Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/In6H6DynRLL4aH5nR6XDoaU7VMQ.roa
File: In6H6DynRLL4aH5nR6XDoaU7VMQ.roa (raw, json)
Hash identifier: MYR8OjH6kjPk0LfxK27G9Hadx7U8EFWjEvW5g/rhsSg=
Subject key identifier: 22:7E:87:E8:3C:A7:44:B2:F8:68:7E:67:47:A5:C3:A1:A5:3B:54:C4
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 019513C304A90F2070DD7191DF356B74F70B
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/In6H6DynRLL4aH5nR6XDoaU7VMQ.roa
Signing time: Mon 17 Feb 2025 11:55:02 +0000
ROA not before: Mon 17 Feb 2025 11:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 31.210.35.0/24 maxlen: 24
78.135.97.0/24 maxlen: 24
188.132.188.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.190.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
188.132.236.0/24 maxlen: 24
188.132.249.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
212.68.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Feb 2025 13:11:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:13:c3:04:a9:0f:20:70:dd:71:91:df:35:6b:74:f7:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Feb 17 11:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=227e87e83ca744b2f8687e6747a5c3a1a53b54c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6b:37:63:59:84:fc:ec:b9:b9:7d:64:d3:da:
44:cd:8d:63:88:25:e8:a7:b3:bb:c0:3f:93:57:b2:
34:82:70:5b:c2:bd:40:bf:10:1f:09:2f:e6:55:70:
f2:48:00:1f:9d:dd:9f:72:3e:c2:54:30:df:7f:73:
a5:4a:94:f6:51:6c:8b:de:a7:5d:07:f2:b7:e5:aa:
64:5d:5e:00:7b:d8:6e:c9:e5:e9:96:6e:54:19:b2:
02:b6:87:49:4c:fc:09:f0:5c:58:a3:77:10:d3:85:
75:5c:31:69:45:55:e5:93:25:b3:7b:78:07:8e:73:
d3:63:2d:95:7c:42:33:1d:92:e4:09:e5:70:b0:64:
2d:f9:f2:a3:3b:01:f3:23:c8:cd:b0:41:64:90:d3:
2d:d6:d7:8e:1b:ff:14:61:bc:90:0e:58:ae:b5:ac:
0f:db:03:d8:55:14:bd:b0:8d:0d:d4:87:a0:11:ef:
6b:f7:74:ee:d0:4c:b0:e8:28:32:a5:d1:21:50:c3:
5e:10:62:31:46:cb:df:4c:f2:78:64:9a:2c:d0:f0:
04:29:ab:49:5b:6a:8e:e3:bb:60:d9:74:69:5b:78:
08:04:98:e2:dc:73:17:db:17:1c:e6:cc:25:7f:b3:
77:2d:34:54:10:02:bb:de:e8:82:c2:96:4c:b7:54:
79:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:7E:87:E8:3C:A7:44:B2:F8:68:7E:67:47:A5:C3:A1:A5:3B:54:C4
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/In6H6DynRLL4aH5nR6XDoaU7VMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.35.0/24
78.135.97.0/24
188.132.188.0/22
188.132.236.0/24
188.132.249.0/24
212.68.59.0-212.68.60.255
Signature Algorithm: sha256WithRSAEncryption
12:6d:1f:3a:52:05:f8:0b:17:83:87:dd:2d:33:4e:28:6f:b5:
fe:94:36:a9:3a:b3:18:92:0b:64:2a:7c:02:eb:d1:a4:76:9d:
d7:24:12:a0:65:72:aa:6a:dc:23:ac:52:79:c7:ba:fd:78:db:
3b:84:1d:14:a8:94:00:69:b0:69:58:ab:71:cc:d5:a1:4e:fc:
98:e0:32:fd:b8:d4:51:2a:85:b1:87:f1:d7:71:8c:96:da:29:
4b:dc:99:fe:fa:c7:ff:de:89:af:f8:c8:81:88:e9:74:a5:db:
be:aa:6c:79:c5:c1:38:af:97:79:7a:d1:78:17:a8:fb:83:51:
c7:23:e1:a1:1e:6e:e9:67:39:a4:c9:8b:82:c1:60:1b:7e:40:
de:0a:2c:3f:d6:5b:3c:df:72:b6:50:7c:40:ab:05:1a:5f:cb:
c4:ab:4b:a5:73:a3:df:aa:da:2f:0d:9b:c1:45:78:83:13:cf:
8c:81:70:bd:43:85:ed:40:40:5b:9a:af:79:eb:da:47:8c:3f:
ce:50:50:fe:4e:af:a9:8c:6f:e9:c1:74:10:0f:37:0d:58:5d:
d6:fc:f8:97:9e:be:b7:be:11:f5:51:61:ea:07:86:20:72:af:
65:31:b8:a4:09:da:34:9d:71:34:29:d1:65:3e:0f:07:55:60:
3b:be:b8:a0
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZUTwwSpDyBw3XGR3zVrdPcLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMjE3MTE1NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjdlODdlODNjYTc0NGIyZjg2ODdlNjc0N2E1YzNhMWE1M2I1NGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlms3Y1mE/Oy5uX1k09pEzY1jiCXo
p7O7wD+TV7I0gnBbwr1AvxAfCS/mVXDySAAfnd2fcj7CVDDff3OlSpT2UWyL3qdd
B/K35apkXV4Ae9huyeXplm5UGbICtodJTPwJ8FxYo3cQ04V1XDFpRVXlkyWze3gH
jnPTYy2VfEIzHZLkCeVwsGQt+fKjOwHzI8jNsEFkkNMt1teOG/8UYbyQDliutawP
2wPYVRS9sI0N1IegEe9r93Tu0Eyw6CgypdEhUMNeEGIxRsvfTPJ4ZJos0PAEKatJ
W2qO47tg2XRpW3gIBJji3HMX2xcc5swlf7N3LTRUEAK73uiCwpZMt1R5xQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCJ+h+g8p0Sy+Gh+Z0elw6GlO1TEMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvSW42SDZEeW5STEw0YUg1blI2WERvYVU3Vk1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAH9IjAwQA
TodhAwQCvIS8AwQAvITsAwQAvIT5MAwDBADURDsDBADURDwwDQYJKoZIhvcNAQEL
BQADggEBABJtHzpSBfgLF4OH3S0zTihvtf6UNqk6sxiSC2QqfALr0aR2ndckEqBl
cqpq3COsUnnHuv142zuEHRSolABpsGlYq3HM1aFO/JjgMv241FEqhbGH8ddxjJba
KUvcmf76x//eia/4yIGI6XSl276qbHnFwTivl3l60XgXqPuDUccj4aEebulnOaTJ
i4LBYBt+QN4KLD/WWzzfcrZQfECrBRpfy8SrS6Vzo9+q2i8Nm8FFeIMTz4yBcL1D
he1AQFuar3nr2keMP85QUP5Or6mMb+nBdBAPNw1YXdb8+Jeevre+EfVRYeoHhiBy
r2UxuKQJ2jSdcTQp0WU+DwdVYDu+uKA=
-----END CERTIFICATE-----
Generated at Sun Apr 27 20:54:32 2025 by rpki-client