Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/PzNQYGjd9_3CJ5hjFzVwvFAHlRw.roa
File: PzNQYGjd9_3CJ5hjFzVwvFAHlRw.roa (raw, json)
Hash identifier: kiyrvdsxFlQ2Em9BZY7X2aUn4+JmxTbrEpjbHhSFGLQ=
Subject key identifier: 3F:33:50:60:68:DD:F7:FD:C2:27:98:63:17:35:70:BC:50:07:95:1C
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0194D73CB1626BBE8EC2660DD63B3367D43E
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/PzNQYGjd9_3CJ5hjFzVwvFAHlRw.roa
Signing time: Wed 05 Feb 2025 17:51:06 +0000
ROA not before: Wed 05 Feb 2025 17:51:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42216
IP address blocks: 31.210.47.0/24 maxlen: 24
77.92.142.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
2a10:9440:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 16 Feb 2025 10:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d7:3c:b1:62:6b:be:8e:c2:66:0d:d6:3b:33:67:d4:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Feb 5 17:51:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f33506068ddf7fdc2279863173570bc5007951c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:cf:8a:15:cc:85:91:ff:11:06:fb:cb:f2:d6:
1e:14:41:c4:0e:1d:48:c0:d1:5b:cb:22:96:ca:e5:
d5:38:a5:63:fa:a1:66:17:65:42:0c:ec:40:e4:b8:
cd:20:85:f8:47:64:31:df:98:27:15:03:34:fd:a1:
30:4b:34:3e:1f:c7:90:8b:ef:84:ae:94:f0:5c:a7:
b5:56:72:fe:64:ca:c8:49:15:06:89:59:1d:ba:9b:
fe:1b:dc:bd:80:e1:ac:70:1f:e1:e3:dc:ec:e0:52:
0f:c1:b0:b0:5d:00:af:d4:b1:7a:ca:d7:25:b9:88:
d7:9b:49:ad:69:1a:6f:25:81:36:40:b3:a0:67:2c:
44:0a:0f:77:32:46:72:33:61:a2:1f:1b:2f:c6:80:
1b:1b:29:14:83:20:34:e5:0e:34:37:0c:99:54:ed:
78:3a:37:6a:6e:0c:50:1b:ad:8d:72:6f:f3:fb:75:
f8:4c:cd:84:66:a8:c1:a3:ab:74:e7:0e:02:5c:a5:
83:2d:e8:ea:ea:9c:2e:8e:63:8d:36:3c:ae:0d:b4:
d4:7e:ed:b0:73:3f:38:b3:ca:62:9b:71:29:42:85:
ed:18:1f:f2:fe:69:60:4f:88:03:ac:ca:60:72:b9:
26:7d:d5:f7:b0:f6:86:db:31:5b:6b:75:11:57:fa:
4a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:33:50:60:68:DD:F7:FD:C2:27:98:63:17:35:70:BC:50:07:95:1C
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/PzNQYGjd9_3CJ5hjFzVwvFAHlRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.47.0/24
77.92.142.0/23
77.92.152.0/24
78.135.78.0/24
78.135.86.0/24
IPv6:
2a10:9440:1::/48
Signature Algorithm: sha256WithRSAEncryption
1b:96:3b:18:af:6f:9e:51:31:e6:81:67:52:35:3b:46:f2:b1:
e6:a0:26:2f:ba:8d:ed:f7:11:98:56:28:9f:28:50:46:47:fa:
44:fe:78:41:8e:06:1c:9f:94:b9:b0:69:5a:6e:84:ab:64:64:
ca:e6:a5:2d:43:3d:ed:34:9b:bb:30:7c:cd:85:8b:3b:b7:db:
e0:69:69:e9:a2:8e:02:86:bf:80:dd:a5:4d:b9:1d:1d:17:c7:
8b:9a:9f:5a:b1:b2:3f:95:9e:f1:d8:c9:25:9f:82:45:b8:26:
b6:33:19:5d:3f:67:8c:7c:64:ff:2e:a8:5f:6e:ca:97:5b:71:
3f:39:6c:aa:57:1c:f0:b4:02:3a:fd:3c:07:7c:91:5e:f6:0d:
b4:a0:9a:49:ab:bc:0a:c5:17:a6:db:ce:79:31:5a:11:f3:8c:
de:15:9d:b3:ee:20:d2:74:a7:68:6d:f4:ac:d7:db:22:5a:85:
58:a5:17:37:91:13:ff:9d:92:99:47:8b:dd:0a:72:36:10:e2:
33:53:a2:02:40:61:93:4d:ff:37:2c:12:04:a3:41:1c:53:52:
2c:23:1e:6e:e3:fb:f2:a4:f1:8d:c9:de:82:0b:53:01:92:99:
69:61:07:a8:90:6a:ef:60:d1:39:4d:ae:98:55:24:6d:60:be:
7b:5f:04:dd
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZTXPLFia76OwmYN1jszZ9Q+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMjA1MTc1MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjMzNTA2MDY4ZGRmN2ZkYzIyNzk4NjMxNzM1NzBiYzUwMDc5NTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18+KFcyFkf8RBvvL8tYeFEHEDh1I
wNFbyyKWyuXVOKVj+qFmF2VCDOxA5LjNIIX4R2Qx35gnFQM0/aEwSzQ+H8eQi++E
rpTwXKe1VnL+ZMrISRUGiVkdupv+G9y9gOGscB/h49zs4FIPwbCwXQCv1LF6ytcl
uYjXm0mtaRpvJYE2QLOgZyxECg93MkZyM2GiHxsvxoAbGykUgyA05Q40NwyZVO14
OjdqbgxQG62Ncm/z+3X4TM2EZqjBo6t05w4CXKWDLejq6pwujmONNjyuDbTUfu2w
cz84s8pim3EpQoXtGB/y/mlgT4gDrMpgcrkmfdX3sPaG2zFba3URV/pKfQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFD8zUGBo3ff9wieYYxc1cLxQB5UcMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvUHpOUVlHamQ5XzNDSjVoakZ6Vnd2RkFIbFJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAH9IvAwQB
TVyOAwQATVyYAwQATodOAwQATodWMA8EAgACMAkDBwAqEJRAAAEwDQYJKoZIhvcN
AQELBQADggEBABuWOxivb55RMeaBZ1I1O0byseagJi+6je33EZhWKJ8oUEZH+kT+
eEGOBhyflLmwaVpuhKtkZMrmpS1DPe00m7swfM2Fizu32+BpaemijgKGv4DdpU25
HR0Xx4uan1qxsj+VnvHYySWfgkW4JrYzGV0/Z4x8ZP8uqF9uypdbcT85bKpXHPC0
Ajr9PAd8kV72DbSgmkmrvArFF6bbznkxWhHzjN4VnbPuINJ0p2ht9KzX2yJahVil
FzeRE/+dkplHi90KcjYQ4jNTogJAYZNN/zcsEgSjQRxTUiwjHm7j+/Kk8Y3J3oIL
UwGSmWlhB6iQau9g0TlNrphVJG1gvntfBN0=
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:51:24 2025 by rpki-client