Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/dDBAgj1TgSfLxgaKwmAmzGEJhsU.roa
File: dDBAgj1TgSfLxgaKwmAmzGEJhsU.roa (raw, json)
Hash identifier: QZJrQdz6EoQ3Rxl+//l84QZgum7mJKpPpVJmtQFnbns=
Subject key identifier: 74:30:40:82:3D:53:81:27:CB:C6:06:8A:C2:60:26:CC:61:09:86:C5
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01954CC20BB9D5918AE25AB992674C388857
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/dDBAgj1TgSfLxgaKwmAmzGEJhsU.roa
Signing time: Fri 28 Feb 2025 13:32:20 +0000
ROA not before: Fri 28 Feb 2025 13:32:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215211
IP address blocks: 31.58.234.0/24 maxlen: 24
31.58.236.0/24 maxlen: 24
217.60.0.0/18 maxlen: 24
217.60.196.0/23 maxlen: 24
217.60.244.0/23 maxlen: 24
217.60.248.0/24 maxlen: 24
2a14:6e40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 03 Mar 2025 10:39:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4c:c2:0b:b9:d5:91:8a:e2:5a:b9:92:67:4c:38:88:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 28 13:32:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=743040823d538127cbc6068ac26026cc610986c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:12:58:b6:c7:23:d8:36:15:c9:82:4f:09:cb:
d4:57:86:41:fd:8b:ea:52:c3:26:2c:28:aa:af:a8:
e5:f3:0f:3b:58:a4:fa:64:51:d1:bf:1c:f4:c8:15:
83:52:a5:bd:73:47:44:c6:61:23:41:ed:f6:92:52:
7a:64:3d:53:99:b3:30:b0:2c:72:f2:4a:1d:12:01:
ee:c2:c3:62:87:d6:9e:d7:6b:30:48:47:e7:75:fa:
2e:c4:60:ba:db:b5:ac:87:24:9e:3a:37:ef:8a:a8:
02:9e:a5:fd:fe:5a:3d:e0:24:1d:ff:76:71:af:1b:
38:3a:54:30:46:2f:5a:57:54:5a:f4:fc:bb:c2:50:
56:c4:a3:c8:7a:0d:a5:1a:c1:4a:77:21:60:e8:ad:
56:1b:77:e3:b2:e6:a9:80:46:14:78:6e:3c:1d:9a:
bd:55:d8:61:c5:55:cd:04:d5:e4:ff:3d:94:d4:4e:
24:1c:7d:0c:62:e8:07:37:1b:cc:b1:dc:c5:80:f0:
39:ac:cb:a0:9f:a2:b5:d3:ec:53:53:a3:3c:72:36:
d5:e3:92:69:54:b8:2b:17:fb:08:45:4d:8d:eb:3f:
f9:31:7c:31:0f:f7:7b:48:c4:37:78:8e:eb:06:61:
ed:61:a2:2c:05:25:10:c1:3f:97:b6:73:0b:3b:82:
37:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:30:40:82:3D:53:81:27:CB:C6:06:8A:C2:60:26:CC:61:09:86:C5
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/dDBAgj1TgSfLxgaKwmAmzGEJhsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.234.0/24
31.58.236.0/24
217.60.0.0/18
217.60.196.0/23
217.60.244.0/23
217.60.248.0/24
IPv6:
2a14:6e40::/32
Signature Algorithm: sha256WithRSAEncryption
6f:e0:f8:b5:17:de:d5:15:bf:f0:df:e9:b1:cf:e1:a0:f2:66:
ee:2f:c0:62:99:42:e8:a1:95:71:69:59:8e:99:6b:f2:b0:f7:
97:8e:1c:bd:6c:d8:fa:78:56:52:b1:b0:79:29:0a:06:da:cf:
6e:10:a6:80:83:5d:4f:df:d2:dd:a0:f4:b5:20:a5:48:ce:5d:
8d:65:fc:55:c2:90:b2:b1:23:29:07:69:51:b4:ce:d3:9e:17:
c2:e0:48:7d:0d:b1:4e:e2:ac:9e:02:b9:e1:79:51:92:f6:c4:
fa:a6:a3:da:ab:a2:e4:c2:99:80:b5:fe:14:a6:6a:7f:d9:f1:
40:d6:37:ce:52:4c:35:1b:84:61:49:11:44:46:42:d4:94:bf:
4d:b2:6b:13:02:83:31:1a:0d:02:8b:6b:3c:07:8f:1a:8a:fb:
62:d4:1c:bc:80:a7:9f:a1:70:87:ca:dc:9f:1c:ca:13:dc:87:
b8:df:ea:23:3c:d9:d2:d8:dd:92:8f:cb:c5:75:57:6f:27:4e:
11:d9:5b:bb:66:2e:e2:28:f0:86:32:6d:91:9c:48:1a:59:4d:
ff:47:1a:f8:ae:f5:0b:70:a5:7b:f6:88:58:0f:30:97:e4:84:
09:6d:c9:4b:2b:31:db:06:89:10:fe:33:e2:ae:4b:97:55:93:
26:a8:ec:22
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZVMwgu51ZGK4lq5kmdMOIhXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjI4MTMzMjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDMwNDA4MjNkNTM4MTI3Y2JjNjA2OGFjMjYwMjZjYzYxMDk4NmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhJYtscj2DYVyYJPCcvUV4ZB/Yvq
UsMmLCiqr6jl8w87WKT6ZFHRvxz0yBWDUqW9c0dExmEjQe32klJ6ZD1TmbMwsCxy
8kodEgHuwsNih9ae12swSEfndfouxGC627WshySeOjfviqgCnqX9/lo94CQd/3Zx
rxs4OlQwRi9aV1Ra9Py7wlBWxKPIeg2lGsFKdyFg6K1WG3fjsuapgEYUeG48HZq9
VdhhxVXNBNXk/z2U1E4kHH0MYugHNxvMsdzFgPA5rMugn6K10+xTU6M8cjbV45Jp
VLgrF/sIRU2N6z/5MXwxD/d7SMQ3eI7rBmHtYaIsBSUQwT+XtnMLO4I3rQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFHQwQII9U4Eny8YGisJgJsxhCYbFMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZERCQWdqMVRnU2ZMeGdhS3dtQW16R0VKaHNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAHzrqAwQA
HzrsAwQG2TwAAwQB2TzEAwQB2Tz0AwQA2Tz4MA0EAgACMAcDBQAqFG5AMA0GCSqG
SIb3DQEBCwUAA4IBAQBv4Pi1F97VFb/w3+mxz+Gg8mbuL8BimULooZVxaVmOmWvy
sPeXjhy9bNj6eFZSsbB5KQoG2s9uEKaAg11P39LdoPS1IKVIzl2NZfxVwpCysSMp
B2lRtM7TnhfC4Eh9DbFO4qyeArnheVGS9sT6pqPaq6LkwpmAtf4Upmp/2fFA1jfO
Ukw1G4RhSRFERkLUlL9NsmsTAoMxGg0Ci2s8B48aivti1By8gKefoXCHytyfHMoT
3Ie43+ojPNnS2N2Sj8vFdVdvJ04R2Vu7Zi7iKPCGMm2RnEgaWU3/Rxr4rvULcKV7
9ohYDzCX5IQJbclLKzHbBokQ/jPirkuXVZMmqOwi
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:02:10 2025 by rpki-client