c8:81:
23:d3:40:1a:33:19:50:cd:7c:f7:8a:ea:0d:56:eb:97:32:fb:
f9:2b:a3:6c:6f:3a:d6:c9:af:dd:37:85:2d:27:1f:da:7e:67:
d3:ae:c6:83:79:92:73:51:50:89:70:a6:e6:be:e1:7d:f5:b3:
7f:b6:35:e9:cc:24:f5:41:ca:9a:f9:84:71:b3:e2:a1:39:26:
c4:f8:d8:e8:24:a4:11:50:cf:cf:c3:2f:73:3c:a7:3b:44:41:
91:17:fc:0c:43:3b:70:ca:a3:26:e6:c0:79:5e:6b:cf:a3:3b:
56:f0:b2:3c:fb:78:7b:28:31:f3:0e:0a:e1:47:3c:d2:7c:1c:
5a:d5:30:99:64:f7:c8:32:ce:cc:ef:71:05:ca:af:4b:e5:92:
c0:43:4e:1e:3b:1d:c2:11:1e:37:c2:35:df:d8:bb:7f:d7:1f:
ce:95:ee:fc:2c:fb:29:37:b7:34:ee:17:8d:52:d5:5d:89:60:
07:dd:fa:79:1c:41:3f:23:b8:99:32:d5:f2:f6:89:72:78:9b:
73:2d:70:69
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZSYjj6gag3pHXMw52FeW210MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MzI3NjJhNWU4NjFlOTc2ZGU1M2QxNDc4NmYzOWUzYTY2
OTY4MWIwHhcNMjUwMTI0MTM0NDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjU4OThlYzI1MGE5OTNkMWJjOWVmYTY4NGUwYWZkMGU2ZTJjNDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6JI2Z+tk4gHdgf/CAXG5E7J0u0k
XB5h8iCQCAygjEWmaKyYKNqL+6rGG+FtYPtkDfLsZBxEQN6UEfWYWTuQ0KgDegJH
5STEetyoB5VRZGc5Eej3eHt4mILDvs0kxiaw52eVlV/Bnn+XFPb5PjenJ80DdSPB
0x72aYAI3lnpx1TGQ3pqszpDt+HsolXJk+htaVNmi4Ku/BMhdhC1zWAsJDNKog99
i8b7cAS14ZRySDcdE40KBschGnjjz2nGy14Vm8UNCZ7EXB/Ckyp/+8IZCtgg5Tor
pZccx9q815ak3BCnEGiBVuCrY370Giv7OJ5Dme/3E5kNpIRNEj5ZkZUBbwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFA9YmOwlCpk9G8nvpoTgr9Dm4sRcMB8GA1UdIwQY
MBaAFLcydipehh6XbeU9FHhvOeOmaWgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHpKMktsNkdIcGR0NVQwVWVHODU0NlpwYUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny81YWMyMWQtNzYxNi00ZWVmLTg1ZDct
NjNiNTJhYTdmOGRhLzEvRDFpWTdDVUttVDBieWUtbWhPQ3YwT2JpeEZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny81YWMyMWQtNzYxNi00ZWVmLTg1ZDctNjNiNTJhYTdmOGRh
LzEvdHpKMktsNkdIcGR0NVQwVWVHODU0NlpwYUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAH7lgAwQD
XV5YAwQCuT2oAwQCuZ3kMA0EAgACMAcDBQMqA7AgMA0GCSqGSIb3DQEBCwUAA4IB
AQBeF5TU1MlMbtJGMGexfsZAvFOxZ23BVcCtDnFij4sqzppX8GlVY37+VTCYcH/Z
T674g/n7yIEj00AaMxlQzXz3iuoNVuuXMvv5K6NsbzrWya/dN4UtJx/afmfTrsaD
eZJzUVCJcKbmvuF99bN/tjXpzCT1Qcqa+YRxs+KhOSbE+NjoJKQRUM/Pwy9zPKc7
REGRF/wMQztwyqMm5sB5XmvPoztW8LI8+3h7KDHzDgrhRzzSfBxa1TCZZPfIMs7M
73EFyq9L5ZLAQ04eOx3CER43wjXf2Lt/1x/Ole78LPspN7c07heNUtVdiWAH3fp5
HEE/I7iZMtXy9olyeJtzLXBp
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:53:38 2025 by rpki-client