Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BRvGqIyGOd0PeWC-qqRzhnaCm7M.roa
File: BRvGqIyGOd0PeWC-qqRzhnaCm7M.roa (raw, json)
Hash identifier: ReujgjzTfxMTcpPHm2Y14eutMzNTQ9t8V2fkmJE/kKc=
Subject key identifier: 05:1B:C6:A8:8C:86:39:DD:0F:79:60:BE:AA:A4:73:86:76:82:9B:B3
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019576742DD20D7750300959B5371B0F68D5
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BRvGqIyGOd0PeWC-qqRzhnaCm7M.roa
Signing time: Sat 08 Mar 2025 15:51:20 +0000
ROA not before: Sat 08 Mar 2025 15:51:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 31.57.11.0/24 maxlen: 24
31.57.99.0/24 maxlen: 24
31.57.131.0/24 maxlen: 24
31.57.150.0/24 maxlen: 24
31.57.217.0/24 maxlen: 24
31.58.147.0/24 maxlen: 24
31.58.226.0/24 maxlen: 24
31.59.107.0/24 maxlen: 24
31.59.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 13:15:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:76:74:2d:d2:0d:77:50:30:09:59:b5:37:1b:0f:68:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 8 15:51:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=051bc6a88c8639dd0f7960beaaa4738676829bb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:85:6b:e8:af:5c:4f:86:4b:80:0e:64:b2:72:
cb:03:87:dc:49:ce:68:61:65:65:91:25:53:96:bd:
b7:15:62:9d:d6:81:c6:0b:98:10:d0:de:04:32:28:
0d:d3:97:7e:a7:16:8b:f7:74:cc:12:1b:e8:1e:81:
85:e9:2f:9e:b0:bf:e8:f8:41:9e:1e:14:16:2f:c1:
45:f5:be:78:31:ba:4d:b2:d7:c0:f4:2b:d6:71:06:
b6:9c:44:2b:91:07:17:be:0b:f8:ca:e4:fc:ed:d5:
ef:65:ab:01:1f:42:7d:cf:2f:58:83:c3:3e:36:27:
6c:4f:6f:03:44:fc:d1:d2:45:d0:7c:4e:a1:a9:f1:
42:a7:8d:45:69:c8:f3:44:fc:2f:28:57:b2:85:80:
44:8c:f9:d0:1d:45:2c:54:48:86:05:80:3f:0d:4a:
0c:f4:d6:d8:07:1d:53:d4:be:f3:b3:17:d0:4a:94:
41:69:1f:61:f9:71:bb:a9:88:03:f4:12:e9:9e:7f:
f4:bb:bd:80:b0:17:a0:d7:0f:92:83:c2:55:10:a4:
7b:0b:26:bc:8c:ac:81:56:d2:69:26:a5:d6:64:a0:
db:39:83:6b:1f:5e:2b:4d:31:a3:38:15:59:b9:cb:
5f:f3:61:2d:4a:08:9b:f4:21:e8:22:99:7b:e2:08:
3f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:1B:C6:A8:8C:86:39:DD:0F:79:60:BE:AA:A4:73:86:76:82:9B:B3
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BRvGqIyGOd0PeWC-qqRzhnaCm7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.11.0/24
31.57.99.0/24
31.57.131.0/24
31.57.150.0/24
31.57.217.0/24
31.58.147.0/24
31.58.226.0/24
31.59.107.0/24
31.59.120.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:d5:f7:67:db:f8:5f:f2:81:ba:43:2e:ae:87:e9:21:d6:48:
84:c3:57:e8:9a:08:be:7a:81:6a:d7:99:a3:64:0d:2b:c4:7c:
d4:d2:45:41:d2:46:66:58:31:a4:5c:a8:9d:ec:71:52:5a:b5:
d6:b0:25:57:4d:f3:5c:1f:f0:96:77:b4:a4:4f:4c:8c:ce:7e:
54:64:0e:b5:7e:13:8a:77:99:a4:24:19:3a:67:ed:3f:ca:cd:
86:78:7d:6d:e9:00:62:56:b7:5a:16:be:1e:08:e1:bf:6e:fb:
be:7a:de:6a:b2:23:a2:62:d9:57:01:2f:34:74:fb:34:b5:2f:
ce:50:f7:10:c4:9a:4c:80:6d:b1:4c:67:5e:f9:61:30:b4:0e:
d6:e1:8b:21:21:a2:89:41:8c:71:cc:7b:84:24:66:8e:6e:2d:
0a:91:eb:aa:23:5d:0c:1c:e3:6d:bc:a5:d8:92:65:44:3c:33:
c6:a7:b3:b4:1a:2d:f0:f0:ee:24:a2:95:55:d8:d8:55:ad:7b:
a8:bb:08:3f:80:20:f8:3e:1a:f9:e9:a7:76:c4:33:ae:f1:b8:
05:22:03:71:0e:48:6b:e4:5a:68:40:4c:db:59:f2:2a:7e:78:
7c:15:6e:03:ba:91:fe:59:c0:45:0e:29:49:3f:84:81:ab:a6:
97:3a:2b:40
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZV2dC3SDXdQMAlZtTcbD2jVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzA4MTU1MTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTFiYzZhODhjODYzOWRkMGY3OTYwYmVhYWE0NzM4Njc2ODI5YmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYVr6K9cT4ZLgA5ksnLLA4fcSc5o
YWVlkSVTlr23FWKd1oHGC5gQ0N4EMigN05d+pxaL93TMEhvoHoGF6S+esL/o+EGe
HhQWL8FF9b54MbpNstfA9CvWcQa2nEQrkQcXvgv4yuT87dXvZasBH0J9zy9Yg8M+
NidsT28DRPzR0kXQfE6hqfFCp41FacjzRPwvKFeyhYBEjPnQHUUsVEiGBYA/DUoM
9NbYBx1T1L7zsxfQSpRBaR9h+XG7qYgD9BLpnn/0u72AsBeg1w+Sg8JVEKR7Cya8
jKyBVtJpJqXWZKDbOYNrH14rTTGjOBVZuctf82EtSgib9CHoIpl74gg/JwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAUbxqiMhjndD3lgvqqkc4Z2gpuzMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQlJ2R3FJeUdPZDBQZVdDLXFxUnpobmFDbTdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAHzkLAwQA
HzljAwQAHzmDAwQAHzmWAwQAHznZAwQAHzqTAwQAHzriAwQAHztrAwQAHzt4MA0G
CSqGSIb3DQEBCwUAA4IBAQC51fdn2/hf8oG6Qy6uh+kh1kiEw1fomgi+eoFq15mj
ZA0rxHzU0kVB0kZmWDGkXKid7HFSWrXWsCVXTfNcH/CWd7SkT0yMzn5UZA61fhOK
d5mkJBk6Z+0/ys2GeH1t6QBiVrdaFr4eCOG/bvu+et5qsiOiYtlXAS80dPs0tS/O
UPcQxJpMgG2xTGde+WEwtA7W4YshIaKJQYxxzHuEJGaObi0KkeuqI10MHONtvKXY
kmVEPDPGp7O0Gi3w8O4kopVV2NhVrXuouwg/gCD4Phr56ad2xDOu8bgFIgNxDkhr
5FpoQEzbWfIqfnh8FW4DupH+WcBFDilJP4SBq6aXOitA
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:58:19 2025 by rpki-client