Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ZFWUD9cU7yVvvkqdKCgJKJXPg2w.roa
File: ZFWUD9cU7yVvvkqdKCgJKJXPg2w.roa (raw, json)
Hash identifier: 1gN9nBwl+lHq9NudHJivXRQD+ZaaB0IMhZmgJ2obVps=
Subject key identifier: 64:55:94:0F:D7:14:EF:25:6F:BE:4A:9D:28:28:09:28:95:CF:83:6C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01972299C4468E26B152F1EDD1116590C025
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ZFWUD9cU7yVvvkqdKCgJKJXPg2w.roa
Signing time: Fri 30 May 2025 19:09:51 +0000
ROA not before: Fri 30 May 2025 19:09:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208483
IP address blocks: 31.57.225.0/24 maxlen: 24
31.58.56.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Jun 2025 07:40:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:22:99:c4:46:8e:26:b1:52:f1:ed:d1:11:65:90:c0:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 30 19:09:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6455940fd714ef256fbe4a9d2828092895cf836c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1b:88:71:c1:0f:07:78:25:61:fb:fb:b7:6f:
2f:6e:6e:cc:a4:a3:d8:89:8f:bc:74:29:8d:d7:4d:
5c:e8:9f:ac:e4:30:07:fd:fa:41:42:2e:a6:c6:b1:
0d:e1:8f:a8:98:ae:be:1f:80:03:a5:25:83:d5:0b:
ed:79:28:58:1a:bc:4d:6d:3e:ed:b7:88:c8:78:53:
07:4d:1b:96:d0:89:ce:c7:ff:34:c0:31:c9:cf:e8:
a8:fc:bf:f8:3d:78:a9:9f:67:78:89:87:0d:c1:db:
aa:4b:96:14:f3:3e:f4:ad:ed:fe:41:6b:17:f7:59:
aa:0d:42:e2:a6:7c:e3:0c:1a:40:92:4c:17:ec:32:
fd:6d:ef:e7:a7:29:48:fc:51:95:cd:76:20:da:ef:
0d:e7:78:cb:1b:76:05:61:a0:63:5e:0f:21:c6:b9:
06:e7:1a:12:37:e5:ab:7e:42:80:63:27:ba:02:61:
1b:78:ce:87:7b:53:5d:64:22:6a:b3:bd:b0:c1:8f:
df:fa:7f:37:9c:59:c0:2c:b7:91:58:d0:c3:91:25:
8c:37:d9:77:09:1b:98:81:2d:a1:ff:eb:91:2f:7c:
02:26:4c:fe:7a:29:f4:13:e5:ad:ae:06:b4:ac:ed:
79:d1:b9:88:01:86:57:e4:d7:be:e5:e0:e3:67:df:
38:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:55:94:0F:D7:14:EF:25:6F:BE:4A:9D:28:28:09:28:95:CF:83:6C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ZFWUD9cU7yVvvkqdKCgJKJXPg2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.225.0/24
31.58.56.0/23
Signature Algorithm: sha256WithRSAEncryption
10:36:b6:d9:9a:d5:7f:62:a2:9c:b0:48:24:68:fd:ad:72:8a:
00:1e:d7:8c:e7:5f:c7:d9:ae:05:4b:fa:2f:52:8b:d0:d0:31:
6d:a7:e9:7d:3b:b5:0c:7d:af:70:b7:e8:e0:2e:d3:be:d5:3c:
ba:c3:39:92:a7:72:af:65:10:d1:bf:45:9d:36:2b:19:dd:6e:
92:69:04:41:42:23:ad:5f:32:cb:ae:5f:c4:79:87:62:23:a4:
6e:1f:4e:87:35:07:c8:a4:c0:09:12:ba:46:16:c2:41:e4:b0:
84:36:10:c5:d4:50:fa:95:9d:0b:09:f1:28:67:44:78:1d:b1:
f1:6f:c9:e2:0b:79:ec:bf:a1:00:0f:9a:ab:12:11:99:af:47:
e5:d7:56:2d:8b:58:87:1d:68:ad:a4:e6:36:42:2a:96:73:0d:
7d:5b:7d:29:2f:39:a7:c6:52:83:69:39:0f:ba:8c:95:76:af:
e0:ea:c7:d5:bc:26:d7:97:4a:19:55:ee:4b:3d:6d:9a:5e:36:
23:58:af:82:fa:ac:72:f7:06:3a:aa:bb:14:19:81:3d:54:78:
6f:ca:fc:a0:88:bc:a2:4f:1e:b1:96:3c:d0:f7:6f:94:56:b2:
ae:9b:e0:0b:ea:3a:fd:b3:67:a4:b0:02:65:dc:d2:31:b9:be:
10:a4:6b:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZcimcRGjiaxUvHt0RFlkMAlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNTMwMTkwOTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDU1OTQwZmQ3MTRlZjI1NmZiZTRhOWQyODI4MDkyODk1Y2Y4MzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhuIccEPB3glYfv7t28vbm7MpKPY
iY+8dCmN101c6J+s5DAH/fpBQi6mxrEN4Y+omK6+H4ADpSWD1QvteShYGrxNbT7t
t4jIeFMHTRuW0InOx/80wDHJz+io/L/4PXipn2d4iYcNwduqS5YU8z70re3+QWsX
91mqDULipnzjDBpAkkwX7DL9be/npylI/FGVzXYg2u8N53jLG3YFYaBjXg8hxrkG
5xoSN+WrfkKAYye6AmEbeM6He1NdZCJqs72wwY/f+n83nFnALLeRWNDDkSWMN9l3
CRuYgS2h/+uRL3wCJkz+ein0E+Wtrga0rO150bmIAYZX5Ne+5eDjZ9842QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGRVlA/XFO8lb75KnSgoCSiVz4NsMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvWkZXVUQ5Y1U3eVZ2dmtxZEtDZ0pLSlhQZzJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHznhAwQB
Hzo4MA0GCSqGSIb3DQEBCwUAA4IBAQAQNrbZmtV/YqKcsEgkaP2tcooAHteM51/H
2a4FS/ovUovQ0DFtp+l9O7UMfa9wt+jgLtO+1Ty6wzmSp3KvZRDRv0WdNisZ3W6S
aQRBQiOtXzLLrl/EeYdiI6RuH06HNQfIpMAJErpGFsJB5LCENhDF1FD6lZ0LCfEo
Z0R4HbHxb8niC3nsv6EAD5qrEhGZr0fl11Yti1iHHWitpOY2QiqWcw19W30pLzmn
xlKDaTkPuoyVdq/g6sfVvCbXl0oZVe5LPW2aXjYjWK+C+qxy9wY6qrsUGYE9VHhv
yvygiLyiTx6xljzQ92+UVrKum+AL6jr9s2eksAJl3NIxub4QpGuD
-----END CERTIFICATE-----
Generated at Thu Jun 5 04:12:04 2025 by rpki-client