Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/lni4i1UH-pJuhdfURlDwd-4Y7Eg.roa
File: lni4i1UH-pJuhdfURlDwd-4Y7Eg.roa (raw, json)
Hash identifier: p2trr7xRzoTV0EkVKJB2Pg85u95YPkM22V2JgjV3slk=
Subject key identifier: 96:78:B8:8B:55:07:FA:92:6E:85:D7:D4:46:50:F0:77:EE:18:EC:48
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01946EF25D6DBF3D7E49FC39E893FC1D853B
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/lni4i1UH-pJuhdfURlDwd-4Y7Eg.roa
Signing time: Thu 16 Jan 2025 11:49:24 +0000
ROA not before: Thu 16 Jan 2025 11:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50129
IP address blocks: 31.44.144.0/20 maxlen: 24
31.222.96.0/19 maxlen: 24
185.30.196.0/22 maxlen: 24
185.209.8.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 13:09:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:f2:5d:6d:bf:3d:7e:49:fc:39:e8:93:fc:1d:85:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 16 11:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9678b88b5507fa926e85d7d44650f077ee18ec48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:80:7c:ec:7d:cb:b5:98:94:3e:99:3e:47:89:
6b:37:0b:f7:02:9a:40:a4:f3:5d:d9:a6:80:7e:94:
a6:2a:37:d2:6f:b5:db:26:19:a4:a8:fb:61:e6:af:
68:e1:4a:fd:fc:70:26:44:3f:d1:cc:20:bc:f5:3c:
c2:04:b0:f0:cb:d5:26:06:2f:f6:c4:ca:ac:29:c9:
f4:97:2b:16:23:8d:4e:1c:77:67:97:62:a2:91:87:
96:44:85:cb:2a:e9:a0:7b:f5:c1:a0:2b:8c:dc:33:
41:af:a0:dd:df:6a:44:5c:a7:65:74:81:e4:79:50:
7d:2d:8d:6f:2a:42:1b:e4:95:24:e7:ee:9c:4d:6a:
7e:db:db:2d:b5:f0:5a:ff:63:d5:ce:dc:80:97:45:
20:02:f0:49:af:7a:79:a0:5f:88:cb:c2:16:30:7a:
56:c1:1c:9d:f8:0b:9c:cd:53:22:dd:0d:1d:58:7e:
99:94:76:21:01:d0:56:e9:0a:19:25:1a:ff:4c:c1:
b3:59:a6:23:73:b7:4a:47:d7:d3:36:09:27:49:f9:
ec:c7:b3:12:f6:ab:ea:55:78:61:af:ca:01:58:15:
2b:30:37:53:6e:21:21:83:1f:4e:09:48:46:90:d5:
b0:85:0c:05:e1:13:ba:fe:ce:46:23:ba:bc:32:83:
1d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:78:B8:8B:55:07:FA:92:6E:85:D7:D4:46:50:F0:77:EE:18:EC:48
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/lni4i1UH-pJuhdfURlDwd-4Y7Eg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.144.0/20
31.222.96.0/19
185.30.196.0/22
185.209.8.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:5b:f0:ef:d9:bf:03:a9:54:d0:67:d5:cb:b0:87:e3:65:ab:
ba:85:ff:a1:36:11:ea:53:d7:04:79:14:9d:20:40:5d:b4:31:
13:23:b7:62:e7:ca:04:a0:e9:4f:df:f4:ca:52:03:92:e7:6d:
62:54:77:6e:11:23:30:42:bf:b4:25:dc:48:c8:f9:da:a9:74:
f4:88:57:3e:6a:cf:e0:b4:8d:50:40:1e:47:0c:72:ed:03:bb:
8e:2a:9b:e2:37:c9:49:2a:e9:0d:1e:6c:bf:34:85:98:25:71:
46:89:eb:d1:17:51:81:a2:67:1f:9c:c0:ba:dc:33:bf:4b:7f:
70:cb:4b:dc:d9:9c:fc:ac:ba:bb:c8:65:17:23:12:52:62:1e:
40:83:41:70:06:35:9a:17:3b:ed:05:c2:64:c5:dd:d8:29:f7:
a8:44:87:02:77:4f:e4:ef:48:75:9d:51:8a:8d:65:bb:8a:5b:
cd:be:be:98:b5:ab:d7:91:04:d0:72:d4:84:6e:1d:14:eb:86:
49:92:e3:ad:75:58:82:35:27:a2:af:33:56:27:bc:25:85:c7:
1a:82:1e:f8:bb:a2:76:3e:03:a8:ef:e6:3b:69:96:5f:ef:c7:
69:7e:2c:4b:4d:99:10:39:e2:ab:54:44:42:1e:86:c5:5a:5b:
96:d0:66:9c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZRu8l1tvz1+Sfw56JP8HYU7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjUwMTE2MTE0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njc4Yjg4YjU1MDdmYTkyNmU4NWQ3ZDQ0NjUwZjA3N2VlMThlYzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoB87H3LtZiUPpk+R4lrNwv3AppA
pPNd2aaAfpSmKjfSb7XbJhmkqPth5q9o4Ur9/HAmRD/RzCC89TzCBLDwy9UmBi/2
xMqsKcn0lysWI41OHHdnl2KikYeWRIXLKumge/XBoCuM3DNBr6Dd32pEXKdldIHk
eVB9LY1vKkIb5JUk5+6cTWp+29sttfBa/2PVztyAl0UgAvBJr3p5oF+Iy8IWMHpW
wRyd+AuczVMi3Q0dWH6ZlHYhAdBW6QoZJRr/TMGzWaYjc7dKR9fTNgknSfnsx7MS
9qvqVXhhr8oBWBUrMDdTbiEhgx9OCUhGkNWwhQwF4RO6/s5GI7q8MoMdjQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJZ4uItVB/qSboXX1EZQ8HfuGOxIMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvbG5pNGkxVUgtcEp1aGRmVVJsRHdkLTRZN0VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEHyyQAwQF
H95gAwQCuR7EAwQCudEIMA0GCSqGSIb3DQEBCwUAA4IBAQCnW/Dv2b8DqVTQZ9XL
sIfjZau6hf+hNhHqU9cEeRSdIEBdtDETI7di58oEoOlP3/TKUgOS521iVHduESMw
Qr+0JdxIyPnaqXT0iFc+as/gtI1QQB5HDHLtA7uOKpviN8lJKukNHmy/NIWYJXFG
ievRF1GBomcfnMC63DO/S39wy0vc2Zz8rLq7yGUXIxJSYh5Ag0FwBjWaFzvtBcJk
xd3YKfeoRIcCd0/k70h1nVGKjWW7ilvNvr6YtavXkQTQctSEbh0U64ZJkuOtdViC
NSeirzNWJ7wlhccagh74u6J2PgOo7+Y7aZZf78dpfixLTZkQOeKrVERCHobFWluW
0Gac
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:31:05 2025 by rpki-client