Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/oFBogTK2wqJcDUqMcJAfr7zE2zE.roa
File: oFBogTK2wqJcDUqMcJAfr7zE2zE.roa (raw, json)
Hash identifier: yVUCE/h1dJY9WQ7xIkU7tXB6JLPmIJASKDD7EUGtvXA=
Subject key identifier: A0:50:68:81:32:B6:C2:A2:5C:0D:4A:8C:70:90:1F:AF:BC:C4:DB:31
Certificate issuer: /CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Certificate serial: 0194B1C7752A57F3040C3DB51BA220F4726A
Authority key identifier: DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/oFBogTK2wqJcDUqMcJAfr7zE2zE.roa
Signing time: Wed 29 Jan 2025 11:17:06 +0000
ROA not before: Wed 29 Jan 2025 11:17:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59675
IP address blocks: 31.220.150.0/24 maxlen: 24
128.0.144.0/23 maxlen: 24
128.0.144.0/24 maxlen: 24
128.0.145.0/24 maxlen: 24
128.0.146.0/23 maxlen: 23
128.0.148.0/23 maxlen: 23
128.0.150.0/24 maxlen: 24
128.0.151.0/24 maxlen: 24
128.0.152.0/24 maxlen: 24
128.0.153.0/24 maxlen: 24
128.0.154.0/24 maxlen: 24
185.5.8.0/23 maxlen: 24
185.5.8.0/24 maxlen: 24
185.5.9.0/24 maxlen: 24
185.5.10.0/23 maxlen: 23
213.185.78.0/23 maxlen: 23
213.185.80.0/22 maxlen: 24
213.185.80.0/24 maxlen: 24
213.185.84.0/23 maxlen: 23
2a02:45c0::/32 maxlen: 48
2a02:45c0::/48 maxlen: 48
2a02:45c0:3::/48 maxlen: 48
2a02:45c0:7::/48 maxlen: 48
2a02:45c0:8::/48 maxlen: 48
2a02:45c0:9::/48 maxlen: 48
2a02:45c0:10::/48 maxlen: 48
2a02:45c0:13::/48 maxlen: 48
2a02:45c0:18::/48 maxlen: 48
2a02:45c0:19::/48 maxlen: 48
2a02:45c0:20::/48 maxlen: 48
2a02:45c0:fffe::/48 maxlen: 48
2a02:45c0:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 13 Mar 2025 10:23:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b1:c7:75:2a:57:f3:04:0c:3d:b5:1b:a2:20:f4:72:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Validity
Not Before: Jan 29 11:17:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a050688132b6c2a25c0d4a8c70901fafbcc4db31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c2:9b:cd:9a:d4:0c:d0:07:c9:5b:01:84:e2:
e7:7d:e6:ef:aa:21:da:40:b9:90:3d:74:4f:cb:c7:
09:c7:6d:9d:02:0f:b9:41:b2:34:d8:2e:dd:21:67:
ff:f8:0e:6b:b2:13:2c:d9:c5:c7:8f:5b:25:15:e7:
0d:fc:e1:4a:d0:57:96:28:60:74:3f:0b:86:a4:62:
69:ca:72:f3:48:03:8c:c5:7b:0c:42:99:20:14:fd:
dd:89:a6:e6:4d:b8:2b:d7:65:25:9e:ae:1e:3f:d4:
29:0a:7e:09:29:39:08:e0:26:11:fe:e1:e9:da:fb:
c6:e7:b1:d7:6b:1d:e3:bc:1f:33:4f:c7:a1:ca:bc:
f7:aa:8c:c1:c5:1a:ae:30:ef:27:66:9f:45:84:39:
90:0e:45:85:67:e8:e6:ca:32:f6:f2:a6:86:ce:5b:
54:87:69:60:7c:72:f8:38:03:09:ea:31:7d:dd:eb:
5c:d4:b5:2f:9b:63:c5:e6:81:0b:6a:78:de:75:51:
08:f4:0d:de:8c:70:70:a6:3e:aa:f0:be:03:13:b8:
fb:a1:dd:45:65:b7:33:02:6a:76:17:89:a3:a3:35:
42:d6:13:06:88:72:22:a4:4c:d9:16:e9:55:3c:a5:
93:5d:87:31:d4:69:1e:4a:b5:05:a5:72:b8:3e:2d:
b4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:50:68:81:32:B6:C2:A2:5C:0D:4A:8C:70:90:1F:AF:BC:C4:DB:31
X509v3 Authority Key Identifier:
keyid:DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/oFBogTK2wqJcDUqMcJAfr7zE2zE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/29T45HYjd_hrB6h1P26Y9vS2t5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.150.0/24
128.0.144.0-128.0.154.255
185.5.8.0/22
213.185.78.0-213.185.85.255
IPv6:
2a02:45c0::/32
Signature Algorithm: sha256WithRSAEncryption
4d:b0:4c:f6:4a:4a:8e:44:e9:9c:f1:af:1b:86:c1:12:94:09:
80:93:f8:eb:ef:c4:48:b1:a9:31:a8:33:c4:63:f1:dc:d2:e4:
b6:aa:8c:f8:db:1e:9d:03:72:67:09:0e:12:0e:86:cf:d0:ed:
9f:98:7f:41:2f:98:5c:bc:98:a7:d7:12:61:a8:1d:38:d8:08:
73:46:79:6e:2f:ee:d2:d4:84:8c:f7:92:21:dc:29:57:f2:48:
29:27:4c:9b:75:60:00:88:c1:97:6d:27:e5:58:9f:27:c2:7a:
fc:e8:b8:84:d5:3b:58:45:da:7b:cf:09:35:46:9b:9d:7e:82:
21:d2:2b:8d:63:c1:f4:ec:32:14:9e:21:46:49:44:ba:66:27:
45:f3:d7:07:86:f6:02:6c:30:23:eb:bc:56:21:87:f0:b5:81:
45:e6:57:71:3e:57:78:37:8e:73:7e:5a:e9:c1:da:3b:b6:a3:
9d:07:3c:ba:fd:50:50:ba:ac:65:ed:ac:fe:e5:a1:f7:10:79:
90:8a:63:6a:bf:05:31:b7:c6:50:2e:9b:fe:da:dd:b6:51:97:
f2:28:67:75:57:43:6a:48:2c:e7:21:1e:b6:cd:92:53:1c:37:
31:6f:d5:4e:12:3f:da:3e:45:f2:6d:c7:08:51:3c:a7:ed:b0:
e4:75:c4:54
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZSxx3UqV/MEDD21G6Ig9HJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDRmOGU0NzYyMzc3Zjg2YjA3YTg3NTNmNmU5OGY2ZjRi
NmI3OTIwHhcNMjUwMTI5MTExNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDUwNjg4MTMyYjZjMmEyNWMwZDRhOGM3MDkwMWZhZmJjYzRkYjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcKbzZrUDNAHyVsBhOLnfebvqiHa
QLmQPXRPy8cJx22dAg+5QbI02C7dIWf/+A5rshMs2cXHj1slFecN/OFK0FeWKGB0
PwuGpGJpynLzSAOMxXsMQpkgFP3diabmTbgr12Ulnq4eP9QpCn4JKTkI4CYR/uHp
2vvG57HXax3jvB8zT8ehyrz3qozBxRquMO8nZp9FhDmQDkWFZ+jmyjL28qaGzltU
h2lgfHL4OAMJ6jF93etc1LUvm2PF5oELanjedVEI9A3ejHBwpj6q8L4DE7j7od1F
ZbczAmp2F4mjozVC1hMGiHIipEzZFulVPKWTXYcx1GkeSrUFpXK4Pi208wIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFKBQaIEytsKiXA1KjHCQH6+8xNsxMB8GA1UdIwQY
MBaAFNvU+OR2I3f4aweodT9umPb0treSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUt
NjIwYTc5Y2Y3OTJiLzEvb0ZCb2dUSzJ3cUpjRFVxTWNKQWZyN3pFMnpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUtNjIwYTc5Y2Y3OTJi
LzEvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwQAH9yWMAwD
BASAAJADBACAAJoDBAK5BQgwDAMEAdW5TgMEAdW5VDANBAIAAjAHAwUAKgJFwDAN
BgkqhkiG9w0BAQsFAAOCAQEATbBM9kpKjkTpnPGvG4bBEpQJgJP46+/ESLGpMagz
xGPx3NLktqqM+NsenQNyZwkOEg6Gz9Dtn5h/QS+YXLyYp9cSYagdONgIc0Z5bi/u
0tSEjPeSIdwpV/JIKSdMm3VgAIjBl20n5VifJ8J6/Oi4hNU7WEXae88JNUabnX6C
IdIrjWPB9OwyFJ4hRklEumYnRfPXB4b2AmwwI+u8ViGH8LWBReZXcT5XeDeOc35a
6cHaO7ajnQc8uv1QULqsZe2s/uWh9xB5kIpjar8FMbfGUC6b/trdtlGX8ihndVdD
akgs5yEets2SUxw3MW/VThI/2j5F8m3HCFE8p+2w5HXEVA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:27:14 2025 by rpki-client