Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/fc87fa-cbfa-4f3c-88d3-ba922bb1ebb4/1/KEmfUhNFbDoTkkH-TB3zR7QHnDc.roa
File: KEmfUhNFbDoTkkH-TB3zR7QHnDc.roa (raw, json)
Hash identifier: xN19SFWoRppYZz9iZdAqZMmDUhPfvg+SMEX7pM4bZTE=
Subject key identifier: 28:49:9F:52:13:45:6C:3A:13:92:41:FE:4C:1D:F3:47:B4:07:9C:37
Certificate issuer: /CN=8ef66691ad3a41652f5bd8596230b3ac743d2a2c
Certificate serial: 019717A762DB0AB00CB51FEF991F6B18D5E8
Authority key identifier: 8E:F6:66:91:AD:3A:41:65:2F:5B:D8:59:62:30:B3:AC:74:3D:2A:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jvZmka06QWUvW9hZYjCzrHQ9Kiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/fc87fa-cbfa-4f3c-88d3-ba922bb1ebb4/1/KEmfUhNFbDoTkkH-TB3zR7QHnDc.roa
Signing time: Wed 28 May 2025 16:08:54 +0000
ROA not before: Wed 28 May 2025 16:08:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 31.128.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 31 May 2025 01:20:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:17:a7:62:db:0a:b0:0c:b5:1f:ef:99:1f:6b:18:d5:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ef66691ad3a41652f5bd8596230b3ac743d2a2c
Validity
Not Before: May 28 16:08:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28499f5213456c3a139241fe4c1df347b4079c37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e5:c0:21:36:dc:09:21:fe:c1:87:fb:40:81:
12:cb:d4:10:9f:eb:73:b5:9d:e8:1b:2f:ef:b3:a6:
16:d9:e9:85:21:95:d3:16:6b:ad:62:5d:07:a1:12:
d8:dd:d4:a5:a5:55:8e:e3:02:e4:aa:30:b0:0b:8d:
1d:ea:df:69:63:ae:cd:6d:cc:f9:44:6f:cb:4f:c0:
0b:29:9f:d4:a8:b3:46:fe:e8:27:4e:17:32:06:2c:
94:d5:86:51:f2:dc:6b:b6:fb:fa:b8:8b:72:79:7c:
1f:0a:87:55:43:3f:de:a3:3f:0c:aa:6b:a4:13:cf:
1e:ba:88:7b:59:25:1f:a6:71:68:39:2b:01:c0:57:
3f:78:3a:00:e7:44:f2:dd:c6:ab:af:f8:e8:f2:5a:
2c:59:01:df:e6:eb:5d:49:64:6a:bd:72:ac:20:f6:
2f:cf:5f:1d:09:05:d9:92:4d:a0:af:be:37:b8:1c:
8d:c4:79:bd:d5:39:62:ec:34:b7:53:6e:5f:71:08:
42:ea:69:fe:4b:84:21:af:d9:44:74:fe:b0:26:16:
83:fa:b3:fd:33:1b:a1:c9:2c:a0:83:f2:c4:5c:18:
8b:2b:3a:75:d7:71:5f:43:01:0d:f3:4e:c2:2f:f2:
fb:a8:2b:2e:39:16:c1:78:35:13:b0:f0:7d:9e:2c:
c6:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:49:9F:52:13:45:6C:3A:13:92:41:FE:4C:1D:F3:47:B4:07:9C:37
X509v3 Authority Key Identifier:
keyid:8E:F6:66:91:AD:3A:41:65:2F:5B:D8:59:62:30:B3:AC:74:3D:2A:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jvZmka06QWUvW9hZYjCzrHQ9Kiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/fc87fa-cbfa-4f3c-88d3-ba922bb1ebb4/1/KEmfUhNFbDoTkkH-TB3zR7QHnDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/fc87fa-cbfa-4f3c-88d3-ba922bb1ebb4/1/jvZmka06QWUvW9hZYjCzrHQ9Kiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.112.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:a9:f8:ef:cd:8e:41:9e:ee:7e:be:6e:c2:cf:63:49:ef:f1:
6f:22:21:c1:82:b6:06:b0:d1:b9:a5:67:e0:07:fd:dc:70:a2:
5a:5b:38:e1:d3:49:f1:a8:b4:24:12:19:27:f7:3e:f0:16:d9:
f6:f3:62:50:e4:51:30:dd:5b:31:4e:10:ec:14:ad:70:d1:51:
fa:6b:8d:7e:fc:4b:13:97:e2:99:e2:ba:d6:ea:1f:20:f2:c3:
f1:c8:09:a6:01:9e:6c:61:8a:82:fb:03:9e:99:45:b8:38:3c:
f3:4b:a3:f3:a2:cb:d6:37:fc:ee:7b:f7:70:c6:df:bf:2d:e7:
69:c9:1a:8d:5e:96:54:56:6d:92:43:26:21:61:57:0b:53:ee:
db:f5:5e:5c:4a:cc:5d:db:29:9b:a3:44:98:0f:94:6d:2e:bf:
53:b5:87:df:2c:55:63:07:ca:9d:06:63:b4:75:e9:7d:6c:ab:
84:f2:09:b7:d2:82:7c:91:be:9e:a3:b4:af:bd:ef:f1:ca:9c:
d2:b7:29:57:fe:98:e2:25:86:9a:28:fc:61:f2:ab:22:34:fc:
2e:75:f8:e6:d3:9b:27:84:cb:6a:ad:97:b2:30:6c:07:42:74:
8d:8d:70:a8:a3:a6:0d:28:00:29:0d:32:ef:4a:74:a8:97:56:
98:6c:6f:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcXp2LbCrAMtR/vmR9rGNXoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZjY2NjkxYWQzYTQxNjUyZjViZDg1OTYyMzBiM2FjNzQz
ZDJhMmMwHhcNMjUwNTI4MTYwODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODQ5OWY1MjEzNDU2YzNhMTM5MjQxZmU0YzFkZjM0N2I0MDc5YzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OXAITbcCSH+wYf7QIESy9QQn+tz
tZ3oGy/vs6YW2emFIZXTFmutYl0HoRLY3dSlpVWO4wLkqjCwC40d6t9pY67Nbcz5
RG/LT8ALKZ/UqLNG/ugnThcyBiyU1YZR8txrtvv6uItyeXwfCodVQz/eoz8Mqmuk
E88euoh7WSUfpnFoOSsBwFc/eDoA50Ty3carr/jo8losWQHf5utdSWRqvXKsIPYv
z18dCQXZkk2gr743uByNxHm91Tli7DS3U25fcQhC6mn+S4Qhr9lEdP6wJhaD+rP9
MxuhySygg/LEXBiLKzp113FfQwEN807CL/L7qCsuORbBeDUTsPB9nizGeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFChJn1ITRWw6E5JB/kwd80e0B5w3MB8GA1UdIwQY
MBaAFI72ZpGtOkFlL1vYWWIws6x0PSosMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanZabWthMDZRV1V2VzloWllqQ3pySFE5S2l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mYzg3ZmEtY2JmYS00ZjNjLTg4ZDMt
YmE5MjJiYjFlYmI0LzEvS0VtZlVoTkZiRG9Ua2tILVRCM3pSN1FIbkRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mYzg3ZmEtY2JmYS00ZjNjLTg4ZDMtYmE5MjJiYjFlYmI0
LzEvanZabWthMDZRV1V2VzloWllqQ3pySFE5S2l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH4BwMA0G
CSqGSIb3DQEBCwUAA4IBAQCeqfjvzY5Bnu5+vm7Cz2NJ7/FvIiHBgrYGsNG5pWfg
B/3ccKJaWzjh00nxqLQkEhkn9z7wFtn282JQ5FEw3VsxThDsFK1w0VH6a41+/EsT
l+KZ4rrW6h8g8sPxyAmmAZ5sYYqC+wOemUW4ODzzS6PzosvWN/zue/dwxt+/Ledp
yRqNXpZUVm2SQyYhYVcLU+7b9V5cSsxd2ymbo0SYD5RtLr9TtYffLFVjB8qdBmO0
del9bKuE8gm30oJ8kb6eo7Svve/xypzStylX/pjiJYaaKPxh8qsiNPwudfjm05sn
hMtqrZeyMGwHQnSNjXCoo6YNKAApDTLvSnSol1aYbG+8
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:46:13 2025 by rpki-client