Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/cn9-c_BIerPS2C0MXgPeKrqaHpY.roa
File: cn9-c_BIerPS2C0MXgPeKrqaHpY.roa (raw, json)
Hash identifier: XmBshARav6ar5M3XkCFeTw9++twUvj5ic2ayNZdmMM4=
Subject key identifier: 72:7F:7E:73:F0:48:7A:B3:D2:D8:2D:0C:5E:03:DE:2A:BA:9A:1E:96
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 019384FB6CB05853E45FADF1E7ADE521ABDA
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/cn9-c_BIerPS2C0MXgPeKrqaHpY.roa
Signing time: Mon 02 Dec 2024 01:28:10 +0000
ROA not before: Mon 02 Dec 2024 01:28:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42910
IP address blocks: 31.210.46.0/24 maxlen: 24
31.210.50.0/24 maxlen: 24
31.210.51.0/24 maxlen: 24
31.210.53.0/24 maxlen: 24
31.210.54.0/24 maxlen: 24
77.92.148.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
188.132.170.0/24 maxlen: 24
188.132.215.0/24 maxlen: 24
188.132.227.0/24 maxlen: 24
188.132.228.0/24 maxlen: 24
212.68.36.0/24 maxlen: 24
212.68.49.0/24 maxlen: 24
212.68.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Dec 2024 09:54:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:84:fb:6c:b0:58:53:e4:5f:ad:f1:e7:ad:e5:21:ab:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Dec 2 01:28:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=727f7e73f0487ab3d2d82d0c5e03de2aba9a1e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:cc:de:62:9d:0f:a3:17:22:72:94:9e:c2:f5:
a6:74:9e:81:dd:a5:80:6f:e5:8c:e5:47:74:b3:ce:
ff:85:4f:5b:6c:36:bf:37:92:60:b4:e9:26:69:59:
e4:3d:2e:82:59:9a:5a:60:29:d1:88:9e:44:71:08:
08:f4:da:e5:73:7d:45:9b:83:1f:8f:e2:73:08:fd:
50:f4:49:63:96:cc:de:6d:25:35:20:ca:8c:1a:ba:
dd:56:9c:26:b8:85:bb:a0:f8:b0:0f:65:55:38:65:
ed:39:db:3a:5c:13:ee:49:90:28:ed:a6:3b:90:40:
b4:bc:57:99:29:94:19:7a:21:74:d9:a9:04:10:ff:
e6:ff:f6:fb:7c:88:fa:5f:90:43:85:2d:a9:8c:b0:
05:a8:e4:e1:c3:6e:3e:ae:42:4f:36:ce:e0:51:f7:
40:e2:e3:15:a2:90:b1:ec:a2:4a:22:db:31:0a:5a:
cd:30:8c:73:ba:f3:70:92:67:f0:d3:d6:0c:b8:36:
72:40:25:f1:ec:fd:ee:fd:00:4b:7f:b2:67:2d:7a:
89:3d:b8:60:3b:67:5b:9f:ac:7c:c3:a6:79:47:5a:
6c:43:0f:b4:50:d2:2a:2e:2c:31:1a:05:12:8a:f6:
6a:75:a2:19:18:f3:48:b0:8d:a0:4b:af:b4:9e:62:
46:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:7F:7E:73:F0:48:7A:B3:D2:D8:2D:0C:5E:03:DE:2A:BA:9A:1E:96
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/cn9-c_BIerPS2C0MXgPeKrqaHpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.46.0/24
31.210.50.0/23
31.210.53.0-31.210.54.255
77.92.148.0/24
78.135.78.0/24
188.132.170.0/24
188.132.215.0/24
188.132.227.0-188.132.228.255
212.68.36.0/24
212.68.49.0/24
212.68.56.0/24
Signature Algorithm: sha256WithRSAEncryption
68:a3:5a:ef:a6:8c:26:40:61:2d:cb:1c:a4:6a:63:c1:dc:0c:
0f:4e:28:21:c1:4e:eb:d9:7a:3f:4d:ab:6e:e6:26:b9:f4:6a:
19:54:79:8b:cd:6e:f2:87:27:a5:6d:60:9e:92:47:48:5f:a2:
86:28:6a:b3:a0:b5:aa:0b:79:87:54:2d:f9:10:b6:3c:ae:de:
74:2b:70:37:c3:23:d0:c2:38:4e:d2:e1:40:7c:a4:50:92:50:
1c:1f:37:6a:b7:64:71:d3:86:e0:f3:36:93:a4:c3:e9:fd:29:
08:af:f7:ca:07:e4:a3:50:b4:29:02:13:2c:e4:f4:9b:95:a4:
d4:58:45:5b:52:78:c9:6f:5a:c9:84:00:53:9b:3b:bc:39:6b:
72:b7:a2:1c:23:b5:3c:b6:43:02:06:08:68:fb:14:d2:7b:51:
c5:fa:90:16:5a:c2:d1:46:76:16:1c:a5:ec:a2:f7:37:fd:b0:
a9:db:80:b8:3c:29:bc:16:ad:c4:95:ac:6f:9a:c4:1d:4e:86:
67:03:b4:51:47:5a:2d:fa:a3:b1:d9:ab:77:2f:29:68:56:da:
c7:43:21:ba:9b:59:b6:54:e0:60:fd:40:93:b6:c3:ae:eb:a0:
f3:16:57:ec:09:45:57:4b:30:9d:d5:bc:a3:66:6f:5d:ec:e8:
89:e6:84:9b
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZOE+2ywWFPkX63x563lIavaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQxMjAyMDEyODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjdmN2U3M2YwNDg3YWIzZDJkODJkMGM1ZTAzZGUyYWJhOWExZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1czeYp0PoxcicpSewvWmdJ6B3aWA
b+WM5Ud0s87/hU9bbDa/N5JgtOkmaVnkPS6CWZpaYCnRiJ5EcQgI9Nrlc31Fm4Mf
j+JzCP1Q9EljlszebSU1IMqMGrrdVpwmuIW7oPiwD2VVOGXtOds6XBPuSZAo7aY7
kEC0vFeZKZQZeiF02akEEP/m//b7fIj6X5BDhS2pjLAFqOThw24+rkJPNs7gUfdA
4uMVopCx7KJKItsxClrNMIxzuvNwkmfw09YMuDZyQCXx7P3u/QBLf7JnLXqJPbhg
O2dbn6x8w6Z5R1psQw+0UNIqLiwxGgUSivZqdaIZGPNIsI2gS6+0nmJGPQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFHJ/fnPwSHqz0tgtDF4D3iq6mh6WMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvY245LWNfQkllclBTMkMwTVhnUGVLcnFhSHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAH9IuAwQB
H9IyMAwDBAAf0jUDBAAf0jYDBABNXJQDBABOh04DBAC8hKoDBAC8hNcwDAMEALyE
4wMEALyE5AMEANREJAMEANREMQMEANREODANBgkqhkiG9w0BAQsFAAOCAQEAaKNa
76aMJkBhLcscpGpjwdwMD04oIcFO69l6P02rbuYmufRqGVR5i81u8ocnpW1gnpJH
SF+ihihqs6C1qgt5h1Qt+RC2PK7edCtwN8Mj0MI4TtLhQHykUJJQHB83ardkcdOG
4PM2k6TD6f0pCK/3ygfko1C0KQITLOT0m5Wk1FhFW1J4yW9ayYQAU5s7vDlrcrei
HCO1PLZDAgYIaPsU0ntRxfqQFlrC0UZ2Fhyl7KL3N/2wqduAuDwpvBatxJWsb5rE
HU6GZwO0UUdaLfqjsdmrdy8paFbax0MhuptZtlTgYP1Ak7bDruug8xZX7AlFV0sw
ndW8o2ZvXezoieaEmw==
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:58:30 2025 by rpki-client