Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/nE4xhS31YhSxYelKQYm6FoYbeB4.roa
File: nE4xhS31YhSxYelKQYm6FoYbeB4.roa (raw, json)
Hash identifier: EADrGBqon6T6JWV01VxC/7ZzSrRNF4gsnH9xmysPivI=
Subject key identifier: 9C:4E:31:85:2D:F5:62:14:B1:61:E9:4A:41:89:BA:16:86:1B:78:1E
Certificate issuer: /CN=09e5518e68467b4290c3509268b6d6d664962c86
Certificate serial: 01968B0657004806CFECCD8B2CE35E47F022
Authority key identifier: 09:E5:51:8E:68:46:7B:42:90:C3:50:92:68:B6:D6:D6:64:96:2C:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CeVRjmhGe0KQw1CSaLbW1mSWLIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/nE4xhS31YhSxYelKQYm6FoYbeB4.roa
Signing time: Thu 01 May 2025 08:46:10 +0000
ROA not before: Thu 01 May 2025 08:46:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31515
IP address blocks: 161.30.0.0/16 maxlen: 16
161.30.5.0/24 maxlen: 24
161.30.7.0/24 maxlen: 24
161.30.8.0/24 maxlen: 24
161.30.9.0/24 maxlen: 24
161.30.10.0/24 maxlen: 24
161.30.12.0/22 maxlen: 22
161.30.16.0/22 maxlen: 22
161.30.20.0/24 maxlen: 24
161.30.22.0/23 maxlen: 23
161.30.28.0/24 maxlen: 24
161.30.29.0/24 maxlen: 24
161.30.33.0/24 maxlen: 24
161.30.40.0/23 maxlen: 23
161.30.42.0/23 maxlen: 24
161.30.44.0/23 maxlen: 24
161.30.112.0/23 maxlen: 23
161.30.114.0/23 maxlen: 23
161.30.115.0/24 maxlen: 24
161.30.116.0/23 maxlen: 23
161.30.118.0/24 maxlen: 24
161.30.119.0/24 maxlen: 24
161.30.120.0/24 maxlen: 24
161.30.121.0/24 maxlen: 24
161.30.124.0/23 maxlen: 23
161.30.126.0/23 maxlen: 23
161.30.128.0/23 maxlen: 23
161.30.129.0/24 maxlen: 24
161.30.130.0/24 maxlen: 24
161.30.155.0/24 maxlen: 24
161.30.163.0/24 maxlen: 24
161.30.164.0/24 maxlen: 24
161.30.165.0/24 maxlen: 24
161.30.166.0/24 maxlen: 24
161.30.167.0/24 maxlen: 24
161.30.169.0/24 maxlen: 24
161.30.171.0/24 maxlen: 24
161.30.176.0/20 maxlen: 20
161.30.193.0/24 maxlen: 24
161.30.194.0/23 maxlen: 23
161.30.201.0/24 maxlen: 24
161.30.202.0/24 maxlen: 24
161.30.203.0/24 maxlen: 24
161.30.220.0/24 maxlen: 24
161.30.221.0/24 maxlen: 24
161.30.236.0/22 maxlen: 24
161.30.236.0/24 maxlen: 24
161.30.237.0/24 maxlen: 24
161.30.238.0/24 maxlen: 24
161.30.239.0/24 maxlen: 24
161.30.240.0/24 maxlen: 24
161.30.246.0/24 maxlen: 24
161.30.250.0/24 maxlen: 24
161.30.251.0/24 maxlen: 24
2a11:ae00::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 07 May 2025 09:08:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8b:06:57:00:48:06:cf:ec:cd:8b:2c:e3:5e:47:f0:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09e5518e68467b4290c3509268b6d6d664962c86
Validity
Not Before: May 1 08:46:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c4e31852df56214b161e94a4189ba16861b781e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ca:24:76:73:ea:2a:12:7b:06:c1:64:6d:8c:
68:40:5d:1f:34:aa:87:13:af:b1:97:89:f6:5f:ae:
0f:7b:6b:74:99:35:af:75:5b:90:3a:c2:90:46:a0:
e2:c8:ff:3a:f8:b8:09:70:c4:a0:40:70:0a:07:48:
50:0d:35:f8:5e:72:6c:d4:07:c7:f5:2a:87:c3:2a:
44:85:44:45:6f:f8:8b:a2:7f:5c:a7:50:dd:85:8a:
a9:df:e4:35:ce:68:98:2e:90:01:88:20:1e:5b:37:
f8:2b:9b:ad:51:94:50:8c:82:c5:3c:a3:9a:93:e3:
af:d1:1f:a7:dc:8a:e3:86:b0:45:6d:61:73:31:32:
83:78:b2:6d:e8:bc:3b:9b:80:e4:d2:c0:b3:50:75:
3c:58:ff:2d:51:7e:47:cc:0f:29:de:9e:11:00:88:
6a:98:74:c8:da:95:a6:d8:f4:61:b6:ad:05:03:3e:
7a:a9:63:1f:91:8b:4d:91:ce:d1:35:ad:3c:0d:26:
12:63:82:2f:99:4b:ea:61:88:ca:e7:f3:0b:8c:e5:
1d:0f:cf:12:02:40:40:2c:f8:ff:ac:f3:99:b4:c2:
68:1e:a7:95:31:32:e6:80:18:f2:3e:e5:c6:e0:49:
3d:90:83:8a:11:4a:5d:ce:8f:c7:bc:30:e9:20:b3:
68:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:4E:31:85:2D:F5:62:14:B1:61:E9:4A:41:89:BA:16:86:1B:78:1E
X509v3 Authority Key Identifier:
keyid:09:E5:51:8E:68:46:7B:42:90:C3:50:92:68:B6:D6:D6:64:96:2C:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeVRjmhGe0KQw1CSaLbW1mSWLIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/nE4xhS31YhSxYelKQYm6FoYbeB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/CeVRjmhGe0KQw1CSaLbW1mSWLIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.30.0.0/16
IPv6:
2a11:ae00::/32
Signature Algorithm: sha256WithRSAEncryption
89:7d:ca:53:2b:54:56:79:22:b1:44:d7:7f:65:c8:9c:bb:ca:
28:31:50:83:5f:9e:88:2f:91:3d:67:66:06:db:cc:93:74:28:
9c:04:f1:ce:c9:9c:c9:e7:d4:34:be:b6:40:6f:5a:06:bc:58:
a3:5f:d2:fc:05:c0:d6:0a:dc:3a:d2:c3:67:1d:f5:4f:7f:72:
16:2d:5a:f0:a2:a3:55:20:d2:be:56:32:be:12:a3:84:5b:59:
a4:98:54:14:9f:fd:78:fe:06:90:c8:28:7a:e1:81:ea:0f:d6:
96:34:c3:2d:fd:f9:f3:15:c4:4f:8a:08:02:05:b9:04:ee:48:
d4:67:8d:a4:99:73:7e:3a:b1:47:7f:ba:14:cb:d8:a3:78:67:
6e:03:64:bf:96:d3:fc:40:0a:ef:59:37:ab:4b:30:5d:bc:a4:
69:b2:ec:40:49:ec:e1:e0:ff:13:5b:a3:83:48:c0:0c:89:52:
1b:6f:90:2f:7e:cb:2b:5e:3b:df:bc:ca:93:4a:a7:34:6b:04:
a2:f9:99:94:ba:17:69:53:54:bd:9b:ca:da:1d:20:18:b9:85:
8e:0c:d7:70:1a:3a:99:67:8a:f1:f1:36:17:e2:c3:a8:ea:30:
6b:d2:05:30:dd:9a:7c:85:22:41:1d:e5:78:b9:21:37:23:a3:
6a:ea:b0:f7
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZaLBlcASAbP7M2LLONeR/AiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTU1MThlNjg0NjdiNDI5MGMzNTA5MjY4YjZkNmQ2NjQ5
NjJjODYwHhcNMjUwNTAxMDg0NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzRlMzE4NTJkZjU2MjE0YjE2MWU5NGE0MTg5YmExNjg2MWI3ODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMokdnPqKhJ7BsFkbYxoQF0fNKqH
E6+xl4n2X64Pe2t0mTWvdVuQOsKQRqDiyP86+LgJcMSgQHAKB0hQDTX4XnJs1AfH
9SqHwypEhURFb/iLon9cp1DdhYqp3+Q1zmiYLpABiCAeWzf4K5utUZRQjILFPKOa
k+Ov0R+n3IrjhrBFbWFzMTKDeLJt6Lw7m4Dk0sCzUHU8WP8tUX5HzA8p3p4RAIhq
mHTI2pWm2PRhtq0FAz56qWMfkYtNkc7RNa08DSYSY4IvmUvqYYjK5/MLjOUdD88S
AkBALPj/rPOZtMJoHqeVMTLmgBjyPuXG4Ek9kIOKEUpdzo/HvDDpILNotwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJxOMYUt9WIUsWHpSkGJuhaGG3geMB8GA1UdIwQY
MBaAFAnlUY5oRntCkMNQkmi21tZkliyGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VWUmptaEdlMEtRdzFDU2FMYlcxbVNXTElZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8zMDI4MmMtM2M4Mi00NzMwLWI5NWUt
ZTc0NTk0ODk4M2VkLzEvbkU0eGhTMzFZaFN4WWVsS1FZbTZGb1liZUI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8zMDI4MmMtM2M4Mi00NzMwLWI5NWUtZTc0NTk0ODk4M2Vk
LzEvQ2VWUmptaEdlMEtRdzFDU2FMYlcxbVNXTElZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDALBAIAATAFAwMAoR4wDQQC
AAIwBwMFACoRrgAwDQYJKoZIhvcNAQELBQADggEBAIl9ylMrVFZ5IrFE139lyJy7
yigxUINfnogvkT1nZgbbzJN0KJwE8c7JnMnn1DS+tkBvWga8WKNf0vwFwNYK3DrS
w2cd9U9/chYtWvCio1Ug0r5WMr4So4RbWaSYVBSf/Xj+BpDIKHrhgeoP1pY0wy39
+fMVxE+KCAIFuQTuSNRnjaSZc346sUd/uhTL2KN4Z24DZL+W0/xACu9ZN6tLMF28
pGmy7EBJ7OHg/xNbo4NIwAyJUhtvkC9+yyteO9+8ypNKpzRrBKL5mZS6F2lTVL2b
ytodIBi5hY4M13AaOplnivHxNhfiw6jqMGvSBTDdmnyFIkEd5Xi5ITcjo2rqsPc=
-----END CERTIFICATE-----
Generated at Sun May 11 23:03:35 2025 by rpki-client