Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/60b472-dada-42e6-9f34-24bf30eddbe1/1/SieVqRDDWvS7PG-0D8WzV8S6Xr8.roa
File: SieVqRDDWvS7PG-0D8WzV8S6Xr8.roa (raw, json)
Hash identifier: EKlQGjifisgjo4l4Ut39K7vrN7cqKUPB3LGIVpr7dZc=
Subject key identifier: 4A:27:95:A9:10:C3:5A:F4:BB:3C:6F:B4:0F:C5:B3:57:C4:BA:5E:BF
Certificate issuer: /CN=a928da8a616cbac4c942746693a161e498c462cf
Certificate serial: 019667CC653630D11FEEAE130E2C3BC6A33F
Authority key identifier: A9:28:DA:8A:61:6C:BA:C4:C9:42:74:66:93:A1:61:E4:98:C4:62:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qSjaimFsusTJQnRmk6Fh5JjEYs8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/60b472-dada-42e6-9f34-24bf30eddbe1/1/SieVqRDDWvS7PG-0D8WzV8S6Xr8.roa
Signing time: Thu 24 Apr 2025 12:36:10 +0000
ROA not before: Thu 24 Apr 2025 12:36:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8902
IP address blocks: 31.25.160.0/21 maxlen: 21
2a00:1670::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 30 Apr 2025 17:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:67:cc:65:36:30:d1:1f:ee:ae:13:0e:2c:3b:c6:a3:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a928da8a616cbac4c942746693a161e498c462cf
Validity
Not Before: Apr 24 12:36:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a2795a910c35af4bb3c6fb40fc5b357c4ba5ebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:eb:3d:d4:f2:a1:d2:f9:bc:89:14:7f:5a:57:
62:77:f3:be:00:87:bf:bc:c4:da:63:15:d9:f6:89:
dc:fc:cd:4f:66:bc:d2:91:b8:9c:82:f2:0d:1e:f4:
f4:b4:de:24:46:30:82:44:68:05:ec:cc:1c:d1:f6:
1d:d0:f1:ed:87:05:7a:20:62:1c:2c:4b:49:1c:72:
04:0e:cb:c5:1d:2b:c4:15:fc:c2:d5:25:1d:7b:b9:
a0:bf:55:76:7b:dd:05:c5:47:8e:67:f2:83:37:ed:
f6:10:53:f7:25:1d:e9:4f:be:71:7e:15:d9:48:b6:
8f:84:88:8e:05:13:a8:e1:14:e9:c1:ba:8c:91:88:
99:d0:12:ed:e0:73:1f:ce:e3:f4:f4:71:45:34:68:
37:4d:39:5a:8e:89:fb:54:1b:e5:1d:8e:a8:45:ff:
98:16:56:d6:a7:13:d1:23:0e:e5:3e:7b:6b:de:96:
74:65:6a:31:be:10:84:2c:21:d8:ea:59:00:33:e6:
82:08:b6:5f:5f:48:98:2d:45:df:11:bc:7d:47:8b:
10:b3:46:68:e5:e4:8e:e7:2e:72:97:e0:52:52:e4:
6e:b7:7c:e6:73:fc:ae:27:5c:22:a3:8d:83:fe:a1:
8c:f7:90:0a:d2:97:ec:eb:3f:f4:a1:f8:97:c4:63:
c6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:27:95:A9:10:C3:5A:F4:BB:3C:6F:B4:0F:C5:B3:57:C4:BA:5E:BF
X509v3 Authority Key Identifier:
keyid:A9:28:DA:8A:61:6C:BA:C4:C9:42:74:66:93:A1:61:E4:98:C4:62:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qSjaimFsusTJQnRmk6Fh5JjEYs8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/60b472-dada-42e6-9f34-24bf30eddbe1/1/SieVqRDDWvS7PG-0D8WzV8S6Xr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/60b472-dada-42e6-9f34-24bf30eddbe1/1/qSjaimFsusTJQnRmk6Fh5JjEYs8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.160.0/21
IPv6:
2a00:1670::/32
Signature Algorithm: sha256WithRSAEncryption
46:2d:ae:6e:a5:97:94:0f:d3:be:82:58:40:0a:46:6b:d9:05:
ff:67:74:c7:8d:f5:ed:88:fe:58:8d:c7:80:2e:cb:64:0f:92:
19:dc:77:68:71:fe:4d:b4:4c:10:d3:59:8e:87:f6:03:1a:56:
5e:30:87:5e:a0:25:7a:3c:93:ad:e4:3c:36:b6:18:f3:30:c9:
22:0c:24:c4:35:1f:03:a8:b7:b6:8a:f9:29:98:a0:d4:79:06:
e3:34:d5:1c:28:38:18:3c:e4:6d:f1:10:cc:e0:7d:df:9c:6a:
92:6b:28:dc:7d:b8:52:bc:75:37:05:26:33:37:f1:e3:ea:15:
69:fa:d5:5c:47:fc:76:6d:67:ed:1f:79:1e:51:72:6c:ed:44:
4c:ad:18:50:8c:97:32:9f:3b:93:93:d8:71:c9:e3:58:21:6e:
5a:8b:c8:96:b9:e6:9d:6d:07:3f:d0:32:b7:a4:69:59:8a:bb:
21:36:fb:d2:9f:66:3e:35:d4:3f:a0:2c:ef:d4:a4:80:fc:5e:
30:40:79:26:69:69:cd:90:9c:19:91:06:e8:23:c0:08:2e:31:
79:b2:5c:f8:2c:a0:0c:a2:6f:7c:6f:1b:91:77:7c:b0:69:48:
1f:10:10:fc:71:dd:37:f7:fb:d0:d0:8e:88:37:8e:6b:c6:37:
07:15:d6:fa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZZnzGU2MNEf7q4TDiw7xqM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MjhkYThhNjE2Y2JhYzRjOTQyNzQ2NjkzYTE2MWU0OThj
NDYyY2YwHhcNMjUwNDI0MTIzNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTI3OTVhOTEwYzM1YWY0YmIzYzZmYjQwZmM1YjM1N2M0YmE1ZWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzes91PKh0vm8iRR/Wldid/O+AIe/
vMTaYxXZ9onc/M1PZrzSkbicgvINHvT0tN4kRjCCRGgF7Mwc0fYd0PHthwV6IGIc
LEtJHHIEDsvFHSvEFfzC1SUde7mgv1V2e90FxUeOZ/KDN+32EFP3JR3pT75xfhXZ
SLaPhIiOBROo4RTpwbqMkYiZ0BLt4HMfzuP09HFFNGg3TTlajon7VBvlHY6oRf+Y
FlbWpxPRIw7lPntr3pZ0ZWoxvhCELCHY6lkAM+aCCLZfX0iYLUXfEbx9R4sQs0Zo
5eSO5y5yl+BSUuRut3zmc/yuJ1wio42D/qGM95AK0pfs6z/0ofiXxGPGlQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEonlakQw1r0uzxvtA/Fs1fEul6/MB8GA1UdIwQY
MBaAFKko2ophbLrEyUJ0ZpOhYeSYxGLPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVNqYWltRnN1c1RKUW5SbWs2Rmg1SmpFWXM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy82MGI0NzItZGFkYS00MmU2LTlmMzQt
MjRiZjMwZWRkYmUxLzEvU2llVnFSRERXdlM3UEctMEQ4V3pWOFM2WHI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy82MGI0NzItZGFkYS00MmU2LTlmMzQtMjRiZjMwZWRkYmUx
LzEvcVNqYWltRnN1c1RKUW5SbWs2Rmg1SmpFWXM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDHxmgMA0E
AgACMAcDBQAqABZwMA0GCSqGSIb3DQEBCwUAA4IBAQBGLa5upZeUD9O+glhACkZr
2QX/Z3THjfXtiP5YjceALstkD5IZ3Hdocf5NtEwQ01mOh/YDGlZeMIdeoCV6PJOt
5Dw2thjzMMkiDCTENR8DqLe2ivkpmKDUeQbjNNUcKDgYPORt8RDM4H3fnGqSayjc
fbhSvHU3BSYzN/Hj6hVp+tVcR/x2bWftH3keUXJs7URMrRhQjJcynzuTk9hxyeNY
IW5ai8iWueadbQc/0DK3pGlZirshNvvSn2Y+NdQ/oCzv1KSA/F4wQHkmaWnNkJwZ
kQboI8AILjF5slz4LKAMom98bxuRd3ywaUgfEBD8cd039/vQ0I6IN45rxjcHFdb6
-----END CERTIFICATE-----
Generated at Sun Jun 8 17:26:44 2025 by rpki-client