Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/cqL_7I6V_Pe7ZXQizX-0eknLeSQ.roa
File: cqL_7I6V_Pe7ZXQizX-0eknLeSQ.roa (raw, json)
Hash identifier: 5/mqzjjP3XbiKyl6eG3spQwchvJqDAmREC6mLUZDLVc=
Subject key identifier: 72:A2:FF:EC:8E:95:FC:F7:BB:65:74:22:CD:7F:B4:7A:49:CB:79:24
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019594397C6D5726432EC4128A19A99CFA87
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/cqL_7I6V_Pe7ZXQizX-0eknLeSQ.roa
Signing time: Fri 14 Mar 2025 10:35:50 +0000
ROA not before: Fri 14 Mar 2025 10:35:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215071
IP address blocks: 31.57.230.0/24 maxlen: 24
31.57.249.0/24 maxlen: 24
31.57.250.0/24 maxlen: 24
31.57.251.0/24 maxlen: 24
31.59.224.0/22 maxlen: 22
31.59.232.0/22 maxlen: 22
31.59.236.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 20 Mar 2025 08:44:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:39:7c:6d:57:26:43:2e:c4:12:8a:19:a9:9c:fa:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 14 10:35:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72a2ffec8e95fcf7bb657422cd7fb47a49cb7924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bd:c8:76:87:ff:7a:d7:ed:cd:7f:8c:95:11:
7f:d9:55:f0:3b:d4:78:c1:1b:a2:30:39:76:72:d1:
c2:89:f7:9d:c3:c9:43:63:ad:3a:22:7c:7a:b3:b8:
b2:0e:57:c5:fa:1f:10:7d:1c:e3:6c:1f:e9:af:a5:
53:90:88:82:9c:44:1f:40:93:a1:35:3e:b3:1b:8f:
ab:2f:54:2f:5a:73:a3:3d:1f:fd:89:43:4e:aa:b1:
fd:49:86:fd:4d:85:59:f1:68:8c:46:2e:7b:f3:21:
92:a6:c8:7b:f9:50:6f:6b:8e:d0:a6:76:fc:a6:31:
ec:c2:02:c4:be:62:d2:f4:12:dc:94:6e:8f:39:29:
e7:09:ff:ee:6f:61:f8:99:53:8b:2e:af:8b:04:79:
2e:2a:78:6e:7b:16:d6:15:74:52:5e:9b:6a:d7:a2:
47:e4:5e:cd:e6:68:99:9a:40:43:5c:a0:7b:18:71:
62:24:7f:45:85:f9:c0:35:ee:6f:bd:96:7c:b9:25:
fb:1f:be:0e:b0:d3:97:50:86:aa:c3:c8:af:5c:7d:
b9:1c:98:9e:8a:b6:49:e3:9d:6c:c4:8f:75:14:97:
f4:58:e8:35:7f:18:a4:78:d6:9f:2e:b4:8a:d3:64:
7d:3e:0d:c4:d0:36:33:93:60:e0:81:a5:99:05:56:
f3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A2:FF:EC:8E:95:FC:F7:BB:65:74:22:CD:7F:B4:7A:49:CB:79:24
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/cqL_7I6V_Pe7ZXQizX-0eknLeSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.230.0/24
31.57.249.0-31.57.251.255
31.59.224.0/22
31.59.232.0/21
Signature Algorithm: sha256WithRSAEncryption
ae:c8:4f:67:93:e6:6a:be:3e:75:15:c4:11:fc:f3:5a:c2:40:
e3:f6:49:90:7b:2a:ab:2a:e8:99:5b:59:fe:b1:4d:76:19:09:
33:ae:96:d9:b3:73:6d:42:d1:8e:c0:4a:a1:5b:f3:26:e4:43:
d8:86:ed:25:29:6e:f7:e7:81:33:da:63:75:e5:c1:93:eb:66:
35:1f:25:31:6b:75:4d:cf:d1:5a:ad:fe:f4:96:1b:02:91:42:
6b:a8:74:41:84:df:e9:0c:ac:29:75:8a:10:ea:bc:df:22:a8:
26:39:35:85:53:9c:66:67:66:8d:6a:53:4e:a4:a8:61:5f:a1:
bd:cf:e1:8f:62:b6:6e:8f:85:57:d5:41:db:b4:f4:15:ae:94:
aa:8a:32:d5:69:87:82:fe:82:2c:65:f3:79:a3:9f:00:5e:ca:
fd:46:15:c4:3d:b3:9d:96:56:15:2b:1a:5a:7b:bd:1b:10:96:
3f:f9:d8:40:17:ce:90:e4:ea:18:ce:d6:32:e4:cb:aa:ff:83:
dd:6e:de:6c:dc:a1:04:d6:2d:cb:69:1b:6e:ef:47:f5:82:da:
80:0b:5c:00:91:f8:a3:50:fe:bc:ad:21:f4:99:d1:3b:5d:fb:
e4:1c:ed:c8:e1:b5:ae:28:fc:b6:99:0d:a1:84:26:fe:bd:02:
d9:0a:29:cc
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZWUOXxtVyZDLsQSihmpnPqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzE0MTAzNTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmEyZmZlYzhlOTVmY2Y3YmI2NTc0MjJjZDdmYjQ3YTQ5Y2I3OTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAub3Idof/etftzX+MlRF/2VXwO9R4
wRuiMDl2ctHCifedw8lDY606Inx6s7iyDlfF+h8QfRzjbB/pr6VTkIiCnEQfQJOh
NT6zG4+rL1QvWnOjPR/9iUNOqrH9SYb9TYVZ8WiMRi578yGSpsh7+VBva47Qpnb8
pjHswgLEvmLS9BLclG6POSnnCf/ub2H4mVOLLq+LBHkuKnhuexbWFXRSXptq16JH
5F7N5miZmkBDXKB7GHFiJH9FhfnANe5vvZZ8uSX7H74OsNOXUIaqw8ivXH25HJie
irZJ451sxI91FJf0WOg1fxikeNafLrSK02R9Pg3E0DYzk2DggaWZBVbzNwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHKi/+yOlfz3u2V0Is1/tHpJy3kkMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvY3FMXzdJNlZfUGU3WlhRaXpYLTBla25MZVNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAHznmMAwD
BAAfOfkDBAIfOfgDBAIfO+ADBAMfO+gwDQYJKoZIhvcNAQELBQADggEBAK7IT2eT
5mq+PnUVxBH881rCQOP2SZB7Kqsq6JlbWf6xTXYZCTOultmzc21C0Y7ASqFb8ybk
Q9iG7SUpbvfngTPaY3XlwZPrZjUfJTFrdU3P0Vqt/vSWGwKRQmuodEGE3+kMrCl1
ihDqvN8iqCY5NYVTnGZnZo1qU06kqGFfob3P4Y9itm6PhVfVQdu09BWulKqKMtVp
h4L+gixl83mjnwBeyv1GFcQ9s52WVhUrGlp7vRsQlj/52EAXzpDk6hjO1jLky6r/
g91u3mzcoQTWLctpG27vR/WC2oALXACR+KNQ/rytIfSZ0Ttd++Qc7cjhta4o/LaZ
DaGEJv69AtkKKcw=
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:02:13 2025 by rpki-client