Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/IuwZTJYNUf0Y5gpbY09YsLPZjPU.roa
File: IuwZTJYNUf0Y5gpbY09YsLPZjPU.roa (raw, json)
Hash identifier: odoxkRUh5r0hOATLOOuhDaOg6ziWjGcXSXRNC2snG2o=
Subject key identifier: 22:EC:19:4C:96:0D:51:FD:18:E6:0A:5B:63:4F:58:B0:B3:D9:8C:F5
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195A9C5C6F066F115F3CF7E38DC3D5AC83B
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/IuwZTJYNUf0Y5gpbY09YsLPZjPU.roa
Signing time: Tue 18 Mar 2025 15:01:05 +0000
ROA not before: Tue 18 Mar 2025 15:01:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 31.56.52.0/22 maxlen: 22
31.56.77.0/24 maxlen: 24
31.57.118.0/24 maxlen: 24
31.57.199.0/24 maxlen: 24
31.59.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 23 Mar 2025 07:20:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a9:c5:c6:f0:66:f1:15:f3:cf:7e:38:dc:3d:5a:c8:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 18 15:01:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22ec194c960d51fd18e60a5b634f58b0b3d98cf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:bd:6f:41:81:86:3b:ea:09:12:16:a9:a1:97:
aa:6d:6e:3b:cb:0b:69:4c:ae:38:7a:c6:dd:33:be:
80:22:7c:13:6b:8d:23:cd:4b:6d:c3:ff:c7:16:fe:
32:ec:a3:be:36:a1:42:df:9a:42:55:16:f2:06:72:
45:24:2c:90:94:0f:7f:bb:ee:c7:5b:df:4a:68:80:
c8:7a:2e:34:ca:05:75:4b:8e:81:e1:d0:ec:2e:9c:
e6:11:ef:da:88:c3:a3:2c:ed:31:ad:f6:a9:62:a0:
95:12:56:65:ed:9e:08:11:49:ee:7d:52:f5:56:04:
a3:d4:f9:0e:8a:df:53:17:92:4a:e4:28:b2:fe:35:
0e:e9:dc:08:43:06:f2:76:66:bc:ce:5f:c3:23:7f:
d0:d5:cd:a8:2b:29:b1:62:b2:1f:c7:08:35:d0:2d:
13:bc:31:ce:9d:c9:be:73:ac:b5:df:6a:95:85:bf:
51:c0:19:58:24:23:9c:79:7e:2d:e1:f0:78:92:e4:
62:74:6d:10:20:34:b5:6b:72:55:e6:1a:32:ca:d3:
e6:e4:20:1b:4e:1d:23:59:0d:2f:e2:4d:0c:94:f4:
c1:58:07:ee:9a:7e:34:eb:6e:a0:68:c7:d1:4f:3e:
2b:a8:6e:f1:e4:0a:01:e5:3b:11:24:45:36:d2:44:
89:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:EC:19:4C:96:0D:51:FD:18:E6:0A:5B:63:4F:58:B0:B3:D9:8C:F5
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/IuwZTJYNUf0Y5gpbY09YsLPZjPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.52.0/22
31.56.77.0/24
31.57.118.0/24
31.57.199.0/24
31.59.68.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:21:9b:2f:0a:bc:69:12:6a:c2:b1:aa:2b:f6:59:3f:bd:f0:
e6:65:40:b3:ed:72:da:66:42:24:1d:61:a5:ad:ab:3f:70:a9:
1b:9b:8f:55:39:e2:59:fd:06:59:2f:19:60:00:b1:4f:d9:54:
b6:3e:40:a5:f4:d2:c0:2c:df:66:ef:a7:55:a4:30:e6:ed:a9:
e6:ba:0e:07:4e:e6:91:c2:cc:ec:55:9c:42:26:61:f0:3f:3a:
40:30:db:34:78:2b:00:5a:e6:9d:50:3d:74:16:68:f3:bf:7c:
07:fe:f9:d6:2e:45:32:78:b6:9f:3b:02:88:f7:0a:b7:0a:b8:
42:1a:9b:47:40:33:f4:c7:12:ab:d9:07:02:2c:46:7c:4f:a5:
96:6c:52:fc:4d:4d:19:43:7f:dc:d2:ee:fa:0a:07:2e:21:04:
61:8e:4c:f5:3a:79:f3:3e:4d:1e:cc:93:43:0d:4b:5f:ce:3f:
54:d9:d2:aa:a9:7a:bb:a2:2a:c2:5e:e2:93:0a:57:95:44:a3:
b5:c6:4f:c9:2d:34:eb:eb:ba:59:a0:ee:5f:f4:dc:21:34:ec:
1e:78:0f:2d:f0:55:e1:b8:4e:39:97:22:7f:3d:e7:75:87:8e:
6d:68:43:c8:55:d6:01:a3:37:fe:e1:25:86:91:dc:06:66:72:
19:d9:1d:5a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZWpxcbwZvEV889+ONw9Wsg7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzE4MTUwMTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmVjMTk0Yzk2MGQ1MWZkMThlNjBhNWI2MzRmNThiMGIzZDk4Y2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4b1vQYGGO+oJEhapoZeqbW47ywtp
TK44esbdM76AInwTa40jzUttw//HFv4y7KO+NqFC35pCVRbyBnJFJCyQlA9/u+7H
W99KaIDIei40ygV1S46B4dDsLpzmEe/aiMOjLO0xrfapYqCVElZl7Z4IEUnufVL1
VgSj1PkOit9TF5JK5Ciy/jUO6dwIQwbydma8zl/DI3/Q1c2oKymxYrIfxwg10C0T
vDHOncm+c6y132qVhb9RwBlYJCOceX4t4fB4kuRidG0QIDS1a3JV5hoyytPm5CAb
Th0jWQ0v4k0MlPTBWAfumn40626gaMfRTz4rqG7x5AoB5TsRJEU20kSJ+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCLsGUyWDVH9GOYKW2NPWLCz2Yz1MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSXV3WlRKWU5VZjBZNWdwYlkwOVlzTFBaalBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCHzg0AwQA
HzhNAwQAHzl2AwQAHznHAwQAHztEMA0GCSqGSIb3DQEBCwUAA4IBAQCzIZsvCrxp
EmrCsaor9lk/vfDmZUCz7XLaZkIkHWGlras/cKkbm49VOeJZ/QZZLxlgALFP2VS2
PkCl9NLALN9m76dVpDDm7anmug4HTuaRwszsVZxCJmHwPzpAMNs0eCsAWuadUD10
Fmjzv3wH/vnWLkUyeLafOwKI9wq3CrhCGptHQDP0xxKr2QcCLEZ8T6WWbFL8TU0Z
Q3/c0u76CgcuIQRhjkz1OnnzPk0ezJNDDUtfzj9U2dKqqXq7oirCXuKTCleVRKO1
xk/JLTTr67pZoO5f9NwhNOweeA8t8FXhuE45lyJ/Ped1h45taEPIVdYBozf+4SWG
kdwGZnIZ2R1a
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:56:48 2025 by rpki-client