Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/etLS8VEwG_H8efEJTP5EB-Gpnpo.roa
File: etLS8VEwG_H8efEJTP5EB-Gpnpo.roa (raw, json)
Hash identifier: YpsQjs1O09lt6O+u3DNXyZ2dW0lgAfOq//YyyPOTiYE=
Subject key identifier: 7A:D2:D2:F1:51:30:1B:F1:FC:79:F1:09:4C:FE:44:07:E1:A9:9E:9A
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01982C987740A2D3D423EEA8EC2CF07E51E5
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/etLS8VEwG_H8efEJTP5EB-Gpnpo.roa
Signing time: Mon 21 Jul 2025 10:47:26 +0000
ROA not before: Mon 21 Jul 2025 10:47:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 31.56.42.0/23 maxlen: 23
31.56.220.0/24 maxlen: 24
31.57.52.0/24 maxlen: 24
31.57.186.0/24 maxlen: 24
31.59.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Jul 2025 07:15:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2c:98:77:40:a2:d3:d4:23:ee:a8:ec:2c:f0:7e:51:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 21 10:47:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ad2d2f151301bf1fc79f1094cfe4407e1a99e9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f2:81:46:de:94:a0:5a:16:26:de:35:c0:0c:
e0:64:37:2b:d5:54:1a:b9:4a:4e:e0:96:40:f9:70:
9e:67:30:f3:3b:4a:d2:db:aa:44:9f:9a:30:cb:2c:
d9:7e:41:5b:c5:fb:01:d0:b7:9b:95:94:51:af:d3:
e3:c9:9a:4e:07:c2:6e:17:c0:43:8f:63:4e:6f:90:
c5:86:45:1e:4c:88:4a:77:fc:03:14:93:28:10:e4:
96:7f:55:c6:c8:f1:6a:7f:2b:0f:48:d7:76:d5:ba:
ab:15:31:d6:c6:2d:a4:cb:ae:31:8a:69:d3:e9:8a:
2d:8f:a8:9d:9e:86:f4:c2:b8:d4:7e:2a:2d:96:ff:
e1:1a:b1:4c:f5:92:84:b1:2f:2f:31:9d:dc:96:a9:
45:76:a5:07:dc:ee:0f:49:d8:04:67:5d:fa:55:2a:
6b:20:18:a9:63:31:47:2f:0c:6d:b3:04:39:aa:5a:
ae:9b:96:a1:67:b7:33:f6:f1:35:e5:f7:d9:76:07:
f1:85:13:88:57:84:82:e9:8e:d4:8b:8d:cf:15:2e:
41:18:74:f2:30:c0:51:16:34:ac:08:b5:9d:83:4d:
0f:09:56:61:d0:9d:4b:66:23:c1:46:50:d3:01:f4:
4a:b1:b1:4e:2d:f8:1a:b7:0a:69:ab:26:7d:4d:a9:
4e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:D2:D2:F1:51:30:1B:F1:FC:79:F1:09:4C:FE:44:07:E1:A9:9E:9A
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/etLS8VEwG_H8efEJTP5EB-Gpnpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.42.0/23
31.56.220.0/24
31.57.52.0/24
31.57.186.0/24
31.59.173.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:cc:66:97:05:4a:17:ca:da:6b:18:ba:0b:af:37:d5:f6:1b:
25:00:d2:df:09:c8:b4:3e:5b:ab:89:45:75:04:b1:b4:08:41:
a8:c4:b5:ed:f0:cc:ec:fc:05:5d:e0:9a:b4:32:da:cf:ca:a9:
3e:1c:0f:1d:f4:db:a0:58:88:be:59:df:09:04:c8:4b:ed:42:
da:0a:1c:a4:a9:24:da:35:fc:de:c7:e0:5d:8b:44:0f:20:9c:
3d:ed:ba:1f:be:72:97:b0:00:f5:49:6e:1b:06:d0:b7:4c:4b:
14:1a:de:2c:b4:59:4c:99:6b:5f:a3:57:d7:12:77:1d:8d:53:
f6:5f:48:d8:51:35:8e:34:74:9f:09:ab:00:21:2c:e4:34:1b:
0e:19:7c:b7:0a:99:9b:f5:38:88:32:cf:c4:53:c8:71:bd:d3:
da:1f:c1:be:4c:3a:e4:21:7d:11:16:2a:d9:bf:40:51:6a:ee:
ab:48:9a:cb:7f:c9:d5:7b:c1:4c:7b:c5:f2:30:8d:ff:2a:1a:
86:5a:9c:28:3e:ac:9b:88:2f:46:9d:69:dc:30:a1:f0:ae:25:
24:1b:63:ae:4e:1d:a3:13:24:9c:cf:d9:99:f2:7b:4c:6d:a9:
68:e5:fb:47:b6:be:c6:97:d9:d5:b3:ca:25:6a:42:16:9e:52:
b0:78:81:d3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZgsmHdAotPUI+6o7CzwflHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzIxMTA0NzI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWQyZDJmMTUxMzAxYmYxZmM3OWYxMDk0Y2ZlNDQwN2UxYTk5ZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfKBRt6UoFoWJt41wAzgZDcr1VQa
uUpO4JZA+XCeZzDzO0rS26pEn5owyyzZfkFbxfsB0LeblZRRr9PjyZpOB8JuF8BD
j2NOb5DFhkUeTIhKd/wDFJMoEOSWf1XGyPFqfysPSNd21bqrFTHWxi2ky64ximnT
6Yotj6idnob0wrjUfiotlv/hGrFM9ZKEsS8vMZ3clqlFdqUH3O4PSdgEZ136VSpr
IBipYzFHLwxtswQ5qlqum5ahZ7cz9vE15ffZdgfxhROIV4SC6Y7Ui43PFS5BGHTy
MMBRFjSsCLWdg00PCVZh0J1LZiPBRlDTAfRKsbFOLfgatwppqyZ9TalOTwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHrS0vFRMBvx/HnxCUz+RAfhqZ6aMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZXRMUzhWRXdHX0g4ZWZFSlRQNUVCLUdwbnBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBHzgqAwQA
HzjcAwQAHzk0AwQAHzm6AwQAHzutMA0GCSqGSIb3DQEBCwUAA4IBAQC4zGaXBUoX
ytprGLoLrzfV9hslANLfCci0PluriUV1BLG0CEGoxLXt8Mzs/AVd4Jq0MtrPyqk+
HA8d9NugWIi+Wd8JBMhL7ULaChykqSTaNfzex+Bdi0QPIJw97bofvnKXsAD1SW4b
BtC3TEsUGt4stFlMmWtfo1fXEncdjVP2X0jYUTWONHSfCasAISzkNBsOGXy3Cpmb
9TiIMs/EU8hxvdPaH8G+TDrkIX0RFirZv0BRau6rSJrLf8nVe8FMe8XyMI3/KhqG
WpwoPqybiC9GnWncMKHwriUkG2OuTh2jEyScz9mZ8ntMbalo5ftHtr7Gl9nVs8ol
akIWnlKweIHT
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:34:58 2025 by rpki-client