Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/VG0nb2HPeTxEQXKzAQDg2Bwv2Vc.roa
File: VG0nb2HPeTxEQXKzAQDg2Bwv2Vc.roa (raw, json)
Hash identifier: N6FKYkwm+i/wwH2QbtnLt23parkJbVvlBTMLf6OHxO4=
Subject key identifier: 54:6D:27:6F:61:CF:79:3C:44:41:72:B3:01:00:E0:D8:1C:2F:D9:57
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195C6CEB43906F692FFB9BF68D0CC401EDB
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/VG0nb2HPeTxEQXKzAQDg2Bwv2Vc.roa
Signing time: Mon 24 Mar 2025 06:19:50 +0000
ROA not before: Mon 24 Mar 2025 06:19:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4515
IP address blocks: 31.56.122.0/24 maxlen: 24
31.57.65.0/24 maxlen: 24
31.57.222.0/23 maxlen: 24
31.59.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Mar 2025 16:33:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c6:ce:b4:39:06:f6:92:ff:b9:bf:68:d0:cc:40:1e:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 24 06:19:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=546d276f61cf793c444172b30100e0d81c2fd957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7a:ba:41:4c:14:63:34:2f:81:16:44:80:75:
60:8d:9a:b9:e5:64:21:4f:f9:23:68:1b:42:2b:11:
30:7a:05:55:b2:8e:d0:69:53:c8:b2:bd:df:41:cd:
cc:1c:2e:d2:76:26:dc:bb:74:ce:d7:e2:9b:6f:02:
7a:9b:cd:8b:e0:6a:c9:f1:9a:4f:95:ee:0d:cb:49:
2f:44:4e:1e:be:6b:5c:dc:02:66:4f:03:99:aa:a8:
35:e9:72:31:42:3b:7c:5a:0c:10:66:e2:eb:21:14:
0b:5a:48:ba:33:bf:81:e7:d2:ed:4f:51:fc:0f:42:
83:79:06:b4:1b:b6:dd:d1:c6:10:f2:c9:44:99:f8:
f0:57:e5:05:d7:9b:1f:4d:d3:81:87:69:fd:69:26:
25:13:44:a5:41:c3:34:66:df:2d:77:8e:9b:d2:9b:
d2:0a:7d:fc:9e:e7:f1:31:66:53:f4:bd:6c:fa:ed:
81:cd:09:03:e0:31:94:07:4c:09:40:80:44:dd:cd:
e8:76:0f:95:9c:29:57:92:4f:57:cc:50:bc:ae:7c:
6f:86:59:9c:55:25:9b:a9:9c:5c:00:69:d2:64:00:
c9:02:f9:fa:db:a6:ec:13:15:b5:57:0a:6b:d4:0f:
d8:b8:4d:ce:ed:7d:d8:2f:cc:78:df:27:84:00:89:
95:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:6D:27:6F:61:CF:79:3C:44:41:72:B3:01:00:E0:D8:1C:2F:D9:57
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/VG0nb2HPeTxEQXKzAQDg2Bwv2Vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.122.0/24
31.57.65.0/24
31.57.222.0/23
31.59.41.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:bf:58:82:1b:13:9a:86:06:77:5f:d8:7d:c8:1a:34:70:16:
52:65:11:db:3a:c6:33:f4:e5:85:b7:cd:a1:1a:e0:91:8b:36:
7e:14:42:dd:0f:4a:f4:67:e9:5b:6a:65:5f:e2:9a:25:a0:50:
94:f7:e6:84:b4:a9:9d:17:b5:f8:ca:1e:4a:9d:60:ba:41:ad:
c7:08:b8:34:c9:05:44:f0:10:b8:a8:88:03:55:d4:19:82:8e:
04:4a:f4:b5:91:43:71:8f:14:5c:2a:4c:dc:c9:6e:42:b1:95:
01:8c:08:38:1d:5d:2a:d8:07:88:f2:05:4d:2a:11:82:de:c2:
7d:b5:97:0d:45:c0:8f:6d:3f:3f:6c:c5:e0:f9:aa:92:38:fe:
cd:e8:98:9c:26:f8:31:de:44:f5:60:bd:d0:97:75:bf:2e:ee:
88:f1:94:5a:bb:65:00:c3:f4:a5:74:3d:cf:19:3f:5e:86:cd:
35:e9:4c:11:45:e1:6b:13:fb:57:75:ed:c1:8c:53:59:fe:19:
a5:9e:ff:a7:7a:e4:ca:31:ef:36:42:08:0a:d7:1b:55:aa:5a:
83:a4:ba:9e:b5:f3:2b:36:e9:80:1c:bd:ca:e0:2b:12:96:e2:
1c:81:f0:c2:a9:26:e7:40:29:67:0a:d4:3c:72:93:bf:a0:e2:
31:5a:9e:52
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZXGzrQ5BvaS/7m/aNDMQB7bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzI0MDYxOTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDZkMjc2ZjYxY2Y3OTNjNDQ0MTcyYjMwMTAwZTBkODFjMmZkOTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHq6QUwUYzQvgRZEgHVgjZq55WQh
T/kjaBtCKxEwegVVso7QaVPIsr3fQc3MHC7Sdibcu3TO1+KbbwJ6m82L4GrJ8ZpP
le4Ny0kvRE4evmtc3AJmTwOZqqg16XIxQjt8WgwQZuLrIRQLWki6M7+B59LtT1H8
D0KDeQa0G7bd0cYQ8slEmfjwV+UF15sfTdOBh2n9aSYlE0SlQcM0Zt8td46b0pvS
Cn38nufxMWZT9L1s+u2BzQkD4DGUB0wJQIBE3c3odg+VnClXkk9XzFC8rnxvhlmc
VSWbqZxcAGnSZADJAvn626bsExW1Vwpr1A/YuE3O7X3YL8x43yeEAImVIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFRtJ29hz3k8REFyswEA4NgcL9lXMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVkcwbmIySFBlVHhFUVhLekFRRGcyQnd2MlZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzh6AwQA
HzlBAwQBHzneAwQAHzspMA0GCSqGSIb3DQEBCwUAA4IBAQAOv1iCGxOahgZ3X9h9
yBo0cBZSZRHbOsYz9OWFt82hGuCRizZ+FELdD0r0Z+lbamVf4poloFCU9+aEtKmd
F7X4yh5KnWC6Qa3HCLg0yQVE8BC4qIgDVdQZgo4ESvS1kUNxjxRcKkzcyW5CsZUB
jAg4HV0q2AeI8gVNKhGC3sJ9tZcNRcCPbT8/bMXg+aqSOP7N6JicJvgx3kT1YL3Q
l3W/Lu6I8ZRau2UAw/SldD3PGT9ehs016UwRReFrE/tXde3BjFNZ/hmlnv+neuTK
Me82QggK1xtVqlqDpLqetfMrNumAHL3K4CsSluIcgfDCqSbnQClnCtQ8cpO/oOIx
Wp5S
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:02:15 2025 by rpki-client