Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/AMqTGeUYLlCoNArkyipWjOKAaio.roa
File: AMqTGeUYLlCoNArkyipWjOKAaio.roa (raw, json)
Hash identifier: d4MSHjcNHGMpkxfTlnlF7OqGRTpKK2PLcw0XfdYLpk4=
Subject key identifier: 00:CA:93:19:E5:18:2E:50:A8:34:0A:E4:CA:2A:56:8C:E2:80:6A:2A
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 0196623481F43FC4F213023626A3E513AC25
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/AMqTGeUYLlCoNArkyipWjOKAaio.roa
Signing time: Wed 23 Apr 2025 10:32:10 +0000
ROA not before: Wed 23 Apr 2025 10:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51202
IP address blocks: 31.25.11.0/24 maxlen: 24
89.36.35.0/24 maxlen: 24
185.144.70.0/24 maxlen: 24
212.232.18.0/24 maxlen: 24
2a0c:2502::/32 maxlen: 32
2a14:6781::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 23 Apr 2025 11:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:62:34:81:f4:3f:c4:f2:13:02:36:26:a3:e5:13:ac:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Apr 23 10:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00ca9319e5182e50a8340ae4ca2a568ce2806a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:45:af:54:23:12:25:c3:3a:c9:0c:c5:93:ff:
14:b8:04:75:b7:55:b4:d1:8b:36:ad:b5:a7:21:32:
10:19:0f:79:81:82:f7:dd:df:44:bc:0e:08:50:86:
a5:26:b0:cf:01:cf:21:21:46:c4:0f:06:82:87:21:
19:6a:ea:8a:5a:28:ed:d0:04:73:9f:ad:6d:e3:e8:
28:35:38:68:6b:47:bc:3f:b4:27:9e:97:c7:9e:37:
6e:88:e0:2e:30:b5:ee:52:a0:1e:85:06:b0:51:3c:
00:60:17:9e:56:b5:3e:d8:85:46:ed:8d:3f:1c:ae:
1b:e4:6f:3c:91:b2:1b:20:42:76:86:ce:a3:6c:84:
69:4f:b4:d6:cb:dc:ed:f8:03:b1:66:9e:d8:6f:8f:
79:2b:1c:ea:87:ee:ba:a5:37:21:18:2e:55:3d:08:
3b:7a:db:50:13:0a:44:24:37:f1:8e:42:14:87:fe:
33:76:8d:66:15:0d:44:4b:69:0d:bd:f0:75:bf:ca:
d4:15:1d:89:a7:7b:cb:8c:91:4e:bb:7c:5f:5f:f2:
50:bd:ef:0d:e0:a8:93:78:65:26:1b:2b:4f:c8:21:
4e:da:72:d9:5d:f4:bd:77:1a:35:0b:e1:5f:1a:f7:
cb:99:81:12:a0:b0:6a:b2:42:ba:cb:4a:25:7b:d0:
29:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:CA:93:19:E5:18:2E:50:A8:34:0A:E4:CA:2A:56:8C:E2:80:6A:2A
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/AMqTGeUYLlCoNArkyipWjOKAaio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.11.0/24
89.36.35.0/24
185.144.70.0/24
212.232.18.0/24
IPv6:
2a0c:2502::/32
2a14:6781::/32
Signature Algorithm: sha256WithRSAEncryption
66:9b:7e:18:bf:05:c4:bd:15:7d:e2:3c:3a:cc:4f:79:6d:41:
0e:82:14:4c:11:fd:6d:cf:82:a2:e5:dc:0f:6c:eb:4b:a3:8b:
fe:3a:91:90:ae:aa:57:8f:2c:90:ef:71:08:48:3b:2d:e8:ba:
de:a9:5c:7b:b1:17:13:b6:cb:aa:db:fd:73:60:21:a4:14:d2:
38:13:69:75:04:d8:61:43:86:56:4b:90:b9:1a:55:c0:54:eb:
99:d1:5b:da:3f:0f:b7:f4:5e:00:71:6e:de:b0:f8:65:1e:a9:
6e:b3:b9:8e:1a:6d:8f:c6:cd:b8:65:8b:84:70:b5:d3:94:94:
63:a3:a0:24:b4:5f:9b:cf:f7:bc:07:ae:bd:90:dd:63:51:00:
42:88:cb:73:e7:dd:bf:37:32:75:3d:e5:eb:77:fa:3c:da:94:
b3:9b:63:22:82:f4:af:db:0e:b3:56:00:93:30:a5:f6:5f:95:
04:1a:42:1b:95:85:45:71:c3:af:93:f6:01:f1:16:82:ed:eb:
17:70:5d:bb:63:c8:06:b6:32:0c:83:b1:ec:b9:8a:9e:be:89:
52:fc:0f:b7:8f:1e:e2:e2:78:b9:2d:82:2a:db:91:c6:2a:16:
20:86:e3:92:c9:c0:af:5c:38:ac:00:c3:62:53:5b:4a:26:10:
39:b2:67:1a
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZZiNIH0P8TyEwI2JqPlE6wlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjUwNDIzMTAzMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGNhOTMxOWU1MTgyZTUwYTgzNDBhZTRjYTJhNTY4Y2UyODA2YTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UWvVCMSJcM6yQzFk/8UuAR1t1W0
0Ys2rbWnITIQGQ95gYL33d9EvA4IUIalJrDPAc8hIUbEDwaChyEZauqKWijt0ARz
n61t4+goNThoa0e8P7QnnpfHnjduiOAuMLXuUqAehQawUTwAYBeeVrU+2IVG7Y0/
HK4b5G88kbIbIEJ2hs6jbIRpT7TWy9zt+AOxZp7Yb495Kxzqh+66pTchGC5VPQg7
ettQEwpEJDfxjkIUh/4zdo1mFQ1ES2kNvfB1v8rUFR2Jp3vLjJFOu3xfX/JQve8N
4KiTeGUmGytPyCFO2nLZXfS9dxo1C+FfGvfLmYESoLBqskK6y0ole9Ap2QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFADKkxnlGC5QqDQK5MoqVozigGoqMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvQU1xVEdlVVlMbENvTkFya3lpcFdqT0tBYWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQAHxkLAwQA
WSQjAwQAuZBGAwQA1OgSMBQEAgACMA4DBQAqDCUCAwUAKhRngTANBgkqhkiG9w0B
AQsFAAOCAQEAZpt+GL8FxL0VfeI8OsxPeW1BDoIUTBH9bc+CouXcD2zrS6OL/jqR
kK6qV48skO9xCEg7Lei63qlce7EXE7bLqtv9c2AhpBTSOBNpdQTYYUOGVkuQuRpV
wFTrmdFb2j8Pt/ReAHFu3rD4ZR6pbrO5jhptj8bNuGWLhHC105SUY6OgJLRfm8/3
vAeuvZDdY1EAQojLc+fdvzcydT3l63f6PNqUs5tjIoL0r9sOs1YAkzCl9l+VBBpC
G5WFRXHDr5P2AfEWgu3rF3Bdu2PIBrYyDIOx7LmKnr6JUvwPt48e4uJ4uS2CKtuR
xioWIIbjksnAr1w4rADDYlNbSiYQObJnGg==
-----END CERTIFICATE-----
Generated at Tue May 13 02:55:09 2025 by rpki-client