Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NEaNQhyC2ID09JaChov7S5XCu_E.roa
File: NEaNQhyC2ID09JaChov7S5XCu_E.roa (raw, json)
Hash identifier: XzlZM4wjI1J3kaXuUEyIheZe8H/Hq1rGbdYOU5j1EpQ=
Subject key identifier: 34:46:8D:42:1C:82:D8:80:F4:F4:96:82:86:8B:FB:4B:95:C2:BB:F1
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01955B73F340FBCFC3C06226EA93D5459169
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NEaNQhyC2ID09JaChov7S5XCu_E.roa
Signing time: Mon 03 Mar 2025 10:01:20 +0000
ROA not before: Mon 03 Mar 2025 10:01:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398704
IP address blocks: 31.58.208.0/24 maxlen: 24
31.58.209.0/24 maxlen: 24
31.58.232.0/24 maxlen: 24
31.58.233.0/24 maxlen: 24
217.60.0.0/21 maxlen: 24
217.60.8.0/21 maxlen: 24
217.60.24.0/22 maxlen: 24
217.60.32.0/21 maxlen: 24
217.60.56.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 10:45:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:73:f3:40:fb:cf:c3:c0:62:26:ea:93:d5:45:91:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 3 10:01:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34468d421c82d880f4f49682868bfb4b95c2bbf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c1:69:b9:25:e1:f6:0b:e1:1a:79:30:4c:83:
56:50:1a:92:55:98:a9:8a:00:98:2a:78:d9:17:e3:
62:b5:1b:f9:14:2c:d7:db:43:9b:87:38:9f:a2:42:
54:4f:5f:3b:98:d1:04:c5:6f:da:90:49:9f:4e:14:
ca:dd:09:a4:6f:98:67:58:5c:a5:f4:b3:cc:06:23:
73:57:f2:82:bd:02:48:72:e2:1a:f6:1c:60:48:a1:
62:5f:84:5d:91:9d:c4:9a:5b:aa:2d:95:61:0b:c9:
90:f6:ba:3e:3e:7a:8b:76:93:28:94:60:ae:95:f6:
a8:17:e1:3d:b7:16:70:e4:85:77:a6:02:33:8a:40:
5b:a3:5e:a3:e3:a2:fa:fb:e9:09:8f:1d:09:b6:b8:
82:66:ef:9d:bd:81:51:0b:35:7c:e9:23:c5:ff:5e:
5f:49:14:0f:ff:d1:1e:59:b0:b1:93:e7:ad:69:f0:
69:17:bb:bb:1e:37:6b:6b:3e:1e:d2:1f:63:94:4d:
39:f6:e0:15:7d:a1:dc:09:0e:e4:da:74:7a:48:f3:
27:33:60:02:b5:52:dd:06:c1:6c:3a:0b:e6:41:45:
ba:9e:8a:c3:24:d8:47:2c:57:a7:e0:04:33:25:ca:
c5:f0:18:bb:78:3b:d2:71:49:66:4c:dd:c8:55:c1:
c0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:46:8D:42:1C:82:D8:80:F4:F4:96:82:86:8B:FB:4B:95:C2:BB:F1
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NEaNQhyC2ID09JaChov7S5XCu_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.208.0/23
31.58.232.0/23
217.60.0.0/20
217.60.24.0/22
217.60.32.0/21
217.60.56.0/21
Signature Algorithm: sha256WithRSAEncryption
18:fb:03:20:4e:5b:7d:8f:00:98:e4:0b:6e:6c:d7:79:dd:fa:
62:f8:09:f2:89:dc:d0:0c:42:2a:06:d7:d1:ae:72:9f:e1:a1:
2a:d4:da:a8:cc:3e:10:62:3b:c1:d4:5d:b1:18:d7:aa:41:c8:
6d:65:dd:b7:e7:04:06:10:49:70:28:27:3f:b1:45:57:96:8c:
1c:0d:fa:c4:53:54:54:27:9d:66:a6:3d:12:91:49:12:a9:af:
61:f2:37:54:6a:3b:12:cd:84:5f:04:eb:57:77:06:e7:81:b9:
b1:0e:2e:45:96:1e:17:ac:ab:f1:38:e9:57:c9:50:fc:12:60:
eb:65:51:77:29:bf:fe:fb:e4:4f:47:d9:0c:51:c9:68:e6:03:
df:46:59:0f:d8:40:3d:61:6b:c0:56:ac:7b:44:10:26:77:bc:
af:64:a0:09:d1:b5:24:f9:40:5a:c6:0f:5f:85:40:5f:de:ef:
4c:8b:e6:93:ca:8a:84:37:ff:cc:c7:21:db:e0:e5:a6:c7:29:
5f:d3:90:53:9b:5e:d3:3f:43:8f:06:e8:29:dc:34:99:c1:e1:
3d:59:81:47:9d:f1:63:76:6c:d0:1f:df:01:12:3b:b3:36:33:
01:34:07:3d:51:5f:f2:43:6d:7b:31:1b:19:f9:50:67:1d:0c:
bc:ce:03:4f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZVbc/NA+8/DwGIm6pPVRZFpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzAzMTAwMTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDQ2OGQ0MjFjODJkODgwZjRmNDk2ODI4NjhiZmI0Yjk1YzJiYmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8FpuSXh9gvhGnkwTINWUBqSVZip
igCYKnjZF+NitRv5FCzX20ObhzifokJUT187mNEExW/akEmfThTK3Qmkb5hnWFyl
9LPMBiNzV/KCvQJIcuIa9hxgSKFiX4RdkZ3EmluqLZVhC8mQ9ro+PnqLdpMolGCu
lfaoF+E9txZw5IV3pgIzikBbo16j46L6++kJjx0JtriCZu+dvYFRCzV86SPF/15f
SRQP/9EeWbCxk+etafBpF7u7Hjdraz4e0h9jlE059uAVfaHcCQ7k2nR6SPMnM2AC
tVLdBsFsOgvmQUW6norDJNhHLFen4AQzJcrF8Bi7eDvScUlmTN3IVcHAXwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDRGjUIcgtiA9PSWgoaL+0uVwrvxMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTkVhTlFoeUMySUQwOUphQ2hvdjdTNVhDdV9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBHzrQAwQB
HzroAwQE2TwAAwQC2TwYAwQD2TwgAwQD2Tw4MA0GCSqGSIb3DQEBCwUAA4IBAQAY
+wMgTlt9jwCY5AtubNd53fpi+AnyidzQDEIqBtfRrnKf4aEq1NqozD4QYjvB1F2x
GNeqQchtZd235wQGEElwKCc/sUVXlowcDfrEU1RUJ51mpj0SkUkSqa9h8jdUajsS
zYRfBOtXdwbngbmxDi5Flh4XrKvxOOlXyVD8EmDrZVF3Kb/+++RPR9kMUclo5gPf
RlkP2EA9YWvAVqx7RBAmd7yvZKAJ0bUk+UBaxg9fhUBf3u9Mi+aTyoqEN//MxyHb
4OWmxylf05BTm17TP0OPBugp3DSZweE9WYFHnfFjdmzQH98BEjuzNjMBNAc9UV/y
Q217MRsZ+VBnHQy8zgNP
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:50:45 2025 by rpki-client