Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/b-B7y1Nd1HVvZkmn-kM4P3d8FaE.roa
File: b-B7y1Nd1HVvZkmn-kM4P3d8FaE.roa (raw, json)
Hash identifier: AHR8mewkf4xod42msa+0GjmXSgqvWtSfc06AC+CNV+8=
Subject key identifier: 6F:E0:7B:CB:53:5D:D4:75:6F:66:49:A7:FA:43:38:3F:77:7C:15:A1
Certificate issuer: /CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Certificate serial: 019472B18EC6C2F954CB43621E9594AC2958
Authority key identifier: 41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/b-B7y1Nd1HVvZkmn-kM4P3d8FaE.roa
Signing time: Fri 17 Jan 2025 05:17:06 +0000
ROA not before: Fri 17 Jan 2025 05:17:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9002
IP address blocks: 31.128.32.0/22 maxlen: 24
45.130.212.0/22 maxlen: 24
77.73.233.0/24 maxlen: 24
77.73.235.0/24 maxlen: 24
77.73.238.0/24 maxlen: 24
83.222.20.0/23 maxlen: 24
90.156.254.0/23 maxlen: 24
91.218.142.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Feb 2025 10:46:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:72:b1:8e:c6:c2:f9:54:cb:43:62:1e:95:94:ac:29:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Validity
Not Before: Jan 17 05:17:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fe07bcb535dd4756f6649a7fa43383f777c15a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a0:ba:60:2b:43:14:cc:9e:9a:12:a7:a6:ff:
d3:73:c4:fc:f6:50:25:3c:10:0f:6b:b6:9b:ba:9e:
dd:0a:6a:32:6f:94:81:db:18:0d:35:55:38:33:2f:
d1:64:66:b1:94:8b:81:50:ca:0d:a2:b4:f0:13:e7:
a6:dd:11:15:2d:a9:c9:43:e7:8c:d0:98:a6:19:04:
c1:4c:37:6e:ca:4e:0f:a2:d7:44:73:0c:f1:75:19:
2d:c8:be:07:f2:13:d5:04:ba:96:64:9d:58:ce:93:
cc:ea:be:9c:be:2d:4d:d8:02:31:02:b1:83:3b:8a:
4d:c5:1f:2c:c4:95:5c:09:ae:43:2b:88:51:f3:73:
49:85:85:84:a8:21:6f:8c:2e:0b:1f:61:f2:e7:ca:
9b:b6:53:87:86:d7:35:0b:1c:10:7a:d6:84:e3:8b:
35:48:7d:2a:fd:87:ce:38:da:75:ca:d3:ab:81:73:
07:9b:99:de:e5:a0:8e:1c:28:dd:f0:a4:c0:4e:68:
6f:64:2a:74:02:5d:2c:09:d1:6e:0c:c6:9a:f2:ba:
bb:e0:15:c1:fd:ae:2b:2e:9c:b0:a7:19:30:db:c6:
81:15:fe:42:c5:87:a5:16:50:42:74:b5:0a:31:bf:
07:28:c0:72:42:b3:b3:57:66:65:c7:4c:18:bb:66:
49:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:E0:7B:CB:53:5D:D4:75:6F:66:49:A7:FA:43:38:3F:77:7C:15:A1
X509v3 Authority Key Identifier:
keyid:41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/b-B7y1Nd1HVvZkmn-kM4P3d8FaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.32.0/22
45.130.212.0/22
77.73.233.0/24
77.73.235.0/24
77.73.238.0/24
83.222.20.0/23
90.156.254.0/23
91.218.142.0/23
Signature Algorithm: sha256WithRSAEncryption
97:1e:09:f5:71:43:79:78:ed:33:e0:16:0d:8f:0c:36:e8:3f:
86:ed:ce:fc:ac:5c:88:37:73:82:91:c1:f5:5d:59:dd:71:f7:
6f:85:8b:db:ca:3c:16:35:08:6a:59:c2:a8:66:ff:f3:d0:60:
8d:64:13:24:a1:b9:3a:86:af:17:e3:8d:0b:ae:fd:1e:f9:b5:
4b:46:80:c4:92:63:80:c9:8e:31:47:fe:0f:e3:fa:4d:7c:6f:
b2:ab:4a:85:53:a3:2b:4b:f9:22:50:ab:7f:7b:39:ba:71:1e:
e2:ab:73:f2:c6:c1:c0:35:b1:a2:31:84:fe:a5:1e:6a:3e:4e:
ad:08:f2:cd:94:4f:2a:77:1b:9e:2b:df:15:c2:e6:53:5c:e7:
25:15:2e:d1:ed:17:ea:96:71:d4:a1:d0:3d:bf:16:d7:2f:b0:
f2:88:a1:9c:d0:f5:1f:f1:85:d2:d9:24:91:f2:42:b2:f0:09:
98:6a:7d:9e:f9:e3:8f:f0:b6:42:67:c6:d6:b4:cd:94:a4:41:
e4:64:35:ba:56:1a:ef:a6:3c:78:f2:85:a1:35:48:b8:12:6c:
3c:23:2b:65:7e:b6:6c:4b:88:73:40:c5:23:28:c4:e1:ef:66:
4d:0e:77:60:c2:e8:b3:cc:f1:4d:a7:fa:85:69:dc:82:5b:dd:
aa:65:5a:2a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZRysY7GwvlUy0NiHpWUrClYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzNlZWI4ZDAyZjVmNjQ3ODhiM2ZkYzc4ZDZiYWI4YTU1
ZmQxNmEwHhcNMjUwMTE3MDUxNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmUwN2JjYjUzNWRkNDc1NmY2NjQ5YTdmYTQzMzgzZjc3N2MxNWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKC6YCtDFMyemhKnpv/Tc8T89lAl
PBAPa7abup7dCmoyb5SB2xgNNVU4My/RZGaxlIuBUMoNorTwE+em3REVLanJQ+eM
0JimGQTBTDduyk4PotdEcwzxdRktyL4H8hPVBLqWZJ1YzpPM6r6cvi1N2AIxArGD
O4pNxR8sxJVcCa5DK4hR83NJhYWEqCFvjC4LH2Hy58qbtlOHhtc1CxwQetaE44s1
SH0q/YfOONp1ytOrgXMHm5ne5aCOHCjd8KTATmhvZCp0Al0sCdFuDMaa8rq74BXB
/a4rLpywpxkw28aBFf5CxYelFlBCdLUKMb8HKMByQrOzV2Zlx0wYu2ZJJQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFG/ge8tTXdR1b2ZJp/pDOD93fBWhMB8GA1UdIwQY
MBaAFEFz7rjQL19keIs/3HjWurilX9FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmIt
ZDgzZWQxNDBkMjhkLzEvYi1CN3kxTmQxSFZ2Wmttbi1rTTRQM2Q4RmFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmItZDgzZWQxNDBkMjhk
LzEvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCH4AgAwQC
LYLUAwQATUnpAwQATUnrAwQATUnuAwQBU94UAwQBWpz+AwQBW9qOMA0GCSqGSIb3
DQEBCwUAA4IBAQCXHgn1cUN5eO0z4BYNjww26D+G7c78rFyIN3OCkcH1XVndcfdv
hYvbyjwWNQhqWcKoZv/z0GCNZBMkobk6hq8X440Lrv0e+bVLRoDEkmOAyY4xR/4P
4/pNfG+yq0qFU6MrS/kiUKt/ezm6cR7iq3PyxsHANbGiMYT+pR5qPk6tCPLNlE8q
dxueK98VwuZTXOclFS7R7RfqlnHUodA9vxbXL7DyiKGc0PUf8YXS2SSR8kKy8AmY
an2e+eOP8LZCZ8bWtM2UpEHkZDW6Vhrvpjx48oWhNUi4Emw8IytlfrZsS4hzQMUj
KMTh72ZNDndgwuizzPFNp/qFadyCW92qZVoq
-----END CERTIFICATE-----
Generated at Wed Apr 16 19:36:08 2025 by rpki-client