Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/nGciZloODCWfJFmhvRDvNFD4YCY.roa
File: nGciZloODCWfJFmhvRDvNFD4YCY.roa (raw, json)
Hash identifier: zoYs6xwyQMpupMdHOc3vuoXXFAbywqTjVSIUsAEnjvU=
Subject key identifier: 9C:67:22:66:5A:0E:0C:25:9F:24:59:A1:BD:10:EF:34:50:F8:60:26
Certificate issuer: /CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Certificate serial: 019443B6771FC3273138D2BA7A117BEB11A4
Authority key identifier: E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/nGciZloODCWfJFmhvRDvNFD4YCY.roa
Signing time: Wed 08 Jan 2025 02:20:18 +0000
ROA not before: Wed 08 Jan 2025 02:20:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.222.204.0/22 maxlen: 24
37.148.218.0/23 maxlen: 24
185.11.142.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 15:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:43:b6:77:1f:c3:27:31:38:d2:ba:7a:11:7b:eb:11:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Validity
Not Before: Jan 8 02:20:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c6722665a0e0c259f2459a1bd10ef3450f86026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:89:71:7e:ad:63:78:f8:7d:40:2e:ac:ba:97:
6b:3e:cd:da:b8:b2:d0:87:4c:b7:84:0f:fc:01:96:
0b:6e:6a:5d:2f:e4:0f:ad:46:51:6c:09:f9:95:81:
e1:81:2f:f7:ae:5e:bc:f0:fc:79:a5:02:2f:20:c1:
86:87:6b:0d:76:81:10:b4:d3:02:57:75:c1:c2:e5:
42:54:96:1a:69:d1:e1:ee:f5:0c:a5:a7:77:c1:ca:
f8:4c:fc:41:24:e7:37:54:f4:5a:8a:3a:5a:b7:d4:
81:a4:39:1c:2c:b4:e9:36:68:1a:66:bf:37:16:b0:
cf:2e:de:7e:0a:c9:82:c0:0c:2c:cb:c0:51:aa:ab:
b4:81:05:12:97:54:58:fe:08:2f:24:f1:dd:98:2f:
84:2e:37:66:00:b5:4a:4d:84:0f:79:19:8e:f1:95:
78:73:3b:c0:65:d7:70:6a:47:b4:24:a7:da:63:32:
4f:3d:63:17:ce:90:bd:b2:61:c4:5f:cb:26:52:93:
ec:d6:c7:c1:b3:7a:6f:ca:bc:e7:c4:77:77:25:5c:
5a:a6:36:8b:df:bf:89:f3:85:0d:3f:84:08:45:5d:
ce:95:cd:89:9a:ba:bb:f5:cc:c0:bb:13:ca:a7:6e:
e4:c5:32:d0:cc:03:06:ce:d7:de:d4:c3:f9:c9:04:
d4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:67:22:66:5A:0E:0C:25:9F:24:59:A1:BD:10:EF:34:50:F8:60:26
X509v3 Authority Key Identifier:
keyid:E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/nGciZloODCWfJFmhvRDvNFD4YCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/6LPu0cespjbWJFhSuALg5zdU32M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.204.0/22
37.148.218.0/23
185.11.142.0/23
Signature Algorithm: sha256WithRSAEncryption
95:53:8a:62:b4:97:80:46:84:07:de:48:07:78:e1:a0:06:1b:
39:52:9b:07:b0:48:98:3c:39:21:7b:99:cd:82:76:97:6c:c5:
16:a2:3a:24:b3:25:ca:0c:da:16:0f:b5:db:89:25:51:a3:4d:
23:01:45:d6:ca:1e:50:2d:52:02:b4:bf:38:48:52:49:a3:e2:
37:9a:22:d7:75:45:45:f1:80:40:0a:66:e2:93:97:9b:17:dd:
de:b8:d7:d9:b2:bf:e3:ce:10:17:0a:a1:25:e9:d8:26:07:3d:
37:0d:fa:49:63:11:5d:19:16:9e:44:85:1c:40:ec:ca:4d:b4:
1f:a1:a4:8e:fa:54:c3:f1:ba:87:6f:f7:50:64:37:ed:5f:76:
8d:4f:aa:21:85:97:f9:46:ce:e7:7f:1a:5e:09:4f:10:f1:ab:
62:d3:55:65:9d:c3:3f:71:7a:34:fa:73:3c:d4:b2:e3:52:c0:
8d:9b:a2:02:58:c9:f1:14:92:04:a3:e6:5e:7b:12:e7:35:48:
ca:17:06:b2:16:9e:d5:ce:35:7c:00:bd:8a:b5:b0:25:58:a1:
68:76:a0:18:fb:bc:51:2f:07:bb:91:87:3a:13:ed:3e:c0:7a:
11:4d:21:41:25:43:67:80:6a:28:27:4c:34:1f:b0:fe:99:0d:
05:99:a3:38
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRDtncfwycxONK6ehF76xGkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YjNlZWQxYzdhY2E2MzZkNjI0NTg1MmI4MDJlMGU3Mzc1
NGRmNjMwHhcNMjUwMTA4MDIyMDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzY3MjI2NjVhMGUwYzI1OWYyNDU5YTFiZDEwZWYzNDUwZjg2MDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYlxfq1jePh9QC6supdrPs3auLLQ
h0y3hA/8AZYLbmpdL+QPrUZRbAn5lYHhgS/3rl688Px5pQIvIMGGh2sNdoEQtNMC
V3XBwuVCVJYaadHh7vUMpad3wcr4TPxBJOc3VPRaijpat9SBpDkcLLTpNmgaZr83
FrDPLt5+CsmCwAwsy8BRqqu0gQUSl1RY/ggvJPHdmC+ELjdmALVKTYQPeRmO8ZV4
czvAZddwake0JKfaYzJPPWMXzpC9smHEX8smUpPs1sfBs3pvyrznxHd3JVxapjaL
37+J84UNP4QIRV3Olc2Jmrq79czAuxPKp27kxTLQzAMGztfe1MP5yQTUmwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJxnImZaDgwlnyRZob0Q7zRQ+GAmMB8GA1UdIwQY
MBaAFOiz7tHHrKY21iRYUrgC4Oc3VN9jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkxQdTBjZXNwamJXSkZoU3VBTGc1emRVMzJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8xNzczMjktMjhjZC00ODY0LTllMTYt
OTQ2NDA0ZWMxYWE0LzEvbkdjaVpsb09EQ1dmSkZtaHZSRHZORkQ0WUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8xNzczMjktMjhjZC00ODY0LTllMTYtOTQ2NDA0ZWMxYWE0
LzEvNkxQdTBjZXNwamJXSkZoU3VBTGc1emRVMzJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCH97MAwQB
JZTaAwQBuQuOMA0GCSqGSIb3DQEBCwUAA4IBAQCVU4pitJeARoQH3kgHeOGgBhs5
UpsHsEiYPDkhe5nNgnaXbMUWojoksyXKDNoWD7XbiSVRo00jAUXWyh5QLVICtL84
SFJJo+I3miLXdUVF8YBACmbik5ebF93euNfZsr/jzhAXCqEl6dgmBz03DfpJYxFd
GRaeRIUcQOzKTbQfoaSO+lTD8bqHb/dQZDftX3aNT6ohhZf5Rs7nfxpeCU8Q8ati
01VlncM/cXo0+nM81LLjUsCNm6ICWMnxFJIEo+ZeexLnNUjKFwayFp7VzjV8AL2K
tbAlWKFodqAY+7xRLwe7kYc6E+0+wHoRTSFBJUNngGooJ0w0H7D+mQ0FmaM4
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:50:27 2025 by rpki-client