Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/0Gq_yd1H5BylwaqbXEFDkf3VPec.roa
File: 0Gq_yd1H5BylwaqbXEFDkf3VPec.roa (raw, json)
Hash identifier: kFHxpFa7QP+tNX5QXH1fCdeiQoUBIZfGCR7xhn8ruq4=
Subject key identifier: D0:6A:BF:C9:DD:47:E4:1C:A5:C1:AA:9B:5C:41:43:91:FD:D5:3D:E7
Certificate issuer: /CN=4b98127943e7175734964010c89ef821416a31b3
Certificate serial: 01968CD8AC4CF01A67D41E209475EF5C97BB
Authority key identifier: 4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/0Gq_yd1H5BylwaqbXEFDkf3VPec.roa
Signing time: Thu 01 May 2025 17:15:32 +0000
ROA not before: Thu 01 May 2025 17:15:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 31.90.0.0/15 maxlen: 15
31.92.0.0/15 maxlen: 15
31.94.0.0/16 maxlen: 16
31.96.0.0/16 maxlen: 16
31.100.0.0/14 maxlen: 14
31.104.0.0/16 maxlen: 16
31.112.0.0/14 maxlen: 14
31.117.0.0/16 maxlen: 16
31.118.0.0/16 maxlen: 16
31.119.0.0/16 maxlen: 16
31.120.0.0/16 maxlen: 16
31.121.0.0/16 maxlen: 16
31.126.0.0/15 maxlen: 15
46.68.66.0/24 maxlen: 24
95.144.0.0/13 maxlen: 13
109.180.0.0/15 maxlen: 15
Validation: Failed, certificate revoked on Fri 02 May 2025 16:10:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8c:d8:ac:4c:f0:1a:67:d4:1e:20:94:75:ef:5c:97:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b98127943e7175734964010c89ef821416a31b3
Validity
Not Before: May 1 17:15:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d06abfc9dd47e41ca5c1aa9b5c414391fdd53de7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6e:72:e0:6b:f9:c6:95:fe:47:78:56:48:c1:
9d:f9:08:e8:51:0f:5c:d4:45:d6:a2:00:84:65:35:
bd:27:a9:80:6c:44:0f:16:f2:17:33:6b:38:bb:b3:
05:72:ee:27:69:c2:d3:bb:6c:52:ef:0c:4e:99:11:
e8:ef:c9:e8:e6:aa:f5:6b:ce:6d:44:20:46:ec:44:
c8:f5:02:a7:f0:d5:5c:5b:4e:45:7e:a7:2b:55:c3:
a6:7b:52:c4:c0:32:6b:4b:7e:c9:23:b8:91:a3:bf:
04:1a:fa:80:79:bb:05:1f:20:5d:69:98:fe:d9:df:
62:83:36:9e:93:20:07:ee:1f:c1:7e:5c:94:51:bc:
d3:0c:a3:bc:6e:ad:d4:26:c9:6e:24:1e:76:1e:fa:
1a:1e:47:b5:79:70:db:ca:56:a4:a4:43:16:4a:b2:
5d:46:3e:a6:55:23:cd:2c:cf:8a:ad:40:38:1c:7d:
41:00:2e:b9:1c:a7:e5:5c:42:ad:09:ad:cb:1f:ae:
12:43:bd:69:46:f3:52:fc:1e:1e:f5:5c:91:2e:ec:
9d:f7:3a:c3:cc:25:5c:e3:38:b0:f0:16:21:4a:a2:
21:25:e7:44:67:11:43:70:cd:c9:97:5f:c3:22:7f:
74:c9:14:18:b4:b1:c6:22:20:c7:6d:16:65:5e:3d:
7f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:6A:BF:C9:DD:47:E4:1C:A5:C1:AA:9B:5C:41:43:91:FD:D5:3D:E7
X509v3 Authority Key Identifier:
keyid:4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/0Gq_yd1H5BylwaqbXEFDkf3VPec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.90.0.0-31.94.255.255
31.96.0.0/16
31.100.0.0-31.104.255.255
31.112.0.0/14
31.117.0.0-31.121.255.255
31.126.0.0/15
46.68.66.0/24
95.144.0.0/13
109.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
9e:4c:d7:bd:45:63:a7:50:80:db:dd:1d:0c:a6:d1:60:48:a7:
36:26:b3:5f:3b:c3:e4:a1:24:26:8e:92:34:d4:4f:e9:b3:2f:
da:59:0f:f0:3e:d3:48:84:c1:8a:87:2a:2e:9b:42:fb:ab:44:
fc:5f:4c:ec:dd:a6:f3:31:ec:61:08:ff:7d:37:8a:50:c1:44:
b0:38:4c:64:59:0a:0f:54:fa:37:1b:58:80:f3:be:ca:3a:77:
0e:6f:1e:91:2f:20:f3:6c:3b:6d:da:5a:ba:77:c4:64:13:61:
67:93:00:10:ba:b7:08:65:e0:95:27:17:e5:fb:02:ac:32:57:
27:0a:11:7b:3d:5b:60:5f:26:69:1e:97:cd:0f:42:92:4c:2b:
e2:59:1f:86:1f:be:36:d7:4c:b5:b9:6e:f4:8f:6b:4c:b7:bb:
4c:9e:7b:cd:11:3d:d4:c2:12:68:79:db:a8:4f:be:8b:aa:bf:
e3:44:fc:26:ee:94:a2:8d:1e:f2:53:cf:ce:78:eb:08:12:bb:
25:ea:14:b3:c7:76:cc:74:b7:ad:82:a8:d3:6c:3e:55:cf:3d:
57:19:65:f0:e3:79:84:05:ba:d9:20:c3:8e:f3:f4:53:ec:63:
fe:29:a6:31:a0:e7:d0:93:4f:76:50:b3:98:25:7f:40:0e:e0:
dd:b1:08:e9
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAZaM2KxM8Bpn1B4glHXvXJe7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTgxMjc5NDNlNzE3NTczNDk2NDAxMGM4OWVmODIxNDE2
YTMxYjMwHhcNMjUwNTAxMTcxNTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDZhYmZjOWRkNDdlNDFjYTVjMWFhOWI1YzQxNDM5MWZkZDUzZGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3G5y4Gv5xpX+R3hWSMGd+QjoUQ9c
1EXWogCEZTW9J6mAbEQPFvIXM2s4u7MFcu4nacLTu2xS7wxOmRHo78no5qr1a85t
RCBG7ETI9QKn8NVcW05FfqcrVcOme1LEwDJrS37JI7iRo78EGvqAebsFHyBdaZj+
2d9igzaekyAH7h/BflyUUbzTDKO8bq3UJsluJB52HvoaHke1eXDbylakpEMWSrJd
Rj6mVSPNLM+KrUA4HH1BAC65HKflXEKtCa3LH64SQ71pRvNS/B4e9VyRLuyd9zrD
zCVc4ziw8BYhSqIhJedEZxFDcM3Jl1/DIn90yRQYtLHGIiDHbRZlXj1/bQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFNBqv8ndR+QcpcGqm1xBQ5H91T3nMB8GA1UdIwQY
MBaAFEuYEnlD5xdXNJZAEMie+CFBajGzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2Njgt
NjIxNzkyZjdlNTZhLzEvMEdxX3lkMUg1Qnlsd2FxYlhFRkRrZjNWUGVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2NjgtNjIxNzkyZjdlNTZh
LzEvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzBJBAIAATBDMAoDAwEfWgMD
AB9eAwMAH2AwCgMDAh9kAwMAH2gDAwIfcDAKAwMAH3UDAwEfeAMDAR9+AwQALkRC
AwMDX5ADAwFttDANBgkqhkiG9w0BAQsFAAOCAQEAnkzXvUVjp1CA290dDKbRYEin
NiazXzvD5KEkJo6SNNRP6bMv2lkP8D7TSITBiocqLptC+6tE/F9M7N2m8zHsYQj/
fTeKUMFEsDhMZFkKD1T6NxtYgPO+yjp3Dm8ekS8g82w7bdpaunfEZBNhZ5MAELq3
CGXglScX5fsCrDJXJwoRez1bYF8maR6XzQ9Ckkwr4lkfhh++NtdMtblu9I9rTLe7
TJ57zRE91MISaHnbqE++i6q/40T8Ju6Uoo0e8lPPznjrCBK7JeoUs8d2zHS3rYKo
02w+Vc89Vxll8ON5hAW62SDDjvP0U+xj/immMaDn0JNPdlCzmCV/QA7g3bEI6Q==
-----END CERTIFICATE-----
Generated at Wed May 14 15:55:01 2025 by rpki-client