Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9EKoDkstLt58HB1vqPyB5_XsXJw.roa
File: 9EKoDkstLt58HB1vqPyB5_XsXJw.roa (raw, json)
Hash identifier: NaJhamu5Dqe/ifDndl3b50PrEGtd/f6ZjMHRvt3ySUo=
Subject key identifier: F4:42:A8:0E:4B:2D:2E:DE:7C:1C:1D:6F:A8:FC:81:E7:F5:EC:5C:9C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0197E38B3E3441125884C2029D1FF83B1889
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9EKoDkstLt58HB1vqPyB5_XsXJw.roa
Signing time: Mon 07 Jul 2025 06:20:42 +0000
ROA not before: Mon 07 Jul 2025 06:20:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209951
IP address blocks: 31.57.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Jul 2025 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e3:8b:3e:34:41:12:58:84:c2:02:9d:1f:f8:3b:18:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 7 06:20:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f442a80e4b2d2ede7c1c1d6fa8fc81e7f5ec5c9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:1f:6f:16:19:9c:65:4c:f9:47:80:83:ea:5c:
2d:7d:7b:24:1d:99:91:86:9a:34:08:5a:28:54:7f:
8a:32:e9:df:05:71:c1:ae:a1:ac:31:a2:fa:82:f9:
93:24:81:02:bd:1e:2d:62:1f:f0:a6:27:4f:ef:94:
b5:6f:2e:d7:67:ee:58:09:a8:0e:9a:13:11:90:d6:
a6:f3:f8:ca:34:7d:7e:98:c8:48:b9:d8:af:cc:ba:
79:f7:01:77:68:70:6b:4b:24:22:97:23:d8:29:a1:
f1:19:56:03:9b:0c:3e:87:3f:4b:9d:cc:f5:2c:2a:
29:65:de:6d:42:d5:cd:77:d0:1e:57:18:a3:50:ce:
92:bf:01:2a:38:09:a2:6a:6c:91:4f:be:8a:d7:e1:
d6:2a:9c:16:71:63:a2:20:5c:66:c0:54:87:04:87:
f9:92:23:c0:c2:28:e6:eb:c3:91:02:39:a9:8c:33:
0b:a0:83:83:1e:45:fc:e0:7c:53:19:44:b7:aa:81:
c4:76:df:ce:c4:d0:ff:c6:8f:dd:85:0b:b9:28:72:
ab:51:f5:4c:5c:7c:29:6d:15:57:0b:07:7c:59:ac:
72:bf:b9:b5:52:aa:e6:33:92:d1:86:0e:86:23:50:
8a:2f:1c:a6:75:d2:0d:eb:97:5d:00:41:af:d8:19:
f2:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:42:A8:0E:4B:2D:2E:DE:7C:1C:1D:6F:A8:FC:81:E7:F5:EC:5C:9C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9EKoDkstLt58HB1vqPyB5_XsXJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.56.0/24
Signature Algorithm: sha256WithRSAEncryption
31:f9:e3:99:64:c6:f0:ee:10:27:d0:f2:f2:ed:3a:e6:00:96:
6a:4d:18:6d:c4:04:51:5b:ed:ac:c1:38:fa:a0:ac:8b:d0:2e:
ce:c5:07:82:ae:96:c0:32:2e:b1:de:0d:99:c6:d9:d9:7e:a7:
f3:c7:d6:b3:50:33:5f:86:84:87:c5:5f:b8:d0:ea:77:90:5b:
c4:99:af:df:c2:88:e1:dd:4f:4e:59:39:81:51:c3:fa:76:25:
89:30:ff:fc:2d:a5:1a:ac:c0:a7:33:3f:97:a0:d0:bb:62:f6:
59:bf:fb:2a:a3:cc:46:e2:64:9f:7d:43:46:60:16:22:6e:f1:
b2:92:a5:32:57:3b:00:8b:cd:49:a6:db:04:5e:9d:70:a6:41:
79:99:db:cd:f4:62:fa:9f:23:b4:99:a3:a7:48:87:bd:05:77:
f6:5f:a0:b0:88:ed:b6:bf:17:00:8d:24:db:19:b2:7b:bd:f4:
4b:13:6c:fb:1d:39:a6:d9:93:b6:9d:d6:f8:68:a6:ce:31:74:
f8:9f:58:b1:41:a1:fa:f6:a1:47:be:af:fa:dc:3b:04:5e:aa:
77:06:e9:79:cf:23:db:dd:09:8f:6d:24:0a:57:89:b9:61:e2:
83:96:db:6e:9e:4f:6f:e9:22:c8:f4:03:92:8e:64:2a:03:90:
22:72:34:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfjiz40QRJYhMICnR/4OxiJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzA3MDYyMDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDQyYTgwZTRiMmQyZWRlN2MxYzFkNmZhOGZjODFlN2Y1ZWM1YzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6x9vFhmcZUz5R4CD6lwtfXskHZmR
hpo0CFooVH+KMunfBXHBrqGsMaL6gvmTJIECvR4tYh/wpidP75S1by7XZ+5YCagO
mhMRkNam8/jKNH1+mMhIudivzLp59wF3aHBrSyQilyPYKaHxGVYDmww+hz9Lncz1
LCopZd5tQtXNd9AeVxijUM6SvwEqOAmiamyRT76K1+HWKpwWcWOiIFxmwFSHBIf5
kiPAwijm68ORAjmpjDMLoIODHkX84HxTGUS3qoHEdt/OxND/xo/dhQu5KHKrUfVM
XHwpbRVXCwd8Waxyv7m1UqrmM5LRhg6GI1CKLxymddIN65ddAEGv2BnyiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPRCqA5LLS7efBwdb6j8gef17FycMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvOUVLb0Rrc3RMdDU4SEIxdnFQeUI1X1hzWEp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHzk4MA0G
CSqGSIb3DQEBCwUAA4IBAQAx+eOZZMbw7hAn0PLy7TrmAJZqTRhtxARRW+2swTj6
oKyL0C7OxQeCrpbAMi6x3g2ZxtnZfqfzx9azUDNfhoSHxV+40Op3kFvEma/fwojh
3U9OWTmBUcP6diWJMP/8LaUarMCnMz+XoNC7YvZZv/sqo8xG4mSffUNGYBYibvGy
kqUyVzsAi81JptsEXp1wpkF5mdvN9GL6nyO0maOnSIe9BXf2X6CwiO22vxcAjSTb
GbJ7vfRLE2z7HTmm2ZO2ndb4aKbOMXT4n1ixQaH69qFHvq/63DsEXqp3Bul5zyPb
3QmPbSQKV4m5YeKDlttunk9v6SLI9AOSjmQqA5AicjT2
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:28:42 2025 by rpki-client