Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BtJYU_0oyDGA8rDUdpjx8ffJL3o.roa
File: BtJYU_0oyDGA8rDUdpjx8ffJL3o.roa (raw, json)
Hash identifier: iukedLw/3gYqqATkrsvnZOuaYxQlJ/l/iGpNybB7L5g=
Subject key identifier: 06:D2:58:53:FD:28:C8:31:80:F2:B0:D4:76:98:F1:F1:F7:C9:2F:7A
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01955B7382E6D82FA7D55359038AC9426175
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BtJYU_0oyDGA8rDUdpjx8ffJL3o.roa
Signing time: Mon 03 Mar 2025 10:00:51 +0000
ROA not before: Mon 03 Mar 2025 10:00:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 31.56.33.0/24 maxlen: 24
31.56.160.0/21 maxlen: 24
31.57.202.0/24 maxlen: 24
31.57.203.0/24 maxlen: 24
31.59.116.0/22 maxlen: 24
217.60.0.0/21 maxlen: 24
217.60.8.0/21 maxlen: 24
217.60.24.0/22 maxlen: 24
217.60.32.0/21 maxlen: 24
217.60.56.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 10:43:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:73:82:e6:d8:2f:a7:d5:53:59:03:8a:c9:42:61:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 3 10:00:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06d25853fd28c83180f2b0d47698f1f1f7c92f7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ad:0b:e6:2e:5e:35:9a:62:b6:d9:29:18:be:
64:05:41:ca:f3:14:fa:16:82:e5:ef:89:0e:b7:ae:
ce:17:13:83:99:57:2a:40:e1:ab:ac:3c:1c:54:0a:
5c:31:4e:e2:cc:1b:1a:d1:99:1a:90:82:82:2e:76:
94:39:dd:73:be:52:33:b6:d2:4d:5d:a0:45:dc:10:
df:e2:cc:9f:0d:1a:a0:8e:b2:8e:4a:78:6a:45:c1:
54:d5:39:d7:b1:ad:54:e4:ea:38:ce:b0:f3:f1:63:
c7:66:2d:2c:f4:9c:3d:0f:07:c8:69:75:40:45:6b:
68:69:93:7e:30:fb:1e:e5:b3:38:11:66:73:21:21:
8a:92:a1:0e:a6:ad:ee:0c:a3:62:34:07:20:e3:bb:
54:24:c5:77:ec:9b:47:b7:25:d8:2c:0e:04:ee:fd:
1b:86:5b:c1:c5:3d:88:a8:1c:ec:b7:df:51:69:46:
09:8c:85:c4:3b:89:90:44:5c:90:63:a7:5a:d0:ad:
00:98:d9:16:3d:85:9c:77:b3:08:e1:60:5b:72:46:
00:55:d5:46:ee:d3:6e:3f:2c:4c:77:f2:ed:0b:ea:
92:80:e2:b5:8d:55:5d:7d:38:dc:c5:31:7f:ff:bf:
c8:ab:c2:b1:a8:93:de:93:59:f6:c9:ea:c0:22:be:
58:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:D2:58:53:FD:28:C8:31:80:F2:B0:D4:76:98:F1:F1:F7:C9:2F:7A
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BtJYU_0oyDGA8rDUdpjx8ffJL3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.33.0/24
31.56.160.0/21
31.57.202.0/23
31.59.116.0/22
217.60.0.0/20
217.60.24.0/22
217.60.32.0/21
217.60.56.0/21
Signature Algorithm: sha256WithRSAEncryption
6e:23:f0:f0:d1:9c:c4:9f:08:ce:79:9c:d4:32:70:be:05:36:
b2:00:14:f8:f8:32:a3:ac:74:fb:2e:e6:60:af:b2:71:e7:6f:
20:a4:ca:d0:86:7d:f5:38:57:61:ac:9e:b6:d9:2f:df:36:2e:
41:c3:4e:27:32:4d:dc:ef:a7:2e:4f:09:f1:b1:62:88:8b:2e:
38:50:b6:c1:60:d8:8f:50:0a:dc:77:25:7e:77:3f:c9:d2:cc:
4e:bb:75:c4:fb:17:b1:ea:65:6d:7f:4c:48:38:8a:fe:34:41:
ac:06:5f:3e:93:c2:e8:23:80:f5:18:ca:9b:38:32:a2:a3:dd:
18:db:c2:3f:c9:47:3d:a9:da:6c:10:4f:a0:8b:8a:80:35:41:
76:3c:be:7b:7d:20:67:47:ec:54:7d:de:86:08:c6:fd:93:2c:
cb:14:cd:57:94:5a:53:39:41:2b:6b:09:c2:d3:57:af:5f:6a:
9b:c6:55:45:41:03:6b:bb:eb:3d:46:86:b2:7e:e1:1b:77:77:
60:85:1f:a5:b5:3c:7b:f0:5d:3d:bb:44:e8:29:95:f3:1f:40:
1c:87:2f:51:f2:a7:e0:75:2d:6d:ef:d3:e8:26:f0:55:d7:ce:
31:fc:c5:b0:35:9b:b3:1d:1f:9f:ba:47:9d:97:7f:c0:0a:e5:
9f:1f:43:1e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZVbc4Lm2C+n1VNZA4rJQmF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzAzMTAwMDUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmQyNTg1M2ZkMjhjODMxODBmMmIwZDQ3Njk4ZjFmMWY3YzkyZjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtK0L5i5eNZpittkpGL5kBUHK8xT6
FoLl74kOt67OFxODmVcqQOGrrDwcVApcMU7izBsa0ZkakIKCLnaUOd1zvlIzttJN
XaBF3BDf4syfDRqgjrKOSnhqRcFU1TnXsa1U5Oo4zrDz8WPHZi0s9Jw9DwfIaXVA
RWtoaZN+MPse5bM4EWZzISGKkqEOpq3uDKNiNAcg47tUJMV37JtHtyXYLA4E7v0b
hlvBxT2IqBzst99RaUYJjIXEO4mQRFyQY6da0K0AmNkWPYWcd7MI4WBbckYAVdVG
7tNuPyxMd/LtC+qSgOK1jVVdfTjcxTF//7/Iq8KxqJPek1n2yerAIr5YdwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAbSWFP9KMgxgPKw1HaY8fH3yS96MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQnRKWVVfMG95REdBOHJEVWRwang4ZmZKTDNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAHzghAwQD
HzigAwQBHznKAwQCHzt0AwQE2TwAAwQC2TwYAwQD2TwgAwQD2Tw4MA0GCSqGSIb3
DQEBCwUAA4IBAQBuI/Dw0ZzEnwjOeZzUMnC+BTayABT4+DKjrHT7LuZgr7Jx528g
pMrQhn31OFdhrJ622S/fNi5Bw04nMk3c76cuTwnxsWKIiy44ULbBYNiPUArcdyV+
dz/J0sxOu3XE+xex6mVtf0xIOIr+NEGsBl8+k8LoI4D1GMqbODKio90Y28I/yUc9
qdpsEE+gi4qANUF2PL57fSBnR+xUfd6GCMb9kyzLFM1XlFpTOUErawnC01evX2qb
xlVFQQNru+s9RoayfuEbd3dghR+ltTx78F09u0ToKZXzH0Achy9R8qfgdS1t79Po
JvBV184x/MWwNZuzHR+fukedl3/ACuWfH0Me
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:59:27 2025 by rpki-client