Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TlTauXy51Y22CcyfL5CCfi-9f-A.roa
File: TlTauXy51Y22CcyfL5CCfi-9f-A.roa (raw, json)
Hash identifier: I/6ewkx4a+sVshlu+mrgJ9lHTkl53+5Z8TiAp8cPJ0s=
Subject key identifier: 4E:54:DA:B9:7C:B9:D5:8D:B6:09:CC:9F:2F:90:82:7E:2F:BD:7F:E0
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0198177A4625D46606977BB015253FD02575
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TlTauXy51Y22CcyfL5CCfi-9f-A.roa
Signing time: Thu 17 Jul 2025 08:22:26 +0000
ROA not before: Thu 17 Jul 2025 08:22:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 31.56.86.0/24 maxlen: 24
31.57.120.0/24 maxlen: 24
31.57.122.0/24 maxlen: 24
31.57.124.0/24 maxlen: 24
31.57.125.0/24 maxlen: 24
31.57.140.0/24 maxlen: 24
31.57.162.0/23 maxlen: 24
31.57.164.0/23 maxlen: 24
31.57.180.0/24 maxlen: 24
31.57.196.0/24 maxlen: 24
31.57.221.0/24 maxlen: 24
31.58.41.0/24 maxlen: 24
31.58.42.0/24 maxlen: 24
31.58.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Jul 2025 10:46:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:17:7a:46:25:d4:66:06:97:7b:b0:15:25:3f:d0:25:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 17 08:22:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e54dab97cb9d58db609cc9f2f90827e2fbd7fe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:de:36:8a:9e:91:49:c8:8c:47:8c:a1:fe:ff:
21:26:a0:58:27:f3:e2:7f:54:0b:cd:0a:c5:a4:2d:
b4:e2:68:59:01:53:5e:dd:0e:b4:fa:dc:69:1e:28:
28:80:23:63:51:57:68:c8:c5:4f:ce:2c:00:e5:09:
48:61:31:fb:6f:40:b1:e0:a4:1a:a2:68:d6:85:96:
6e:4c:f3:9a:a6:67:a9:7d:75:3d:8c:61:fd:51:77:
1a:24:7d:d9:fa:ba:50:a2:99:89:d7:2b:c9:ea:29:
5d:d6:35:76:44:99:9a:6e:90:22:35:de:ec:7e:b6:
04:6e:8a:ab:3d:6f:fd:d8:1a:a5:3b:55:c1:0b:0d:
32:0d:a1:eb:04:5c:2d:d1:bf:3f:25:4a:8d:81:d5:
73:0b:1a:25:39:d5:44:14:3d:d6:1f:f3:77:e4:09:
3f:f1:a8:e9:e5:ec:6a:90:40:93:b7:21:26:46:ec:
b7:72:fe:06:48:8e:09:a7:ad:d1:3d:ff:9f:97:75:
1e:ba:88:7a:de:21:07:0c:62:2f:9c:83:a6:cb:59:
e5:ca:f2:3f:f6:b8:68:05:54:6d:86:ab:2d:1f:1a:
66:f5:30:25:1a:31:3b:94:fa:da:f3:9c:79:8a:4c:
e9:34:10:32:56:ec:e1:67:10:bf:0d:a9:22:82:56:
44:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:54:DA:B9:7C:B9:D5:8D:B6:09:CC:9F:2F:90:82:7E:2F:BD:7F:E0
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TlTauXy51Y22CcyfL5CCfi-9f-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.86.0/24
31.57.120.0/24
31.57.122.0/24
31.57.124.0/23
31.57.140.0/24
31.57.162.0-31.57.165.255
31.57.180.0/24
31.57.196.0/24
31.57.221.0/24
31.58.41.0-31.58.42.255
31.58.48.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:38:bf:f4:62:4b:a2:fd:e8:33:42:88:c2:32:ff:81:7e:3f:
b4:8c:7b:e5:a3:9b:02:69:98:1f:15:86:e2:48:f6:89:5b:38:
3c:fe:46:3e:3e:f8:53:5b:0a:49:58:02:ff:f0:c1:ff:0e:0f:
6d:88:35:fc:ab:8a:18:49:63:1b:62:7b:33:56:c7:5d:1d:b3:
59:fb:12:3d:c4:9e:8a:c9:48:c9:14:4e:0a:0b:c7:4d:8d:d3:
fc:32:89:44:93:3e:da:bc:a3:7e:09:51:61:e8:e2:24:ce:1b:
22:ca:65:57:3a:b9:03:b5:53:44:f9:60:1c:e0:ff:10:83:68:
d5:68:ff:e4:81:ae:fd:af:e2:3b:95:0d:3e:fd:3c:98:6a:9e:
11:27:0c:38:ae:1e:f6:f3:02:fa:a6:2d:5d:24:61:01:c8:fc:
a0:d5:f5:12:e4:77:8c:2b:6f:bf:26:83:3a:5c:68:99:1b:7e:
9b:7f:77:ad:49:c5:da:29:03:98:80:e7:ff:02:c0:cd:c1:d9:
03:31:e8:8b:3b:9f:99:e7:2c:8e:2d:e7:eb:79:06:44:e2:4a:
4a:da:17:c3:f6:dd:7a:b7:7e:4c:8f:6d:e5:a2:bb:bb:f3:88:
31:af:80:9a:58:3d:b9:23:01:28:3a:30:27:0c:86:25:26:4e:
d9:31:72:ab
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZgXekYl1GYGl3uwFSU/0CV1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzE3MDgyMjI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTU0ZGFiOTdjYjlkNThkYjYwOWNjOWYyZjkwODI3ZTJmYmQ3ZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnt42ip6RSciMR4yh/v8hJqBYJ/Pi
f1QLzQrFpC204mhZAVNe3Q60+txpHigogCNjUVdoyMVPziwA5QlIYTH7b0Cx4KQa
omjWhZZuTPOapmepfXU9jGH9UXcaJH3Z+rpQopmJ1yvJ6ild1jV2RJmabpAiNd7s
frYEboqrPW/92BqlO1XBCw0yDaHrBFwt0b8/JUqNgdVzCxolOdVEFD3WH/N35Ak/
8ajp5exqkECTtyEmRuy3cv4GSI4Jp63RPf+fl3Ueuoh63iEHDGIvnIOmy1nlyvI/
9rhoBVRthqstHxpm9TAlGjE7lPra85x5ikzpNBAyVuzhZxC/DakiglZEpQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFE5U2rl8udWNtgnMny+Qgn4vvX/gMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVGxUYXVYeTUxWTIyQ2N5Zkw1Q0NmaS05Zi1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAHzhWAwQA
Hzl4AwQAHzl6AwQBHzl8AwQAHzmMMAwDBAEfOaIDBAEfOaQDBAAfObQDBAAfOcQD
BAAfOd0wDAMEAB86KQMEAB86KgMEAB86MDANBgkqhkiG9w0BAQsFAAOCAQEArTi/
9GJLov3oM0KIwjL/gX4/tIx75aObAmmYHxWG4kj2iVs4PP5GPj74U1sKSVgC//DB
/w4PbYg1/KuKGEljG2J7M1bHXR2zWfsSPcSeislIyRROCgvHTY3T/DKJRJM+2ryj
fglRYejiJM4bIsplVzq5A7VTRPlgHOD/EINo1Wj/5IGu/a/iO5UNPv08mGqeEScM
OK4e9vMC+qYtXSRhAcj8oNX1EuR3jCtvvyaDOlxomRt+m393rUnF2ikDmIDn/wLA
zcHZAzHoizufmecsji3n63kGROJKStoXw/bderd+TI9t5aK7u/OIMa+Amlg9uSMB
KDowJwyGJSZO2TFyqw==
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:36:22 2025 by rpki-client