Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2e69FMD_szN5NfHzNoF38wlg_nU.roa
File: 2e69FMD_szN5NfHzNoF38wlg_nU.roa (raw, json)
Hash identifier: hvinv2p0vu5oBcq+a7hVIddpPWq7szqz+uwd7+ZCTfM=
Subject key identifier: D9:EE:BD:14:C0:FF:B3:33:79:35:F1:F3:36:81:77:F3:09:60:FE:75
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019500D5230A896D95B11AB721C9C23D1E15
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2e69FMD_szN5NfHzNoF38wlg_nU.roa
Signing time: Thu 13 Feb 2025 19:42:02 +0000
ROA not before: Thu 13 Feb 2025 19:42:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 150519
IP address blocks: 31.56.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Feb 2025 14:02:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:00:d5:23:0a:89:6d:95:b1:1a:b7:21:c9:c2:3d:1e:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 13 19:42:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9eebd14c0ffb3337935f1f3368177f30960fe75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8a:bd:cf:dd:56:ab:9c:2b:22:35:f9:4f:87:
58:7a:c5:ef:ba:e0:e3:9e:22:44:54:8b:00:ee:53:
f5:06:6e:65:ea:fa:45:b5:ad:b3:23:48:b1:e9:c2:
9c:2c:9b:b3:ae:73:ae:93:bd:0c:2c:d8:b4:c2:a7:
b0:08:78:32:48:71:72:df:67:82:d0:9c:aa:9d:58:
d1:b6:47:a3:ed:36:6b:47:42:8b:1e:5c:11:d9:c5:
3e:0b:da:fd:ef:cf:9b:dd:48:45:70:de:cd:0e:4b:
a1:b6:6e:e3:70:22:53:74:ac:17:62:0c:f7:0f:86:
ea:d6:69:64:e5:d7:0f:7c:57:9b:28:52:b3:e2:5c:
71:38:8d:c8:79:52:1e:17:f3:3a:4b:e6:ae:fd:74:
07:95:6b:8f:f0:ef:47:3a:d4:3f:50:f6:57:82:6e:
d9:41:d4:3e:6a:f1:1b:a9:5a:55:bd:8c:04:27:de:
77:cd:83:52:76:25:0e:45:f7:dd:47:26:06:d5:d8:
bc:ad:94:89:1e:01:77:ea:d1:ad:59:eb:be:4b:d2:
73:31:30:76:08:94:13:5a:04:28:8c:69:8d:6b:18:
8f:a5:53:e1:ca:07:ee:e5:ac:79:d3:f8:47:7b:79:
0e:32:99:b2:c7:4a:74:a6:52:70:a2:3b:b5:27:3c:
97:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:EE:BD:14:C0:FF:B3:33:79:35:F1:F3:36:81:77:F3:09:60:FE:75
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2e69FMD_szN5NfHzNoF38wlg_nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.120.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:ac:c8:a0:0d:b5:22:97:25:94:a1:93:f8:34:b1:b4:b0:27:
49:83:87:c0:0f:23:b7:69:13:b4:24:8f:d1:a4:c1:d9:ee:0d:
d2:0f:d3:13:cc:79:38:bd:6b:5b:72:6d:e1:64:3f:65:1d:6f:
4d:24:ac:7e:8a:e2:3a:95:c5:44:fa:9e:55:b8:a8:73:85:f0:
40:4e:84:d3:f4:15:bd:71:d4:f9:b5:4a:f0:a6:92:46:f1:88:
27:1c:ef:e2:ca:13:0e:e3:7f:ee:3d:87:b2:89:74:d6:d2:34:
f5:ae:57:26:fd:4f:24:c4:75:01:c9:ce:b2:c0:1e:29:0a:48:
50:6a:bb:a7:87:c4:56:48:cf:a0:3e:6e:2f:dd:15:0e:6d:0a:
e3:33:a9:94:b3:24:73:b5:86:03:d7:b3:90:bc:98:36:80:66:
8d:ca:b4:89:d3:ac:1b:05:82:bb:25:e7:4a:4d:54:02:bb:b1:
6e:55:c0:36:24:b6:c1:f4:ac:ed:75:a1:7d:73:82:e2:b9:82:
e4:39:5e:10:31:dc:81:21:0c:95:61:c5:03:f8:a7:53:2a:ea:
50:92:bb:f9:63:a7:e1:96:c9:ca:f7:e6:63:b4:ae:ef:fe:f3:
d3:70:ec:e7:46:c9:50:59:47:d1:52:dc:27:dd:36:a2:75:d8:
03:d9:07:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUA1SMKiW2VsRq3IcnCPR4VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjEzMTk0MjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWVlYmQxNGMwZmZiMzMzNzkzNWYxZjMzNjgxNzdmMzA5NjBmZTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYq9z91Wq5wrIjX5T4dYesXvuuDj
niJEVIsA7lP1Bm5l6vpFta2zI0ix6cKcLJuzrnOuk70MLNi0wqewCHgySHFy32eC
0JyqnVjRtkej7TZrR0KLHlwR2cU+C9r978+b3UhFcN7NDkuhtm7jcCJTdKwXYgz3
D4bq1mlk5dcPfFebKFKz4lxxOI3IeVIeF/M6S+au/XQHlWuP8O9HOtQ/UPZXgm7Z
QdQ+avEbqVpVvYwEJ953zYNSdiUORffdRyYG1di8rZSJHgF36tGtWeu+S9JzMTB2
CJQTWgQojGmNaxiPpVPhygfu5ax50/hHe3kOMpmyx0p0plJwoju1JzyXtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNnuvRTA/7MzeTXx8zaBd/MJYP51MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMmU2OUZNRF9zek41TmZIek5vRjM4d2xnX25VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHzh4MA0G
CSqGSIb3DQEBCwUAA4IBAQAsrMigDbUilyWUoZP4NLG0sCdJg4fADyO3aRO0JI/R
pMHZ7g3SD9MTzHk4vWtbcm3hZD9lHW9NJKx+iuI6lcVE+p5VuKhzhfBAToTT9BW9
cdT5tUrwppJG8YgnHO/iyhMO43/uPYeyiXTW0jT1rlcm/U8kxHUByc6ywB4pCkhQ
arunh8RWSM+gPm4v3RUObQrjM6mUsyRztYYD17OQvJg2gGaNyrSJ06wbBYK7JedK
TVQCu7FuVcA2JLbB9KztdaF9c4LiuYLkOV4QMdyBIQyVYcUD+KdTKupQkrv5Y6fh
lsnK9+ZjtK7v/vPTcOznRslQWUfRUtwn3TaiddgD2Qeo
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:55:33 2025 by rpki-client