Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/9d3f15-47d0-4069-b596-51a0f6bde4f6/1/6pEprIaYNvv46u_4lsggE1PJ9XM.roa
File: 6pEprIaYNvv46u_4lsggE1PJ9XM.roa (raw, json)
Hash identifier: SI7Z/iTK8PMsWDHsiZI6tUWa66D7oLLWiym2uW8IJXQ=
Subject key identifier: EA:91:29:AC:86:98:36:FB:F8:EA:EF:F8:96:C8:20:13:53:C9:F5:73
Certificate issuer: /CN=515585aca423697c62236e2b5f91b41e4be7ae58
Certificate serial: 018CC9BC1B5F97E56A02654479AF1CC83350
Authority key identifier: 51:55:85:AC:A4:23:69:7C:62:23:6E:2B:5F:91:B4:1E:4B:E7:AE:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UVWFrKQjaXxiI24rX5G0Hkvnrlg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/9d3f15-47d0-4069-b596-51a0f6bde4f6/1/6pEprIaYNvv46u_4lsggE1PJ9XM.roa
Signing time: Tue 02 Jan 2024 10:33:17 +0000
ROA not before: Tue 02 Jan 2024 10:33:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56546
IP address blocks: 31.41.20.0/22 maxlen: 22
31.41.21.0/24 maxlen: 24
31.41.22.0/24 maxlen: 24
31.41.23.0/24 maxlen: 24
31.41.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:1b:5f:97:e5:6a:02:65:44:79:af:1c:c8:33:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=515585aca423697c62236e2b5f91b41e4be7ae58
Validity
Not Before: Jan 2 10:33:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea9129ac869836fbf8eaeff896c8201353c9f573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4e:21:45:2e:11:42:80:fd:64:02:fe:cf:4d:
fb:b2:80:3d:84:7e:d0:12:a5:b4:8c:e6:92:33:05:
dc:4e:e7:1a:e5:1e:5c:65:e8:76:0e:e1:01:52:9e:
0f:f7:22:21:e0:6c:a3:db:2b:df:98:30:51:54:9b:
42:3f:5b:43:07:c7:5e:28:6c:d2:39:d7:0f:d1:1d:
eb:37:03:57:b3:04:60:cd:2d:ab:ba:f2:2b:c3:8a:
58:da:3c:9b:da:5f:b1:85:be:87:70:49:33:28:6f:
18:ba:57:62:65:1d:a2:da:25:79:f3:57:66:a0:60:
a7:8c:77:fd:38:d3:36:d2:02:a4:ad:21:77:10:b5:
5d:d0:c2:2d:59:3c:3b:b0:00:46:91:59:91:69:70:
23:e0:c3:35:f3:49:c1:1e:28:4b:45:50:20:b9:b3:
ad:88:b3:04:cf:a8:43:06:10:04:06:ce:7a:89:0f:
2c:f3:55:9d:19:c7:cf:e2:84:6c:10:ec:4e:0a:8d:
05:be:64:14:14:2c:73:d7:93:57:67:fc:2b:97:94:
28:0f:5d:03:2d:e9:89:09:00:d1:61:c4:00:9b:ee:
90:20:7c:0e:1c:3d:64:5a:79:20:0b:b9:f0:99:57:
f4:dd:3f:5d:2a:93:49:8e:85:f5:2a:8e:8d:3f:c7:
c1:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:91:29:AC:86:98:36:FB:F8:EA:EF:F8:96:C8:20:13:53:C9:F5:73
X509v3 Authority Key Identifier:
keyid:51:55:85:AC:A4:23:69:7C:62:23:6E:2B:5F:91:B4:1E:4B:E7:AE:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UVWFrKQjaXxiI24rX5G0Hkvnrlg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/9d3f15-47d0-4069-b596-51a0f6bde4f6/1/6pEprIaYNvv46u_4lsggE1PJ9XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/9d3f15-47d0-4069-b596-51a0f6bde4f6/1/UVWFrKQjaXxiI24rX5G0Hkvnrlg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.20.0/22
Signature Algorithm: sha256WithRSAEncryption
82:b9:55:80:36:20:37:e0:9b:50:1b:9e:8c:9c:87:2b:78:c1:
9b:98:a5:32:d0:1a:24:dc:bb:f8:92:51:a9:47:6f:9e:2a:fd:
7a:ee:18:39:32:90:d6:43:05:9f:f4:16:82:30:d8:d8:62:30:
ef:04:f3:a3:a8:6a:89:0f:63:9d:3b:b9:a3:77:57:69:f9:de:
c0:0f:d7:22:c4:48:58:63:10:44:2b:49:27:cb:ea:f3:ce:06:
45:c1:66:27:dc:a0:28:fa:47:16:c9:8b:65:30:e0:3c:bb:d2:
f2:34:4a:81:f9:62:b6:c4:1d:d8:68:ac:21:4f:32:d3:30:06:
4b:c3:44:42:1f:21:76:d4:3c:e5:fe:03:4e:c2:1f:ff:8f:1f:
6f:9b:92:cc:08:96:9a:65:2f:bf:bc:24:53:8e:19:2a:d7:a1:
30:7c:2f:2f:c3:c7:21:ba:b2:49:78:f9:62:e1:ad:01:af:24:
0c:ba:30:1e:41:e1:0c:f0:30:8c:a5:36:98:e3:c2:87:1b:cc:
a9:dd:40:e7:6a:96:70:fc:5c:83:96:6e:7b:48:09:f6:f7:d9:
c6:2d:f5:ee:ca:44:3d:e8:25:74:e8:d0:c6:75:82:51:b7:5a:
f1:60:a2:15:e9:00:f6:c2:86:f3:73:6e:2e:d9:d5:e3:c5:37:
08:34:ef:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvBtfl+VqAmVEea8cyDNQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNTU4NWFjYTQyMzY5N2M2MjIzNmUyYjVmOTFiNDFlNGJl
N2FlNTgwHhcNMjQwMTAyMTAzMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTkxMjlhYzg2OTgzNmZiZjhlYWVmZjg5NmM4MjAxMzUzYzlmNTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlk4hRS4RQoD9ZAL+z037soA9hH7Q
EqW0jOaSMwXcTuca5R5cZeh2DuEBUp4P9yIh4Gyj2yvfmDBRVJtCP1tDB8deKGzS
OdcP0R3rNwNXswRgzS2ruvIrw4pY2jyb2l+xhb6HcEkzKG8YuldiZR2i2iV581dm
oGCnjHf9ONM20gKkrSF3ELVd0MItWTw7sABGkVmRaXAj4MM180nBHihLRVAgubOt
iLMEz6hDBhAEBs56iQ8s81WdGcfP4oRsEOxOCo0FvmQUFCxz15NXZ/wrl5QoD10D
LemJCQDRYcQAm+6QIHwOHD1kWnkgC7nwmVf03T9dKpNJjoX1Ko6NP8fBOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOqRKayGmDb7+Orv+JbIIBNTyfVzMB8GA1UdIwQY
MBaAFFFVhaykI2l8YiNuK1+RtB5L565YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVZXRnJLUWphWHhpSTI0clg1RzBIa3ZucmxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS85ZDNmMTUtNDdkMC00MDY5LWI1OTYt
NTFhMGY2YmRlNGY2LzEvNnBFcHJJYVlOdnY0NnVfNGxzZ2dFMVBKOVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS85ZDNmMTUtNDdkMC00MDY5LWI1OTYtNTFhMGY2YmRlNGY2
LzEvVVZXRnJLUWphWHhpSTI0clg1RzBIa3ZucmxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCHykUMA0G
CSqGSIb3DQEBCwUAA4IBAQCCuVWANiA34JtQG56MnIcreMGbmKUy0Bok3Lv4klGp
R2+eKv167hg5MpDWQwWf9BaCMNjYYjDvBPOjqGqJD2OdO7mjd1dp+d7AD9cixEhY
YxBEK0kny+rzzgZFwWYn3KAo+kcWyYtlMOA8u9LyNEqB+WK2xB3YaKwhTzLTMAZL
w0RCHyF21Dzl/gNOwh//jx9vm5LMCJaaZS+/vCRTjhkq16EwfC8vw8churJJePli
4a0BryQMujAeQeEM8DCMpTaY48KHG8yp3UDnapZw/FyDlm57SAn299nGLfXuykQ9
6CV06NDGdYJRt1rxYKIV6QD2wobzc24u2dXjxTcINO/J
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:05:45 2025 by rpki-client