Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/OiNcxgv6Jc9OqAAtSZxaDdFyNpQ.roa
File: OiNcxgv6Jc9OqAAtSZxaDdFyNpQ.roa (raw, json)
Hash identifier: Q4uNAztK95pTphOave9X1gXUJ05bDOnIadbXDbAVpMY=
Subject key identifier: 3A:23:5C:C6:0B:FA:25:CF:4E:A8:00:2D:49:9C:5A:0D:D1:72:36:94
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 01976362F28E048C678A65C56A81932A34E8
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/OiNcxgv6Jc9OqAAtSZxaDdFyNpQ.roa
Signing time: Thu 12 Jun 2025 09:05:18 +0000
ROA not before: Thu 12 Jun 2025 09:05:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208972
IP address blocks: 31.169.64.0/24 maxlen: 24
31.169.65.0/24 maxlen: 24
31.169.66.0/24 maxlen: 24
31.169.67.0/24 maxlen: 24
31.169.69.0/24 maxlen: 24
31.169.70.0/24 maxlen: 24
31.169.71.0/24 maxlen: 24
31.169.72.0/24 maxlen: 24
31.169.77.0/24 maxlen: 24
31.169.78.0/24 maxlen: 24
31.169.81.0/24 maxlen: 24
31.169.82.0/24 maxlen: 24
31.169.85.0/24 maxlen: 24
31.169.87.0/24 maxlen: 24
31.169.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jun 2025 09:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:63:62:f2:8e:04:8c:67:8a:65:c5:6a:81:93:2a:34:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Jun 12 09:05:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a235cc60bfa25cf4ea8002d499c5a0dd1723694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:9d:40:3e:74:6e:6e:97:a7:4a:b5:47:8d:01:
e5:ac:37:6b:b3:0d:65:3f:86:95:14:56:97:76:b5:
28:3d:13:98:3d:25:38:15:cb:f2:67:2d:0b:1d:49:
d4:d8:b7:f8:b0:c1:52:82:bb:98:58:93:05:65:d7:
9d:a1:c4:e5:5a:57:f3:e6:8f:28:b1:b8:57:81:ed:
94:70:50:e0:6c:b1:be:a1:92:87:95:c7:ab:a1:2e:
f2:27:d9:ae:3a:ad:c2:a6:69:3b:bf:9d:e3:aa:3b:
f0:a2:53:48:7f:39:3c:14:53:d5:68:73:25:8a:9b:
03:63:6a:b0:16:08:61:3d:93:ec:b9:62:e6:09:f9:
ae:f2:f4:c2:81:1f:bb:3f:02:4c:66:71:49:da:f7:
9f:fd:80:73:23:f9:d7:13:74:52:8f:fe:e4:9c:cb:
1e:5c:07:de:01:9c:78:a9:e8:0f:8b:c1:c9:d4:af:
a6:ec:34:93:08:61:e6:d9:db:23:20:91:3b:ee:ec:
6d:59:ce:7a:cc:d9:1d:37:a8:7f:ed:76:3f:b6:4a:
be:57:1e:43:09:e7:14:10:fe:c0:b5:68:32:9f:38:
84:8c:8a:7b:22:b2:c0:fd:37:db:43:3d:0a:a8:63:
04:b1:b6:45:f4:bc:02:7e:7c:8c:f7:e9:b9:11:c2:
3a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:23:5C:C6:0B:FA:25:CF:4E:A8:00:2D:49:9C:5A:0D:D1:72:36:94
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/OiNcxgv6Jc9OqAAtSZxaDdFyNpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.64.0/22
31.169.69.0-31.169.72.255
31.169.77.0-31.169.78.255
31.169.81.0-31.169.82.255
31.169.85.0/24
31.169.87.0/24
31.169.90.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:be:c8:0d:19:cc:b6:31:f1:48:3c:75:1d:11:d3:20:40:d0:
d4:33:84:10:fd:2d:ff:f0:56:32:2c:0a:96:84:14:ed:c8:ed:
1a:ee:82:20:16:48:08:ab:da:ca:4e:ce:28:53:93:df:d5:18:
2e:ee:55:98:84:03:bc:44:29:e7:01:ff:ba:dd:f1:2a:a6:bc:
af:e0:54:48:2a:2a:7a:1f:08:a7:4b:46:5b:a5:2f:b6:b6:a4:
37:ee:b7:a9:79:e8:ee:20:d8:c2:e4:5e:24:3d:ff:8a:2b:1e:
b1:ba:7e:fc:d8:b1:2b:9c:b4:dd:53:41:41:a5:53:18:37:39:
7c:e7:82:11:12:38:6c:e3:80:9e:78:51:ca:3d:81:f6:9a:24:
75:ff:6a:c1:6f:18:d6:79:e2:81:c8:04:5c:1a:13:9c:ad:c1:
31:f3:f7:75:0a:ac:5c:1f:8c:0f:bd:12:44:9b:3d:e7:b2:fc:
17:5d:21:2d:22:80:c9:21:c1:60:29:6a:d0:b6:29:52:d9:22:
64:d2:1a:62:e8:18:f4:83:37:61:88:ea:68:3b:c9:f6:42:81:
16:7d:c0:dd:29:3a:27:c2:a9:51:d5:8c:5e:0c:ba:83:d9:e6:
3e:1a:74:aa:81:86:d0:03:25:47:10:bf:36:6f:63:a0:4c:cb:
85:c3:d7:ad
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZdjYvKOBIxnimXFaoGTKjToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjUwNjEyMDkwNTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTIzNWNjNjBiZmEyNWNmNGVhODAwMmQ0OTljNWEwZGQxNzIzNjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2J1APnRubpenSrVHjQHlrDdrsw1l
P4aVFFaXdrUoPROYPSU4FcvyZy0LHUnU2Lf4sMFSgruYWJMFZdedocTlWlfz5o8o
sbhXge2UcFDgbLG+oZKHlceroS7yJ9muOq3Cpmk7v53jqjvwolNIfzk8FFPVaHMl
ipsDY2qwFghhPZPsuWLmCfmu8vTCgR+7PwJMZnFJ2vef/YBzI/nXE3RSj/7knMse
XAfeAZx4qegPi8HJ1K+m7DSTCGHm2dsjIJE77uxtWc56zNkdN6h/7XY/tkq+Vx5D
CecUEP7AtWgynziEjIp7IrLA/TfbQz0KqGMEsbZF9LwCfnyM9+m5EcI6RQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFDojXMYL+iXPTqgALUmcWg3RcjaUMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvT2lOY3hndjZKYzlPcUFBdFNaeGFEZEZ5TnBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCH6lAMAwD
BAAfqUUDBAAfqUgwDAMEAB+pTQMEAB+pTjAMAwQAH6lRAwQAH6lSAwQAH6lVAwQA
H6lXAwQAH6laMA0GCSqGSIb3DQEBCwUAA4IBAQCdvsgNGcy2MfFIPHUdEdMgQNDU
M4QQ/S3/8FYyLAqWhBTtyO0a7oIgFkgIq9rKTs4oU5Pf1Rgu7lWYhAO8RCnnAf+6
3fEqpryv4FRIKip6HwinS0ZbpS+2tqQ37repeejuINjC5F4kPf+KKx6xun782LEr
nLTdU0FBpVMYNzl854IREjhs44CeeFHKPYH2miR1/2rBbxjWeeKByARcGhOcrcEx
8/d1CqxcH4wPvRJEmz3nsvwXXSEtIoDJIcFgKWrQtilS2SJk0hpi6Bj0gzdhiOpo
O8n2QoEWfcDdKTonwqlR1YxeDLqD2eY+GnSqgYbQAyVHEL82b2OgTMuFw9et
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:31:45 2025 by rpki-client