Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QHJi4uEIwKPrSjZlKeC1xJosg9k.roa
File: QHJi4uEIwKPrSjZlKeC1xJosg9k.roa (raw, json)
Hash identifier: IZPkM/B8bs+40KCazxhHs71jSSuUC5uB5cd1U9xiGWY=
Subject key identifier: 40:72:62:E2:E1:08:C0:A3:EB:4A:36:65:29:E0:B5:C4:9A:2C:83:D9
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01957BD522F6E5BD61E5BDDD1F54C4C04740
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QHJi4uEIwKPrSjZlKeC1xJosg9k.roa
Signing time: Sun 09 Mar 2025 16:55:20 +0000
ROA not before: Sun 09 Mar 2025 16:55:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214375
IP address blocks: 31.57.157.0/24 maxlen: 24
31.57.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Mar 2025 13:14:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7b:d5:22:f6:e5:bd:61:e5:bd:dd:1f:54:c4:c0:47:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 9 16:55:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=407262e2e108c0a3eb4a366529e0b5c49a2c83d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a0:72:5b:24:80:ac:07:79:d7:37:f6:65:cb:
18:33:ac:25:44:26:ec:b0:58:bb:5e:99:2b:a5:d4:
ba:ee:80:a3:2f:68:28:91:55:04:d8:0a:5f:a6:36:
71:3a:a3:29:41:ae:99:be:af:7a:0f:a6:1a:65:37:
31:92:6f:2e:af:57:6b:7c:69:ea:eb:ad:02:5f:bb:
6b:ec:c2:8a:6f:82:0a:86:4b:ac:fd:1b:cc:94:be:
71:81:12:de:e4:8d:4f:96:11:fb:9f:7e:59:10:0e:
64:d1:b9:36:8e:d5:aa:99:bd:21:56:89:45:1b:b9:
c5:52:60:b5:8c:c8:89:18:09:da:02:e8:b5:4c:ad:
7e:05:5b:1c:b4:04:1f:82:4b:36:73:b8:78:28:e4:
52:56:e7:80:96:1f:af:79:b4:17:35:b0:71:30:39:
43:77:09:0d:97:58:da:90:29:56:ff:04:27:96:93:
2e:6a:89:13:1d:fa:65:06:65:80:04:d7:82:69:9c:
f3:92:ef:c6:f1:16:77:67:55:70:c6:4f:82:43:67:
6d:a2:6c:d1:67:86:e3:af:21:b6:96:fd:09:e8:87:
5e:4d:1c:cf:07:4c:8c:3f:a7:9a:7e:7a:af:f1:7d:
88:e3:db:40:55:c6:ba:0e:72:41:ff:d0:aa:2b:f1:
86:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:72:62:E2:E1:08:C0:A3:EB:4A:36:65:29:E0:B5:C4:9A:2C:83:D9
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QHJi4uEIwKPrSjZlKeC1xJosg9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.157.0-31.57.158.255
Signature Algorithm: sha256WithRSAEncryption
4c:c8:8e:38:f7:f2:3d:2d:85:3e:d3:37:ed:4d:ea:c7:45:f8:
43:c0:e2:b9:bc:cc:b8:90:3a:e0:a9:a9:e1:96:e2:0a:1c:f2:
5a:d0:80:f4:c5:11:57:a2:7c:15:94:a0:5b:25:4f:4c:8c:da:
5f:39:a7:c6:ec:ff:33:6f:fb:50:18:9a:67:ae:00:de:d7:54:
67:b0:cb:c5:eb:1d:d3:c7:0b:eb:7f:da:02:33:f3:d9:e9:db:
a2:05:fd:a0:67:4b:11:4e:54:76:10:17:3b:2c:1b:6c:81:49:
e0:33:49:83:b4:08:73:16:5e:db:6a:4f:40:0e:19:24:0b:91:
7c:d1:ce:25:16:6f:19:19:ce:a3:22:fc:9b:e2:ca:72:17:16:
8e:1b:27:90:65:a5:ba:cd:b6:13:b0:42:48:10:1e:3c:1c:c2:
2d:7a:63:c9:3d:7e:59:42:47:c5:55:df:9b:fc:2a:5f:c4:d3:
34:39:59:52:32:c4:06:d0:26:7c:6f:95:0d:81:71:76:02:e4:
dd:e7:e7:7e:e2:7f:34:eb:5a:f6:e7:9d:bc:23:4b:6e:a1:40:
ef:51:6b:df:6a:2e:04:3e:8c:8b:cc:88:f7:95:cf:9c:c5:70:
fc:09:6d:8a:38:ff:7f:0a:2a:9c:b1:56:db:9b:6d:07:c8:36:
7d:4f:2a:60
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZV71SL25b1h5b3dH1TEwEdAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzA5MTY1NTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDcyNjJlMmUxMDhjMGEzZWI0YTM2NjUyOWUwYjVjNDlhMmM4M2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaByWySArAd51zf2ZcsYM6wlRCbs
sFi7XpkrpdS67oCjL2gokVUE2ApfpjZxOqMpQa6Zvq96D6YaZTcxkm8ur1drfGnq
660CX7tr7MKKb4IKhkus/RvMlL5xgRLe5I1PlhH7n35ZEA5k0bk2jtWqmb0hVolF
G7nFUmC1jMiJGAnaAui1TK1+BVsctAQfgks2c7h4KORSVueAlh+vebQXNbBxMDlD
dwkNl1jakClW/wQnlpMuaokTHfplBmWABNeCaZzzku/G8RZ3Z1Vwxk+CQ2dtomzR
Z4bjryG2lv0J6IdeTRzPB0yMP6eafnqv8X2I49tAVca6DnJB/9CqK/GGwwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEByYuLhCMCj60o2ZSngtcSaLIPZMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUUhKaTR1RUl3S1ByU2pabEtlQzF4Sm9zZzlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAfOZ0D
BAAfOZ4wDQYJKoZIhvcNAQELBQADggEBAEzIjjj38j0thT7TN+1N6sdF+EPA4rm8
zLiQOuCpqeGW4goc8lrQgPTFEVeifBWUoFslT0yM2l85p8bs/zNv+1AYmmeuAN7X
VGewy8XrHdPHC+t/2gIz89np26IF/aBnSxFOVHYQFzssG2yBSeAzSYO0CHMWXttq
T0AOGSQLkXzRziUWbxkZzqMi/JviynIXFo4bJ5BlpbrNthOwQkgQHjwcwi16Y8k9
fllCR8VV35v8Kl/E0zQ5WVIyxAbQJnxvlQ2BcXYC5N3n537ifzTrWvbnnbwjS26h
QO9Ra99qLgQ+jIvMiPeVz5zFcPwJbYo4/38KKpyxVtubbQfINn1PKmA=
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:02:16 2025 by rpki-client