Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4oHi2_URA0fjrq0VnKCmXRUusGU.roa
File: 4oHi2_URA0fjrq0VnKCmXRUusGU.roa (raw, json)
Hash identifier: 8wWmHSF5Z50SjwkBnwWEZHWKKlYpFe5lIi/7Y0vugs8=
Subject key identifier: E2:81:E2:DB:F5:11:03:47:E3:AE:AD:15:9C:A0:A6:5D:15:2E:B0:65
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01955D1A0167C10947DA4556866156EFBD7A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4oHi2_URA0fjrq0VnKCmXRUusGU.roa
Signing time: Mon 03 Mar 2025 17:42:20 +0000
ROA not before: Mon 03 Mar 2025 17:42:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4766
IP address blocks: 31.56.172.0/24 maxlen: 24
31.56.173.0/24 maxlen: 24
31.56.242.0/24 maxlen: 24
31.56.243.0/24 maxlen: 24
31.56.244.0/24 maxlen: 24
31.56.245.0/24 maxlen: 24
217.60.0.0/21 maxlen: 24
217.60.3.0/24 maxlen: 24
217.60.8.0/21 maxlen: 24
217.60.15.0/24 maxlen: 24
217.60.24.0/22 maxlen: 24
217.60.32.0/21 maxlen: 24
217.60.44.0/22 maxlen: 24
217.60.56.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 17:43:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5d:1a:01:67:c1:09:47:da:45:56:86:61:56:ef:bd:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 3 17:42:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e281e2dbf5110347e3aead159ca0a65d152eb065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fd:4d:28:b2:ec:8f:56:e5:2a:9e:81:ee:61:
a7:73:b5:42:60:fb:9e:21:d4:26:a2:b7:e4:44:d2:
99:3d:b6:59:dc:99:5f:ea:9d:4f:93:a1:83:9c:72:
8b:c5:c4:5c:06:01:cf:c5:3c:6e:af:a3:ab:ce:3c:
21:0d:d0:b2:e4:1a:05:1b:78:45:04:97:f1:6c:ad:
b6:d8:90:f7:42:e3:84:a5:e5:8e:d4:9b:bb:ac:b7:
dd:3e:6e:cb:a6:34:6b:57:5a:60:33:85:0a:39:2a:
7e:6e:9b:85:b3:4f:4c:26:1c:af:30:ab:94:0f:6b:
df:7e:62:a0:51:11:cf:33:a8:9d:44:80:23:2b:36:
57:1e:23:71:b1:56:bd:97:1a:e4:78:2e:28:a9:73:
8f:58:5e:21:11:40:d2:13:44:21:0f:80:7e:e9:ca:
5f:91:b4:50:b5:26:19:ae:b8:80:f9:98:4e:6c:9e:
9a:3d:f7:62:45:ea:d6:9a:23:2d:91:64:8a:10:53:
68:c4:79:8f:e9:a1:3b:e6:2a:83:75:6d:4b:e5:75:
c8:43:db:a0:80:c4:28:25:a1:90:dd:e3:4a:cb:fa:
e5:61:fa:bf:fb:30:c1:12:42:5e:03:dd:64:4e:db:
d1:c7:59:e8:54:66:d8:dd:0e:d4:6a:f3:8f:1f:a7:
8a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:81:E2:DB:F5:11:03:47:E3:AE:AD:15:9C:A0:A6:5D:15:2E:B0:65
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4oHi2_URA0fjrq0VnKCmXRUusGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.172.0/23
31.56.242.0-31.56.245.255
217.60.0.0/20
217.60.24.0/22
217.60.32.0/21
217.60.44.0/22
217.60.56.0/21
Signature Algorithm: sha256WithRSAEncryption
33:19:28:9a:40:81:92:d9:68:0f:0c:6d:af:e7:71:52:4a:e1:
fa:83:63:cd:94:2e:0a:2b:85:19:51:01:88:6d:30:b2:2e:2d:
b7:90:86:df:57:bf:3a:ca:7b:42:0f:b9:3d:d5:42:8a:22:9e:
02:71:00:73:8d:10:83:f9:d2:b4:b8:b8:ea:2c:22:0f:58:80:
00:e8:f0:41:27:69:d7:78:a3:61:54:51:d8:13:6d:a6:67:f9:
be:24:93:29:f5:16:a8:c3:28:0a:2f:c2:f5:a8:66:85:1a:f8:
d4:48:67:b4:4c:f8:91:a9:1a:4c:54:51:8b:47:a9:6f:cb:0e:
7d:f3:4e:cc:53:79:c2:8b:ad:80:b3:bc:fb:1f:21:db:c6:ea:
e0:c0:9a:0c:99:53:d9:0b:b6:23:15:d5:f3:b3:b9:7b:25:99:
6d:22:f0:06:90:29:a1:dd:80:55:51:c6:83:94:ff:9d:0b:0c:
1b:5a:83:4f:0a:24:b7:88:c9:19:fd:cb:34:69:42:23:a9:3a:
a1:df:71:5c:2f:96:78:bf:06:d1:21:11:fb:54:5c:5a:74:9d:
a9:6b:b5:1b:6f:79:11:33:56:1b:90:a5:53:9f:fc:15:6c:94:
19:68:7c:d0:81:98:9b:25:e5:04:01:c3:9f:8f:83:5d:cd:a4:
0e:61:2b:fc
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZVdGgFnwQlH2kVWhmFW7716MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzAzMTc0MjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjgxZTJkYmY1MTEwMzQ3ZTNhZWFkMTU5Y2EwYTY1ZDE1MmViMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmv1NKLLsj1blKp6B7mGnc7VCYPue
IdQmorfkRNKZPbZZ3Jlf6p1Pk6GDnHKLxcRcBgHPxTxur6OrzjwhDdCy5BoFG3hF
BJfxbK222JD3QuOEpeWO1Ju7rLfdPm7LpjRrV1pgM4UKOSp+bpuFs09MJhyvMKuU
D2vffmKgURHPM6idRIAjKzZXHiNxsVa9lxrkeC4oqXOPWF4hEUDSE0QhD4B+6cpf
kbRQtSYZrriA+ZhObJ6aPfdiRerWmiMtkWSKEFNoxHmP6aE75iqDdW1L5XXIQ9ug
gMQoJaGQ3eNKy/rlYfq/+zDBEkJeA91kTtvRx1noVGbY3Q7UavOPH6eKiQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOKB4tv1EQNH466tFZygpl0VLrBlMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNG9IaTJfVVJBMGZqcnEwVm5LQ21YUlV1c0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBHzisMAwD
BAEfOPIDBAEfOPQDBATZPAADBALZPBgDBAPZPCADBALZPCwDBAPZPDgwDQYJKoZI
hvcNAQELBQADggEBADMZKJpAgZLZaA8Mba/ncVJK4fqDY82ULgorhRlRAYhtMLIu
LbeQht9XvzrKe0IPuT3VQooingJxAHONEIP50rS4uOosIg9YgADo8EEnadd4o2FU
UdgTbaZn+b4kkyn1FqjDKAovwvWoZoUa+NRIZ7RM+JGpGkxUUYtHqW/LDn3zTsxT
ecKLrYCzvPsfIdvG6uDAmgyZU9kLtiMV1fOzuXslmW0i8AaQKaHdgFVRxoOU/50L
DBtag08KJLeIyRn9yzRpQiOpOqHfcVwvlni/BtEhEftUXFp0nalrtRtveREzVhuQ
pVOf/BVslBlofNCBmJsl5QQBw5+Pg13NpA5hK/w=
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:59:40 2025 by rpki-client