Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/5ac21d-7616-4eef-85d7-63b52aa7f8da/1/yHJISPBQhCAoUZN2cKhP3ZgGXy8.roa
File: yHJISPBQhCAoUZN2cKhP3ZgGXy8.roa (raw, json)
Hash identifier: +x6iIPDvnjIDi+uWwheou0rgsb6jtPL+yDY8a8UvL8M=
Subject key identifier: C8:72:48:48:F0:50:84:20:28:51:93:76:70:A8:4F:DD:98:06:5F:2F
Certificate issuer: /CN=b732762a5e861e976de53d14786f39e3a669681b
Certificate serial: 0196FC359FA045410A108734B3C2001F0C75
Authority key identifier: B7:32:76:2A:5E:86:1E:97:6D:E5:3D:14:78:6F:39:E3:A6:69:68:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tzJ2Kl6GHpdt5T0UeG8546ZpaBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/5ac21d-7616-4eef-85d7-63b52aa7f8da/1/yHJISPBQhCAoUZN2cKhP3ZgGXy8.roa
Signing time: Fri 23 May 2025 08:14:54 +0000
ROA not before: Fri 23 May 2025 08:14:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41327
IP address blocks: 31.185.96.0/24 maxlen: 24
31.185.98.0/24 maxlen: 24
31.185.99.0/24 maxlen: 24
31.185.100.0/22 maxlen: 24
31.185.100.0/24 maxlen: 24
31.185.102.0/23 maxlen: 24
93.94.88.0/21 maxlen: 24
185.61.168.0/22 maxlen: 24
185.157.228.0/22 maxlen: 24
2a03:b020::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 26 May 2025 08:02:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fc:35:9f:a0:45:41:0a:10:87:34:b3:c2:00:1f:0c:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b732762a5e861e976de53d14786f39e3a669681b
Validity
Not Before: May 23 08:14:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8724848f05084202851937670a84fdd98065f2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c8:28:85:fc:96:cc:8b:0e:39:04:12:c2:86:
4b:31:2f:90:56:4b:19:c7:df:dd:80:da:c7:be:fe:
b7:42:69:89:c8:94:d1:1f:25:f7:b0:f6:0b:ec:5c:
12:8e:26:8d:e7:8b:a6:eb:c8:dd:00:47:28:d2:05:
05:8c:54:e6:d3:01:01:ae:84:2d:36:d6:ee:2e:42:
b2:8d:05:d4:97:e0:cc:d3:0c:48:8f:15:0f:fc:f0:
5f:ee:57:bd:76:ff:d4:8e:bd:0f:74:ba:8c:87:d2:
86:3f:79:b5:bc:2e:ec:91:75:a7:5b:c9:07:8e:1e:
f2:41:2c:67:fb:5d:66:e6:e7:81:57:5d:43:80:e6:
e9:1b:45:0b:2b:7a:de:43:77:3a:fa:fa:eb:da:b4:
8e:c7:96:bb:9d:e5:a6:15:dd:b1:87:c8:78:99:f8:
38:3c:f3:00:00:9d:3a:6f:03:fd:1c:ad:fc:d7:aa:
80:52:09:2e:ca:a2:c3:88:3b:19:cd:ad:6f:b2:a8:
6f:48:6c:c6:d8:4c:a0:69:a9:88:f6:a8:fe:99:79:
f3:c0:34:f2:14:c3:c7:38:44:43:c8:02:31:74:45:
fb:06:1f:e6:ee:10:56:9e:2e:54:f5:97:b2:5d:e3:
4e:26:3a:31:5e:c0:a1:7c:e2:a6:af:ea:95:2b:3e:
97:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:72:48:48:F0:50:84:20:28:51:93:76:70:A8:4F:DD:98:06:5F:2F
X509v3 Authority Key Identifier:
keyid:B7:32:76:2A:5E:86:1E:97:6D:E5:3D:14:78:6F:39:E3:A6:69:68:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tzJ2Kl6GHpdt5T0UeG8546ZpaBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5ac21d-7616-4eef-85d7-63b52aa7f8da/1/yHJISPBQhCAoUZN2cKhP3ZgGXy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5ac21d-7616-4eef-85d7-63b52aa7f8da/1/tzJ2Kl6GHpdt5T0UeG8546ZpaBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.96.0/24
31.185.98.0-31.185.103.255
93.94.88.0/21
185.61.168.0/22
185.157.228.0/22
IPv6:
2a03:b020::/29
Signature Algorithm: sha256WithRSAEncryption
a2:cc:3e:d7:91:fe:3f:8a:f1:ca:fd:5b:b4:8c:7b:6b:17:1c:
ad:cf:1a:c2:c1:86:dd:86:13:1f:9a:8c:4a:5f:b8:a5:42:9c:
24:48:f4:8e:36:08:4a:40:c1:9c:19:ab:12:be:38:ee:95:c5:
d3:20:14:f6:6f:e4:a7:75:15:21:6a:b1:23:98:55:f1:6c:92:
b3:ba:57:28:a4:3e:fe:01:6e:c7:48:d5:ee:54:37:68:96:51:
96:9c:32:ba:e1:1f:d9:78:2a:a4:6b:d9:62:4e:a8:f4:ea:d0:
69:bd:4d:d4:31:f7:a4:75:e6:f3:35:12:9b:7d:4a:4a:a0:cf:
d2:d5:b5:c0:93:31:84:2d:00:35:2f:7b:58:97:d1:c0:73:d1:
a2:44:85:56:6b:1d:79:d7:a9:ca:07:74:ee:55:1f:85:c4:46:
aa:2f:2b:4e:59:74:33:31:93:f9:88:53:d2:22:c0:35:a8:94:
78:36:59:de:22:c3:eb:7e:b2:d4:db:20:69:69:fc:e6:07:a1:
46:0b:e1:75:72:1e:3c:54:84:15:79:5f:38:9f:6e:8b:c4:88:
a8:85:f7:58:da:2f:89:69:25:5b:41:bd:c9:df:b2:f7:24:dc:
45:f7:f6:8a:d1:6f:08:e3:a0:9e:8d:ec:d1:78:ba:82:32:45:
b3:4d:e4:c9
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZb8NZ+gRUEKEIc0s8IAHwx1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MzI3NjJhNWU4NjFlOTc2ZGU1M2QxNDc4NmYzOWUzYTY2
OTY4MWIwHhcNMjUwNTIzMDgxNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODcyNDg0OGYwNTA4NDIwMjg1MTkzNzY3MGE4NGZkZDk4MDY1ZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8gohfyWzIsOOQQSwoZLMS+QVksZ
x9/dgNrHvv63QmmJyJTRHyX3sPYL7FwSjiaN54um68jdAEco0gUFjFTm0wEBroQt
NtbuLkKyjQXUl+DM0wxIjxUP/PBf7le9dv/Ujr0PdLqMh9KGP3m1vC7skXWnW8kH
jh7yQSxn+11m5ueBV11DgObpG0ULK3reQ3c6+vrr2rSOx5a7neWmFd2xh8h4mfg4
PPMAAJ06bwP9HK3816qAUgkuyqLDiDsZza1vsqhvSGzG2EygaamI9qj+mXnzwDTy
FMPHOERDyAIxdEX7Bh/m7hBWni5U9ZeyXeNOJjoxXsChfOKmr+qVKz6XOQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFMhySEjwUIQgKFGTdnCoT92YBl8vMB8GA1UdIwQY
MBaAFLcydipehh6XbeU9FHhvOeOmaWgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHpKMktsNkdIcGR0NVQwVWVHODU0NlpwYUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny81YWMyMWQtNzYxNi00ZWVmLTg1ZDct
NjNiNTJhYTdmOGRhLzEveUhKSVNQQlFoQ0FvVVpOMmNLaFAzWmdHWHk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny81YWMyMWQtNzYxNi00ZWVmLTg1ZDctNjNiNTJhYTdmOGRh
LzEvdHpKMktsNkdIcGR0NVQwVWVHODU0NlpwYUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQAH7lgMAwD
BAEfuWIDBAMfuWADBANdXlgDBAK5PagDBAK5neQwDQQCAAIwBwMFAyoDsCAwDQYJ
KoZIhvcNAQELBQADggEBAKLMPteR/j+K8cr9W7SMe2sXHK3PGsLBht2GEx+ajEpf
uKVCnCRI9I42CEpAwZwZqxK+OO6VxdMgFPZv5Kd1FSFqsSOYVfFskrO6VyikPv4B
bsdI1e5UN2iWUZacMrrhH9l4KqRr2WJOqPTq0Gm9TdQx96R15vM1Ept9Skqgz9LV
tcCTMYQtADUve1iX0cBz0aJEhVZrHXnXqcoHdO5VH4XERqovK05ZdDMxk/mIU9Ii
wDWolHg2Wd4iw+t+stTbIGlp/OYHoUYL4XVyHjxUhBV5XzifbovEiKiF91jaL4lp
JVtBvcnfsvck3EX39orRbwjjoJ6N7NF4uoIyRbNN5Mk=
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:39:32 2025 by rpki-client