Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/4UOG068fjMygXDQrNeRp8hDRv14.roa
File: 4UOG068fjMygXDQrNeRp8hDRv14.roa (raw, json)
Hash identifier: IfgW3Rjqv3+d/+XNzajV+158cp8sqeJQH4TwEXX7fng=
Subject key identifier: E1:43:86:D3:AF:1F:8C:CC:A0:5C:34:2B:35:E4:69:F2:10:D1:BF:5E
Certificate issuer: /CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Certificate serial: 01949284D67CA013E9E1FAF53101BE260046
Authority key identifier: 24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/4UOG068fjMygXDQrNeRp8hDRv14.roa
Signing time: Thu 23 Jan 2025 09:36:06 +0000
ROA not before: Thu 23 Jan 2025 09:36:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9141
IP address blocks: 31.178.0.0/17 maxlen: 17
31.178.128.0/17 maxlen: 17
85.222.0.0/19 maxlen: 19
85.222.32.0/19 maxlen: 19
85.222.52.0/22 maxlen: 22
85.222.64.0/19 maxlen: 19
85.222.96.0/19 maxlen: 19
89.70.108.0/22 maxlen: 22
89.72.228.0/22 maxlen: 22
89.77.216.0/22 maxlen: 22
195.34.210.0/23 maxlen: 23
217.119.64.0/20 maxlen: 20
2a02:a300::/29 maxlen: 29
2a02:a308::/29 maxlen: 29
2a02:a315:e500::/40 maxlen: 40
2a02:a316:e100::/40 maxlen: 40
2a02:a319:6000::/40 maxlen: 40
2a02:a31b:c400::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 05 Feb 2025 14:28:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:92:84:d6:7c:a0:13:e9:e1:fa:f5:31:01:be:26:00:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Validity
Not Before: Jan 23 09:36:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e14386d3af1f8ccca05c342b35e469f210d1bf5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1a:ba:fd:67:92:f1:2b:41:94:c8:5f:f3:85:
92:cd:93:3f:ba:65:69:32:ea:ce:35:29:35:cd:c2:
19:7a:ee:91:b5:cc:83:3c:28:55:a4:0d:40:18:d5:
86:4c:b8:1a:21:ca:71:63:bd:88:25:bd:9e:fd:a5:
3c:22:d1:87:54:a9:8d:ab:19:fc:bc:f3:c3:33:b2:
74:d2:91:31:95:48:ad:e8:5b:61:90:b6:47:fa:54:
41:a1:f2:bb:42:73:b2:5f:fb:e8:09:7c:1c:91:04:
da:53:03:84:92:c5:49:5d:fb:fb:2e:85:bd:9d:31:
6b:10:ad:5c:bb:0d:9e:0c:00:2e:bf:ec:f3:96:96:
85:94:6f:93:48:cc:4b:3e:80:44:3d:db:6d:f5:6b:
31:15:a4:f9:3c:20:92:f8:aa:22:1e:b7:85:6b:27:
f7:69:fb:ff:96:ef:38:73:ec:48:95:e5:a2:7a:fc:
1d:7e:d9:b2:d6:86:0e:53:72:93:35:7a:44:96:3d:
ba:2f:68:bf:81:9a:ae:80:fa:3f:3d:48:28:cd:08:
98:0b:1c:ed:8c:bf:1f:45:43:41:a7:08:ae:4b:47:
af:9a:89:f3:58:07:91:10:65:0a:df:3b:70:d5:48:
89:64:45:e1:37:a8:7f:ca:98:c3:01:4e:b0:3a:82:
e2:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:43:86:D3:AF:1F:8C:CC:A0:5C:34:2B:35:E4:69:F2:10:D1:BF:5E
X509v3 Authority Key Identifier:
keyid:24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/4UOG068fjMygXDQrNeRp8hDRv14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/JBR8iz83hQ6fkHSZOEXE4Gn47-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.178.0.0/16
85.222.0.0/17
89.70.108.0/22
89.72.228.0/22
89.77.216.0/22
195.34.210.0/23
217.119.64.0/20
IPv6:
2a02:a300::/28
2a02:a315:e500::/40
2a02:a316:e100::/40
2a02:a319:6000::/40
2a02:a31b:c400::/40
Signature Algorithm: sha256WithRSAEncryption
96:e9:dd:c9:62:f9:a1:9a:6b:bb:05:6e:1e:2f:34:d9:a4:32:
03:13:d4:34:7c:27:70:c2:55:b8:c2:40:c9:c5:c1:d5:02:00:
93:ab:3b:48:77:d2:f4:36:69:dc:03:e8:34:71:5a:a3:ef:db:
e3:10:03:85:bf:32:34:ea:98:f0:79:a7:05:a8:a7:36:cf:e6:
94:31:18:a3:9f:11:6d:4b:69:a7:ce:a9:ba:7e:5d:49:f5:eb:
dd:80:44:2e:2d:c9:bb:bd:5c:65:9b:1b:6a:48:39:eb:05:d4:
23:f4:21:c7:fb:4c:1e:12:8c:b0:d7:ef:ab:5c:6f:8d:e7:d9:
9c:d6:7f:cf:f6:98:aa:95:3e:29:f9:46:94:b2:ca:ee:79:07:
ec:c7:82:77:a1:4f:a5:b6:3c:4c:8a:25:c7:df:e4:c7:62:b9:
b5:3f:d3:71:5d:02:42:21:13:26:ef:a9:0b:09:ce:2b:fa:03:
d4:b8:78:7e:34:10:b5:07:bb:c3:76:48:76:89:43:90:05:c8:
07:31:10:4c:99:63:23:e2:37:6b:6a:a5:3d:7f:64:62:0b:76:
e7:32:59:c4:9e:a6:dc:76:40:73:09:2a:f6:f6:ab:ed:e0:82:
5f:05:8f:51:af:1a:3e:40:df:54:3c:79:06:9b:3c:e6:b4:57:
09:7c:a6:79
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZSShNZ8oBPp4fr1MQG+JgBGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTQ3YzhiM2YzNzg1MGU5ZjkwNzQ5OTM4NDVjNGUwNjlm
OGVmZTIwHhcNMjUwMTIzMDkzNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTQzODZkM2FmMWY4Y2NjYTA1YzM0MmIzNWU0NjlmMjEwZDFiZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRq6/WeS8StBlMhf84WSzZM/umVp
MurONSk1zcIZeu6RtcyDPChVpA1AGNWGTLgaIcpxY72IJb2e/aU8ItGHVKmNqxn8
vPPDM7J00pExlUit6FthkLZH+lRBofK7QnOyX/voCXwckQTaUwOEksVJXfv7LoW9
nTFrEK1cuw2eDAAuv+zzlpaFlG+TSMxLPoBEPdtt9WsxFaT5PCCS+KoiHreFayf3
afv/lu84c+xIleWievwdftmy1oYOU3KTNXpElj26L2i/gZqugPo/PUgozQiYCxzt
jL8fRUNBpwiuS0evmonzWAeREGUK3ztw1UiJZEXhN6h/ypjDAU6wOoLirwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFOFDhtOvH4zMoFw0KzXkafIQ0b9eMB8GA1UdIwQY
MBaAFCQUfIs/N4UOn5B0mThFxOBp+O/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEt
YjM1MzViNGNhNTBmLzEvNFVPRzA2OGZqTXlnWERRck5lUnA4aERSdjE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEtYjM1MzViNGNhNTBm
LzEvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDAvBAIAATApAwMAH7IDBAdV
3gADBAJZRmwDBAJZSOQDBAJZTdgDBAHDItIDBATZd0AwLQQCAAIwJwMFBCoCowAD
BgAqAqMV5QMGACoCoxbhAwYAKgKjGWADBgAqAqMbxDANBgkqhkiG9w0BAQsFAAOC
AQEAlundyWL5oZpruwVuHi802aQyAxPUNHwncMJVuMJAycXB1QIAk6s7SHfS9DZp
3APoNHFao+/b4xADhb8yNOqY8HmnBainNs/mlDEYo58RbUtpp86pun5dSfXr3YBE
Li3Ju71cZZsbakg56wXUI/Qhx/tMHhKMsNfvq1xvjefZnNZ/z/aYqpU+KflGlLLK
7nkH7MeCd6FPpbY8TIolx9/kx2K5tT/TcV0CQiETJu+pCwnOK/oD1Lh4fjQQtQe7
w3ZIdolDkAXIBzEQTJljI+I3a2qlPX9kYgt25zJZxJ6m3HZAcwkq9var7eCCXwWP
Ua8aPkDfVDx5Bps85rRXCXymeQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:53:43 2025 by rpki-client