Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/LcqpNfPrVwl_NYqZAsOkDJ0hkAs.roa
File: LcqpNfPrVwl_NYqZAsOkDJ0hkAs.roa (raw, json)
Hash identifier: aBP5WzkojqYvnnzbsFg3sIPWX8Tqce8uE/xZw5+M06k=
Subject key identifier: 2D:CA:A9:35:F3:EB:57:09:7F:35:8A:99:02:C3:A4:0C:9D:21:90:0B
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01954B8AC4A0B3624205D4C9D02D9D15A3F1
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/LcqpNfPrVwl_NYqZAsOkDJ0hkAs.roa
Signing time: Fri 28 Feb 2025 07:52:20 +0000
ROA not before: Fri 28 Feb 2025 07:52:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 31.59.29.0/24 maxlen: 24
31.59.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Mar 2025 10:38:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4b:8a:c4:a0:b3:62:42:05:d4:c9:d0:2d:9d:15:a3:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 28 07:52:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2dcaa935f3eb57097f358a9902c3a40c9d21900b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e6:90:8d:bb:4c:fe:87:0e:f1:b2:76:7a:15:
0e:de:3f:e5:06:83:e1:d7:90:cf:c2:28:7e:79:66:
09:fb:89:f7:fb:d1:0b:cd:bd:bf:95:2a:3d:aa:a1:
86:3e:38:77:89:2f:07:7e:ce:98:99:ce:c3:96:26:
06:8e:b7:bf:9c:7f:d2:42:8d:30:b4:46:8e:61:37:
d0:9a:9a:0b:9f:0c:c4:e1:14:7e:6a:a2:a1:66:4e:
6e:26:1f:d2:8b:35:20:02:aa:12:d2:dd:cc:83:5c:
44:32:84:ac:4c:9f:53:25:8f:9e:fe:54:02:e9:99:
4f:fd:32:e0:5c:be:ca:a4:73:f0:16:a6:c8:40:82:
fa:be:10:13:97:65:03:1e:8a:f8:bd:10:75:4c:13:
d5:e2:e9:bd:e7:ff:55:a5:fe:35:ac:46:6f:dc:67:
bb:01:fc:6c:6b:ea:e8:8c:50:ac:09:f0:79:04:2d:
65:0a:7d:07:a9:19:98:e5:8a:41:3b:2a:80:3f:8d:
8a:09:78:94:18:d3:bf:1b:ff:4c:37:a8:64:57:24:
7d:9d:31:c2:b3:70:3f:17:c8:65:1f:87:9c:86:31:
4e:1d:b8:d1:e7:11:8b:65:6c:a4:56:1b:d7:78:d7:
15:3a:6e:f0:b9:6a:17:ca:e0:dd:18:1e:44:68:a8:
ce:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:CA:A9:35:F3:EB:57:09:7F:35:8A:99:02:C3:A4:0C:9D:21:90:0B
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/LcqpNfPrVwl_NYqZAsOkDJ0hkAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.59.29.0/24
31.59.34.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:a9:f2:97:2f:95:a4:95:e8:bd:ad:7d:a0:8f:5c:5a:04:9f:
ba:45:24:fd:90:f5:06:7a:cc:4d:d7:96:c7:b5:09:e0:7d:42:
3a:a8:33:23:ed:31:ca:17:89:2a:79:13:5c:1d:a1:9d:ab:cc:
d7:83:8c:14:9e:98:87:ee:4a:0d:1e:4d:43:91:eb:31:c6:a7:
7e:af:51:72:53:50:03:07:a6:44:59:bc:f6:b4:fc:d0:44:a1:
d4:62:12:40:e5:45:95:ee:c6:fa:a9:88:58:6e:9e:54:7d:16:
92:57:90:ed:1a:b8:25:b0:a2:a2:6c:88:58:28:68:66:c1:5a:
35:6b:18:51:2d:de:a2:90:e3:47:7a:98:de:23:32:93:de:7c:
0d:3a:e6:8e:7b:67:6e:a7:69:5a:b4:ed:72:cd:b8:19:55:d1:
12:15:50:c0:eb:11:de:bc:4f:2a:f6:d3:46:4c:72:fa:48:5a:
ce:94:77:c3:9c:c8:d9:99:c1:54:d2:09:c9:37:dc:49:6c:7c:
02:76:b7:62:e6:e6:b1:a3:38:18:39:b7:89:52:47:a0:3c:88:
fb:f3:d6:25:66:bb:2d:92:bc:13:b7:6c:fe:45:c4:3b:e3:46:
00:93:17:ab:08:0b:1c:0e:ec:0e:3b:0e:e6:ac:d7:5b:53:f1:
89:28:49:36
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZVLisSgs2JCBdTJ0C2dFaPxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjI4MDc1MjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGNhYTkzNWYzZWI1NzA5N2YzNThhOTkwMmMzYTQwYzlkMjE5MDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eaQjbtM/ocO8bJ2ehUO3j/lBoPh
15DPwih+eWYJ+4n3+9ELzb2/lSo9qqGGPjh3iS8Hfs6Ymc7DliYGjre/nH/SQo0w
tEaOYTfQmpoLnwzE4RR+aqKhZk5uJh/SizUgAqoS0t3Mg1xEMoSsTJ9TJY+e/lQC
6ZlP/TLgXL7KpHPwFqbIQIL6vhATl2UDHor4vRB1TBPV4um95/9Vpf41rEZv3Ge7
Afxsa+rojFCsCfB5BC1lCn0HqRmY5YpBOyqAP42KCXiUGNO/G/9MN6hkVyR9nTHC
s3A/F8hlH4echjFOHbjR5xGLZWykVhvXeNcVOm7wuWoXyuDdGB5EaKjOLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC3KqTXz61cJfzWKmQLDpAydIZALMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTGNxcE5mUHJWd2xfTllxWkFzT2tESjBoa0FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHzsdAwQA
HzsiMA0GCSqGSIb3DQEBCwUAA4IBAQANqfKXL5Wklei9rX2gj1xaBJ+6RST9kPUG
esxN15bHtQngfUI6qDMj7THKF4kqeRNcHaGdq8zXg4wUnpiH7koNHk1Dkesxxqd+
r1FyU1ADB6ZEWbz2tPzQRKHUYhJA5UWV7sb6qYhYbp5UfRaSV5DtGrglsKKibIhY
KGhmwVo1axhRLd6ikONHepjeIzKT3nwNOuaOe2dup2latO1yzbgZVdESFVDA6xHe
vE8q9tNGTHL6SFrOlHfDnMjZmcFU0gnJN9xJbHwCdrdi5uaxozgYObeJUkegPIj7
89YlZrstkrwTt2z+RcQ740YAkxerCAscDuwOOw7mrNdbU/GJKEk2
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:05:10 2025 by rpki-client