Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TybTIHv8wfJ1sO1oLPgNoio0hyA.roa
File: TybTIHv8wfJ1sO1oLPgNoio0hyA.roa (raw, json)
Hash identifier: sppFXxIKo4QWK+IEbtZ3sCcOKaTnEZ1GkbCd8yLz4i8=
Subject key identifier: 4F:26:D3:20:7B:FC:C1:F2:75:B0:ED:68:2C:F8:0D:A2:2A:34:87:20
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194EF15573688D0DAAA5A542D4FA1C65AA5
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TybTIHv8wfJ1sO1oLPgNoio0hyA.roa
Signing time: Mon 10 Feb 2025 08:59:00 +0000
ROA not before: Mon 10 Feb 2025 08:59:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44620
IP address blocks: 31.58.91.0/24 maxlen: 24
31.58.238.0/24 maxlen: 24
31.59.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Mar 2025 08:10:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ef:15:57:36:88:d0:da:aa:5a:54:2d:4f:a1:c6:5a:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 10 08:59:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f26d3207bfcc1f275b0ed682cf80da22a348720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b7:e8:a5:30:b6:c2:c7:71:ff:ef:9f:50:f3:
a6:3a:6a:4f:89:f8:c9:3c:65:69:6d:df:55:8d:f9:
23:4f:f0:49:a6:5e:1a:56:33:a8:2c:65:08:64:3d:
c5:c9:a8:24:1a:d5:61:e6:9e:06:01:c6:12:b7:ae:
f5:c7:7d:f3:0e:71:d6:fc:3a:fb:aa:40:d8:d2:f9:
14:6a:b5:e3:38:60:41:6a:88:76:c4:09:d9:f2:d4:
a5:ab:ea:15:c0:a0:0e:2a:f3:b7:8c:08:37:85:af:
18:ae:0e:24:fc:f4:79:e2:6f:ce:e2:2c:04:85:93:
e0:71:df:a8:5c:63:f2:03:42:ad:91:8d:74:81:cd:
30:49:97:ac:e5:c2:55:89:a1:47:28:7e:16:97:86:
1c:a6:1a:fe:15:86:a4:f9:6b:2d:cd:1b:ca:b4:a3:
24:0e:d8:94:ee:bd:76:ac:5b:75:67:d5:a9:c6:43:
7f:4c:41:a7:6c:3b:56:dd:c1:f0:38:fe:a0:16:5a:
d8:99:2e:f2:44:49:08:70:e1:64:df:a9:5b:ef:85:
60:f7:14:a0:5f:4e:2f:35:e0:48:99:f0:f9:dd:c5:
4c:ec:9b:a2:90:89:be:6e:ab:cf:07:c4:25:9a:1e:
ab:52:39:49:58:ce:b6:70:6c:0d:b9:c6:c6:14:40:
ed:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:26:D3:20:7B:FC:C1:F2:75:B0:ED:68:2C:F8:0D:A2:2A:34:87:20
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TybTIHv8wfJ1sO1oLPgNoio0hyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.91.0/24
31.58.238.0/24
31.59.41.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:93:51:e7:9b:50:10:f1:a8:d2:0c:c4:67:24:80:1a:21:cd:
21:ce:e6:fe:fc:55:92:1e:69:d5:02:46:c5:b3:32:19:ec:80:
5e:41:73:3e:b2:7a:0a:13:f8:2e:a5:48:35:8f:e0:25:6c:e0:
71:7c:b2:1c:6a:4e:25:f6:11:6f:db:be:c7:35:34:21:c6:de:
1b:78:8e:04:1c:c2:85:69:85:c9:db:0b:f2:16:f2:69:3b:e0:
24:f1:24:ea:86:48:98:76:1d:9c:a9:c1:3d:a5:ed:e1:4b:4b:
63:0d:2a:24:b3:ad:60:2e:5a:57:4c:1d:ec:60:a7:f9:2d:77:
d1:b6:9c:d5:84:84:39:50:bf:2a:da:e1:3a:11:cf:5d:3e:f6:
f5:13:b6:ad:3b:48:61:61:af:ae:eb:23:f8:de:ce:d7:47:c4:
79:f4:cc:eb:0b:71:59:e1:d9:88:b8:b2:e2:9c:11:1e:39:ef:
75:fa:4b:b8:64:d5:f4:13:68:6e:8f:33:15:4e:67:fa:88:a7:
25:bb:b8:37:41:d7:30:5c:d7:c7:8f:f2:21:15:f8:46:23:7d:
52:56:28:a6:f1:04:1e:8b:2d:ea:f8:bf:3c:db:ef:0a:d5:14:
ae:d6:49:17:da:7a:39:eb:d3:85:dc:84:8b:86:6e:32:ca:ae:
99:de:c4:77
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZTvFVc2iNDaqlpULU+hxlqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjEwMDg1OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjI2ZDMyMDdiZmNjMWYyNzViMGVkNjgyY2Y4MGRhMjJhMzQ4NzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrfopTC2wsdx/++fUPOmOmpPifjJ
PGVpbd9VjfkjT/BJpl4aVjOoLGUIZD3FyagkGtVh5p4GAcYSt671x33zDnHW/Dr7
qkDY0vkUarXjOGBBaoh2xAnZ8tSlq+oVwKAOKvO3jAg3ha8Yrg4k/PR54m/O4iwE
hZPgcd+oXGPyA0KtkY10gc0wSZes5cJViaFHKH4Wl4Ycphr+FYak+WstzRvKtKMk
DtiU7r12rFt1Z9WpxkN/TEGnbDtW3cHwOP6gFlrYmS7yREkIcOFk36lb74Vg9xSg
X04vNeBImfD53cVM7JuikIm+bqvPB8Qlmh6rUjlJWM62cGwNucbGFEDtpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE8m0yB7/MHydbDtaCz4DaIqNIcgMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVHliVElIdjh3Zkoxc08xb0xQZ05vaW8waHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHzpbAwQA
HzruAwQAHzspMA0GCSqGSIb3DQEBCwUAA4IBAQBak1Hnm1AQ8ajSDMRnJIAaIc0h
zub+/FWSHmnVAkbFszIZ7IBeQXM+snoKE/gupUg1j+AlbOBxfLIcak4l9hFv277H
NTQhxt4beI4EHMKFaYXJ2wvyFvJpO+Ak8STqhkiYdh2cqcE9pe3hS0tjDSoks61g
LlpXTB3sYKf5LXfRtpzVhIQ5UL8q2uE6Ec9dPvb1E7atO0hhYa+u6yP43s7XR8R5
9MzrC3FZ4dmIuLLinBEeOe91+ku4ZNX0E2hujzMVTmf6iKclu7g3QdcwXNfHj/Ih
FfhGI31SViim8QQeiy3q+L882+8K1RSu1kkX2no569OF3ISLhm4yyq6Z3sR3
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:10:47 2025 by rpki-client