Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/FOLylj0GtgfeG4WHy32oBnAydA4.roa
File: FOLylj0GtgfeG4WHy32oBnAydA4.roa (raw, json)
Hash identifier: +K6UG+V2tsajReKptxYSwqd6n2iQNNo31Djz3cMPoes=
Subject key identifier: 14:E2:F2:96:3D:06:B6:07:DE:1B:85:87:CB:7D:A8:06:70:32:74:0E
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018D1B7CF9C3652925ECECCD348D1A6F79A7
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/FOLylj0GtgfeG4WHy32oBnAydA4.roa
Signing time: Thu 18 Jan 2024 07:33:11 +0000
ROA not before: Thu 18 Jan 2024 07:33:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44208
IP address blocks: 31.170.48.0/20 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
94.74.168.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
94.74.190.0/24 maxlen: 24
109.203.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jan 2024 07:38:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1b:7c:f9:c3:65:29:25:ec:ec:cd:34:8d:1a:6f:79:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 18 07:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14e2f2963d06b607de1b8587cb7da8067032740e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4a:f6:b2:65:d4:19:de:41:b6:49:63:cf:22:
87:3b:53:f4:02:0d:00:fc:7e:f6:42:62:24:41:77:
59:55:83:9a:38:c4:70:ad:48:32:b1:df:96:74:e2:
2a:6e:ba:5b:5f:12:58:58:a1:2b:1b:ae:88:b0:2a:
d6:ff:44:2c:2a:9f:e1:b4:d9:a3:f1:56:4c:66:01:
44:b4:3d:33:b0:3c:bc:f4:02:31:15:c3:f7:19:7f:
93:e7:f1:c1:b1:98:75:32:cf:17:bb:39:57:10:4e:
9d:9c:c6:f0:ce:80:f3:e8:42:e5:0d:88:b9:85:71:
83:e5:b9:71:e5:2a:10:94:c6:a6:e1:11:ce:95:54:
7d:ac:37:54:85:65:3a:eb:56:04:50:f0:15:dd:d2:
67:fc:8e:ac:b1:76:1f:02:2f:60:22:15:77:5f:01:
3c:2f:0f:e5:f6:a1:50:16:4f:aa:99:3e:1d:e3:d7:
36:0b:6f:b8:49:62:41:42:69:3c:1e:d1:b5:fc:88:
de:e0:b3:a9:6f:b3:55:d6:e5:59:e5:6a:90:8a:8c:
90:20:aa:11:78:5d:6f:53:8d:1b:c2:65:56:35:aa:
89:c0:06:31:24:6a:e2:5a:19:47:a9:d7:ab:60:3f:
38:85:96:39:87:01:69:c3:71:12:b1:5f:b5:db:1e:
c3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:E2:F2:96:3D:06:B6:07:DE:1B:85:87:CB:7D:A8:06:70:32:74:0E
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/FOLylj0GtgfeG4WHy32oBnAydA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
109.203.161.0/24
Signature Algorithm: sha256WithRSAEncryption
16:48:c0:7d:73:69:fe:69:1b:95:98:fc:92:62:c0:ea:5c:ae:
2a:4f:f9:1d:00:ab:c4:1d:e0:5a:7f:a1:e0:cd:5a:72:cd:a8:
25:1d:80:12:25:9d:1d:66:27:3c:fe:c2:f5:2f:55:d6:02:7f:
79:24:39:b2:75:77:ff:03:f5:f7:f7:14:2c:42:bb:e4:e8:7a:
37:86:9c:84:6d:69:4b:fb:00:55:a5:f3:35:26:94:6a:bb:2b:
49:da:38:e7:e2:c9:ff:a2:df:a9:6c:cb:dd:30:76:ef:96:59:
d1:6a:9b:ef:05:49:c9:a0:8d:36:4d:21:9d:aa:f0:e1:fa:ea:
4a:01:37:65:77:60:cb:f5:da:82:f6:06:b2:92:fd:4d:d2:92:
d9:3d:55:34:bd:0e:d0:7b:58:fd:97:3a:01:13:d1:22:16:f3:
a6:68:0b:bd:e2:49:b6:0a:34:19:55:49:64:40:47:98:a2:f7:
3e:28:09:17:16:2d:44:b9:51:f6:82:b0:90:00:9d:4a:e5:28:
04:69:0a:99:6d:d0:6d:ca:95:11:b3:33:9b:1b:ae:40:c0:8d:
40:af:cf:f0:0f:b6:af:f0:57:3b:89:d0:45:4c:c3:bc:49:d1:
84:2f:f3:7b:4f:fb:86:c5:0b:33:a6:b4:2b:a7:83:43:f8:8f:
bb:24:8c:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0bfPnDZSkl7OzNNI0ab3mnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwMTE4MDczMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGUyZjI5NjNkMDZiNjA3ZGUxYjg1ODdjYjdkYTgwNjcwMzI3NDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0r2smXUGd5BtkljzyKHO1P0Ag0A
/H72QmIkQXdZVYOaOMRwrUgysd+WdOIqbrpbXxJYWKErG66IsCrW/0QsKp/htNmj
8VZMZgFEtD0zsDy89AIxFcP3GX+T5/HBsZh1Ms8XuzlXEE6dnMbwzoDz6ELlDYi5
hXGD5blx5SoQlMam4RHOlVR9rDdUhWU661YEUPAV3dJn/I6ssXYfAi9gIhV3XwE8
Lw/l9qFQFk+qmT4d49c2C2+4SWJBQmk8HtG1/Ije4LOpb7NV1uVZ5WqQioyQIKoR
eF1vU40bwmVWNaqJwAYxJGriWhlHqderYD84hZY5hwFpw3ESsV+12x7DNwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBTi8pY9BrYH3huFh8t9qAZwMnQOMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvRk9MeWxqMEd0Z2ZlRzRXSHkzMm9CbkF5ZEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEH6owAwQG
XkqAAwQAbcuhMA0GCSqGSIb3DQEBCwUAA4IBAQAWSMB9c2n+aRuVmPySYsDqXK4q
T/kdAKvEHeBaf6HgzVpyzaglHYASJZ0dZic8/sL1L1XWAn95JDmydXf/A/X39xQs
Qrvk6Ho3hpyEbWlL+wBVpfM1JpRquytJ2jjn4sn/ot+pbMvdMHbvllnRapvvBUnJ
oI02TSGdqvDh+upKATdld2DL9dqC9gaykv1N0pLZPVU0vQ7Qe1j9lzoBE9EiFvOm
aAu94km2CjQZVUlkQEeYovc+KAkXFi1EuVH2grCQAJ1K5SgEaQqZbdBtypURszOb
G65AwI1Ar8/wD7av8Fc7idBFTMO8SdGEL/N7T/uGxQszprQrp4ND+I+7JIzW
-----END CERTIFICATE-----
Generated at Sun May 11 22:31:46 2025 by rpki-client