Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/KXtHxpf2RhWU-PzCu4JEi0WHGvk.roa
File: KXtHxpf2RhWU-PzCu4JEi0WHGvk.roa (raw, json)
Hash identifier: Y0jg9L9qIiBVZMeXx0TwaLnJSIofwPuKzCsmHjCVX6Y=
Subject key identifier: 29:7B:47:C6:97:F6:46:15:94:F8:FC:C2:BB:82:44:8B:45:87:1A:F9
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 01975E38A5B3564640386AD42FD7E6F18C8B
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/KXtHxpf2RhWU-PzCu4JEi0WHGvk.roa
Signing time: Wed 11 Jun 2025 09:01:00 +0000
ROA not before: Wed 11 Jun 2025 09:01:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208972
IP address blocks: 31.169.65.0/24 maxlen: 24
31.169.66.0/24 maxlen: 24
31.169.77.0/24 maxlen: 24
31.169.87.0/24 maxlen: 24
31.169.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jun 2025 08:52:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5e:38:a5:b3:56:46:40:38:6a:d4:2f:d7:e6:f1:8c:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Jun 11 09:01:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=297b47c697f6461594f8fcc2bb82448b45871af9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:74:99:38:81:70:2e:c7:81:01:c8:11:83:bb:
70:d5:2d:99:04:26:d5:f2:66:54:b5:55:dc:81:fc:
18:50:0b:dd:6f:73:15:b6:de:03:00:9e:22:82:e8:
c5:b7:bf:c8:e9:4e:46:00:68:07:58:e2:14:87:16:
a9:e9:d0:6a:07:d6:a4:6a:35:98:35:79:4b:51:9e:
70:06:1a:31:b9:8d:30:13:80:65:0f:29:fa:7a:26:
c3:92:55:9a:1f:d1:52:fa:20:12:49:a3:56:e7:f7:
84:3e:98:ab:09:67:5d:1e:ac:32:43:c9:89:8d:e5:
ef:e0:32:50:91:de:e2:e4:09:7a:d2:f6:03:fd:b8:
81:ec:58:36:f6:f1:ef:57:9b:ab:96:4e:e2:d1:61:
fb:1b:ef:c3:3e:15:f9:06:2e:bb:47:ee:7b:0d:4d:
80:2e:82:e7:ce:36:75:5d:fc:4b:7d:86:34:ee:b0:
d8:fb:59:27:14:a1:f5:4b:38:6d:b2:84:89:3d:e0:
a5:fb:aa:c2:65:e3:e5:c6:c3:db:57:93:21:df:7e:
7d:94:21:52:df:63:89:c5:4a:94:41:c5:da:8b:1e:
a6:07:0f:7b:ba:dd:34:71:90:36:ac:46:fb:e7:69:
e3:6f:c3:44:76:f9:33:92:a4:47:61:a1:34:2f:37:
a1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:7B:47:C6:97:F6:46:15:94:F8:FC:C2:BB:82:44:8B:45:87:1A:F9
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/KXtHxpf2RhWU-PzCu4JEi0WHGvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.65.0-31.169.66.255
31.169.77.0/24
31.169.87.0/24
31.169.90.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:10:6d:81:c8:33:55:75:42:fe:5b:6f:83:85:4e:e8:93:b6:
da:a8:9a:36:ab:5d:60:65:a2:a0:89:89:d0:d7:a6:a6:dc:39:
62:cd:ba:ee:1c:89:a2:3a:e2:cd:e4:ed:8a:a3:9b:86:9b:bb:
37:e7:c7:cd:6a:a3:93:b7:49:33:cc:d8:a9:f0:27:d3:1a:20:
92:f4:0f:da:8d:5c:4d:2c:ff:15:76:ce:74:43:43:ee:93:37:
8f:e3:b3:28:14:01:34:4c:a4:42:6b:4a:33:53:2d:81:b0:e9:
12:ca:84:5d:46:d5:ee:47:e8:de:13:0e:11:c6:de:ae:66:5f:
37:8f:7f:c2:61:b2:4d:e1:57:7d:b4:3c:47:b8:b8:d8:d8:27:
93:54:c6:35:c9:1a:a5:37:e8:28:ef:cc:8a:ce:49:bf:28:ee:
85:88:75:f3:78:71:af:41:48:1b:57:21:89:b0:34:c7:79:1c:
58:c8:56:1d:11:ad:90:4a:68:48:a2:2a:34:f9:33:5f:34:47:
7f:b0:db:ee:19:ce:91:60:3f:f2:9d:22:5d:11:65:6d:2d:54:
37:e5:20:8d:0c:dd:34:45:f0:06:df:e8:55:44:15:c7:a4:d6:
d8:a0:a8:17:fe:c1:63:7e:ca:ac:57:6a:f5:a0:72:41:31:a7:
ec:31:96:e5
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZdeOKWzVkZAOGrUL9fm8YyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjUwNjExMDkwMTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTdiNDdjNjk3ZjY0NjE1OTRmOGZjYzJiYjgyNDQ4YjQ1ODcxYWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA63SZOIFwLseBAcgRg7tw1S2ZBCbV
8mZUtVXcgfwYUAvdb3MVtt4DAJ4igujFt7/I6U5GAGgHWOIUhxap6dBqB9akajWY
NXlLUZ5wBhoxuY0wE4BlDyn6eibDklWaH9FS+iASSaNW5/eEPpirCWddHqwyQ8mJ
jeXv4DJQkd7i5Al60vYD/biB7Fg29vHvV5urlk7i0WH7G+/DPhX5Bi67R+57DU2A
LoLnzjZ1XfxLfYY07rDY+1knFKH1SzhtsoSJPeCl+6rCZePlxsPbV5Mh3359lCFS
32OJxUqUQcXaix6mBw97ut00cZA2rEb752njb8NEdvkzkqRHYaE0LzehnQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCl7R8aX9kYVlPj8wruCRItFhxr5MB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvS1h0SHhwZjJSaFdVLVB6Q3U0SkVpMFdIR3ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAAfqUED
BAAfqUIDBAAfqU0DBAAfqVcDBAAfqVowDQYJKoZIhvcNAQELBQADggEBAKIQbYHI
M1V1Qv5bb4OFTuiTttqomjarXWBloqCJidDXpqbcOWLNuu4ciaI64s3k7Yqjm4ab
uzfnx81qo5O3STPM2KnwJ9MaIJL0D9qNXE0s/xV2znRDQ+6TN4/jsygUATRMpEJr
SjNTLYGw6RLKhF1G1e5H6N4TDhHG3q5mXzePf8Jhsk3hV320PEe4uNjYJ5NUxjXJ
GqU36CjvzIrOSb8o7oWIdfN4ca9BSBtXIYmwNMd5HFjIVh0RrZBKaEiiKjT5M180
R3+w2+4ZzpFgP/KdIl0RZW0tVDflII0M3TRF8Abf6FVEFcek1tigqBf+wWN+yqxX
avWgckExp+wxluU=
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:49:40 2025 by rpki-client