Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/1-6qhzbExFLY0gT3_o7ZnxEviJ2I.roa
File: 1-6qhzbExFLY0gT3_o7ZnxEviJ2I.roa (raw, json)
Hash identifier: lingZzwAHEcHlA2jX6MPxrOFTelbHEDF8wHvADkHmSk=
Subject key identifier: FB:AA:A1:CD:B1:31:14:B6:34:81:3D:FF:A3:B6:67:C4:4B:E2:27:62
Certificate issuer: /CN=4e15df688c3aeae3f685ed44b396c2198395861d
Certificate serial: 019425222E76BBF6652FF31AC82F44AF6951
Authority key identifier: 4E:15:DF:68:8C:3A:EA:E3:F6:85:ED:44:B3:96:C2:19:83:95:86:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThXfaIw66uP2he1Es5bCGYOVhh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/1-6qhzbExFLY0gT3_o7ZnxEviJ2I.roa
Signing time: Thu 02 Jan 2025 03:49:44 +0000
ROA not before: Thu 02 Jan 2025 03:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21021
IP address blocks: 31.6.128.0/18 maxlen: 18
31.6.192.0/19 maxlen: 19
31.42.16.0/20 maxlen: 20
37.131.128.0/19 maxlen: 19
37.190.128.0/17 maxlen: 17
46.186.0.0/17 maxlen: 17
46.231.56.0/21 maxlen: 21
62.61.32.0/19 maxlen: 19
62.141.192.0/18 maxlen: 18
80.244.128.0/19 maxlen: 19
80.245.176.0/20 maxlen: 20
81.190.0.0/16 maxlen: 16
82.115.64.0/19 maxlen: 19
83.68.64.0/19 maxlen: 19
84.38.80.0/20 maxlen: 20
85.117.0.0/19 maxlen: 19
87.116.192.0/18 maxlen: 18
89.17.224.0/19 maxlen: 19
89.228.0.0/16 maxlen: 16
89.229.0.0/16 maxlen: 16
89.230.0.0/16 maxlen: 16
89.231.0.0/16 maxlen: 16
92.42.112.0/21 maxlen: 21
93.94.184.0/21 maxlen: 21
94.78.128.0/18 maxlen: 18
94.251.128.0/17 maxlen: 17
95.129.224.0/21 maxlen: 21
95.174.32.0/19 maxlen: 19
176.107.112.0/21 maxlen: 21
176.221.96.0/19 maxlen: 19
185.31.184.0/22 maxlen: 22
193.43.240.0/22 maxlen: 22
193.43.242.0/24 maxlen: 24
193.43.243.0/24 maxlen: 24
193.106.76.0/22 maxlen: 22
193.200.118.0/23 maxlen: 23
194.116.132.0/23 maxlen: 23
194.149.240.0/24 maxlen: 24
195.93.134.0/23 maxlen: 23
195.93.222.0/23 maxlen: 23
213.136.224.0/19 maxlen: 19
217.70.48.0/20 maxlen: 20
217.75.48.0/20 maxlen: 20
217.144.192.0/19 maxlen: 19
217.172.224.0/19 maxlen: 19
2a00:1c00::/32 maxlen: 32
2a02:2a40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 13 Jan 2025 12:28:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:2e:76:bb:f6:65:2f:f3:1a:c8:2f:44:af:69:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e15df688c3aeae3f685ed44b396c2198395861d
Validity
Not Before: Jan 2 03:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fbaaa1cdb13114b634813dffa3b667c44be22762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:11:33:5e:e9:3c:c8:3f:72:20:87:97:04:c2:
f8:7e:00:fb:13:3d:fe:d8:80:99:6e:fe:d3:15:7b:
b1:04:54:0a:4f:1a:45:41:fb:7a:1c:33:5f:f7:86:
d1:46:86:30:8a:9b:c0:f8:7f:43:6d:fa:6a:fc:7a:
5f:76:d7:3e:52:d3:ba:8a:69:00:50:fc:6a:dd:68:
15:c2:84:1c:79:fb:50:66:3e:c2:31:e1:9b:ca:04:
21:bf:d8:29:ae:3a:7d:e8:21:93:3e:89:ff:ed:4c:
23:3c:d1:73:ab:e8:5c:16:e8:24:52:93:e1:57:6c:
52:ac:09:c8:58:2a:af:1e:c7:b8:87:f4:8d:eb:b8:
37:79:46:0f:80:d6:f0:cc:0c:6f:dc:47:67:a8:eb:
39:a0:d8:93:db:7e:58:70:20:9b:ef:1a:49:82:a3:
27:75:18:d0:53:3d:9d:7f:ce:a6:ad:46:45:e3:30:
9c:eb:c5:32:f7:a9:14:82:c4:5f:40:b2:f4:84:5e:
f4:57:62:36:e8:c2:c5:f8:78:c7:74:f4:fd:ba:6b:
f1:ca:8b:02:c3:1a:85:68:98:0a:fb:05:7b:98:e1:
ef:c7:fa:e8:b4:9c:72:ee:5a:a6:52:d7:95:9c:2e:
79:a5:78:eb:1e:7f:3b:bc:e8:9d:ad:cc:1f:e8:ac:
68:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:AA:A1:CD:B1:31:14:B6:34:81:3D:FF:A3:B6:67:C4:4B:E2:27:62
X509v3 Authority Key Identifier:
keyid:4E:15:DF:68:8C:3A:EA:E3:F6:85:ED:44:B3:96:C2:19:83:95:86:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThXfaIw66uP2he1Es5bCGYOVhh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/1-6qhzbExFLY0gT3_o7ZnxEviJ2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/ThXfaIw66uP2he1Es5bCGYOVhh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.128.0-31.6.223.255
31.42.16.0/20
37.131.128.0/19
37.190.128.0/17
46.186.0.0/17
46.231.56.0/21
62.61.32.0/19
62.141.192.0/18
80.244.128.0/19
80.245.176.0/20
81.190.0.0/16
82.115.64.0/19
83.68.64.0/19
84.38.80.0/20
85.117.0.0/19
87.116.192.0/18
89.17.224.0/19
89.228.0.0/14
92.42.112.0/21
93.94.184.0/21
94.78.128.0/18
94.251.128.0/17
95.129.224.0/21
95.174.32.0/19
176.107.112.0/21
176.221.96.0/19
185.31.184.0/22
193.43.240.0/22
193.106.76.0/22
193.200.118.0/23
194.116.132.0/23
194.149.240.0/24
195.93.134.0/23
195.93.222.0/23
213.136.224.0/19
217.70.48.0/20
217.75.48.0/20
217.144.192.0/19
217.172.224.0/19
IPv6:
2a00:1c00::/32
2a02:2a40::/32
Signature Algorithm: sha256WithRSAEncryption
0e:5c:58:b3:9d:2c:63:88:73:33:a7:f3:10:1e:80:f6:55:cb:
e8:80:f4:f3:e5:cc:8a:95:8b:37:d3:6e:cb:f4:ea:e0:42:6d:
30:cf:2c:a4:4e:9c:73:40:02:52:fa:e8:40:2f:9c:df:e6:48:
b7:72:12:1e:79:f3:4b:97:66:a1:46:9a:78:fe:49:85:c2:ac:
13:52:00:7c:bd:ab:d3:1f:cb:ba:62:1e:ca:04:ad:f7:1f:58:
1e:7c:d4:3d:fe:58:9c:b7:bb:e9:c8:af:0a:93:88:18:b2:eb:
3f:e9:0c:da:66:f6:cb:af:e8:07:d2:a4:69:ba:5a:b0:a6:fc:
87:e5:d1:4b:89:95:c8:a6:86:28:76:ef:41:e5:9a:48:03:66:
b6:0d:17:27:5c:ec:07:42:f8:25:d9:76:5f:54:90:62:80:ed:
56:56:a3:ec:9a:ce:e8:1f:ca:35:eb:03:18:a5:a2:67:52:1a:
56:92:72:20:97:ea:fc:4d:6a:da:1b:a6:a0:66:50:e2:57:f3:
e0:6b:49:0b:33:6e:83:4a:57:d5:e2:d1:48:66:75:3f:19:2e:
a1:c0:8a:f8:cb:31:f7:d8:e3:1e:0c:e5:d4:98:59:0f:9c:ec:
25:ca:fa:63:2e:ff:f3:01:60:ab:74:c4:51:67:1b:c1:0c:cc:
67:f0:62:0d
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgISAZQlIi52u/ZlL/MayC9Er2lRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTVkZjY4OGMzYWVhZTNmNjg1ZWQ0NGIzOTZjMjE5ODM5
NTg2MWQwHhcNMjUwMTAyMDM0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmFhYTFjZGIxMzExNGI2MzQ4MTNkZmZhM2I2NjdjNDRiZTIyNzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshEzXuk8yD9yIIeXBML4fgD7Ez3+
2ICZbv7TFXuxBFQKTxpFQft6HDNf94bRRoYwipvA+H9Dbfpq/Hpfdtc+UtO6imkA
UPxq3WgVwoQceftQZj7CMeGbygQhv9gprjp96CGTPon/7UwjPNFzq+hcFugkUpPh
V2xSrAnIWCqvHse4h/SN67g3eUYPgNbwzAxv3EdnqOs5oNiT235YcCCb7xpJgqMn
dRjQUz2df86mrUZF4zCc68Uy96kUgsRfQLL0hF70V2I26MLF+HjHdPT9umvxyosC
wxqFaJgK+wV7mOHvx/rotJxy7lqmUteVnC55pXjrHn87vOidrcwf6KxoywIDAQAB
o4IDEjCCAw4wHQYDVR0OBBYEFPuqoc2xMRS2NIE9/6O2Z8RL4idiMB8GA1UdIwQY
MBaAFE4V32iMOurj9oXtRLOWwhmDlYYdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhYZmFJdzY2dVAyaGUxRXM1YkNHWU9WaGgwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYmY3YWItNWFhYi00MzM3LWEwMmEt
OGE2ZTU1NDE5NmJiLzEvMS02cWh6YkV4RkxZMGdUM19vN1pueEV2aUoySS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmIvMGJmN2FiLTVhYWItNDMzNy1hMDJhLThhNmU1NTQxOTZi
Yi8xL1RoWGZhSXc2NnVQMmhlMUVzNWJDR1lPVmhoMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCASUGCCsGAQUFBwEHAQH/BIIBFDCCARAwgfcEAgABMIHw
MAwDBAcfBoADBAUfBsADBAQfKhADBAUlg4ADBAclvoADBAcuugADBAMu5zgDBAU+
PSADBAY+jcADBAVQ9IADBARQ9bADAwBRvgMEBVJzQAMEBVNEQAMEBFQmUAMEBVV1
AAMEBld0wAMEBVkR4AMDAlnkAwQDXCpwAwQDXV64AwQGXk6AAwQHXvuAAwQDX4Hg
AwQFX64gAwQDsGtwAwQFsN1gAwQCuR+4AwQCwSvwAwQCwWpMAwQBwch2AwQBwnSE
AwQAwpXwAwQBw12GAwQBw13eAwQF1YjgAwQE2UYwAwQE2UswAwQF2ZDAAwQF2azg
MBQEAgACMA4DBQAqABwAAwUAKgIqQDANBgkqhkiG9w0BAQsFAAOCAQEADlxYs50s
Y4hzM6fzEB6A9lXL6ID08+XMipWLN9Nuy/Tq4EJtMM8spE6cc0ACUvroQC+c3+ZI
t3ISHnnzS5dmoUaaeP5JhcKsE1IAfL2r0x/LumIeygSt9x9YHnzUPf5YnLe76civ
CpOIGLLrP+kM2mb2y6/oB9KkabpasKb8h+XRS4mVyKaGKHbvQeWaSANmtg0XJ1zs
B0L4Jdl2X1SQYoDtVlaj7JrO6B/KNesDGKWiZ1IaVpJyIJfq/E1q2humoGZQ4lfz
4GtJCzNug0pX1eLRSGZ1PxkuocCK+Msx99jjHgzl1JhZD5zsJcr6Yy7/8wFgq3TE
UWcbwQzMZ/BiDQ==
-----END CERTIFICATE-----
Generated at Tue Apr 29 07:52:58 2025 by rpki-client