Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/0bf5e9-d910-4037-8d37-5d39d5018f78/1/_nS3h70wx4OubX8V8eaMWNyDv0A.roa
File: _nS3h70wx4OubX8V8eaMWNyDv0A.roa (raw, json)
Hash identifier: 8PBM5kKfdCBQsyry9QsjHjqrJPLERdU75LFhuwDKu/Y=
Subject key identifier: FE:74:B7:87:BD:30:C7:83:AE:6D:7F:15:F1:E6:8C:58:DC:83:BF:40
Certificate issuer: /CN=24051080400940ff47c807dd6742becbb4edf22d
Certificate serial: 0191273C3C10301B0E59213BE6259E31ED89
Authority key identifier: 24:05:10:80:40:09:40:FF:47:C8:07:DD:67:42:BE:CB:B4:ED:F2:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JAUQgEAJQP9HyAfdZ0K-y7Tt8i0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/0bf5e9-d910-4037-8d37-5d39d5018f78/1/_nS3h70wx4OubX8V8eaMWNyDv0A.roa
Signing time: Tue 06 Aug 2024 10:29:04 +0000
ROA not before: Tue 06 Aug 2024 10:29:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15447
IP address blocks: 31.169.56.0/23 maxlen: 24
31.169.56.0/24 maxlen: 24
31.169.57.0/24 maxlen: 24
31.169.58.0/23 maxlen: 24
31.169.58.0/24 maxlen: 24
31.169.59.0/24 maxlen: 24
31.169.60.0/23 maxlen: 24
31.169.60.0/24 maxlen: 24
31.169.61.0/24 maxlen: 24
31.169.62.0/23 maxlen: 24
31.169.62.0/24 maxlen: 24
31.169.63.0/24 maxlen: 24
85.119.48.0/23 maxlen: 24
85.119.48.0/24 maxlen: 24
85.119.49.0/24 maxlen: 24
85.119.50.0/23 maxlen: 24
85.119.50.0/24 maxlen: 24
85.119.51.0/24 maxlen: 24
85.119.52.0/24 maxlen: 24
85.119.53.0/24 maxlen: 24
85.119.54.0/23 maxlen: 23
85.119.54.0/24 maxlen: 24
85.119.55.0/24 maxlen: 24
188.94.184.0/23 maxlen: 24
188.94.184.0/24 maxlen: 24
188.94.185.0/24 maxlen: 24
188.94.186.0/23 maxlen: 24
188.94.186.0/24 maxlen: 24
188.94.187.0/24 maxlen: 24
2a10:9d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 19 Nov 2024 16:44:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:27:3c:3c:10:30:1b:0e:59:21:3b:e6:25:9e:31:ed:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24051080400940ff47c807dd6742becbb4edf22d
Validity
Not Before: Aug 6 10:29:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe74b787bd30c783ae6d7f15f1e68c58dc83bf40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:2e:89:16:90:a9:25:b1:da:77:a4:75:77:ce:
90:cb:ac:e7:71:05:f4:66:ae:1a:90:b8:fc:de:79:
c9:0d:14:58:a3:8d:58:b0:c0:72:c8:86:27:14:fa:
ce:bb:1f:cb:3e:6e:d3:48:35:d2:75:08:fd:66:c1:
68:bd:6a:08:9f:3b:d8:69:fa:6c:1e:30:94:6a:c8:
16:31:1c:ea:14:3c:db:f1:08:16:33:aa:98:32:84:
1d:6b:4f:45:81:2d:43:0e:38:32:7a:9b:bf:c5:06:
f7:a8:9b:0f:0c:6d:c1:70:3d:4c:67:93:76:c9:53:
79:cb:92:f1:eb:6a:e3:8e:58:ff:cf:94:9f:2f:76:
99:17:5e:21:60:66:a7:26:88:5f:f1:4b:43:c0:b8:
df:59:e0:81:81:b0:a1:54:1e:78:22:63:a2:18:3a:
a9:7c:21:fe:e5:70:c3:57:d3:1a:dd:4e:95:f5:3f:
3e:6d:11:12:70:a9:af:fc:8f:8c:c6:86:8d:0a:30:
c1:71:e6:6a:dd:59:eb:fe:69:bc:a5:1b:f2:13:37:
38:a0:ba:db:1b:94:37:e8:49:85:4a:54:c1:88:3f:
d3:2a:df:fa:e7:3c:af:6c:c4:d5:28:17:cf:65:6e:
10:c6:d0:9a:c0:0f:4d:0e:65:73:7a:d2:07:f3:c9:
bb:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:74:B7:87:BD:30:C7:83:AE:6D:7F:15:F1:E6:8C:58:DC:83:BF:40
X509v3 Authority Key Identifier:
keyid:24:05:10:80:40:09:40:FF:47:C8:07:DD:67:42:BE:CB:B4:ED:F2:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JAUQgEAJQP9HyAfdZ0K-y7Tt8i0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/0bf5e9-d910-4037-8d37-5d39d5018f78/1/_nS3h70wx4OubX8V8eaMWNyDv0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/0bf5e9-d910-4037-8d37-5d39d5018f78/1/JAUQgEAJQP9HyAfdZ0K-y7Tt8i0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.56.0/21
85.119.48.0/21
188.94.184.0/22
IPv6:
2a10:9d80::/29
Signature Algorithm: sha256WithRSAEncryption
12:1f:92:8e:6a:bb:0b:ab:cc:8c:82:cf:64:8b:25:0a:23:78:
b4:2c:3d:ed:b2:55:3a:c7:3c:b5:7d:d2:ba:a1:6a:99:8d:60:
81:13:34:3e:78:f9:42:50:f3:50:58:64:90:0d:6c:a5:04:17:
a6:e4:87:37:40:22:fe:dd:91:c2:76:fc:8d:b2:f2:76:c9:05:
3b:23:63:60:cb:e1:3a:df:31:68:bc:cd:4e:86:2f:2d:c6:02:
93:56:1d:e6:a4:1c:5a:87:9b:ee:2e:72:cd:ed:df:3e:fa:b2:
5f:1b:f7:f6:fe:f7:f7:b0:7e:bc:aa:97:5c:e5:4c:69:47:e5:
a4:c0:ab:8a:e2:af:e6:7c:48:3a:45:bd:fa:0f:a4:74:ee:3d:
00:f9:76:62:7e:85:9a:78:25:e8:78:87:76:78:eb:f2:e4:b7:
85:5a:65:0a:99:33:40:d1:86:1d:c0:9c:3f:7d:c4:7a:44:a9:
10:ff:7f:f0:90:14:f4:8d:b9:b3:eb:e8:31:7e:f5:c0:07:85:
7b:b2:dc:5f:d9:e4:ed:b9:2e:f6:5e:b1:f7:df:92:37:10:92:
a1:14:be:27:a3:05:55:c7:c8:c7:5f:06:48:0c:95:f7:47:0f:
df:fc:3f:6d:9a:0f:66:8c:a1:08:2d:0d:17:d6:c4:c6:df:84:
b1:3a:9b:d3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZEnPDwQMBsOWSE75iWeMe2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MDUxMDgwNDAwOTQwZmY0N2M4MDdkZDY3NDJiZWNiYjRl
ZGYyMmQwHhcNMjQwODA2MTAyOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTc0Yjc4N2JkMzBjNzgzYWU2ZDdmMTVmMWU2OGM1OGRjODNiZjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoS6JFpCpJbHad6R1d86Qy6zncQX0
Zq4akLj83nnJDRRYo41YsMByyIYnFPrOux/LPm7TSDXSdQj9ZsFovWoInzvYafps
HjCUasgWMRzqFDzb8QgWM6qYMoQda09FgS1DDjgyepu/xQb3qJsPDG3BcD1MZ5N2
yVN5y5Lx62rjjlj/z5SfL3aZF14hYGanJohf8UtDwLjfWeCBgbChVB54ImOiGDqp
fCH+5XDDV9Ma3U6V9T8+bREScKmv/I+MxoaNCjDBceZq3Vnr/mm8pRvyEzc4oLrb
G5Q36EmFSlTBiD/TKt/65zyvbMTVKBfPZW4QxtCawA9NDmVzetIH88m74QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFP50t4e9MMeDrm1/FfHmjFjcg79AMB8GA1UdIwQY
MBaAFCQFEIBACUD/R8gH3WdCvsu07fItMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkFVUWdFQUpRUDlIeUFmZFowSy15N1R0OGkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8wYmY1ZTktZDkxMC00MDM3LThkMzct
NWQzOWQ1MDE4Zjc4LzEvX25TM2g3MHd4NE91Ylg4VjhlYU1XTnlEdjBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8wYmY1ZTktZDkxMC00MDM3LThkMzctNWQzOWQ1MDE4Zjc4
LzEvSkFVUWdFQUpRUDlIeUFmZFowSy15N1R0OGkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDH6k4AwQD
VXcwAwQCvF64MA0EAgACMAcDBQMqEJ2AMA0GCSqGSIb3DQEBCwUAA4IBAQASH5KO
arsLq8yMgs9kiyUKI3i0LD3tslU6xzy1fdK6oWqZjWCBEzQ+ePlCUPNQWGSQDWyl
BBem5Ic3QCL+3ZHCdvyNsvJ2yQU7I2Ngy+E63zFovM1Ohi8txgKTVh3mpBxah5vu
LnLN7d8++rJfG/f2/vf3sH68qpdc5UxpR+WkwKuK4q/mfEg6Rb36D6R07j0A+XZi
foWaeCXoeId2eOvy5LeFWmUKmTNA0YYdwJw/fcR6RKkQ/3/wkBT0jbmz6+gxfvXA
B4V7stxf2eTtuS72XrH335I3EJKhFL4nowVVx8jHXwZIDJX3Rw/f/D9tmg9mjKEI
LQ0X1sTG34SxOpvT
-----END CERTIFICATE-----
Generated at Sun May 11 09:13:41 2025 by rpki-client