Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zFhf519Ex3Hw08eB5YJZQXHQVro.roa
File: zFhf519Ex3Hw08eB5YJZQXHQVro.roa (raw, json)
Hash identifier: HA+UNegYGB6reTLuIeVGcrDIEm/Tn8oiKqe4teEiANQ=
Subject key identifier: CC:58:5F:E7:5F:44:C7:71:F0:D3:C7:81:E5:82:59:41:71:D0:56:BA
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0197DE947D65AA02DBB2E983C03379DD2052
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zFhf519Ex3Hw08eB5YJZQXHQVro.roa
Signing time: Sun 06 Jul 2025 07:12:42 +0000
ROA not before: Sun 06 Jul 2025 07:12:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 31.56.42.0/23 maxlen: 23
31.56.220.0/24 maxlen: 24
31.57.52.0/24 maxlen: 24
31.57.238.0/24 maxlen: 24
31.58.87.0/24 maxlen: 24
31.58.220.0/23 maxlen: 23
31.59.138.0/23 maxlen: 23
31.59.168.0/23 maxlen: 23
31.59.172.0/24 maxlen: 24
31.59.173.0/24 maxlen: 24
31.59.174.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 07 Jul 2025 10:23:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:de:94:7d:65:aa:02:db:b2:e9:83:c0:33:79:dd:20:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 6 07:12:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc585fe75f44c771f0d3c781e582594171d056ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2f:5e:9f:89:1b:b3:d1:8d:43:3f:6d:3a:7a:
07:8d:a9:f7:21:31:29:e4:10:71:e0:3b:99:a9:20:
5e:9c:33:c4:e8:bf:b9:a4:a5:4c:da:0d:fc:ae:06:
64:90:7b:e4:27:8e:d9:1b:b2:15:18:51:14:6e:24:
fa:19:be:1a:75:54:71:99:96:eb:6c:8b:3d:38:ec:
2d:d9:e4:87:21:e2:79:13:2e:b9:07:98:b3:5d:56:
95:92:ba:d0:d7:c9:c0:3b:89:17:f5:a3:59:c4:99:
0f:e6:4a:bb:22:ee:1f:e4:c1:a4:e6:e3:30:5e:2e:
d3:76:dc:c6:ad:90:f1:af:38:10:a2:27:9f:59:08:
00:18:34:df:1a:30:57:8f:d4:c2:7a:a5:5e:37:59:
5b:35:2d:3b:bd:60:ae:c4:2e:fb:d6:fd:93:98:ec:
18:7a:5d:3e:f5:f7:7f:c5:75:76:ba:bc:7f:c1:8b:
88:45:59:40:a4:29:72:f9:d7:37:99:50:d3:fe:de:
89:b4:fc:c4:6a:1e:37:bf:ae:83:f7:b9:0a:00:11:
51:4f:bb:0c:87:4f:0c:8e:c5:28:da:f6:8d:1d:df:
c8:4d:65:9a:9b:08:ca:e1:ff:5b:cb:46:0a:a4:da:
88:4c:1c:e7:4a:7c:b4:d7:49:c5:80:a3:ad:d9:09:
d0:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:58:5F:E7:5F:44:C7:71:F0:D3:C7:81:E5:82:59:41:71:D0:56:BA
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zFhf519Ex3Hw08eB5YJZQXHQVro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.42.0/23
31.56.220.0/24
31.57.52.0/24
31.57.238.0/24
31.58.87.0/24
31.58.220.0/23
31.59.138.0/23
31.59.168.0/23
31.59.172.0/22
Signature Algorithm: sha256WithRSAEncryption
08:33:47:dd:6e:eb:9b:2a:df:fa:82:fa:b3:81:07:df:a0:0a:
ac:4a:93:02:57:d4:45:8b:74:34:d0:73:22:61:ad:e2:fc:00:
45:f9:37:28:2b:e6:1c:2e:a5:7a:62:82:c6:b9:17:9b:3e:17:
89:b7:ca:9d:0c:60:8d:a0:fd:ae:c6:95:57:a6:39:0e:99:bf:
dd:21:e9:8b:cf:ea:43:91:e2:ba:43:de:a9:1e:cc:32:c3:f5:
f0:0e:94:66:5e:30:f7:60:87:62:96:57:98:0b:68:25:08:5f:
83:57:20:b5:b9:ca:88:5e:31:d9:b6:3e:d7:47:21:25:31:9e:
db:73:42:a3:30:7d:72:77:7b:41:0a:39:ab:ec:75:b6:54:2b:
7b:a2:b6:78:99:c2:22:c4:d4:af:d9:77:4e:84:45:b9:e7:cd:
32:ba:c5:ad:b3:80:ad:00:bf:35:12:76:18:da:7b:09:7b:1c:
e7:27:59:14:1a:be:ec:9a:e5:c7:8c:e4:42:29:a8:f0:bd:03:
16:da:a0:bc:cc:9b:d9:31:20:7f:c5:21:e9:47:82:65:2f:f1:
3e:0b:4c:9f:77:0c:ea:fd:f7:82:39:e6:91:31:90:88:21:3f:
9b:1a:77:5b:86:4e:98:97:41:15:24:42:cd:0d:0d:f4:90:22:
1b:cf:f4:2e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZfelH1lqgLbsumDwDN53SBSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzA2MDcxMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzU4NWZlNzVmNDRjNzcxZjBkM2M3ODFlNTgyNTk0MTcxZDA1NmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxi9en4kbs9GNQz9tOnoHjan3ITEp
5BBx4DuZqSBenDPE6L+5pKVM2g38rgZkkHvkJ47ZG7IVGFEUbiT6Gb4adVRxmZbr
bIs9OOwt2eSHIeJ5Ey65B5izXVaVkrrQ18nAO4kX9aNZxJkP5kq7Iu4f5MGk5uMw
Xi7TdtzGrZDxrzgQoiefWQgAGDTfGjBXj9TCeqVeN1lbNS07vWCuxC771v2TmOwY
el0+9fd/xXV2urx/wYuIRVlApCly+dc3mVDT/t6JtPzEah43v66D97kKABFRT7sM
h08MjsUo2vaNHd/ITWWamwjK4f9by0YKpNqITBznSny010nFgKOt2QnQdwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMxYX+dfRMdx8NPHgeWCWUFx0Fa6MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvekZoZjUxOUV4M0h3MDhlQjVZSlpRWEhRVnJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBHzgqAwQA
HzjcAwQAHzk0AwQAHznuAwQAHzpXAwQBHzrcAwQBHzuKAwQBHzuoAwQCHzusMA0G
CSqGSIb3DQEBCwUAA4IBAQAIM0fdbuubKt/6gvqzgQffoAqsSpMCV9RFi3Q00HMi
Ya3i/ABF+TcoK+YcLqV6YoLGuRebPheJt8qdDGCNoP2uxpVXpjkOmb/dIemLz+pD
keK6Q96pHswyw/XwDpRmXjD3YIdilleYC2glCF+DVyC1ucqIXjHZtj7XRyElMZ7b
c0KjMH1yd3tBCjmr7HW2VCt7orZ4mcIixNSv2XdOhEW5580yusWts4CtAL81EnYY
2nsJexznJ1kUGr7smuXHjORCKajwvQMW2qC8zJvZMSB/xSHpR4JlL/E+C0yfdwzq
/feCOeaRMZCIIT+bGndbhk6Yl0EVJELNDQ30kCIbz/Qu
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:33:31 2025 by rpki-client