Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/e8hfTJJz40DTgFJOZ98WF0JEZ64.roa
File: e8hfTJJz40DTgFJOZ98WF0JEZ64.roa (raw, json)
Hash identifier: ZhHYgp70ZtKH1l1argxaOEZv4Gg3cGTkpHcUEcGSMRo=
Subject key identifier: 7B:C8:5F:4C:92:73:E3:40:D3:80:52:4E:67:DF:16:17:42:44:67:AE
Certificate issuer: /CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Certificate serial: 0196EC41B1A7735043B9B0C224BF3E43C24E
Authority key identifier: 86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/e8hfTJJz40DTgFJOZ98WF0JEZ64.roa
Signing time: Tue 20 May 2025 05:54:10 +0000
ROA not before: Tue 20 May 2025 05:54:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44493
IP address blocks: 31.192.232.0/24 maxlen: 24
31.192.234.0/24 maxlen: 24
31.192.235.0/24 maxlen: 24
31.192.236.0/24 maxlen: 24
31.192.237.0/24 maxlen: 24
31.192.238.0/24 maxlen: 24
31.192.239.0/24 maxlen: 24
80.85.152.0/23 maxlen: 23
80.85.154.0/24 maxlen: 24
80.85.156.0/22 maxlen: 22
185.144.28.0/24 maxlen: 24
185.144.30.0/23 maxlen: 23
2a03:a0e0::/32 maxlen: 32
2a0a:eec0::/48 maxlen: 48
2a0a:eec0:2::/48 maxlen: 48
2a0a:eec0:3::/48 maxlen: 48
2a0a:eec0:4::/48 maxlen: 48
2a0a:eec0:5::/48 maxlen: 48
2a0a:eec0:6::/48 maxlen: 48
2a0a:eec0:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 29 May 2025 08:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ec:41:b1:a7:73:50:43:b9:b0:c2:24:bf:3e:43:c2:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Validity
Not Before: May 20 05:54:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7bc85f4c9273e340d380524e67df1617424467ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:17:97:a5:45:29:72:9a:ba:2a:8d:69:ca:41:
4c:69:9e:33:9d:b9:27:a8:83:fa:0f:98:4b:ed:c2:
8b:3a:0a:3b:89:02:fa:9d:42:8f:1d:3b:09:cb:21:
13:b2:c5:3d:65:7a:4e:b1:b1:80:52:80:0a:df:aa:
27:89:11:22:a5:e6:64:86:7f:a6:29:11:1f:64:a4:
45:24:09:be:14:cd:21:98:d8:bc:5c:aa:ab:13:80:
13:61:fd:74:be:d0:14:68:f9:7a:5b:47:96:b9:0f:
ea:ce:a0:c3:7b:a4:83:36:c6:02:24:d8:09:2a:e0:
fb:46:f4:3e:62:9c:5c:7d:69:52:00:41:44:6c:0e:
99:c6:47:3e:f5:63:9e:a2:c8:23:33:25:e3:4b:eb:
a6:9e:61:a7:b0:9d:ac:19:8d:11:fd:09:76:16:e5:
2e:32:b0:07:5f:4d:3d:3d:cc:4d:12:3f:78:0f:82:
f7:47:87:7c:e0:22:20:33:fb:80:b3:9c:83:9b:04:
f0:c1:df:fe:0d:76:3e:f7:7b:d4:dd:e4:4d:01:d3:
1c:42:82:fb:24:19:21:2b:4f:5e:d1:89:57:57:d8:
55:b3:af:aa:b1:01:d4:8a:5a:30:7d:61:6d:69:5b:
18:aa:ad:1a:be:ed:35:34:a5:49:0d:76:3b:03:9b:
58:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:C8:5F:4C:92:73:E3:40:D3:80:52:4E:67:DF:16:17:42:44:67:AE
X509v3 Authority Key Identifier:
keyid:86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/e8hfTJJz40DTgFJOZ98WF0JEZ64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.232.0/24
31.192.234.0-31.192.239.255
80.85.152.0-80.85.154.255
80.85.156.0/22
185.144.28.0/24
185.144.30.0/23
IPv6:
2a03:a0e0::/32
2a0a:eec0::/48
2a0a:eec0:2::-2a0a:eec0:7:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
85:2f:75:b4:c6:d8:20:91:48:75:66:e8:3d:8e:52:04:e8:08:
2f:38:35:62:a3:27:b1:28:b4:18:29:7f:b5:f0:65:55:18:6a:
25:b6:44:5d:db:aa:0a:09:18:e2:05:b8:c9:b7:ca:dd:20:19:
b7:5b:29:98:17:1a:bd:9e:f9:a3:d8:42:09:fe:fb:0f:67:80:
8b:61:ee:63:13:86:57:72:f7:12:86:99:f4:25:7d:f6:5e:66:
96:bc:33:19:02:d9:93:ac:1d:ec:c2:c6:cb:2d:2c:ba:12:29:
25:d3:ed:6f:7d:62:f1:32:05:95:bd:9e:0e:1f:1c:96:73:a8:
cc:42:32:da:57:77:10:e9:e9:d0:1b:1c:66:b5:27:19:bf:7b:
2e:66:37:fd:e2:3e:ba:86:52:20:13:b4:9d:79:ab:ce:d2:74:
62:76:23:83:41:e8:56:42:73:70:9f:24:fb:a5:a6:13:54:9a:
94:ae:42:0c:d0:0b:ee:ac:89:f7:8d:57:bd:91:58:7b:39:2f:
48:cc:6c:3c:54:d0:bb:d6:d1:e5:5e:23:b9:97:83:5b:be:83:
46:b5:b2:9b:e2:bb:4a:9a:da:e2:79:2e:13:b5:a5:10:4a:4b:
49:2a:a5:6b:ad:6b:fe:a3:99:7d:27:0d:68:8b:81:d5:54:ef:
b9:20:78:e8
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZbsQbGnc1BDubDCJL8+Q8JOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2I3NDJhMDNiYzljODU1MDcyMTdhMjUyMDRkZmZmODJm
Y2NkZjkwHhcNMjUwNTIwMDU1NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmM4NWY0YzkyNzNlMzQwZDM4MDUyNGU2N2RmMTYxNzQyNDQ2N2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwReXpUUpcpq6Ko1pykFMaZ4znbkn
qIP6D5hL7cKLOgo7iQL6nUKPHTsJyyETssU9ZXpOsbGAUoAK36oniREipeZkhn+m
KREfZKRFJAm+FM0hmNi8XKqrE4ATYf10vtAUaPl6W0eWuQ/qzqDDe6SDNsYCJNgJ
KuD7RvQ+YpxcfWlSAEFEbA6Zxkc+9WOeosgjMyXjS+umnmGnsJ2sGY0R/Ql2FuUu
MrAHX009PcxNEj94D4L3R4d84CIgM/uAs5yDmwTwwd/+DXY+93vU3eRNAdMcQoL7
JBkhK09e0YlXV9hVs6+qsQHUilowfWFtaVsYqq0avu01NKVJDXY7A5tYGwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFHvIX0ySc+NA04BSTmffFhdCRGeuMB8GA1UdIwQY
MBaAFIbLdCoDvJyFUHIXolIE3/+C/M35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgt
MDVmMThmYzIxMmE3LzEvZThoZlRKSno0MERUZ0ZKT1o5OFdGMEpFWjY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgtMDVmMThmYzIxMmE3
LzEvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDA6BAIAATA0AwQAH8DoMAwD
BAEfwOoDBAQfwOAwDAMEA1BVmAMEAFBVmgMEAlBVnAMEALmQHAMEAbmQHjAqBAIA
AjAkAwUAKgOg4AMHACoK7sAAADASAwcBKgruwAACAwcDKgruwAAAMA0GCSqGSIb3
DQEBCwUAA4IBAQCFL3W0xtggkUh1Zug9jlIE6AgvODVioyexKLQYKX+18GVVGGol
tkRd26oKCRjiBbjJt8rdIBm3WymYFxq9nvmj2EIJ/vsPZ4CLYe5jE4ZXcvcShpn0
JX32XmaWvDMZAtmTrB3swsbLLSy6Eikl0+1vfWLxMgWVvZ4OHxyWc6jMQjLaV3cQ
6enQGxxmtScZv3suZjf94j66hlIgE7SdeavO0nRidiODQehWQnNwnyT7paYTVJqU
rkIM0AvurIn3jVe9kVh7OS9IzGw8VNC71tHlXiO5l4NbvoNGtbKb4rtKmtrieS4T
taUQSktJKqVrrWv+o5l9Jw1oi4HVVO+5IHjo
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:14:04 2025 by rpki-client