Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bad23zlYJVdBMkpv-9xlSU1pKBw.roa
File: bad23zlYJVdBMkpv-9xlSU1pKBw.roa (raw, json)
Hash identifier: C99HIejiuqjd1REohjSqANgWqIhJUhP4U1TZCP96mVY=
Subject key identifier: 6D:A7:76:DF:39:58:25:57:41:32:4A:6F:FB:DC:65:49:4D:69:28:1C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01980E323B8FF291D139D86F679580848936
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bad23zlYJVdBMkpv-9xlSU1pKBw.roa
Signing time: Tue 15 Jul 2025 13:07:09 +0000
ROA not before: Tue 15 Jul 2025 13:07:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21840
IP address blocks: 31.56.47.0/24 maxlen: 24
31.57.39.0/24 maxlen: 24
31.57.59.0/24 maxlen: 24
31.57.229.0/24 maxlen: 24
31.58.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Jul 2025 14:42:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0e:32:3b:8f:f2:91:d1:39:d8:6f:67:95:80:84:89:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 15 13:07:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6da776df3958255741324a6ffbdc65494d69281c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1a:23:d1:25:d1:78:1f:e3:df:8c:47:9e:aa:
01:24:9e:86:ef:04:0b:8a:87:e4:ea:53:d1:6c:14:
e8:9b:93:15:98:7b:af:a1:b4:af:6b:23:36:78:25:
57:82:9a:66:38:e7:c6:4c:3c:cd:5f:c6:d0:9f:25:
04:e6:ed:c3:7a:37:f5:c4:f3:36:5f:3d:8c:db:9b:
36:c5:1f:d0:cb:fc:18:b4:81:47:da:30:4f:3a:b2:
24:ea:00:09:77:f6:57:d4:81:f9:e2:57:fc:08:c2:
3a:b8:87:1d:85:6b:f1:51:b8:49:a9:ad:91:36:e8:
3f:37:7b:38:2d:76:ee:b9:74:12:dd:c9:bf:df:5c:
76:97:f7:bc:07:13:b4:eb:cf:44:c1:3a:d5:d1:c1:
83:e7:bb:d0:6a:52:d8:13:24:cf:61:1a:a7:ed:5a:
43:7f:86:5e:e0:a6:fb:b9:2c:27:ac:1c:da:07:ba:
90:54:00:5c:1b:bd:1d:bc:50:c1:b0:48:a4:38:31:
90:34:7f:31:2f:b3:e3:65:60:45:ef:58:9b:1f:ce:
52:84:73:74:b4:b9:cb:8a:eb:27:96:d4:39:3c:fb:
42:af:44:73:06:28:f5:92:72:d7:48:2b:5e:24:3a:
64:04:03:97:bb:0e:13:a7:f8:f6:a8:96:0d:48:6a:
aa:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A7:76:DF:39:58:25:57:41:32:4A:6F:FB:DC:65:49:4D:69:28:1C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bad23zlYJVdBMkpv-9xlSU1pKBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.47.0/24
31.57.39.0/24
31.57.59.0/24
31.57.229.0/24
31.58.101.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:53:7b:45:40:1f:69:36:3b:8b:f7:7d:85:af:b2:bc:07:4e:
f9:ce:96:e9:ad:06:d6:99:f1:d1:a1:e3:1b:75:5f:3a:bc:73:
86:fa:3c:6b:09:7b:11:5f:21:14:0f:b9:07:58:09:58:11:6b:
1f:75:9a:a7:9e:dd:10:4c:f2:c9:11:7e:0c:91:01:e3:e9:1d:
69:31:b4:60:62:f3:df:c9:b5:c9:8e:ec:3c:1f:b7:40:54:5b:
2a:c5:8e:33:f9:93:79:65:47:88:fa:cd:01:83:7d:07:28:d7:
97:e6:d8:ea:0c:91:08:c1:d4:ce:70:1b:92:fc:5c:6a:80:20:
1e:2f:65:6f:db:ee:ee:1f:34:74:91:02:28:1b:22:2c:57:96:
49:ee:06:37:6c:62:fe:84:05:5b:88:20:b5:8a:70:02:21:a2:
61:43:cf:ba:c6:24:2d:19:a9:bb:88:6f:81:48:b4:83:e2:fa:
91:c2:7c:c6:12:63:bb:c5:d4:4e:84:3a:59:85:43:27:42:85:
79:23:84:b2:22:7f:be:d7:18:da:cc:fd:d5:2a:36:02:f9:73:
9b:91:62:73:a4:cd:6d:7e:f1:ae:b8:f3:38:3c:1e:2e:12:ec:
d1:95:c3:aa:16:ed:36:98:05:66:64:e9:25:56:01:a0:04:5e:
32:68:d9:3a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZgOMjuP8pHROdhvZ5WAhIk2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzE1MTMwNzA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGE3NzZkZjM5NTgyNTU3NDEzMjRhNmZmYmRjNjU0OTRkNjkyODFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRoj0SXReB/j34xHnqoBJJ6G7wQL
iofk6lPRbBTom5MVmHuvobSvayM2eCVXgppmOOfGTDzNX8bQnyUE5u3Dejf1xPM2
Xz2M25s2xR/Qy/wYtIFH2jBPOrIk6gAJd/ZX1IH54lf8CMI6uIcdhWvxUbhJqa2R
Nug/N3s4LXbuuXQS3cm/31x2l/e8BxO0689EwTrV0cGD57vQalLYEyTPYRqn7VpD
f4Ze4Kb7uSwnrBzaB7qQVABcG70dvFDBsEikODGQNH8xL7PjZWBF71ibH85ShHN0
tLnLiusnltQ5PPtCr0RzBij1knLXSCteJDpkBAOXuw4Tp/j2qJYNSGqqRQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFG2ndt85WCVXQTJKb/vcZUlNaSgcMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvYmFkMjN6bFlKVmRCTWtwdi05eGxTVTFwS0J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHzgvAwQA
HzknAwQAHzk7AwQAHznlAwQAHzplMA0GCSqGSIb3DQEBCwUAA4IBAQBvU3tFQB9p
NjuL932Fr7K8B075zpbprQbWmfHRoeMbdV86vHOG+jxrCXsRXyEUD7kHWAlYEWsf
dZqnnt0QTPLJEX4MkQHj6R1pMbRgYvPfybXJjuw8H7dAVFsqxY4z+ZN5ZUeI+s0B
g30HKNeX5tjqDJEIwdTOcBuS/FxqgCAeL2Vv2+7uHzR0kQIoGyIsV5ZJ7gY3bGL+
hAVbiCC1inACIaJhQ8+6xiQtGam7iG+BSLSD4vqRwnzGEmO7xdROhDpZhUMnQoV5
I4SyIn++1xjazP3VKjYC+XObkWJzpM1tfvGuuPM4PB4uEuzRlcOqFu02mAVmZOkl
VgGgBF4yaNk6
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:44:50 2025 by rpki-client