Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TuwzmqmgcspItf43-2a-SxzLcYg.roa
File: TuwzmqmgcspItf43-2a-SxzLcYg.roa (raw, json)
Hash identifier: 55OF0eLmUKcJvFAhyZHc+YXcOKPpAK2FX74oSNcTTE0=
Subject key identifier: 4E:EC:33:9A:A9:A0:72:CA:48:B5:FE:37:FB:66:BE:4B:1C:CB:71:88
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019513200E5AF3EDF384D1C3BE47C7EA7623
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TuwzmqmgcspItf43-2a-SxzLcYg.roa
Signing time: Mon 17 Feb 2025 08:57:02 +0000
ROA not before: Mon 17 Feb 2025 08:57:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214481
IP address blocks: 31.58.51.0/24 maxlen: 24
31.59.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 16:33:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:13:20:0e:5a:f3:ed:f3:84:d1:c3:be:47:c7:ea:76:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 17 08:57:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4eec339aa9a072ca48b5fe37fb66be4b1ccb7188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:20:b9:6b:37:f8:2c:52:d5:90:0d:5a:43:dc:
0e:40:03:48:27:ca:d7:3e:d8:63:a9:cc:0f:27:4f:
a1:d6:f6:7a:d1:a4:7b:bd:a9:fa:5e:60:7e:11:d1:
03:49:c5:89:07:d4:ad:7d:15:18:d4:26:84:5b:77:
57:c1:e8:ca:1b:20:63:c9:83:06:fd:7f:f0:8f:1d:
37:6d:d9:8e:92:3d:51:2f:c3:54:90:63:af:1e:80:
ae:a7:74:54:8d:9b:f0:1b:91:03:ce:64:4d:39:02:
02:58:46:bc:0d:90:1d:8a:4b:fe:16:b4:8d:01:8f:
da:c9:d9:64:b0:1a:14:33:e1:d3:bd:2a:aa:0b:5e:
24:da:22:c3:6b:83:44:81:ce:69:00:1a:4b:4c:e6:
7b:7c:71:02:21:ab:4c:ea:fa:60:66:fe:ee:74:ca:
e6:ea:7f:9f:36:93:28:23:fa:f7:23:8d:ec:e2:5e:
79:84:21:db:fa:f7:97:b8:84:4c:1e:6b:77:f1:94:
ed:34:b9:62:c6:50:3d:67:7a:38:8a:4c:46:5e:22:
c6:88:c3:43:6d:0d:5b:a3:4d:69:3b:f7:48:e3:01:
a7:e4:8c:07:f5:69:d8:ea:9a:bb:49:98:9b:bf:7b:
15:68:fd:e5:f6:51:64:22:93:41:44:15:9a:38:c7:
8c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:EC:33:9A:A9:A0:72:CA:48:B5:FE:37:FB:66:BE:4B:1C:CB:71:88
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TuwzmqmgcspItf43-2a-SxzLcYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.51.0/24
31.59.129.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:da:36:43:b0:fb:cd:79:61:d7:e4:68:3d:30:94:c7:91:c8:
67:60:2a:5a:89:70:f9:e0:0d:e3:c7:8b:48:1e:69:08:4c:31:
2a:be:62:f0:d6:8a:7f:fc:f3:a0:99:01:a6:8e:a6:7c:7a:0f:
e3:2e:98:35:0e:aa:b6:02:c0:6d:1e:f7:b6:9e:8c:f4:76:80:
53:26:22:09:32:ae:03:59:66:a9:8a:09:51:79:e3:42:cb:7a:
f2:44:d5:7b:3e:29:1b:a7:07:71:4e:87:24:21:e7:ad:8e:9f:
28:b6:bf:53:dd:11:7c:f7:e6:f2:59:eb:a0:bd:5b:82:d6:3e:
71:9b:d6:5f:80:88:75:60:72:23:62:83:c8:d6:69:45:f5:29:
c5:08:ba:ac:d0:1a:22:7f:d3:b7:aa:58:c4:a8:16:d4:1e:1d:
dd:7b:fe:74:b7:08:78:21:15:b5:60:5a:9f:28:dd:3d:9c:85:
88:ca:35:b8:16:c6:93:37:92:b5:bf:33:ec:11:11:69:93:08:
1e:a0:ed:31:13:ce:29:7e:92:5e:ca:fd:8e:39:22:c9:5d:2e:
7e:b2:f3:f8:cc:fb:ba:5b:cf:6a:90:19:af:67:18:a2:87:bf:
48:6d:89:64:20:1c:ef:45:2b:9c:79:7a:ed:b0:2b:ed:5b:79:
ef:2f:71:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUTIA5a8+3zhNHDvkfH6nYjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjE3MDg1NzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWVjMzM5YWE5YTA3MmNhNDhiNWZlMzdmYjY2YmU0YjFjY2I3MTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiC5azf4LFLVkA1aQ9wOQANIJ8rX
PthjqcwPJ0+h1vZ60aR7van6XmB+EdEDScWJB9StfRUY1CaEW3dXwejKGyBjyYMG
/X/wjx03bdmOkj1RL8NUkGOvHoCup3RUjZvwG5EDzmRNOQICWEa8DZAdikv+FrSN
AY/aydlksBoUM+HTvSqqC14k2iLDa4NEgc5pABpLTOZ7fHECIatM6vpgZv7udMrm
6n+fNpMoI/r3I43s4l55hCHb+veXuIRMHmt38ZTtNLlixlA9Z3o4ikxGXiLGiMND
bQ1bo01pO/dI4wGn5IwH9WnY6pq7SZibv3sVaP3l9lFkIpNBRBWaOMeMiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE7sM5qpoHLKSLX+N/tmvkscy3GIMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVHV3em1xbWdjc3BJdGY0My0yYS1TeHpMY1lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHzozAwQA
HzuBMA0GCSqGSIb3DQEBCwUAA4IBAQAv2jZDsPvNeWHX5Gg9MJTHkchnYCpaiXD5
4A3jx4tIHmkITDEqvmLw1op//POgmQGmjqZ8eg/jLpg1Dqq2AsBtHve2noz0doBT
JiIJMq4DWWapiglReeNCy3ryRNV7PikbpwdxTockIeetjp8otr9T3RF89+byWeug
vVuC1j5xm9ZfgIh1YHIjYoPI1mlF9SnFCLqs0Boif9O3qljEqBbUHh3de/50twh4
IRW1YFqfKN09nIWIyjW4FsaTN5K1vzPsERFpkwgeoO0xE84pfpJeyv2OOSLJXS5+
svP4zPu6W89qkBmvZxiih79IbYlkIBzvRSuceXrtsCvtW3nvL3Fj
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:50:45 2025 by rpki-client