Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NVTH6Jq3MuBPN_02Bzkfdi_M9kY.roa
File: NVTH6Jq3MuBPN_02Bzkfdi_M9kY.roa (raw, json)
Hash identifier: 6/r/zbs27Qms2MC6Kvf1dWEABxZ18p9XbyBYxRvPmag=
Subject key identifier: 35:54:C7:E8:9A:B7:32:E0:4F:37:FD:36:07:39:1F:76:2F:CC:F6:46
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194282376E41F8AFFFEF29C53E87E9D7ED0
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NVTH6Jq3MuBPN_02Bzkfdi_M9kY.roa
Signing time: Thu 02 Jan 2025 17:50:00 +0000
ROA not before: Thu 02 Jan 2025 17:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214677
IP address blocks: 31.56.7.0/24 maxlen: 24
31.56.26.0/24 maxlen: 24
31.58.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 Jan 2025 06:39:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:76:e4:1f:8a:ff:fe:f2:9c:53:e8:7e:9d:7e:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3554c7e89ab732e04f37fd3607391f762fccf646
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:3e:44:15:32:c8:10:c4:a5:40:7e:ac:02:22:
93:22:2a:37:00:13:45:e2:68:6c:f0:77:c9:3f:1d:
eb:f6:69:51:2c:d9:07:f5:3a:c0:0e:f4:e4:1a:64:
5e:dd:62:da:b0:b1:de:a6:ff:69:88:9e:9a:a6:71:
34:8f:33:74:74:c8:80:30:fa:78:3d:54:13:87:80:
f8:f4:ce:37:88:a9:5c:04:4c:37:f5:b4:2c:25:f2:
05:27:b6:0b:04:6a:e8:0e:23:a6:ef:e5:5e:6e:8c:
3b:bb:76:75:2d:2c:34:28:b3:01:e5:8b:3a:14:1e:
fb:ca:b7:8f:97:32:a6:3e:70:a1:63:31:fd:29:ff:
00:3e:6f:3b:2d:89:1c:d0:18:24:f3:24:b5:20:2a:
92:18:7d:f9:36:55:da:8a:5f:e2:ba:8f:35:4a:e8:
34:8b:ce:7a:eb:ad:72:ee:30:9d:f5:f7:37:5a:e4:
31:fe:e3:fa:14:15:d4:0b:59:90:5a:6f:e8:3e:e6:
65:e9:df:6a:74:ae:a1:da:88:15:f2:40:4a:4f:a2:
cf:b4:78:30:f3:05:38:56:6c:15:3b:63:cd:b9:6b:
f1:d5:79:0d:57:ed:21:12:e7:c1:0a:b0:60:b9:1c:
93:15:35:33:30:a0:31:5b:ca:5d:3d:9e:3c:e7:2d:
31:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:54:C7:E8:9A:B7:32:E0:4F:37:FD:36:07:39:1F:76:2F:CC:F6:46
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NVTH6Jq3MuBPN_02Bzkfdi_M9kY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.7.0/24
31.56.26.0/24
31.58.156.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:1a:98:19:59:74:2f:78:d4:f0:44:b4:a2:9f:3a:62:e8:b3:
19:9b:3e:57:7e:c4:e7:61:09:19:1a:d4:f7:cd:ad:10:60:f2:
ca:d0:c8:b2:90:59:93:06:fd:fa:5a:3e:f9:81:10:58:63:83:
cf:49:20:f9:be:72:dd:b9:5c:4e:86:45:a5:83:43:16:5c:41:
15:2c:2b:4e:38:0a:d5:e1:d6:74:db:3a:1c:5b:7a:b5:18:bf:
02:1f:02:69:73:5f:38:d7:c5:bd:1e:e3:87:da:9c:66:0c:01:
fa:d1:20:fd:a6:35:35:4a:89:c5:5b:2a:68:5d:db:d3:d5:0f:
12:82:de:71:3b:35:90:c6:c7:4f:e2:83:2d:5e:85:18:e7:bd:
87:05:57:f8:fe:e0:15:08:09:88:bf:1b:6e:e6:8c:bb:e7:dd:
b1:1d:b9:24:ed:6c:49:88:f4:09:b4:d9:30:7b:1a:5f:d4:90:
ad:fd:fe:bd:f5:44:bc:ce:df:1a:67:46:b3:4b:62:72:14:cf:
c6:45:45:77:d7:d7:f6:08:b5:65:78:0d:d8:9c:94:e7:d8:1a:
73:1f:a0:88:ff:3b:29:63:89:88:a3:44:ae:80:56:b6:90:ba:
e0:93:a8:88:ef:ba:d1:3d:9c:d4:40:65:1b:7e:14:06:44:0f:
24:a2:80:63
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoI3bkH4r//vKcU+h+nX7QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTU0YzdlODlhYjczMmUwNGYzN2ZkMzYwNzM5MWY3NjJmY2NmNjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3z5EFTLIEMSlQH6sAiKTIio3ABNF
4mhs8HfJPx3r9mlRLNkH9TrADvTkGmRe3WLasLHepv9piJ6apnE0jzN0dMiAMPp4
PVQTh4D49M43iKlcBEw39bQsJfIFJ7YLBGroDiOm7+Vebow7u3Z1LSw0KLMB5Ys6
FB77yrePlzKmPnChYzH9Kf8APm87LYkc0Bgk8yS1ICqSGH35NlXail/iuo81Sug0
i856661y7jCd9fc3WuQx/uP6FBXUC1mQWm/oPuZl6d9qdK6h2ogV8kBKT6LPtHgw
8wU4VmwVO2PNuWvx1XkNV+0hEufBCrBguRyTFTUzMKAxW8pdPZ485y0xyQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDVUx+iatzLgTzf9Ngc5H3YvzPZGMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTlZUSDZKcTNNdUJQTl8wMkJ6a2ZkaV9NOWtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHzgHAwQA
HzgaAwQAHzqcMA0GCSqGSIb3DQEBCwUAA4IBAQC0GpgZWXQveNTwRLSinzpi6LMZ
mz5XfsTnYQkZGtT3za0QYPLK0MiykFmTBv36Wj75gRBYY4PPSSD5vnLduVxOhkWl
g0MWXEEVLCtOOArV4dZ02zocW3q1GL8CHwJpc18418W9HuOH2pxmDAH60SD9pjU1
SonFWypoXdvT1Q8Sgt5xOzWQxsdP4oMtXoUY572HBVf4/uAVCAmIvxtu5oy7592x
Hbkk7WxJiPQJtNkwexpf1JCt/f699US8zt8aZ0azS2JyFM/GRUV319f2CLVleA3Y
nJTn2BpzH6CI/zspY4mIo0SugFa2kLrgk6iI77rRPZzUQGUbfhQGRA8kooBj
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:05 2025 by rpki-client