Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/468b75-5994-48fb-a85d-4a5eed1ee5bc/1/U4b4y0Uv6PW4Wq515z7EnRcJZWQ.roa
File: U4b4y0Uv6PW4Wq515z7EnRcJZWQ.roa (raw, json)
Hash identifier: 3q+o5/r7KxHEhDbuHFcCuhU06ZC1do0abEibN9XK0Fg=
Subject key identifier: 53:86:F8:CB:45:2F:E8:F5:B8:5A:AE:75:E7:3E:C4:9D:17:09:65:64
Certificate issuer: /CN=eb78358a6a97d19b2f5afff1cfc793fbb4eafc9d
Certificate serial: 019424455DA3CE64F51E24BD7BB9DBDEE5EF
Authority key identifier: EB:78:35:8A:6A:97:D1:9B:2F:5A:FF:F1:CF:C7:93:FB:B4:EA:FC:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/63g1imqX0ZsvWv_xz8eT-7Tq_J0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/468b75-5994-48fb-a85d-4a5eed1ee5bc/1/U4b4y0Uv6PW4Wq515z7EnRcJZWQ.roa
Signing time: Wed 01 Jan 2025 23:48:33 +0000
ROA not before: Wed 01 Jan 2025 23:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 31.204.26.0/24 maxlen: 24
31.204.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:5d:a3:ce:64:f5:1e:24:bd:7b:b9:db:de:e5:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb78358a6a97d19b2f5afff1cfc793fbb4eafc9d
Validity
Not Before: Jan 1 23:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5386f8cb452fe8f5b85aae75e73ec49d17096564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:3f:60:37:97:ba:f9:fa:d4:dc:05:fa:ea:2a:
bd:f4:ed:9e:15:96:d8:83:05:68:6d:09:de:2d:9e:
ca:3d:2f:83:b9:26:32:a9:73:f1:32:2d:30:f8:ac:
7a:c8:25:6d:81:9b:5f:d6:34:9f:f4:02:66:43:7b:
e1:b0:15:bc:e6:54:db:ed:53:90:15:8b:b1:85:02:
6f:e1:b4:fb:46:48:47:a2:70:0e:1a:dd:0f:a7:fd:
64:2d:be:92:60:1e:74:83:6d:5d:3e:9b:49:21:66:
49:85:dd:29:1e:e4:ac:52:b2:72:e2:9f:43:33:6e:
87:57:1d:09:fc:f1:2b:0c:17:b5:b6:15:8a:2c:0f:
72:f7:c7:bd:cb:87:ac:53:88:eb:9e:23:4a:ef:7b:
c8:43:8e:2e:92:53:10:d5:e1:06:a9:98:50:de:e0:
4a:18:d5:51:30:37:ba:dd:65:60:bf:7a:b1:c3:7b:
90:cd:fa:6f:3b:6a:2a:b1:93:49:a2:f3:fb:35:60:
5d:0c:18:cd:e4:f3:f0:61:9f:21:59:12:45:15:b8:
f9:ab:ea:52:d4:67:14:a5:ab:93:1a:64:ac:ab:e1:
fc:a1:78:27:61:48:8b:73:ee:89:b6:a1:6f:c2:11:
60:76:33:77:c2:f3:ac:00:da:ab:fe:8b:7b:bf:6e:
26:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:86:F8:CB:45:2F:E8:F5:B8:5A:AE:75:E7:3E:C4:9D:17:09:65:64
X509v3 Authority Key Identifier:
keyid:EB:78:35:8A:6A:97:D1:9B:2F:5A:FF:F1:CF:C7:93:FB:B4:EA:FC:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/63g1imqX0ZsvWv_xz8eT-7Tq_J0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/468b75-5994-48fb-a85d-4a5eed1ee5bc/1/U4b4y0Uv6PW4Wq515z7EnRcJZWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/468b75-5994-48fb-a85d-4a5eed1ee5bc/1/63g1imqX0ZsvWv_xz8eT-7Tq_J0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.204.26.0/24
31.204.49.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:c5:cf:99:ab:1d:71:89:ce:4a:4f:c7:d7:7a:f0:1e:b3:83:
bf:84:a9:37:b2:93:5a:02:0f:86:2e:91:83:30:25:37:34:e0:
b2:0c:86:13:90:a6:86:3f:9f:cb:b4:e2:99:c6:ba:b2:79:2d:
e9:df:6f:94:18:87:7c:63:a8:5c:9c:79:65:ba:04:cb:7c:2c:
0f:e0:da:14:30:f5:04:26:68:20:30:91:ad:05:ef:53:81:b2:
5a:49:88:54:d4:b1:bd:60:27:8b:81:30:6c:e6:7f:de:ba:94:
29:c3:7b:81:49:81:a9:b7:e4:71:db:2b:bf:a3:33:47:bc:e2:
82:d3:3d:2c:b7:80:a7:68:00:9f:2b:1e:d5:dc:8a:89:55:40:
05:e7:05:90:00:67:77:39:6c:fa:3e:80:ba:c8:9b:d4:8d:58:
17:31:38:58:b5:29:8a:ff:3b:c9:c2:d3:b5:77:ee:ec:ce:ce:
65:50:5e:19:dc:1d:31:17:26:34:68:29:7c:6c:e6:fe:32:07:
1a:9d:43:b1:b4:be:5d:a5:e2:09:df:cb:36:cd:e4:a1:c0:e0:
c7:f6:69:93:b9:4b:04:eb:61:01:a1:92:d3:f4:8e:bc:02:a6:
c4:52:30:ff:e7:27:ad:84:c3:ab:40:c0:25:06:d9:79:36:01:
3f:60:18:8e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRV2jzmT1HiS9e7nb3uXvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViNzgzNThhNmE5N2QxOWIyZjVhZmZmMWNmYzc5M2ZiYjRl
YWZjOWQwHhcNMjUwMTAxMjM0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzg2ZjhjYjQ1MmZlOGY1Yjg1YWFlNzVlNzNlYzQ5ZDE3MDk2NTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnD9gN5e6+frU3AX66iq99O2eFZbY
gwVobQneLZ7KPS+DuSYyqXPxMi0w+Kx6yCVtgZtf1jSf9AJmQ3vhsBW85lTb7VOQ
FYuxhQJv4bT7RkhHonAOGt0Pp/1kLb6SYB50g21dPptJIWZJhd0pHuSsUrJy4p9D
M26HVx0J/PErDBe1thWKLA9y98e9y4esU4jrniNK73vIQ44uklMQ1eEGqZhQ3uBK
GNVRMDe63WVgv3qxw3uQzfpvO2oqsZNJovP7NWBdDBjN5PPwYZ8hWRJFFbj5q+pS
1GcUpauTGmSsq+H8oXgnYUiLc+6JtqFvwhFgdjN3wvOsANqr/ot7v24mRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFOG+MtFL+j1uFqudec+xJ0XCWVkMB8GA1UdIwQY
MBaAFOt4NYpql9GbL1r/8c/Hk/u06vydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjNnMWltcVgwWnN2V3ZfeHo4ZVQtN1RxX0owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80NjhiNzUtNTk5NC00OGZiLWE4NWQt
NGE1ZWVkMWVlNWJjLzEvVTRiNHkwVXY2UFc0V3E1MTV6N0VuUmNKWldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80NjhiNzUtNTk5NC00OGZiLWE4NWQtNGE1ZWVkMWVlNWJj
LzEvNjNnMWltcVgwWnN2V3ZfeHo4ZVQtN1RxX0owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH8waAwQA
H8wxMA0GCSqGSIb3DQEBCwUAA4IBAQB/xc+Zqx1xic5KT8fXevAes4O/hKk3spNa
Ag+GLpGDMCU3NOCyDIYTkKaGP5/LtOKZxrqyeS3p32+UGId8Y6hcnHllugTLfCwP
4NoUMPUEJmggMJGtBe9TgbJaSYhU1LG9YCeLgTBs5n/eupQpw3uBSYGpt+Rx2yu/
ozNHvOKC0z0st4CnaACfKx7V3IqJVUAF5wWQAGd3OWz6PoC6yJvUjVgXMThYtSmK
/zvJwtO1d+7szs5lUF4Z3B0xFyY0aCl8bOb+MgcanUOxtL5dpeIJ38s2zeShwODH
9mmTuUsE62EBoZLT9I68AqbEUjD/5yethMOrQMAlBtl5NgE/YBiO
-----END CERTIFICATE-----
Generated at Tue Apr 29 16:16:26 2025 by rpki-client