Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/MXpxuiAie0wZ3_owyPTvMd8sNIU.roa
File: MXpxuiAie0wZ3_owyPTvMd8sNIU.roa (raw, json)
Hash identifier: F2TqkllztBg38YSyPlYTRVuRf/Ok4ECt/H9X5DnFVSw=
Subject key identifier: 31:7A:71:BA:20:22:7B:4C:19:DF:FA:30:C8:F4:EF:31:DF:2C:34:85
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 01975AF7CAC170FF27B5470F72A3FEF7C3B4
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/MXpxuiAie0wZ3_owyPTvMd8sNIU.roa
Signing time: Tue 10 Jun 2025 17:51:18 +0000
ROA not before: Tue 10 Jun 2025 17:51:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208972
IP address blocks: 31.169.77.0/24 maxlen: 24
31.169.87.0/24 maxlen: 24
31.169.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Jun 2025 09:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5a:f7:ca:c1:70:ff:27:b5:47:0f:72:a3:fe:f7:c3:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Jun 10 17:51:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=317a71ba20227b4c19dffa30c8f4ef31df2c3485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:51:1a:af:57:99:01:4d:82:fe:32:6d:3e:18:
cf:a9:46:77:43:d4:bc:d6:9a:73:cd:e7:02:1c:6e:
4c:74:8e:65:7e:ae:c2:b0:8c:90:68:b3:b5:bc:b2:
a1:fd:a7:54:27:8a:ff:49:3a:8d:50:b7:fb:71:c1:
16:aa:9d:c1:7d:b6:45:a9:46:f7:68:fc:19:9f:53:
f2:a1:76:32:57:cb:90:f6:57:f3:d6:8b:e9:e7:6f:
aa:ab:11:85:5c:74:e2:cd:01:51:cb:3f:a7:13:5b:
b0:91:4b:e8:5f:ec:5a:12:92:33:1e:77:70:c2:7f:
53:f9:b2:8e:23:f6:67:bc:a6:8a:07:d8:7e:4a:52:
b2:dd:e5:88:d1:42:f1:b3:f6:48:f7:95:85:ed:24:
7b:50:a8:be:13:62:5d:4f:39:4f:e1:3d:43:8e:dd:
49:f6:13:71:6f:6b:0b:f8:4f:52:b0:84:8f:c1:0c:
c9:db:da:52:b6:35:45:79:f3:6f:25:5c:da:15:f9:
49:35:2c:68:2e:91:f6:01:51:40:e6:46:db:8d:fb:
30:de:f4:3a:dc:4c:7d:d7:b9:ec:ce:10:64:d3:d7:
ce:12:fc:e3:af:72:8e:d3:f4:e5:ac:7b:e2:6e:60:
83:ab:68:c8:12:0c:2f:22:56:4c:ab:2a:fc:c1:54:
92:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:7A:71:BA:20:22:7B:4C:19:DF:FA:30:C8:F4:EF:31:DF:2C:34:85
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/MXpxuiAie0wZ3_owyPTvMd8sNIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.77.0/24
31.169.87.0/24
31.169.90.0/24
Signature Algorithm: sha256WithRSAEncryption
42:0b:fb:0a:39:52:64:ae:36:63:48:1a:98:93:57:36:2c:18:
28:09:6a:77:28:e9:17:91:44:7b:a1:34:83:af:3f:e5:c1:04:
b0:a4:24:20:f3:88:44:58:c1:c8:8b:a1:42:40:0e:31:5a:b7:
2a:a5:62:c4:96:45:9a:16:2d:a0:c8:6f:be:43:da:c9:71:df:
72:ac:b0:2f:2d:e4:cb:88:88:0e:a6:e4:5c:07:2e:50:79:88:
33:a0:08:0e:ac:47:e4:6e:85:5b:68:13:cf:fc:d9:d6:08:6e:
27:27:84:f8:5d:a5:bb:9b:56:69:11:8d:ba:d0:b6:fb:e7:b7:
3c:09:37:1e:05:4e:5c:2d:2a:17:e5:69:ed:a8:55:a3:71:d0:
29:5d:7f:17:de:bf:31:0f:fd:09:be:88:bd:07:54:50:50:e6:
2a:cc:02:53:9e:d9:7e:13:70:1e:02:95:64:0e:9b:26:25:7d:
4e:dc:82:95:65:dd:67:7e:32:ca:41:fa:07:0f:64:81:d0:fe:
b3:ea:ca:cd:64:46:fb:10:90:07:fd:1d:83:0b:99:f7:99:91:
ea:a3:e1:46:a5:ef:24:86:7e:46:3d:b9:4d:b4:68:fa:d7:f9:
06:03:5e:ce:83:b9:3d:27:3d:c6:12:26:77:b4:bb:0d:da:86:
d1:ed:ff:e0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZda98rBcP8ntUcPcqP+98O0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjUwNjEwMTc1MTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTdhNzFiYTIwMjI3YjRjMTlkZmZhMzBjOGY0ZWYzMWRmMmMzNDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1Ear1eZAU2C/jJtPhjPqUZ3Q9S8
1ppzzecCHG5MdI5lfq7CsIyQaLO1vLKh/adUJ4r/STqNULf7ccEWqp3BfbZFqUb3
aPwZn1PyoXYyV8uQ9lfz1ovp52+qqxGFXHTizQFRyz+nE1uwkUvoX+xaEpIzHndw
wn9T+bKOI/ZnvKaKB9h+SlKy3eWI0ULxs/ZI95WF7SR7UKi+E2JdTzlP4T1Djt1J
9hNxb2sL+E9SsISPwQzJ29pStjVFefNvJVzaFflJNSxoLpH2AVFA5kbbjfsw3vQ6
3Ex917nszhBk09fOEvzjr3KO0/TlrHvibmCDq2jIEgwvIlZMqyr8wVSSbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDF6cbogIntMGd/6MMj07zHfLDSFMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvTVhweHVpQWllMHdaM19vd3lQVHZNZDhzTklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH6lNAwQA
H6lXAwQAH6laMA0GCSqGSIb3DQEBCwUAA4IBAQBCC/sKOVJkrjZjSBqYk1c2LBgo
CWp3KOkXkUR7oTSDrz/lwQSwpCQg84hEWMHIi6FCQA4xWrcqpWLElkWaFi2gyG++
Q9rJcd9yrLAvLeTLiIgOpuRcBy5QeYgzoAgOrEfkboVbaBPP/NnWCG4nJ4T4XaW7
m1ZpEY260Lb757c8CTceBU5cLSoX5WntqFWjcdApXX8X3r8xD/0Jvoi9B1RQUOYq
zAJTntl+E3AeApVkDpsmJX1O3IKVZd1nfjLKQfoHD2SB0P6z6srNZEb7EJAH/R2D
C5n3mZHqo+FGpe8khn5GPblNtGj61/kGA17Og7k9Jz3GEiZ3tLsN2obR7f/g
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:42:02 2025 by rpki-client