Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Smo5y1qcLry66JXwHyMaJ6cm8yQ.roa
File: Smo5y1qcLry66JXwHyMaJ6cm8yQ.roa (raw, json)
Hash identifier: ZAXKogEodpP50iSg9rZcUct8D8CRbKkHxyjPXBgZMUk=
Subject key identifier: 4A:6A:39:CB:5A:9C:2E:BC:BA:E8:95:F0:1F:23:1A:27:A7:26:F3:24
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195139629307A1A9AA44DCDDBC1FE0C4639
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Smo5y1qcLry66JXwHyMaJ6cm8yQ.roa
Signing time: Mon 17 Feb 2025 11:06:02 +0000
ROA not before: Mon 17 Feb 2025 11:06:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 31.57.35.0/24 maxlen: 24
31.57.100.0/24 maxlen: 24
31.57.228.0/24 maxlen: 24
31.57.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Mar 2025 18:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:13:96:29:30:7a:1a:9a:a4:4d:cd:db:c1:fe:0c:46:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 17 11:06:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a6a39cb5a9c2ebcbae895f01f231a27a726f324
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ab:cd:d1:d7:ce:7a:13:ce:a9:89:8b:e2:bf:
82:74:2b:f3:76:36:de:9d:ce:55:fb:b5:56:72:23:
0f:67:0c:6c:03:0a:c6:81:b7:80:f1:c9:cb:42:43:
80:09:23:b4:b9:09:9d:56:df:12:50:35:48:da:8c:
c8:7a:49:c7:c6:05:b5:c6:85:ed:0c:4e:fa:a2:44:
c3:87:ca:b7:e3:61:0f:8d:90:db:8f:af:4c:66:c0:
5f:aa:0d:17:df:20:86:c7:9e:00:63:68:7d:71:fd:
87:34:6e:72:07:52:31:d8:3a:78:87:10:af:9c:e0:
08:c2:a5:ce:45:a8:35:76:0d:e2:0a:07:f6:98:4a:
d4:b8:46:19:4b:d7:28:ef:8f:47:93:53:25:0a:06:
9a:e6:0d:33:92:1a:fa:6e:a7:d9:fc:a1:36:75:cd:
10:a0:d8:a2:99:e1:d2:cd:6b:44:85:fd:f1:a7:94:
ca:b7:96:36:35:70:17:8c:15:b4:02:ef:21:26:e6:
7b:e1:bf:19:de:b8:91:d9:94:29:75:57:42:9f:6a:
45:10:23:01:0e:8f:14:cc:40:b6:79:cb:00:35:26:
c1:7e:bd:5f:a4:36:84:eb:6d:d8:0e:26:76:cf:eb:
b4:db:80:bd:16:7b:01:ff:1b:3c:3e:69:8c:92:c6:
01:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:6A:39:CB:5A:9C:2E:BC:BA:E8:95:F0:1F:23:1A:27:A7:26:F3:24
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Smo5y1qcLry66JXwHyMaJ6cm8yQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.35.0/24
31.57.100.0/24
31.57.228.0/24
31.57.248.0/24
Signature Algorithm: sha256WithRSAEncryption
78:8e:21:3b:8a:6d:0d:4b:1f:ba:54:08:ba:b8:93:86:a3:42:
90:bb:20:9a:87:25:43:3d:e4:09:1d:98:db:4b:bc:d0:38:d0:
30:35:98:60:30:15:d3:62:0c:e0:6b:84:d8:ab:7c:c9:46:4d:
da:92:47:24:84:24:71:a1:b0:85:42:14:ea:dd:25:79:28:81:
8a:3b:55:c0:58:11:50:a8:89:c9:24:9a:72:5c:32:06:2f:6e:
87:16:ad:68:c6:20:4a:73:6d:d0:54:94:06:e5:ae:fa:47:3a:
84:bb:07:de:1f:01:45:52:0b:1c:8d:23:98:c1:36:65:fa:96:
3d:0d:54:21:11:1b:41:f8:9f:5d:00:d2:b4:79:6f:46:d3:ee:
0b:87:bf:0e:3f:4a:46:2d:e1:72:2d:08:a2:a1:10:1d:6d:6a:
ef:38:71:c8:89:25:f8:df:7d:87:72:be:09:24:ed:40:a9:83:
ec:13:8c:da:59:8a:32:8e:f9:9b:e5:aa:7d:6d:e8:99:f8:be:
80:7c:9a:67:bf:50:40:c1:30:f5:f8:0f:8e:24:d8:52:ea:0c:
2d:65:d8:30:91:ba:99:42:ce:f1:db:be:6c:b8:e6:b7:5a:e2:
96:61:af:e7:ba:43:bd:a5:98:28:63:6a:69:01:d6:e3:b4:eb:
0b:d4:0f:60
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZUTlikwehqapE3N28H+DEY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjE3MTEwNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTZhMzljYjVhOWMyZWJjYmFlODk1ZjAxZjIzMWEyN2E3MjZmMzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKvN0dfOehPOqYmL4r+CdCvzdjbe
nc5V+7VWciMPZwxsAwrGgbeA8cnLQkOACSO0uQmdVt8SUDVI2ozIeknHxgW1xoXt
DE76okTDh8q342EPjZDbj69MZsBfqg0X3yCGx54AY2h9cf2HNG5yB1Ix2Dp4hxCv
nOAIwqXORag1dg3iCgf2mErUuEYZS9co749Hk1MlCgaa5g0zkhr6bqfZ/KE2dc0Q
oNiimeHSzWtEhf3xp5TKt5Y2NXAXjBW0Au8hJuZ74b8Z3riR2ZQpdVdCn2pFECMB
Do8UzEC2ecsANSbBfr1fpDaE623YDiZ2z+u024C9FnsB/xs8PmmMksYBDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEpqOctanC68uuiV8B8jGienJvMkMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvU21vNXkxcWNMcnk2NkpYd0h5TWFKNmNtOHlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzkjAwQA
HzlkAwQAHznkAwQAHzn4MA0GCSqGSIb3DQEBCwUAA4IBAQB4jiE7im0NSx+6VAi6
uJOGo0KQuyCahyVDPeQJHZjbS7zQONAwNZhgMBXTYgzga4TYq3zJRk3akkckhCRx
obCFQhTq3SV5KIGKO1XAWBFQqInJJJpyXDIGL26HFq1oxiBKc23QVJQG5a76RzqE
uwfeHwFFUgscjSOYwTZl+pY9DVQhERtB+J9dANK0eW9G0+4Lh78OP0pGLeFyLQii
oRAdbWrvOHHIiSX4332Hcr4JJO1AqYPsE4zaWYoyjvmb5ap9beiZ+L6AfJpnv1BA
wTD1+A+OJNhS6gwtZdgwkbqZQs7x275suOa3WuKWYa/nukO9pZgoY2ppAdbjtOsL
1A9g
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:58:11 2025 by rpki-client