Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/6rn0bkPf1SrBtfvQ4i7GqRNNV9k.roa
File: 6rn0bkPf1SrBtfvQ4i7GqRNNV9k.roa (raw, json)
Hash identifier: qe8jw6m2jMtb38E3weEUsk/2kYKAa8yG/SEFx8eJDhI=
Subject key identifier: EA:B9:F4:6E:43:DF:D5:2A:C1:B5:FB:D0:E2:2E:C6:A9:13:4D:57:D9
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0195CEC016C204A54BE9B6BB2A6D1F8C4150
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/6rn0bkPf1SrBtfvQ4i7GqRNNV9k.roa
Signing time: Tue 25 Mar 2025 19:20:50 +0000
ROA not before: Tue 25 Mar 2025 19:20:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42216
IP address blocks: 31.210.47.0/24 maxlen: 24
77.92.142.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
78.135.98.0/24 maxlen: 24
188.132.188.0/24 maxlen: 24
188.132.214.0/24 maxlen: 24
188.132.215.0/24 maxlen: 24
188.132.216.0/24 maxlen: 24
188.132.218.0/24 maxlen: 24
2a10:9440:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Mar 2025 15:53:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ce:c0:16:c2:04:a5:4b:e9:b6:bb:2a:6d:1f:8c:41:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Mar 25 19:20:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eab9f46e43dfd52ac1b5fbd0e22ec6a9134d57d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:18:3c:37:14:8a:56:51:a6:d3:ef:fc:36:4a:
60:6c:2b:55:af:cb:8b:01:e6:af:b6:a7:3e:08:3e:
75:ed:e8:0a:5a:c9:26:15:a4:e8:b8:5f:ec:c9:cf:
3b:ee:7a:94:29:28:ff:1f:5a:69:73:a8:32:91:83:
0f:9f:2e:f2:22:64:28:a1:cd:4f:e3:72:7f:8c:25:
87:0c:62:9d:10:5a:8b:3e:2b:78:a0:71:b4:9c:08:
e7:5a:9f:9e:b8:16:1e:32:44:54:ae:62:4c:d0:cc:
57:14:23:e2:0f:dc:d2:7c:9d:9f:da:df:9a:36:ca:
56:d0:92:50:47:b1:ca:ae:dd:7f:6b:c9:86:19:68:
e1:db:5d:09:3d:db:a7:8c:60:3f:2c:36:92:2a:22:
0f:27:0b:1d:9a:bf:7c:58:69:9c:c6:8a:ac:87:3c:
58:5f:91:e4:80:6b:3b:19:17:9e:ab:e7:58:13:6f:
86:90:e3:29:d5:67:9f:b6:f7:40:cc:c8:b2:ab:a4:
f9:ed:0a:bc:57:36:5e:09:a9:86:30:2f:37:dd:9c:
da:5b:70:1c:09:55:40:15:c1:ef:56:0b:4e:90:ce:
64:5a:3d:11:fd:39:99:93:40:52:59:8a:5d:0d:3a:
31:0a:68:5c:c7:7e:b1:24:8f:ab:1b:93:94:ef:a0:
11:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:B9:F4:6E:43:DF:D5:2A:C1:B5:FB:D0:E2:2E:C6:A9:13:4D:57:D9
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/6rn0bkPf1SrBtfvQ4i7GqRNNV9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.47.0/24
77.92.142.0/23
77.92.152.0/24
78.135.78.0/24
78.135.86.0/24
78.135.98.0/24
188.132.188.0/24
188.132.214.0-188.132.216.255
188.132.218.0/24
IPv6:
2a10:9440:1::/48
Signature Algorithm: sha256WithRSAEncryption
72:a1:f6:39:b8:34:95:52:20:f9:28:e6:5f:d0:ba:9d:e0:59:
12:53:ab:3e:2c:61:16:a8:fe:e5:2a:eb:f6:e2:f6:46:25:d8:
60:c3:27:7d:f0:14:25:50:61:ec:97:53:d9:cc:e5:c7:cb:e4:
e4:c8:24:9d:6e:44:f7:49:dc:a0:66:6a:7b:38:31:54:e1:4a:
64:4b:79:73:47:8c:5a:9f:94:08:1d:91:99:8c:59:67:eb:1b:
47:ab:67:32:84:a3:81:b0:1d:20:0e:c5:e4:ae:25:5c:95:b6:
9a:a2:a8:a5:bd:74:a7:b5:5f:4a:2a:ef:59:f8:68:17:8c:69:
c0:a4:16:32:dc:5e:a6:42:ad:a7:6c:3f:12:5c:a1:d8:bf:eb:
25:f9:cc:00:c1:02:2f:3e:a9:ad:2d:e5:49:ae:20:4f:47:54:
35:36:d4:a5:10:5b:88:70:e5:ab:4a:d6:24:24:4f:1f:85:10:
fd:7f:a7:bd:90:02:8c:c1:9e:ab:5d:36:db:0f:e9:7a:7a:6c:
1f:26:d3:99:f0:ab:8c:ac:59:4d:e6:51:02:79:59:59:26:b8:
1a:ec:26:b8:00:bd:1b:45:42:0b:04:70:36:19:03:71:ff:a8:
39:23:2d:be:ef:14:05:62:3d:8d:c8:4a:3b:d4:a0:9d:8e:40:
79:58:88:a0
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZXOwBbCBKVL6ba7Km0fjEFQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMzI1MTkyMDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWI5ZjQ2ZTQzZGZkNTJhYzFiNWZiZDBlMjJlYzZhOTEzNGQ1N2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Rg8NxSKVlGm0+/8NkpgbCtVr8uL
Aeavtqc+CD517egKWskmFaTouF/syc877nqUKSj/H1ppc6gykYMPny7yImQooc1P
43J/jCWHDGKdEFqLPit4oHG0nAjnWp+euBYeMkRUrmJM0MxXFCPiD9zSfJ2f2t+a
NspW0JJQR7HKrt1/a8mGGWjh210JPdunjGA/LDaSKiIPJwsdmr98WGmcxoqshzxY
X5HkgGs7GReeq+dYE2+GkOMp1WeftvdAzMiyq6T57Qq8VzZeCamGMC833ZzaW3Ac
CVVAFcHvVgtOkM5kWj0R/TmZk0BSWYpdDToxCmhcx36xJI+rG5OU76ARiwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFOq59G5D39UqwbX70OIuxqkTTVfZMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvNnJuMGJrUGYxU3JCdGZ2UTRpN0dxUk5OVjlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBEBAIAATA+AwQAH9IvAwQB
TVyOAwQATVyYAwQATodOAwQATodWAwQATodiAwQAvIS8MAwDBAG8hNYDBAC8hNgD
BAC8hNowDwQCAAIwCQMHACoQlEAAATANBgkqhkiG9w0BAQsFAAOCAQEAcqH2Obg0
lVIg+SjmX9C6neBZElOrPixhFqj+5Srr9uL2RiXYYMMnffAUJVBh7JdT2czlx8vk
5MgknW5E90ncoGZqezgxVOFKZEt5c0eMWp+UCB2RmYxZZ+sbR6tnMoSjgbAdIA7F
5K4lXJW2mqKopb10p7VfSirvWfhoF4xpwKQWMtxepkKtp2w/Elyh2L/rJfnMAMEC
Lz6prS3lSa4gT0dUNTbUpRBbiHDlq0rWJCRPH4UQ/X+nvZACjMGeq1022w/penps
HybTmfCrjKxZTeZRAnlZWSa4GuwmuAC9G0VCCwRwNhkDcf+oOSMtvu8UBWI9jchK
O9SgnY5AeViIoA==
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:09:40 2025 by rpki-client