Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8kYlyZ8SfIQMRGdcIHUTBNudt_o.roa
File: 8kYlyZ8SfIQMRGdcIHUTBNudt_o.roa (raw, json)
Hash identifier: MISRsM2nglGxUsKWtAnTiUpganrAO6+WIdFrqstZEMw=
Subject key identifier: F2:46:25:C9:9F:12:7C:84:0C:44:67:5C:20:75:13:04:DB:9D:B7:FA
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194D555A2E759F30A8A89AAE1DC1603DE20
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8kYlyZ8SfIQMRGdcIHUTBNudt_o.roa
Signing time: Wed 05 Feb 2025 08:59:06 +0000
ROA not before: Wed 05 Feb 2025 08:59:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 31.56.52.0/22 maxlen: 22
31.56.89.0/24 maxlen: 24
31.57.196.0/24 maxlen: 24
31.57.199.0/24 maxlen: 24
31.57.254.0/24 maxlen: 24
31.58.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 14:18:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:55:a2:e7:59:f3:0a:8a:89:aa:e1:dc:16:03:de:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 5 08:59:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f24625c99f127c840c44675c20751304db9db7fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:65:42:92:1e:76:cf:31:0b:fa:90:5e:03:d7:
b9:5c:f9:cc:24:c8:b8:39:6c:c5:5a:d2:90:4e:19:
5a:ed:c1:89:ae:3b:ab:a5:70:b5:52:31:06:1a:ef:
e7:5f:41:2a:09:2e:46:78:6b:f4:d9:f1:f7:0b:c8:
fb:6a:c3:69:bb:1c:d7:61:31:f4:3d:f1:45:d0:6b:
4d:77:df:12:2d:0a:8c:2a:44:b8:cd:0b:17:db:15:
9f:25:2b:5f:12:0e:7a:b7:98:c1:ce:00:6d:bd:41:
93:da:3f:e6:03:c6:84:c8:9b:fe:8c:9c:2e:a8:c9:
55:bd:fd:e5:5b:76:b5:80:c4:82:dd:67:f9:d4:c8:
fb:e5:42:13:4c:ba:d2:ae:dd:0c:d7:97:02:76:78:
12:6e:f8:cf:7f:72:9e:d7:44:59:8a:29:1b:3b:23:
47:b2:0b:72:89:a0:03:eb:12:8a:15:d3:f0:57:72:
66:62:da:32:8d:9d:59:27:94:17:1c:90:af:8a:f1:
6a:da:f6:cd:5c:09:9a:7f:61:88:20:b3:4d:d0:ea:
d4:45:d6:36:5c:0e:31:d3:10:e1:c1:3f:7e:c6:74:
c8:df:d8:c0:f3:8f:00:f4:2d:da:97:44:dd:5c:17:
bf:9d:f7:2c:3c:33:76:70:35:64:84:a7:ac:3e:07:
8c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:46:25:C9:9F:12:7C:84:0C:44:67:5C:20:75:13:04:DB:9D:B7:FA
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8kYlyZ8SfIQMRGdcIHUTBNudt_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.52.0/22
31.56.89.0/24
31.57.196.0/24
31.57.199.0/24
31.57.254.0/24
31.58.153.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:e1:45:a9:fe:f4:77:2b:c1:0a:44:e7:5c:45:61:a4:3a:36:
36:8f:d9:e2:89:73:49:b5:f7:b1:65:9a:79:5e:11:2d:41:1b:
7a:53:5c:4d:bb:1b:5f:5d:2b:62:9d:03:bc:2f:02:5b:9a:e3:
fd:06:62:75:6d:af:45:ba:32:02:82:8c:ce:b6:ac:ba:07:b9:
78:1e:27:a8:cb:26:1a:af:8f:05:2c:b7:da:a0:4c:f5:36:e4:
b1:a3:f9:c7:39:71:39:36:29:0e:96:5c:dc:f4:19:c4:cb:4b:
60:94:c1:00:44:9c:75:a8:a1:67:ef:8e:e8:26:c9:1e:8f:11:
cd:6d:f4:ea:66:57:54:6d:d1:9a:cb:f9:25:07:2a:52:c7:e5:
a4:28:5f:f7:ec:48:34:41:42:95:78:c7:23:94:38:87:95:df:
73:3c:7b:af:56:87:8a:ed:32:c0:cb:41:31:e6:eb:ed:16:3a:
12:63:6b:0f:1c:5d:57:9a:e0:c3:1a:ee:fa:c2:a0:a3:5d:f9:
50:8e:8e:c7:e6:04:b5:2a:23:cf:d0:2d:d7:f5:9e:05:69:36:
d8:a7:40:25:da:0a:23:46:2d:c4:e9:db:2d:cd:1b:dd:84:6b:
0b:e5:b8:55:a5:57:cc:00:ca:62:1e:b9:38:ab:64:4e:dd:34:
4a:3b:ba:42
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZTVVaLnWfMKiomq4dwWA94gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjA1MDg1OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjQ2MjVjOTlmMTI3Yzg0MGM0NDY3NWMyMDc1MTMwNGRiOWRiN2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWVCkh52zzEL+pBeA9e5XPnMJMi4
OWzFWtKQThla7cGJrjurpXC1UjEGGu/nX0EqCS5GeGv02fH3C8j7asNpuxzXYTH0
PfFF0GtNd98SLQqMKkS4zQsX2xWfJStfEg56t5jBzgBtvUGT2j/mA8aEyJv+jJwu
qMlVvf3lW3a1gMSC3Wf51Mj75UITTLrSrt0M15cCdngSbvjPf3Ke10RZiikbOyNH
sgtyiaAD6xKKFdPwV3JmYtoyjZ1ZJ5QXHJCvivFq2vbNXAmaf2GIILNN0OrURdY2
XA4x0xDhwT9+xnTI39jA848A9C3al0TdXBe/nfcsPDN2cDVkhKesPgeMvQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPJGJcmfEnyEDERnXCB1EwTbnbf6MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvOGtZbHlaOFNmSVFNUkdkY0lIVVRCTnVkdF9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCHzg0AwQA
HzhZAwQAHznEAwQAHznHAwQAHzn+AwQAHzqZMA0GCSqGSIb3DQEBCwUAA4IBAQCb
4UWp/vR3K8EKROdcRWGkOjY2j9niiXNJtfexZZp5XhEtQRt6U1xNuxtfXStinQO8
LwJbmuP9BmJ1ba9FujICgozOtqy6B7l4HieoyyYar48FLLfaoEz1NuSxo/nHOXE5
NikOllzc9BnEy0tglMEARJx1qKFn747oJskejxHNbfTqZldUbdGay/klBypSx+Wk
KF/37Eg0QUKVeMcjlDiHld9zPHuvVoeK7TLAy0Ex5uvtFjoSY2sPHF1XmuDDGu76
wqCjXflQjo7H5gS1KiPP0C3X9Z4FaTbYp0Al2gojRi3E6dstzRvdhGsL5bhVpVfM
AMpiHrk4q2RO3TRKO7pC
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:08 2025 by rpki-client