Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/3hBF3iBeWm2Spi2q_asHxz0CVDI.roa
File: 3hBF3iBeWm2Spi2q_asHxz0CVDI.roa (raw, json)
Hash identifier: IXKLbZ+h2qsGgu3bjE667eYacDeNgmurFtANgRkYREA=
Subject key identifier: DE:10:45:DE:20:5E:5A:6D:92:A6:2D:AA:FD:AB:07:C7:3D:02:54:32
Certificate issuer: /CN=4eca105ce4af6c21cd429e992d06ea7d06d8a56d
Certificate serial: 0193B37E0C0C1FDA64AF43D628B876D2FB47
Authority key identifier: 4E:CA:10:5C:E4:AF:6C:21:CD:42:9E:99:2D:06:EA:7D:06:D8:A5:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/3hBF3iBeWm2Spi2q_asHxz0CVDI.roa
Signing time: Wed 11 Dec 2024 02:13:22 +0000
ROA not before: Wed 11 Dec 2024 02:13:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44789
IP address blocks: 31.24.184.0/21 maxlen: 21
45.10.94.0/23 maxlen: 23
92.63.240.0/20 maxlen: 20
185.143.200.0/22 maxlen: 22
2a00:9860::/37 maxlen: 37
Validation: Failed, certificate revoked on Mon 16 Dec 2024 08:37:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b3:7e:0c:0c:1f:da:64:af:43:d6:28:b8:76:d2:fb:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4eca105ce4af6c21cd429e992d06ea7d06d8a56d
Validity
Not Before: Dec 11 02:13:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de1045de205e5a6d92a62daafdab07c73d025432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:af:e3:de:28:b2:9e:a6:84:2c:d8:f8:bc:4a:
8c:7a:99:01:49:e9:70:29:b1:4f:f1:68:3e:63:41:
55:f1:3d:09:f1:df:3d:42:f4:b5:c6:80:f2:13:a3:
59:cf:be:d4:ce:55:77:36:8b:c0:7b:5c:a9:0f:ba:
aa:1a:45:e9:ea:06:b6:0e:b7:e5:ca:9d:1d:1a:c2:
d0:2f:17:58:cc:01:48:28:05:5b:98:75:0b:c5:c9:
f0:b4:ad:4e:f1:76:17:75:69:8d:62:61:e8:ed:39:
78:bc:d3:bd:57:20:cd:d5:3f:bc:49:4d:64:a9:f0:
bd:69:b3:c2:0d:09:0a:34:a7:7d:51:43:fc:a7:b4:
ec:b8:47:a3:5d:b8:8e:e8:68:7a:33:04:90:64:a7:
aa:6e:4d:cf:b8:84:04:50:e9:30:d8:76:79:c7:ff:
ff:8b:4a:fd:37:1f:bd:ef:ae:13:10:54:e4:fd:c2:
33:2a:df:20:42:57:aa:f2:ed:16:a5:49:15:c9:61:
4a:9e:92:95:96:e3:df:cf:ac:74:40:1f:57:a1:8b:
d2:4e:71:5e:19:5c:39:b0:bd:c8:b5:12:62:7c:32:
1f:c6:ae:1f:6e:cb:4e:f1:eb:bd:3b:6e:cf:51:f2:
09:0f:ba:46:4e:1f:39:7b:b1:28:78:6b:eb:41:08:
c7:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:10:45:DE:20:5E:5A:6D:92:A6:2D:AA:FD:AB:07:C7:3D:02:54:32
X509v3 Authority Key Identifier:
keyid:4E:CA:10:5C:E4:AF:6C:21:CD:42:9E:99:2D:06:EA:7D:06:D8:A5:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/3hBF3iBeWm2Spi2q_asHxz0CVDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.184.0/21
45.10.94.0/23
92.63.240.0/20
185.143.200.0/22
IPv6:
2a00:9860::/37
Signature Algorithm: sha256WithRSAEncryption
af:81:6c:b7:b9:c2:78:42:9a:8a:14:8b:08:8b:f4:c7:c4:59:
c7:30:87:40:56:a1:49:cc:07:e7:9e:95:f6:4a:3a:ad:44:e1:
00:ea:f6:a5:7c:9f:e4:46:e8:f3:0c:07:79:f4:14:65:8a:21:
ef:ba:e0:ea:5e:b5:a1:2d:48:50:4c:8d:c2:58:bf:59:bf:6f:
3a:38:37:0b:df:da:3f:83:7b:cd:4e:d0:ca:cf:6b:26:cf:55:
25:62:88:df:4c:bf:bb:86:f3:b8:d5:f9:d1:40:5e:9c:13:4b:
a2:b1:50:26:84:07:a5:be:cb:2c:85:c4:d2:cf:e5:e7:e9:79:
06:88:82:8f:9a:04:e1:e4:fa:b6:c6:bb:19:62:40:d6:c4:d8:
f6:1c:4d:59:70:b7:db:0b:43:44:3b:15:72:40:a9:1b:13:62:
4c:75:0a:6d:05:50:57:fc:54:4d:04:de:b9:85:49:9a:7f:43:
89:3a:a9:8c:df:ad:0b:4b:04:60:37:7d:4b:09:f0:6a:e9:20:
61:45:85:0d:33:8c:fe:18:52:cc:e3:e7:f2:47:ab:36:ec:e2:
9d:7e:87:fc:9b:81:ea:26:43:07:3b:b7:a3:27:72:c5:8d:b5:
39:83:76:a5:13:7e:ed:26:24:55:55:ed:b8:73:45:78:2c:39:
59:e1:7f:c2
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZOzfgwMH9pkr0PWKLh20vtHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2ExMDVjZTRhZjZjMjFjZDQyOWU5OTJkMDZlYTdkMDZk
OGE1NmQwHhcNMjQxMjExMDIxMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTEwNDVkZTIwNWU1YTZkOTJhNjJkYWFmZGFiMDdjNzNkMDI1NDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6/j3iiynqaELNj4vEqMepkBSelw
KbFP8Wg+Y0FV8T0J8d89QvS1xoDyE6NZz77UzlV3NovAe1ypD7qqGkXp6ga2Drfl
yp0dGsLQLxdYzAFIKAVbmHULxcnwtK1O8XYXdWmNYmHo7Tl4vNO9VyDN1T+8SU1k
qfC9abPCDQkKNKd9UUP8p7TsuEejXbiO6Gh6MwSQZKeqbk3PuIQEUOkw2HZ5x///
i0r9Nx+9764TEFTk/cIzKt8gQleq8u0WpUkVyWFKnpKVluPfz6x0QB9XoYvSTnFe
GVw5sL3ItRJifDIfxq4fbstO8eu9O27PUfIJD7pGTh85e7EoeGvrQQjH2wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFN4QRd4gXlptkqYtqv2rB8c9AlQyMB8GA1UdIwQY
MBaAFE7KEFzkr2whzUKemS0G6n0G2KVtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHNvUVhPU3ZiQ0hOUXA2WkxRYnFmUWJZcFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9jM2E4NWQtOWQwYi00NTYyLTkyMzgt
NDZlZTBjZDdmY2JhLzEvM2hCRjNpQmVXbTJTcGkycV9hc0h4ejBDVkRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9jM2E4NWQtOWQwYi00NTYyLTkyMzgtNDZlZTBjZDdmY2Jh
LzEvVHNvUVhPU3ZiQ0hOUXA2WkxRYnFmUWJZcFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQDHxi4AwQB
LQpeAwQEXD/wAwQCuY/IMA4EAgACMAgDBgMqAJhgADANBgkqhkiG9w0BAQsFAAOC
AQEAr4Fst7nCeEKaihSLCIv0x8RZxzCHQFahScwH556V9ko6rUThAOr2pXyf5Ebo
8wwHefQUZYoh77rg6l61oS1IUEyNwli/Wb9vOjg3C9/aP4N7zU7Qys9rJs9VJWKI
30y/u4bzuNX50UBenBNLorFQJoQHpb7LLIXE0s/l5+l5BoiCj5oE4eT6tsa7GWJA
1sTY9hxNWXC32wtDRDsVckCpGxNiTHUKbQVQV/xUTQTeuYVJmn9DiTqpjN+tC0sE
YDd9SwnwaukgYUWFDTOM/hhSzOPn8kerNuzinX6H/JuB6iZDBzu3oydyxY21OYN2
pRN+7SYkVVXtuHNFeCw5WeF/wg==
-----END CERTIFICATE-----
Generated at Mon May 12 17:19:12 2025 by rpki-client