Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/xBraSK2Y5dGXgPY_mw1ooYavlzI.roa
File: xBraSK2Y5dGXgPY_mw1ooYavlzI.roa (raw, json)
Hash identifier: BKCEGOx6EcuZ+cholXQjJg52dhVrvyMxctGjpoo66HU=
Subject key identifier: C4:1A:DA:48:AD:98:E5:D1:97:80:F6:3F:9B:0D:68:A1:86:AF:97:32
Certificate issuer: /CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Certificate serial: 01963EAAE991692E7AB2277CE4469DF64105
Authority key identifier: 24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/xBraSK2Y5dGXgPY_mw1ooYavlzI.roa
Signing time: Wed 16 Apr 2025 12:55:10 +0000
ROA not before: Wed 16 Apr 2025 12:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6830
IP address blocks: 31.178.0.0/15 maxlen: 15
31.186.192.0/19 maxlen: 19
31.187.0.0/18 maxlen: 18
31.187.0.0/19 maxlen: 19
31.187.32.0/19 maxlen: 19
77.236.0.0/19 maxlen: 19
81.18.192.0/20 maxlen: 20
81.18.208.0/20 maxlen: 20
83.144.64.0/18 maxlen: 18
84.10.0.0/16 maxlen: 16
85.222.0.0/17 maxlen: 17
87.206.0.0/15 maxlen: 15
89.64.0.0/12 maxlen: 12
92.244.32.0/19 maxlen: 19
94.75.64.0/18 maxlen: 18
94.172.0.0/16 maxlen: 16
95.158.64.0/18 maxlen: 18
178.73.0.0/18 maxlen: 18
178.73.0.0/19 maxlen: 19
178.73.32.0/19 maxlen: 19
188.93.160.0/21 maxlen: 21
188.93.160.0/22 maxlen: 22
188.93.164.0/22 maxlen: 22
193.47.158.0/23 maxlen: 23
193.47.160.0/24 maxlen: 24
194.187.40.0/22 maxlen: 22
195.34.208.0/22 maxlen: 22
212.76.32.0/19 maxlen: 19
212.76.32.0/20 maxlen: 20
212.76.48.0/20 maxlen: 20
213.134.160.0/19 maxlen: 19
2001:4050::/32 maxlen: 32
2001:4050::/33 maxlen: 33
2001:4050:8000::/33 maxlen: 33
2a02:a300::/27 maxlen: 27
2a02:a300::/28 maxlen: 28
2a02:a310::/28 maxlen: 28
Validation: Failed, certificate revoked on Wed 16 Apr 2025 13:43:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:aa:e9:91:69:2e:7a:b2:27:7c:e4:46:9d:f6:41:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Validity
Not Before: Apr 16 12:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c41ada48ad98e5d19780f63f9b0d68a186af9732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:59:df:1a:4c:cb:3d:99:80:ba:b3:78:d4:33:
f3:cc:dc:a6:41:b2:0d:78:0c:78:80:8f:96:75:77:
79:9d:69:02:38:1f:d8:0f:4a:21:75:c5:65:fe:21:
26:75:b5:ad:af:01:62:d5:af:61:0a:cf:64:67:9e:
5a:9d:5a:12:fa:da:77:a1:98:ab:a9:a3:a4:96:34:
e8:b7:50:0d:89:66:d6:42:19:5e:41:e5:4c:a9:56:
b1:be:d4:05:49:47:0a:c5:52:42:89:88:3f:a4:69:
1b:f2:6c:a7:eb:07:a1:04:13:ea:46:11:6f:20:ac:
35:0a:6d:be:41:6b:79:c6:6f:1c:06:34:03:57:46:
e4:b9:1e:2d:fa:6e:72:50:8e:fd:60:3f:ba:3b:50:
54:ef:25:ab:25:00:db:0d:ae:8a:ee:ae:ab:67:f3:
7c:f8:fb:a3:b5:36:34:94:f7:4c:bb:4d:9b:fe:96:
37:ef:9f:73:40:32:ff:95:50:b0:cf:7c:31:e7:1b:
e7:ef:be:ce:26:29:a4:58:58:3e:dd:01:de:f6:b6:
29:29:fd:aa:67:8e:bd:c6:ec:e2:d1:4e:98:3f:d8:
af:ca:fe:f7:5a:8b:27:7b:08:7a:df:80:1f:df:54:
67:84:85:f1:d2:c3:6a:2d:2b:07:11:58:02:a0:c1:
4a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:1A:DA:48:AD:98:E5:D1:97:80:F6:3F:9B:0D:68:A1:86:AF:97:32
X509v3 Authority Key Identifier:
keyid:24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/xBraSK2Y5dGXgPY_mw1ooYavlzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/JBR8iz83hQ6fkHSZOEXE4Gn47-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.178.0.0/15
31.186.192.0/19
31.187.0.0/18
77.236.0.0/19
81.18.192.0/19
83.144.64.0/18
84.10.0.0/16
85.222.0.0/17
87.206.0.0/15
89.64.0.0/12
92.244.32.0/19
94.75.64.0/18
94.172.0.0/16
95.158.64.0/18
178.73.0.0/18
188.93.160.0/21
193.47.158.0-193.47.160.255
194.187.40.0/22
195.34.208.0/22
212.76.32.0/19
213.134.160.0/19
IPv6:
2001:4050::/32
2a02:a300::/27
Signature Algorithm: sha256WithRSAEncryption
37:9c:91:f0:4a:59:75:b0:c9:a1:4c:a9:10:68:bd:3f:e3:9d:
19:e6:a7:34:ec:85:91:eb:ba:64:15:17:19:a5:14:a2:0c:6b:
73:c6:d1:37:1d:f7:a2:e5:57:b7:a6:b1:8c:64:f0:8d:95:e1:
e6:db:cd:bf:9e:2b:0f:c3:0d:bb:23:32:7f:bb:26:aa:2f:0a:
0f:82:ff:cf:db:5c:28:33:7d:e5:c7:83:17:9b:31:17:55:1d:
61:a4:7f:f8:36:4d:3a:91:4b:64:ac:b5:a1:27:ae:cc:4d:e0:
58:f6:b9:a6:8b:c1:5f:79:a1:c4:71:75:cf:9c:0c:ba:ed:97:
b2:f9:8f:7c:ec:d7:87:2d:83:f5:a0:70:46:a0:72:88:57:d5:
1f:59:53:b0:58:af:a7:ec:15:79:b2:5a:29:c8:3f:37:c3:f8:
6e:dd:de:35:b4:1e:45:26:fc:57:1d:ff:a1:a2:01:f4:de:36:
c5:82:24:ed:78:d4:f2:b8:06:ec:e1:da:78:fe:92:ba:54:be:
11:da:e7:07:f5:40:2c:f4:7c:cf:c2:7b:93:0f:4e:37:9e:dd:
67:57:b4:36:38:ad:09:a5:80:70:fb:6e:ef:d2:50:69:2e:2e:
4b:d2:34:09:f9:03:aa:bd:11:06:4e:cc:b2:a0:6d:35:fa:59:
17:24:b5:c3
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZY+qumRaS56sid85Ead9kEFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTQ3YzhiM2YzNzg1MGU5ZjkwNzQ5OTM4NDVjNGUwNjlm
OGVmZTIwHhcNMjUwNDE2MTI1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDFhZGE0OGFkOThlNWQxOTc4MGY2M2Y5YjBkNjhhMTg2YWY5NzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFnfGkzLPZmAurN41DPzzNymQbIN
eAx4gI+WdXd5nWkCOB/YD0ohdcVl/iEmdbWtrwFi1a9hCs9kZ55anVoS+tp3oZir
qaOkljTot1ANiWbWQhleQeVMqVaxvtQFSUcKxVJCiYg/pGkb8myn6wehBBPqRhFv
IKw1Cm2+QWt5xm8cBjQDV0bkuR4t+m5yUI79YD+6O1BU7yWrJQDbDa6K7q6rZ/N8
+PujtTY0lPdMu02b/pY3759zQDL/lVCwz3wx5xvn777OJimkWFg+3QHe9rYpKf2q
Z469xuzi0U6YP9ivyv73Wosnewh634Af31RnhIXx0sNqLSsHEVgCoMFKlwIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFMQa2kitmOXRl4D2P5sNaKGGr5cyMB8GA1UdIwQY
MBaAFCQUfIs/N4UOn5B0mThFxOBp+O/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEt
YjM1MzViNGNhNTBmLzEveEJyYVNLMlk1ZEdYZ1BZX213MW9vWWF2bHpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEtYjM1MzViNGNhNTBm
LzEvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBiAQCAAEwgYEDAwEf
sgMEBR+6wAMEBh+7AAMEBU3sAAMEBVESwAMEBlOQQAMDAFQKAwQHVd4AAwMBV84D
AwRZQAMEBVz0IAMEBl5LQAMDAF6sAwQGX55AAwQGskkAAwQDvF2gMAwDBAHBL54D
BADBL6ADBALCuygDBALDItADBAXUTCADBAXVhqAwFAQCAAIwDgMFACABQFADBQUq
AqMAMA0GCSqGSIb3DQEBCwUAA4IBAQA3nJHwSll1sMmhTKkQaL0/450Z5qc07IWR
67pkFRcZpRSiDGtzxtE3Hfei5Ve3prGMZPCNleHm282/nisPww27IzJ/uyaqLwoP
gv/P21woM33lx4MXmzEXVR1hpH/4Nk06kUtkrLWhJ67MTeBY9rmmi8FfeaHEcXXP
nAy67Zey+Y987NeHLYP1oHBGoHKIV9UfWVOwWK+n7BV5slopyD83w/hu3d41tB5F
JvxXHf+hogH03jbFgiTteNTyuAbs4dp4/pK6VL4R2ucH9UAs9HzPwnuTD043nt1n
V7Q2OK0JpYBw+27v0lBpLi5L0jQJ+QOqvREGTsyyoG01+lkXJLXD
-----END CERTIFICATE-----
Generated at Mon Apr 28 17:46:51 2025 by rpki-client