Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4bBTmZnVkI-jTq8szqt5FjjZ9NM.roa
File: 4bBTmZnVkI-jTq8szqt5FjjZ9NM.roa (raw, json)
Hash identifier: KZ+T0KBSZ9bpBwAOSgVkGk4HImg7m81ffwhmuYcTpI8=
Subject key identifier: E1:B0:53:99:99:D5:90:8F:A3:4E:AF:2C:CE:AB:79:16:38:D9:F4:D3
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 01958E34A633A456E99728456050551705FE
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4bBTmZnVkI-jTq8szqt5FjjZ9NM.roa
Signing time: Thu 13 Mar 2025 06:32:49 +0000
ROA not before: Thu 13 Mar 2025 06:32:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1239
IP address blocks: 31.132.52.0/24 maxlen: 24
45.248.55.0/24 maxlen: 24
162.218.95.0/24 maxlen: 24
185.253.122.0/24 maxlen: 24
192.145.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Mar 2025 13:46:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8e:34:a6:33:a4:56:e9:97:28:45:60:50:55:17:05:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Mar 13 06:32:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1b0539999d5908fa34eaf2cceab791638d9f4d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:03:93:a7:ea:6a:91:9a:f8:a8:bb:e5:df:2c:
63:0d:ad:3d:d8:d4:2a:0e:66:0e:28:b4:20:6f:7f:
ec:f7:f8:0c:5b:1b:db:86:48:a6:9c:17:09:14:e6:
78:42:84:97:a8:81:5e:9d:6c:a5:c4:cf:b4:86:75:
67:60:e4:47:e2:21:87:49:7d:ca:44:b6:da:4e:7f:
e6:92:7b:1d:be:ce:0a:76:70:14:d7:bd:de:30:c9:
3a:65:2a:12:49:76:bc:6c:19:e0:4b:cb:5f:0c:07:
91:b9:c1:3b:14:95:7a:ce:22:87:a6:53:9a:e0:37:
1a:ce:3c:be:dc:e0:b0:d1:3a:d4:b6:c3:c6:06:c9:
d5:ae:47:9f:70:4c:e1:51:43:7f:7c:0a:74:1e:4d:
f6:d8:c6:17:c9:43:8b:3e:0e:62:cd:f5:b4:b6:e4:
0b:df:e6:45:24:0f:5c:63:b9:07:39:8c:44:b8:91:
b3:46:4f:71:7c:11:38:2f:8d:0d:01:c6:2b:e9:10:
d3:d3:8b:ae:68:e1:4f:09:c1:d3:49:3f:5d:1e:a5:
b1:c4:b0:5a:f5:7d:fa:90:fc:b3:74:3b:66:1b:3a:
d4:ef:b0:3b:ae:4d:d5:ab:c8:bd:9f:31:97:5e:dc:
a4:09:54:1a:4b:1d:a9:7e:83:19:d5:67:fd:81:dc:
8a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:B0:53:99:99:D5:90:8F:A3:4E:AF:2C:CE:AB:79:16:38:D9:F4:D3
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4bBTmZnVkI-jTq8szqt5FjjZ9NM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.52.0/24
45.248.55.0/24
162.218.95.0/24
185.253.122.0/24
192.145.71.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:af:8d:47:26:42:66:e9:30:35:88:de:cd:0a:fe:29:fe:3a:
02:3c:9a:39:83:b5:9d:87:09:4f:fb:44:ab:fb:13:c9:6d:42:
12:be:66:cd:76:7a:8b:bd:ed:62:54:fb:57:fd:d0:72:31:39:
c5:b7:87:49:bf:cd:63:fd:d6:67:4b:55:4c:1e:27:3c:1c:0d:
ff:61:bb:05:00:39:e5:35:4f:ae:cf:3a:8b:fc:1b:82:c2:0f:
c9:9f:dc:f4:8f:e1:56:e6:93:ed:db:2d:e9:e5:4c:d2:8b:7f:
bd:cc:57:86:7d:6b:26:14:02:74:33:bf:49:7c:35:9d:b6:71:
47:27:e4:16:f6:f3:f5:61:e0:cd:63:a7:69:39:9d:62:94:d2:
16:09:83:27:a4:5c:38:07:67:4c:b5:8a:dc:45:42:79:f6:40:
07:25:06:1b:25:56:37:b7:a8:01:af:03:c3:97:3f:8d:b3:b4:
99:53:d8:c5:8b:46:b8:f7:23:cf:89:a1:07:4b:48:ef:be:92:
3c:02:21:db:9b:4d:56:e6:6d:de:c9:40:21:5f:19:12:95:60:
67:ed:5a:f2:44:e2:00:ec:28:fb:f2:85:79:b6:4e:25:79:11:
02:d4:8a:73:f0:69:0d:9a:d4:21:06:12:a6:42:2f:3a:64:c9:
e9:1f:3d:15
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZWONKYzpFbplyhFYFBVFwX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwMzEzMDYzMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWIwNTM5OTk5ZDU5MDhmYTM0ZWFmMmNjZWFiNzkxNjM4ZDlmNGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QOTp+pqkZr4qLvl3yxjDa092NQq
DmYOKLQgb3/s9/gMWxvbhkimnBcJFOZ4QoSXqIFenWylxM+0hnVnYORH4iGHSX3K
RLbaTn/mknsdvs4KdnAU173eMMk6ZSoSSXa8bBngS8tfDAeRucE7FJV6ziKHplOa
4Dcazjy+3OCw0TrUtsPGBsnVrkefcEzhUUN/fAp0Hk322MYXyUOLPg5izfW0tuQL
3+ZFJA9cY7kHOYxEuJGzRk9xfBE4L40NAcYr6RDT04uuaOFPCcHTST9dHqWxxLBa
9X36kPyzdDtmGzrU77A7rk3Vq8i9nzGXXtykCVQaSx2pfoMZ1Wf9gdyKeQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOGwU5mZ1ZCPo06vLM6reRY42fTTMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvNGJCVG1ablZrSS1qVHE4c3pxdDVGampaOU5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAH4Q0AwQA
Lfg3AwQAotpfAwQAuf16AwQAwJFHMA0GCSqGSIb3DQEBCwUAA4IBAQBer41HJkJm
6TA1iN7NCv4p/joCPJo5g7WdhwlP+0Sr+xPJbUISvmbNdnqLve1iVPtX/dByMTnF
t4dJv81j/dZnS1VMHic8HA3/YbsFADnlNU+uzzqL/BuCwg/Jn9z0j+FW5pPt2y3p
5UzSi3+9zFeGfWsmFAJ0M79JfDWdtnFHJ+QW9vP1YeDNY6dpOZ1ilNIWCYMnpFw4
B2dMtYrcRUJ59kAHJQYbJVY3t6gBrwPDlz+Ns7SZU9jFi0a49yPPiaEHS0jvvpI8
AiHbm01W5m3eyUAhXxkSlWBn7VryROIA7Cj78oV5tk4leREC1Ipz8GkNmtQhBhKm
Qi86ZMnpHz0V
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:01:31 2025 by rpki-client