Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/7oyrS6JxapoD5V7pcNnIXu6Dw3c.roa
File: 7oyrS6JxapoD5V7pcNnIXu6Dw3c.roa (raw, json)
Hash identifier: C5lGEd0hcpHRUfpnuZPp/QNQ8Y38td8vJfuQP7VXp88=
Subject key identifier: EE:8C:AB:4B:A2:71:6A:9A:03:E5:5E:E9:70:D9:C8:5E:EE:83:C3:77
Certificate issuer: /CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Certificate serial: 019425FDBC09FA0F44E77A31262906394AFB
Authority key identifier: E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/7oyrS6JxapoD5V7pcNnIXu6Dw3c.roa
Signing time: Thu 02 Jan 2025 07:49:33 +0000
ROA not before: Thu 02 Jan 2025 07:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.222.200.0/22 maxlen: 22
31.222.204.0/22 maxlen: 24
37.148.218.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 Jan 2025 03:16:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:bc:09:fa:0f:44:e7:7a:31:26:29:06:39:4a:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Validity
Not Before: Jan 2 07:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee8cab4ba2716a9a03e55ee970d9c85eee83c377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:42:41:2d:4f:f7:91:c9:70:c7:38:82:03:b2:
14:17:07:81:cb:11:3c:34:a1:be:f7:76:38:d0:fb:
fe:02:4f:d0:39:c9:61:61:f0:c7:42:b2:9a:f4:c9:
77:3f:eb:98:98:2d:17:06:c2:95:97:f9:ea:cc:f1:
09:d3:63:60:0f:a3:b0:6f:67:44:62:33:c9:48:f9:
f4:01:72:18:18:35:a4:7f:62:6b:f4:15:d9:dd:9f:
b1:13:cb:be:4e:7f:2b:04:53:1b:8f:6d:be:95:d1:
5f:5e:d3:b1:a3:f2:6d:cf:b3:50:a5:26:ac:5c:65:
fc:53:4d:e8:05:06:da:79:16:fa:4a:52:4c:2f:66:
8a:34:d4:72:07:03:66:dd:26:0a:8c:4e:b8:f7:c2:
1d:55:62:04:ec:fc:82:68:2a:8e:cf:eb:f2:ad:45:
6b:49:fd:ff:e6:07:36:20:7e:55:ce:5b:f4:0f:2b:
79:0a:10:d2:d1:aa:99:6e:aa:8d:20:85:5b:bf:cc:
aa:ea:a5:d0:f3:72:bb:9f:94:25:2b:2f:e8:61:71:
f9:79:80:ef:b3:00:e9:ab:fa:88:cd:44:9c:c1:03:
9b:34:14:7c:24:8f:7b:5b:61:f6:94:6a:fd:24:95:
8f:5f:4e:9d:d1:f4:d9:21:22:36:29:7c:9f:e4:1e:
df:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:8C:AB:4B:A2:71:6A:9A:03:E5:5E:E9:70:D9:C8:5E:EE:83:C3:77
X509v3 Authority Key Identifier:
keyid:E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/7oyrS6JxapoD5V7pcNnIXu6Dw3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/6LPu0cespjbWJFhSuALg5zdU32M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.200.0/21
37.148.218.0/23
Signature Algorithm: sha256WithRSAEncryption
00:13:04:ec:d8:86:15:9b:8b:d6:61:4a:05:c7:2f:fa:f9:fd:
bf:ae:28:e7:30:1c:b3:fe:c8:d2:45:d1:3d:c6:f0:ef:19:da:
33:5e:bd:b9:0a:b2:ee:54:78:97:64:4e:cb:66:ec:37:64:e5:
59:bb:46:2c:93:8a:84:4f:e1:9d:69:de:16:c5:84:f6:9b:1f:
71:f8:1c:97:65:e0:59:a4:ca:93:33:68:1d:92:36:7f:67:4d:
fe:cb:da:f4:12:1e:dc:36:ad:35:0d:22:71:b9:89:a1:f1:d2:
57:32:48:f7:74:5f:5a:d5:9d:d5:90:17:c5:b7:72:ac:e0:75:
10:c0:d4:1e:69:9a:f9:34:0d:12:9a:13:df:02:e9:91:08:4a:
98:e2:96:16:5a:35:b9:34:62:7e:22:35:94:df:66:a9:56:8d:
58:1a:48:53:9b:24:ca:a2:1f:52:76:e5:c6:5c:60:6b:7d:c1:
7f:bf:63:b2:d6:6a:62:53:60:08:58:98:5f:ca:f7:37:91:54:
47:a1:f3:49:92:6d:e2:06:e2:38:91:79:3f:8e:ab:57:55:70:
b1:b5:98:16:ce:2e:49:9c:ee:79:64:44:0e:a8:2e:a8:1a:ad:
ce:1f:e7:98:11:b9:15:c0:07:76:55:d3:d1:1e:5c:5b:a7:ad:
2d:88:9d:fc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/bwJ+g9E53oxJikGOUr7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YjNlZWQxYzdhY2E2MzZkNjI0NTg1MmI4MDJlMGU3Mzc1
NGRmNjMwHhcNMjUwMTAyMDc0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZThjYWI0YmEyNzE2YTlhMDNlNTVlZTk3MGQ5Yzg1ZWVlODNjMzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0JBLU/3kclwxziCA7IUFweByxE8
NKG+93Y40Pv+Ak/QOclhYfDHQrKa9Ml3P+uYmC0XBsKVl/nqzPEJ02NgD6Owb2dE
YjPJSPn0AXIYGDWkf2Jr9BXZ3Z+xE8u+Tn8rBFMbj22+ldFfXtOxo/Jtz7NQpSas
XGX8U03oBQbaeRb6SlJML2aKNNRyBwNm3SYKjE6498IdVWIE7PyCaCqOz+vyrUVr
Sf3/5gc2IH5Vzlv0Dyt5ChDS0aqZbqqNIIVbv8yq6qXQ83K7n5QlKy/oYXH5eYDv
swDpq/qIzUScwQObNBR8JI97W2H2lGr9JJWPX06d0fTZISI2KXyf5B7fIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO6Mq0uicWqaA+Ve6XDZyF7ug8N3MB8GA1UdIwQY
MBaAFOiz7tHHrKY21iRYUrgC4Oc3VN9jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkxQdTBjZXNwamJXSkZoU3VBTGc1emRVMzJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8xNzczMjktMjhjZC00ODY0LTllMTYt
OTQ2NDA0ZWMxYWE0LzEvN295clM2SnhhcG9ENVY3cGNObklYdTZEdzNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8xNzczMjktMjhjZC00ODY0LTllMTYtOTQ2NDA0ZWMxYWE0
LzEvNkxQdTBjZXNwamJXSkZoU3VBTGc1emRVMzJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH97IAwQB
JZTaMA0GCSqGSIb3DQEBCwUAA4IBAQAAEwTs2IYVm4vWYUoFxy/6+f2/rijnMByz
/sjSRdE9xvDvGdozXr25CrLuVHiXZE7LZuw3ZOVZu0Ysk4qET+Gdad4WxYT2mx9x
+ByXZeBZpMqTM2gdkjZ/Z03+y9r0Eh7cNq01DSJxuYmh8dJXMkj3dF9a1Z3VkBfF
t3Ks4HUQwNQeaZr5NA0SmhPfAumRCEqY4pYWWjW5NGJ+IjWU32apVo1YGkhTmyTK
oh9SduXGXGBrfcF/v2Oy1mpiU2AIWJhfyvc3kVRHofNJkm3iBuI4kXk/jqtXVXCx
tZgWzi5JnO55ZEQOqC6oGq3OH+eYEbkVwAd2VdPRHlxbp60tiJ38
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:31:09 2025 by rpki-client