Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/Fn37ZwIgjUBr-7B3JUmhIc_P9X4.roa
File: Fn37ZwIgjUBr-7B3JUmhIc_P9X4.roa (raw, json)
Hash identifier: tSK00vh0P7Rqyw4hKKfUiWX5J5zq3UIfEVUF4u7MIOc=
Subject key identifier: 16:7D:FB:67:02:20:8D:40:6B:FB:B0:77:25:49:A1:21:CF:CF:F5:7E
Certificate issuer: /CN=4b98127943e7175734964010c89ef821416a31b3
Certificate serial: 0194D05D7CC1DF94C34256660C55D1C6CE4D
Authority key identifier: 4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/Fn37ZwIgjUBr-7B3JUmhIc_P9X4.roa
Signing time: Tue 04 Feb 2025 09:49:35 +0000
ROA not before: Tue 04 Feb 2025 09:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 31.104.0.0/16 maxlen: 16
31.120.0.0/16 maxlen: 16
31.126.0.0/15 maxlen: 15
109.180.0.0/15 maxlen: 15
Validation: Failed, certificate revoked on Thu 06 Feb 2025 10:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d0:5d:7c:c1:df:94:c3:42:56:66:0c:55:d1:c6:ce:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b98127943e7175734964010c89ef821416a31b3
Validity
Not Before: Feb 4 09:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=167dfb6702208d406bfbb0772549a121cfcff57e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:03:52:46:ef:7f:d4:fc:f5:18:4a:a8:5f:c9:
5a:d5:bc:f4:0b:79:c1:9c:59:9e:b2:31:c9:aa:64:
cc:20:5b:06:39:ec:dc:94:fa:77:97:81:f2:00:bd:
82:e8:ea:c2:64:f6:fe:ef:00:59:97:70:ee:90:7b:
5d:47:41:11:73:34:0b:bb:7f:a5:5c:90:6f:b6:3a:
89:f9:f2:dc:dd:61:f0:02:0f:d2:78:ca:88:8f:29:
08:96:97:ce:6b:d4:e0:32:a4:98:fb:88:60:63:2e:
8b:c9:53:1e:c6:b3:35:22:00:2d:ce:87:78:83:f8:
aa:62:69:13:62:f6:54:bd:04:2f:17:1b:55:24:8c:
af:70:bf:f9:cb:e6:69:04:eb:cd:87:79:cd:98:7c:
8b:38:3e:ba:71:5e:11:9b:81:96:5c:85:6f:c5:09:
36:d0:49:46:33:ac:46:2a:85:89:7a:97:dc:42:6a:
1a:69:8c:ee:8f:a7:05:ae:35:e6:64:ad:34:00:2a:
5a:ab:3e:eb:69:b1:40:0c:2d:58:75:ff:b3:97:a1:
53:84:95:c3:f9:69:0c:38:cc:2b:2e:05:68:ec:ef:
e4:59:53:37:0c:98:e4:11:d9:69:8a:d4:82:48:92:
17:7b:70:fd:23:96:e6:ec:94:6c:32:a0:b9:6d:c6:
67:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:7D:FB:67:02:20:8D:40:6B:FB:B0:77:25:49:A1:21:CF:CF:F5:7E
X509v3 Authority Key Identifier:
keyid:4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/Fn37ZwIgjUBr-7B3JUmhIc_P9X4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.104.0.0/16
31.120.0.0/16
31.126.0.0/15
109.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
51:3a:3c:09:50:89:fc:bf:a2:b9:dc:a9:63:0f:e1:64:f2:e7:
69:c0:df:ed:5b:d1:d4:63:bb:d7:7f:f8:07:20:ff:97:71:d0:
6e:29:26:95:82:d6:3d:13:3c:1d:6d:eb:df:dc:e5:4d:4d:c3:
3b:14:3b:06:88:3a:67:87:d1:6b:58:41:14:74:b1:62:8b:11:
be:97:72:43:0d:c7:13:08:25:e2:36:fc:eb:7b:a8:3d:f8:a4:
9f:81:d6:82:1b:73:af:96:b8:86:be:7a:b3:96:43:b4:68:f8:
b9:8a:ae:8f:ec:19:0f:65:6a:b1:5e:b2:cc:5d:d1:95:8a:11:
43:33:11:f2:72:5d:4f:9d:ac:a2:c3:4e:a7:79:dc:ec:5f:84:
f4:e9:6c:6f:c9:bf:8f:65:ff:25:95:8d:47:b0:d6:f6:d7:ef:
df:d6:40:ef:36:29:37:70:06:ef:27:24:44:be:b9:ca:3e:1b:
4b:0d:f4:66:f3:5d:a6:14:ec:ee:62:65:99:f7:c0:32:be:bd:
84:d1:22:eb:e1:22:e9:5a:2b:3d:f9:41:e4:72:d1:34:f2:be:
cb:03:8f:5f:f7:fb:ec:08:7e:24:1a:06:b4:2c:9c:bc:be:92:
20:7e:41:ad:c9:5a:e8:48:ec:db:75:89:9f:a4:49:37:00:3c:
7a:fc:f9:92
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZTQXXzB35TDQlZmDFXRxs5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTgxMjc5NDNlNzE3NTczNDk2NDAxMGM4OWVmODIxNDE2
YTMxYjMwHhcNMjUwMjA0MDk0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjdkZmI2NzAyMjA4ZDQwNmJmYmIwNzcyNTQ5YTEyMWNmY2ZmNTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+wNSRu9/1Pz1GEqoX8la1bz0C3nB
nFmesjHJqmTMIFsGOezclPp3l4HyAL2C6OrCZPb+7wBZl3DukHtdR0ERczQLu3+l
XJBvtjqJ+fLc3WHwAg/SeMqIjykIlpfOa9TgMqSY+4hgYy6LyVMexrM1IgAtzod4
g/iqYmkTYvZUvQQvFxtVJIyvcL/5y+ZpBOvNh3nNmHyLOD66cV4Rm4GWXIVvxQk2
0ElGM6xGKoWJepfcQmoaaYzuj6cFrjXmZK00ACpaqz7rabFADC1Ydf+zl6FThJXD
+WkMOMwrLgVo7O/kWVM3DJjkEdlpitSCSJIXe3D9I5bm7JRsMqC5bcZnbwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBZ9+2cCII1Aa/uwdyVJoSHPz/V+MB8GA1UdIwQY
MBaAFEuYEnlD5xdXNJZAEMie+CFBajGzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2Njgt
NjIxNzkyZjdlNTZhLzEvRm4zN1p3SWdqVUJyLTdCM0pVbWhJY19QOVg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2NjgtNjIxNzkyZjdlNTZh
LzEvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwMAH2gDAwAf
eAMDAR9+AwMBbbQwDQYJKoZIhvcNAQELBQADggEBAFE6PAlQify/orncqWMP4WTy
52nA3+1b0dRju9d/+Acg/5dx0G4pJpWC1j0TPB1t69/c5U1NwzsUOwaIOmeH0WtY
QRR0sWKLEb6XckMNxxMIJeI2/Ot7qD34pJ+B1oIbc6+WuIa+erOWQ7Ro+LmKro/s
GQ9larFessxd0ZWKEUMzEfJyXU+drKLDTqd53OxfhPTpbG/Jv49l/yWVjUew1vbX
79/WQO82KTdwBu8nJES+uco+G0sN9GbzXaYU7O5iZZn3wDK+vYTRIuvhIulaKz35
QeRy0TTyvssDj1/3++wIfiQaBrQsnLy+kiB+Qa3JWuhI7Nt1iZ+kSTcAPHr8+ZI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:07:41 2025 by rpki-client