Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tqJTblnPcFaxAin2_GMjPmw6aDY.roa
File: tqJTblnPcFaxAin2_GMjPmw6aDY.roa (raw, json)
Hash identifier: w1dmRI1mXzCm/IKZjqTYUxhMZ3amDbzKYPXML1tLjqY=
Subject key identifier: B6:A2:53:6E:59:CF:70:56:B1:02:29:F6:FC:63:23:3E:6C:3A:68:36
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01982D6F9CEBBB2D9724B636622C61CA4E06
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tqJTblnPcFaxAin2_GMjPmw6aDY.roa
Signing time: Mon 21 Jul 2025 14:42:26 +0000
ROA not before: Mon 21 Jul 2025 14:42:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22427
IP address blocks: 31.57.14.0/24 maxlen: 24
31.57.99.0/24 maxlen: 24
31.58.84.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Jul 2025 05:56:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2d:6f:9c:eb:bb:2d:97:24:b6:36:62:2c:61:ca:4e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 21 14:42:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6a2536e59cf7056b10229f6fc63233e6c3a6836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ed:fe:7a:ab:f3:dd:54:6c:86:28:25:e6:7a:
26:5f:ca:6e:0e:13:a0:9a:ce:98:d8:c7:80:3d:02:
a2:60:03:53:a3:87:30:b2:a9:8d:56:bc:59:11:16:
19:7c:19:35:93:36:de:d7:fa:d3:eb:c6:5e:2e:30:
5a:36:80:78:95:a4:c7:29:b4:d5:01:c0:4e:29:dc:
9b:cd:d2:98:1f:75:44:13:8b:58:10:34:9b:54:c6:
62:6b:2d:5d:8f:40:94:8b:25:d0:2a:5e:b7:2c:59:
73:47:a5:21:21:68:55:5a:7e:32:04:f2:b5:bd:e0:
36:a4:8f:39:b2:a5:1f:72:ac:6d:93:8a:b2:c1:ed:
a4:33:ae:45:38:eb:44:eb:b3:00:f6:9c:9c:a8:e3:
13:8c:cf:c9:90:da:21:22:2a:78:50:1a:99:67:a7:
a4:e8:82:7d:f1:c5:18:b9:3b:81:2c:e3:70:11:91:
33:2b:e0:ac:3c:85:92:c7:79:7e:53:c8:ef:68:c1:
7a:7e:d7:be:2a:be:e7:44:a4:3a:ea:6f:ed:8c:ac:
e5:b3:49:8a:74:fe:0a:0d:f4:10:f6:7b:73:85:6c:
bb:11:0f:15:10:7a:4e:81:bc:8c:30:1d:1d:d8:71:
ad:09:c9:da:3b:81:91:d0:4a:9a:32:d8:c1:e8:13:
37:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:A2:53:6E:59:CF:70:56:B1:02:29:F6:FC:63:23:3E:6C:3A:68:36
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tqJTblnPcFaxAin2_GMjPmw6aDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.14.0/24
31.57.99.0/24
31.58.84.0/24
Signature Algorithm: sha256WithRSAEncryption
58:5c:37:c9:11:f1:43:1a:f7:03:4a:56:32:c9:9d:86:b0:32:
b3:e4:e5:bf:03:16:99:04:47:cc:00:d0:70:f4:8e:ac:17:37:
af:71:ab:36:c2:b7:11:90:ef:f9:1a:87:6a:e4:0a:bd:d6:68:
02:28:a9:b0:03:d5:32:ef:24:29:be:2f:26:8a:26:5a:ee:2f:
de:a1:1d:de:ed:b4:6d:13:38:15:ac:ff:df:16:7d:3d:da:73:
2a:8a:b8:9b:bd:a6:f5:ef:fa:6f:c0:8a:ee:ec:07:ca:c3:5e:
0e:74:35:09:0c:43:e8:ac:86:1d:17:83:c5:d6:0f:38:3d:b7:
97:09:da:b5:6a:bf:94:67:41:89:77:e9:cf:87:5f:ff:0c:97:
92:1e:74:48:96:c8:75:90:3c:e6:8a:1c:3e:ac:6f:d1:d0:89:
87:ed:26:57:92:9a:06:67:21:4e:63:63:af:52:fb:b8:e9:3c:
b4:68:ab:80:40:0d:db:6a:25:e9:7a:57:8c:00:67:97:68:d5:
e0:97:3d:7d:e8:b8:f6:c6:94:b9:1a:ad:21:46:78:9c:f9:b8:
86:ea:1b:20:86:9b:08:dc:26:fd:5e:69:88:72:60:e8:e0:79:
b2:27:2e:4d:7c:c8:a7:62:0a:89:b7:0f:47:f5:3c:7f:2a:ae:
a5:54:30:7e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZgtb5zruy2XJLY2Yixhyk4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzIxMTQ0MjI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmEyNTM2ZTU5Y2Y3MDU2YjEwMjI5ZjZmYzYzMjMzZTZjM2E2ODM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzu3+eqvz3VRshigl5nomX8puDhOg
ms6Y2MeAPQKiYANTo4cwsqmNVrxZERYZfBk1kzbe1/rT68ZeLjBaNoB4laTHKbTV
AcBOKdybzdKYH3VEE4tYEDSbVMZiay1dj0CUiyXQKl63LFlzR6UhIWhVWn4yBPK1
veA2pI85sqUfcqxtk4qywe2kM65FOOtE67MA9pycqOMTjM/JkNohIip4UBqZZ6ek
6IJ98cUYuTuBLONwEZEzK+CsPIWSx3l+U8jvaMF6fte+Kr7nRKQ66m/tjKzls0mK
dP4KDfQQ9ntzhWy7EQ8VEHpOgbyMMB0d2HGtCcnaO4GR0EqaMtjB6BM3ywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLaiU25Zz3BWsQIp9vxjIz5sOmg2MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdHFKVGJsblBjRmF4QWluMl9HTWpQbXc2YURZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHzkOAwQA
HzljAwQAHzpUMA0GCSqGSIb3DQEBCwUAA4IBAQBYXDfJEfFDGvcDSlYyyZ2GsDKz
5OW/AxaZBEfMANBw9I6sFzevcas2wrcRkO/5Godq5Aq91mgCKKmwA9Uy7yQpvi8m
iiZa7i/eoR3e7bRtEzgVrP/fFn092nMqiribvab17/pvwIru7AfKw14OdDUJDEPo
rIYdF4PF1g84PbeXCdq1ar+UZ0GJd+nPh1//DJeSHnRIlsh1kDzmihw+rG/R0ImH
7SZXkpoGZyFOY2OvUvu46Ty0aKuAQA3baiXpeleMAGeXaNXglz196Lj2xpS5Gq0h
Rnic+biG6hsghpsI3Cb9XmmIcmDo4HmyJy5NfMinYgqJtw9H9Tx/Kq6lVDB+
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:33:30 2025 by rpki-client