Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/4vra-mhnlYst09uaF14MnQEH0yA.roa
File: 4vra-mhnlYst09uaF14MnQEH0yA.roa (raw, json)
Hash identifier: XeWScCGlM+bkzpWWAGg/CnDTta0ivgMXTw+b6Yzihf0=
Subject key identifier: E2:FA:DA:FA:68:67:95:8B:2D:D3:DB:9A:17:5E:0C:9D:01:07:D3:20
Certificate issuer: /CN=a76dd9dad75877f7d28d14e08dc55b1330bd13b7
Certificate serial: 0196B1B3C41FFBB1EFA9031FAF91DB0E5EB1
Authority key identifier: A7:6D:D9:DA:D7:58:77:F7:D2:8D:14:E0:8D:C5:5B:13:30:BD:13:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p23Z2tdYd_fSjRTgjcVbEzC9E7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/4vra-mhnlYst09uaF14MnQEH0yA.roa
Signing time: Thu 08 May 2025 21:01:10 +0000
ROA not before: Thu 08 May 2025 21:01:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202678
IP address blocks: 46.31.76.0/24 maxlen: 24
46.31.78.0/24 maxlen: 24
185.17.114.0/24 maxlen: 24
185.17.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 May 2025 21:26:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b1:b3:c4:1f:fb:b1:ef:a9:03:1f:af:91:db:0e:5e:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a76dd9dad75877f7d28d14e08dc55b1330bd13b7
Validity
Not Before: May 8 21:01:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2fadafa6867958b2dd3db9a175e0c9d0107d320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6b:b5:76:95:75:44:80:e6:75:f4:90:2e:bd:
ae:c5:47:05:39:c8:5b:80:70:24:4b:be:a4:f1:01:
ca:19:55:7b:8c:82:df:cb:c1:f0:e2:1c:a9:3a:06:
e1:6c:2f:fc:af:32:e0:59:2e:db:e0:84:fb:89:53:
ff:88:c4:8f:ff:b5:5b:dc:df:1d:cc:88:55:72:3e:
df:1d:e2:a1:99:63:4c:5a:29:97:ea:57:1c:ff:50:
bf:e6:da:14:48:b5:8d:6c:64:86:3d:a9:25:79:56:
9f:c4:a8:7d:55:0b:53:c0:b8:a6:61:32:a8:c7:fe:
50:86:76:49:b6:22:e4:37:fe:55:e1:cc:c0:cd:09:
8b:89:7e:c1:3b:69:57:ac:40:fc:1a:33:a8:16:a4:
bd:e0:1e:15:65:be:8b:2b:ca:d1:fb:de:a8:4b:65:
de:1a:14:6a:3e:bc:77:d0:4a:f9:ee:15:4a:7b:1c:
ab:b6:4a:b9:82:89:39:8b:d4:35:ed:47:1c:c5:94:
44:c9:8f:0f:d5:b9:11:c4:11:91:58:41:ab:48:fd:
55:e4:59:f0:ee:d6:e3:ad:da:77:49:81:b0:5d:f1:
68:e1:3c:9b:b0:9d:ca:40:22:98:5e:da:29:3d:fd:
1a:04:1a:49:42:9c:5b:21:89:cb:88:8b:a3:45:83:
22:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:FA:DA:FA:68:67:95:8B:2D:D3:DB:9A:17:5E:0C:9D:01:07:D3:20
X509v3 Authority Key Identifier:
keyid:A7:6D:D9:DA:D7:58:77:F7:D2:8D:14:E0:8D:C5:5B:13:30:BD:13:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p23Z2tdYd_fSjRTgjcVbEzC9E7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/4vra-mhnlYst09uaF14MnQEH0yA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/p23Z2tdYd_fSjRTgjcVbEzC9E7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.76.0/24
46.31.78.0/24
185.17.114.0/23
Signature Algorithm: sha256WithRSAEncryption
95:1b:53:3c:d4:ea:9b:f3:0f:78:bd:db:90:34:8a:49:3f:53:
19:3c:bd:14:c2:af:20:3e:53:f5:2c:8f:5a:f1:1e:f5:9b:af:
1f:92:dc:01:f5:20:f5:48:eb:be:e9:bf:74:c7:0d:4a:44:ca:
98:4b:28:b5:ba:87:7f:5c:22:cf:68:87:1a:65:5b:55:4c:7c:
47:c9:d9:4e:43:24:6f:77:4a:cc:d7:9b:13:d9:79:52:93:6e:
9e:1b:4a:58:ea:d2:16:42:cb:79:03:c3:38:fa:96:24:be:b8:
8a:1f:5a:d2:46:da:5c:71:19:e2:0b:d9:4a:18:65:45:9a:88:
b2:04:21:8b:d8:a3:f5:2f:45:e6:26:9a:82:29:05:da:de:62:
43:18:d1:04:bd:c9:51:cd:1b:02:c8:ec:87:f5:40:b4:b2:a6:
e6:1f:37:ed:80:92:fa:d6:ec:cd:81:ac:47:69:4b:74:bc:a8:
da:cb:7e:42:42:87:80:11:ac:80:e7:ed:51:d1:84:d6:1c:2b:
d7:77:d3:43:96:4b:84:ac:8a:b6:5a:c2:71:f5:fb:bd:dd:b0:
3b:36:6e:6f:e6:16:78:b9:4d:02:0b:e2:35:bb:b9:0b:bd:05:
61:24:f7:10:48:1c:cd:7a:fa:01:cb:3f:d5:d5:81:21:f5:9a:
7b:94:22:3c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZaxs8Qf+7HvqQMfr5HbDl6xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NmRkOWRhZDc1ODc3ZjdkMjhkMTRlMDhkYzU1YjEzMzBi
ZDEzYjcwHhcNMjUwNTA4MjEwMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmZhZGFmYTY4Njc5NThiMmRkM2RiOWExNzVlMGM5ZDAxMDdkMzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2u1dpV1RIDmdfSQLr2uxUcFOchb
gHAkS76k8QHKGVV7jILfy8Hw4hypOgbhbC/8rzLgWS7b4IT7iVP/iMSP/7Vb3N8d
zIhVcj7fHeKhmWNMWimX6lcc/1C/5toUSLWNbGSGPakleVafxKh9VQtTwLimYTKo
x/5QhnZJtiLkN/5V4czAzQmLiX7BO2lXrED8GjOoFqS94B4VZb6LK8rR+96oS2Xe
GhRqPrx30Er57hVKexyrtkq5gok5i9Q17UccxZREyY8P1bkRxBGRWEGrSP1V5Fnw
7tbjrdp3SYGwXfFo4TybsJ3KQCKYXtopPf0aBBpJQpxbIYnLiIujRYMiwQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOL62vpoZ5WLLdPbmhdeDJ0BB9MgMB8GA1UdIwQY
MBaAFKdt2drXWHf30o0U4I3FWxMwvRO3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDIzWjJ0ZFlkX2ZTalJUZ2pjVmJFekM5RTdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9kMDA4ODktZTVjYS00MDkwLWE2YTQt
MmFjNmZmNzViZWIwLzEvNHZyYS1taG5sWXN0MDl1YUYxNE1uUUVIMHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9kMDA4ODktZTVjYS00MDkwLWE2YTQtMmFjNmZmNzViZWIw
LzEvcDIzWjJ0ZFlkX2ZTalJUZ2pjVmJFekM5RTdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALh9MAwQA
Lh9OAwQBuRFyMA0GCSqGSIb3DQEBCwUAA4IBAQCVG1M81Oqb8w94vduQNIpJP1MZ
PL0Uwq8gPlP1LI9a8R71m68fktwB9SD1SOu+6b90xw1KRMqYSyi1uod/XCLPaIca
ZVtVTHxHydlOQyRvd0rM15sT2XlSk26eG0pY6tIWQst5A8M4+pYkvriKH1rSRtpc
cRniC9lKGGVFmoiyBCGL2KP1L0XmJpqCKQXa3mJDGNEEvclRzRsCyOyH9UC0sqbm
HzftgJL61uzNgaxHaUt0vKjay35CQoeAEayA5+1R0YTWHCvXd9NDlkuErIq2WsJx
9fu93bA7Nm5v5hZ4uU0CC+I1u7kLvQVhJPcQSBzNevoByz/V1YEh9Zp7lCI8
-----END CERTIFICATE-----
Generated at Sat Jun 14 13:36:25 2025 by rpki-client