Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8xbnXZ7LV2ngO25CKOwghvUgyKM.roa
File: 8xbnXZ7LV2ngO25CKOwghvUgyKM.roa (raw, json)
Hash identifier: 2REFNvugcbYWcmI+4B3eR2D+fDuOYP4zV36WjGf2ZEY=
Subject key identifier: F3:16:E7:5D:9E:CB:57:69:E0:3B:6E:42:28:EC:20:86:F5:20:C8:A3
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01953E2FED1ABCAC8C3872F6E06E6EF7A6EE
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8xbnXZ7LV2ngO25CKOwghvUgyKM.roa
Signing time: Tue 25 Feb 2025 17:38:03 +0000
ROA not before: Tue 25 Feb 2025 17:38:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29006
IP address blocks: 31.56.77.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Mar 2025 10:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3e:2f:ed:1a:bc:ac:8c:38:72:f6:e0:6e:6e:f7:a6:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 25 17:38:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f316e75d9ecb5769e03b6e4228ec2086f520c8a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c6:0a:d2:d7:2d:9a:84:3c:bd:9c:47:b9:da:
60:c8:e7:64:24:79:3b:61:fa:44:f3:18:53:c4:82:
76:61:c6:16:f8:bd:66:2d:27:fc:41:02:b3:62:2e:
de:f9:d3:31:c4:38:bb:08:19:c7:84:45:e2:5a:4f:
5b:0a:89:d0:20:27:73:73:7d:48:84:02:77:57:b8:
c5:c6:f8:2a:d0:83:46:1a:12:a8:33:1d:61:28:d5:
37:1f:ec:8b:df:01:8f:35:c5:a0:c0:31:d0:6c:e8:
04:d9:90:29:73:9b:d1:c0:3e:d5:a5:c0:fe:09:5f:
be:3f:71:8c:27:d2:34:fb:0d:de:69:c5:92:af:99:
5e:88:0c:20:22:ce:e4:32:bf:1e:92:7f:cc:9b:7e:
a9:ea:bb:db:f2:9e:20:58:2b:5d:91:da:c1:e2:fc:
13:b2:8e:7c:b3:b9:8d:e5:c9:e2:ea:b8:1b:f2:e7:
02:06:d5:27:5f:72:3b:aa:29:ee:a7:6b:36:c3:84:
d3:1a:d8:a8:62:a0:f3:6e:65:68:7a:5e:1f:9a:37:
bb:3c:d2:ce:54:9d:52:49:19:0d:28:e5:82:ac:8e:
ab:6d:fb:67:8a:f1:34:43:8d:55:21:7a:53:98:10:
8c:77:6e:a8:d0:ff:83:56:8b:0a:42:27:e6:f6:46:
fb:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:16:E7:5D:9E:CB:57:69:E0:3B:6E:42:28:EC:20:86:F5:20:C8:A3
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8xbnXZ7LV2ngO25CKOwghvUgyKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.77.0/24
Signature Algorithm: sha256WithRSAEncryption
69:f5:a4:43:43:35:8c:fa:80:4b:c2:c1:ba:5e:76:46:aa:8f:
80:70:fc:a6:29:85:2b:75:6c:6a:d8:4e:48:15:66:e3:c2:b8:
b8:c6:74:bb:b1:ae:90:2d:fd:74:fb:ae:c1:d9:6c:bc:30:a7:
e1:ff:15:79:c2:d9:b8:c9:9b:07:f1:ea:14:f2:db:50:08:c7:
e8:64:ee:e9:12:7c:44:9d:52:13:8b:42:91:d6:48:94:dc:02:
20:67:a9:8d:fc:db:e3:5d:d1:0c:1f:d6:bf:ad:dd:17:c1:13:
9a:e3:34:e7:fc:ab:af:a9:76:e0:c6:02:ba:3a:e1:bd:76:80:
fc:36:1b:a5:42:7a:25:0c:32:0a:c1:2c:6a:e0:d3:7b:5d:52:
bf:05:fe:89:ac:e6:ec:e2:ec:45:be:e5:bc:e5:5f:b7:05:7d:
29:8d:78:ce:4e:00:06:bb:27:d6:c1:9a:68:05:3b:f5:5d:71:
be:cf:d5:7f:94:e7:e3:d3:ae:dd:23:7a:2b:e6:e4:7e:ca:86:
61:64:80:0c:6e:9d:fd:08:85:e3:1e:29:9f:71:64:5f:9a:67:
6c:b5:32:9c:f2:f9:4d:ed:70:64:08:58:d7:68:e2:99:5b:d7:
96:4f:ce:e6:ed:bc:fe:ec:2e:ef:aa:db:10:42:4f:af:f5:01:
49:72:41:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZU+L+0avKyMOHL24G5u96buMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjI1MTczODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzE2ZTc1ZDllY2I1NzY5ZTAzYjZlNDIyOGVjMjA4NmY1MjBjOGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcYK0tctmoQ8vZxHudpgyOdkJHk7
YfpE8xhTxIJ2YcYW+L1mLSf8QQKzYi7e+dMxxDi7CBnHhEXiWk9bConQICdzc31I
hAJ3V7jFxvgq0INGGhKoMx1hKNU3H+yL3wGPNcWgwDHQbOgE2ZApc5vRwD7VpcD+
CV++P3GMJ9I0+w3eacWSr5leiAwgIs7kMr8ekn/Mm36p6rvb8p4gWCtdkdrB4vwT
so58s7mN5cni6rgb8ucCBtUnX3I7qinup2s2w4TTGtioYqDzbmVoel4fmje7PNLO
VJ1SSRkNKOWCrI6rbftnivE0Q41VIXpTmBCMd26o0P+DVosKQifm9kb7BwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPMW512ey1dp4DtuQijsIIb1IMijMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvOHhiblhaN0xWMm5nTzI1Q0tPd2dodlVneUtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHzhNMA0G
CSqGSIb3DQEBCwUAA4IBAQBp9aRDQzWM+oBLwsG6XnZGqo+AcPymKYUrdWxq2E5I
FWbjwri4xnS7sa6QLf10+67B2Wy8MKfh/xV5wtm4yZsH8eoU8ttQCMfoZO7pEnxE
nVITi0KR1kiU3AIgZ6mN/NvjXdEMH9a/rd0XwROa4zTn/KuvqXbgxgK6OuG9doD8
NhulQnolDDIKwSxq4NN7XVK/Bf6JrObs4uxFvuW85V+3BX0pjXjOTgAGuyfWwZpo
BTv1XXG+z9V/lOfj067dI3or5uR+yoZhZIAMbp39CIXjHimfcWRfmmdstTKc8vlN
7XBkCFjXaOKZW9eWT87m7bz+7C7vqtsQQk+v9QFJckGk
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:08:29 2025 by rpki-client