Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/72HZDNrczziTDjk1nHpmjr1ZCKI.roa
File: 72HZDNrczziTDjk1nHpmjr1ZCKI.roa (raw, json)
Hash identifier: U1+AVA1Ae4OigU+Tnf44NNM3Rh5g0n0r3a2Ij6WuNik=
Subject key identifier: EF:61:D9:0C:DA:DC:CF:38:93:0E:39:35:9C:7A:66:8E:BD:59:08:A2
Certificate issuer: /CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Certificate serial: 019425FDB63672F998A1404778B7A2998622
Authority key identifier: E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/72HZDNrczziTDjk1nHpmjr1ZCKI.roa
Signing time: Thu 02 Jan 2025 07:49:31 +0000
ROA not before: Thu 02 Jan 2025 07:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50340
IP address blocks: 81.30.105.0/24 maxlen: 24
121.127.37.0/24 maxlen: 24
194.164.245.0/24 maxlen: 24
202.49.176.0/24 maxlen: 24
202.181.148.0/24 maxlen: 24
203.31.40.0/24 maxlen: 24
2a13:d207::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 09 Jan 2025 15:19:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:b6:36:72:f9:98:a1:40:47:78:b7:a2:99:86:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Validity
Not Before: Jan 2 07:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef61d90cdadccf38930e39359c7a668ebd5908a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:25:e8:9a:77:7a:24:2b:b6:78:53:c3:e5:6f:
35:3c:4c:a0:bd:ce:4e:24:bb:54:3e:c9:50:72:e9:
e3:1c:dd:7a:0c:2d:f5:a9:0c:12:f5:d0:c9:04:9c:
26:22:b0:7c:4c:d9:cc:54:61:ee:cc:51:b5:76:ab:
68:f0:00:e4:11:8d:af:cd:0f:e3:bb:61:92:76:e4:
29:a3:6a:08:d8:f9:91:64:95:b2:0d:73:0b:71:8e:
1f:49:f9:09:85:19:d5:c5:a9:d9:b3:18:4f:e3:f0:
47:7f:5a:57:66:8e:6f:ab:a0:42:51:42:0f:41:33:
83:43:c3:12:f0:be:21:67:1e:7c:e7:e3:a0:d7:d2:
de:5c:5b:8a:4f:a5:c0:07:77:a1:e1:45:33:5f:04:
90:75:82:5f:23:8f:ae:af:01:eb:3a:8a:c7:37:01:
b0:bc:94:0a:0d:53:20:6c:7b:e4:b6:7c:c9:29:4b:
b3:e5:01:58:eb:c2:1d:bb:73:ea:58:36:ba:a0:0c:
5a:37:f5:89:e6:fd:5a:7b:eb:55:e0:ab:08:c4:75:
4e:47:ac:bd:5a:83:0d:7b:f4:bd:78:af:51:62:ca:
ea:b4:37:68:6d:3d:c6:e0:f8:a8:2c:65:8e:c7:b1:
4a:0a:5c:39:50:cb:d2:ab:71:e5:c2:70:ab:f8:5d:
e0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:61:D9:0C:DA:DC:CF:38:93:0E:39:35:9C:7A:66:8E:BD:59:08:A2
X509v3 Authority Key Identifier:
keyid:E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/72HZDNrczziTDjk1nHpmjr1ZCKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.30.105.0/24
121.127.37.0/24
194.164.245.0/24
202.49.176.0/24
202.181.148.0/24
203.31.40.0/24
IPv6:
2a13:d207::/32
Signature Algorithm: sha256WithRSAEncryption
1e:d8:6a:84:f4:cc:10:e0:aa:bd:61:27:ec:47:f3:24:02:f8:
a4:b5:08:93:0d:58:a5:b4:2a:d7:25:5f:11:58:5b:79:f6:7a:
19:e4:fe:da:d7:80:4e:df:c8:e2:8a:2d:77:a6:63:3a:6d:94:
ef:34:92:bf:e2:c0:6c:53:a7:e3:da:63:45:a4:45:d7:20:95:
0a:de:e4:da:ac:4a:c5:11:81:cb:d7:b1:86:06:d4:c6:89:02:
8c:ac:34:aa:d2:da:ea:9a:19:da:23:a8:6b:5c:8a:8e:95:65:
bd:bd:ea:41:a9:b2:1a:b8:0f:af:a2:93:de:ea:81:59:b5:ce:
8f:73:0f:de:20:f4:a1:8b:a0:38:4d:73:02:68:8f:b1:a5:ce:
e3:d0:2e:1c:6a:5e:f7:ad:cf:1b:01:09:aa:4e:9c:4c:e2:c3:
1d:19:51:6a:0c:a7:d2:51:d1:25:3c:09:5a:15:30:02:11:06:
76:06:c2:1e:24:51:b8:23:cd:81:f8:89:fd:b3:bc:d5:6d:78:
07:a7:99:0b:a7:31:44:cd:e8:f2:09:36:e8:24:0d:53:ce:ef:
08:93:ec:c3:3e:7c:b7:dc:ce:05:09:23:b5:ab:7a:1a:86:71:
1b:9d:e8:38:c2:63:1e:0a:45:aa:40:d1:f8:71:4c:62:90:b3:
40:43:2e:a0
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQl/bY2cvmYoUBHeLeimYYiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MTZkYzlkYjRlNDlkZTcxYjJmZDA4MTlkYWU4NTNhZWIw
NTNiMDYwHhcNMjUwMTAyMDc0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjYxZDkwY2RhZGNjZjM4OTMwZTM5MzU5YzdhNjY4ZWJkNTkwOGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiXomnd6JCu2eFPD5W81PEygvc5O
JLtUPslQcunjHN16DC31qQwS9dDJBJwmIrB8TNnMVGHuzFG1dqto8ADkEY2vzQ/j
u2GSduQpo2oI2PmRZJWyDXMLcY4fSfkJhRnVxanZsxhP4/BHf1pXZo5vq6BCUUIP
QTODQ8MS8L4hZx585+Og19LeXFuKT6XAB3eh4UUzXwSQdYJfI4+urwHrOorHNwGw
vJQKDVMgbHvktnzJKUuz5QFY68Idu3PqWDa6oAxaN/WJ5v1ae+tV4KsIxHVOR6y9
WoMNe/S9eK9RYsrqtDdobT3G4PioLGWOx7FKClw5UMvSq3HlwnCr+F3giwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFO9h2Qza3M84kw45NZx6Zo69WQiiMB8GA1UdIwQY
MBaAFOkW3J205J3nGy/QgZ2uhTrrBTsGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMt
YmU4NTJmNjQ0MjAxLzEvNzJIWkROcmN6emlURGprMW5IcG1qcjFaQ0tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMtYmU4NTJmNjQ0MjAx
LzEvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAUR5pAwQA
eX8lAwQAwqT1AwQAyjGwAwQAyrWUAwQAyx8oMA0EAgACMAcDBQAqE9IHMA0GCSqG
SIb3DQEBCwUAA4IBAQAe2GqE9MwQ4Kq9YSfsR/MkAviktQiTDViltCrXJV8RWFt5
9noZ5P7a14BO38jiii13pmM6bZTvNJK/4sBsU6fj2mNFpEXXIJUK3uTarErFEYHL
17GGBtTGiQKMrDSq0trqmhnaI6hrXIqOlWW9vepBqbIauA+vopPe6oFZtc6Pcw/e
IPShi6A4TXMCaI+xpc7j0C4cal73rc8bAQmqTpxM4sMdGVFqDKfSUdElPAlaFTAC
EQZ2BsIeJFG4I82B+In9s7zVbXgHp5kLpzFEzejyCTboJA1Tzu8Ik+zDPny33M4F
CSO1q3oahnEbneg4wmMeCkWqQNH4cUxikLNAQy6g
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:00:18 2025 by rpki-client