Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/WJac1h44Iq4inOXjaxr-bfZoWvo.roa
File: WJac1h44Iq4inOXjaxr-bfZoWvo.roa (raw, json)
Hash identifier: Z3WGEFkoJlkjz//seitGUK8tBhmKsDdK3Abr8Ud7XtM=
Subject key identifier: 58:96:9C:D6:1E:38:22:AE:22:9C:E5:E3:6B:1A:FE:6D:F6:68:5A:FA
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01953E30D730063A7F898C6F5AF762E7244B
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/WJac1h44Iq4inOXjaxr-bfZoWvo.roa
Signing time: Tue 25 Feb 2025 17:39:02 +0000
ROA not before: Tue 25 Feb 2025 17:39:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29066
IP address blocks: 31.56.77.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Mar 2025 10:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3e:30:d7:30:06:3a:7f:89:8c:6f:5a:f7:62:e7:24:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 25 17:39:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58969cd61e3822ae229ce5e36b1afe6df6685afa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:87:1e:8a:fc:71:ea:6d:dc:ca:2e:f4:8b:7b:
c8:15:29:04:3a:e6:5f:c9:e8:63:65:d9:17:49:fd:
2f:77:fa:af:66:04:75:d6:01:2a:a3:0d:77:56:22:
b8:3f:aa:79:4e:6a:ac:ad:2e:59:0b:15:54:95:be:
3d:5a:de:67:b8:16:94:96:e1:59:e2:67:f1:4f:37:
92:76:81:68:98:6d:47:6a:0f:b2:91:af:ad:cd:fc:
38:82:05:7c:82:fe:51:db:ca:35:e2:c3:94:91:63:
a3:ba:58:6d:7a:07:9b:3b:f6:44:f0:bb:aa:ee:0b:
ee:22:76:b3:d0:8a:40:2a:68:fd:13:e3:ba:4f:43:
02:94:ac:c2:b5:b4:99:bf:44:90:a1:4e:21:40:6e:
b2:d6:0c:12:ca:78:13:71:38:d9:02:b1:db:c9:79:
cc:64:c5:2f:34:60:8a:f0:21:36:88:4b:17:6c:fd:
ce:c6:52:7f:9a:02:eb:ad:91:3c:51:34:d2:61:06:
a9:8c:07:bb:ee:08:74:ec:ce:f9:ce:35:34:4d:e4:
3a:54:b7:29:e2:c4:9d:1f:28:a8:ed:94:80:75:58:
f4:25:cb:eb:56:2b:c5:28:c4:af:c9:41:a1:e9:50:
82:62:82:b3:a1:e2:99:2f:dc:7d:57:88:2e:93:f2:
24:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:96:9C:D6:1E:38:22:AE:22:9C:E5:E3:6B:1A:FE:6D:F6:68:5A:FA
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/WJac1h44Iq4inOXjaxr-bfZoWvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.77.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:66:1d:96:af:5a:ab:2f:4b:e7:e4:38:5a:01:c3:e2:ef:c7:
5b:9a:f1:11:0c:cb:8a:e8:37:ba:23:da:38:53:a3:08:96:65:
c3:81:5a:a4:ed:fc:bb:02:c6:fe:9e:e9:25:db:cf:4d:05:3f:
af:03:aa:27:c1:49:b2:53:0c:2a:6c:44:29:fd:6a:36:04:5b:
ea:19:8d:ce:35:e6:2f:b7:ab:45:34:ad:35:2e:fd:4b:19:de:
68:0f:bd:ce:35:28:75:10:f0:29:b3:e7:b6:6d:f3:78:4f:b4:
cf:80:40:a1:cc:e6:85:d1:f4:4d:c7:22:50:02:cf:69:a1:63:
ee:f2:7f:7a:88:dd:b9:71:ac:ff:aa:7d:ef:b6:9d:e5:2d:48:
87:a3:dd:b9:8d:6b:ed:1a:a6:1f:08:24:72:fb:ac:e6:2a:cd:
5a:80:d3:00:89:05:fd:7f:e2:2b:cc:c0:c7:30:e8:ec:2e:e1:
40:e4:52:3e:ce:e1:97:d7:31:24:44:6a:c1:98:93:5f:ee:19:
02:01:2a:e1:e1:0e:2b:b9:af:31:f4:ec:cc:a3:fb:fd:73:4f:
3c:a1:d4:de:83:d9:73:c4:82:32:4b:03:59:50:9d:41:4a:1c:
0e:d6:58:47:30:45:9d:13:6d:66:e6:6a:d0:8e:c3:31:73:65:
53:ce:9c:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZU+MNcwBjp/iYxvWvdi5yRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjI1MTczOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODk2OWNkNjFlMzgyMmFlMjI5Y2U1ZTM2YjFhZmU2ZGY2Njg1YWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYceivxx6m3cyi70i3vIFSkEOuZf
yehjZdkXSf0vd/qvZgR11gEqow13ViK4P6p5TmqsrS5ZCxVUlb49Wt5nuBaUluFZ
4mfxTzeSdoFomG1Hag+yka+tzfw4ggV8gv5R28o14sOUkWOjulhtegebO/ZE8Luq
7gvuInaz0IpAKmj9E+O6T0MClKzCtbSZv0SQoU4hQG6y1gwSyngTcTjZArHbyXnM
ZMUvNGCK8CE2iEsXbP3OxlJ/mgLrrZE8UTTSYQapjAe77gh07M75zjU0TeQ6VLcp
4sSdHyio7ZSAdVj0JcvrVivFKMSvyUGh6VCCYoKzoeKZL9x9V4guk/Ik7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFiWnNYeOCKuIpzl42sa/m32aFr6MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvV0phYzFoNDRJcTRpbk9YamF4ci1iZlpvV3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHzhNMA0G
CSqGSIb3DQEBCwUAA4IBAQAtZh2Wr1qrL0vn5DhaAcPi78dbmvERDMuK6De6I9o4
U6MIlmXDgVqk7fy7Asb+nukl289NBT+vA6onwUmyUwwqbEQp/Wo2BFvqGY3ONeYv
t6tFNK01Lv1LGd5oD73ONSh1EPAps+e2bfN4T7TPgEChzOaF0fRNxyJQAs9poWPu
8n96iN25caz/qn3vtp3lLUiHo925jWvtGqYfCCRy+6zmKs1agNMAiQX9f+IrzMDH
MOjsLuFA5FI+zuGX1zEkRGrBmJNf7hkCASrh4Q4rua8x9OzMo/v9c088odTeg9lz
xIIySwNZUJ1BShwO1lhHMEWdE21m5mrQjsMxc2VTzpx4
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:49:32 2025 by rpki-client