Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/gLwQj2SRDzt74ycm1B-N56XyYb4.roa
File: gLwQj2SRDzt74ycm1B-N56XyYb4.roa (raw, json)
Hash identifier: lXSDinmH5BhTVgeX8qQ/sfbhC+jXrLGyhCaWeKvAibY=
Subject key identifier: 80:BC:10:8F:64:91:0F:3B:7B:E3:27:26:D4:1F:8D:E7:A5:F2:61:BE
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195943C3BE7A533ACE287E0CB38C4503614
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/gLwQj2SRDzt74ycm1B-N56XyYb4.roa
Signing time: Fri 14 Mar 2025 10:38:50 +0000
ROA not before: Fri 14 Mar 2025 10:38:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 31.58.100.0/22 maxlen: 24
31.59.29.0/24 maxlen: 24
31.59.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 16:33:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:3c:3b:e7:a5:33:ac:e2:87:e0:cb:38:c4:50:36:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 14 10:38:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80bc108f64910f3b7be32726d41f8de7a5f261be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9a:0c:e3:b6:1e:95:0e:81:53:aa:4d:34:d8:
1e:2c:d8:f6:74:32:63:91:99:cb:40:5a:47:e6:a2:
48:12:b5:e1:d7:ca:25:34:ec:fd:d6:a9:24:6b:e0:
f6:59:61:a7:b2:48:ce:1a:ce:95:49:9d:8d:d6:27:
2e:45:64:77:63:43:76:1d:93:9b:55:19:6e:42:12:
f0:df:84:1e:ab:e8:ff:97:2f:92:84:aa:79:e9:52:
5f:c5:52:19:a1:c7:36:dc:81:3b:56:4b:57:a2:31:
12:51:15:08:3f:b8:95:6b:fa:52:8a:63:42:77:49:
12:f6:1f:89:66:a2:6a:ee:93:bb:79:dc:4b:dd:0b:
7e:c0:d5:e1:42:fe:fc:fa:8a:f3:2b:d9:90:a3:56:
a3:ff:23:5a:5f:dc:30:91:83:2a:4b:82:71:c1:72:
dc:b3:e9:c4:69:49:21:97:43:78:a9:a1:9d:5a:e4:
55:5f:21:be:ae:34:24:70:9f:62:f7:64:73:24:b8:
78:80:fe:94:42:0c:af:6d:2b:b7:fd:56:85:65:e9:
b5:8f:d0:ae:f6:73:68:1f:15:7d:22:45:98:e7:ea:
cc:6d:f2:02:91:ff:1c:10:89:9e:b0:bb:a8:35:d8:
cd:f9:c0:f2:e7:39:6f:01:53:4b:03:1d:64:dd:df:
22:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:BC:10:8F:64:91:0F:3B:7B:E3:27:26:D4:1F:8D:E7:A5:F2:61:BE
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/gLwQj2SRDzt74ycm1B-N56XyYb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.100.0/22
31.59.29.0/24
31.59.34.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:c2:91:53:d0:4a:fd:d6:44:fa:62:2c:f3:20:9a:4c:90:88:
0e:76:ef:db:33:05:f4:bc:84:8a:08:44:23:1f:01:d8:25:0b:
ac:71:f1:a6:d6:9d:ea:62:ee:70:db:21:e7:16:73:c1:37:d2:
4f:7a:c8:b7:12:db:a9:39:6e:4b:aa:16:9a:b5:b4:5c:ea:ce:
36:b4:31:13:73:92:6b:37:ba:ae:c1:4f:75:c5:b7:df:4d:6b:
94:a4:4e:6f:d8:68:b6:72:46:22:9c:1d:6e:f6:fc:4e:b9:36:
5f:61:09:f7:26:31:79:93:10:15:cb:97:77:3c:16:2a:91:c8:
87:0a:78:63:e4:cb:82:e9:76:59:65:a9:21:05:06:43:8d:34:
26:98:24:e8:f3:d6:7d:33:87:c7:1a:7f:92:ff:4b:70:7d:dc:
87:3f:91:0a:96:e2:81:c1:79:f5:1b:bd:b4:43:f0:ff:6f:02:
2e:1f:40:ea:10:af:94:d2:a0:b7:d5:54:9e:b5:d7:84:a4:bd:
87:a2:de:07:f1:65:bb:cd:4a:c2:35:4e:37:86:41:a8:74:e9:
a7:ea:fa:d8:6b:bd:eb:3b:f9:44:6e:82:1d:3c:01:e2:db:58:
a0:12:52:a0:e1:2b:c6:55:65:6f:dd:c1:36:a3:a1:60:e1:ac:
c8:b3:97:e3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZWUPDvnpTOs4ofgyzjEUDYUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzE0MTAzODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGJjMTA4ZjY0OTEwZjNiN2JlMzI3MjZkNDFmOGRlN2E1ZjI2MWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpoM47YelQ6BU6pNNNgeLNj2dDJj
kZnLQFpH5qJIErXh18olNOz91qkka+D2WWGnskjOGs6VSZ2N1icuRWR3Y0N2HZOb
VRluQhLw34Qeq+j/ly+ShKp56VJfxVIZocc23IE7VktXojESURUIP7iVa/pSimNC
d0kS9h+JZqJq7pO7edxL3Qt+wNXhQv78+orzK9mQo1aj/yNaX9wwkYMqS4JxwXLc
s+nEaUkhl0N4qaGdWuRVXyG+rjQkcJ9i92RzJLh4gP6UQgyvbSu3/VaFZem1j9Cu
9nNoHxV9IkWY5+rMbfICkf8cEImesLuoNdjN+cDy5zlvAVNLAx1k3d8iHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIC8EI9kkQ87e+MnJtQfjeel8mG+MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZ0x3UWoyU1JEenQ3NHljbTFCLU41Nlh5WWI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCHzpkAwQA
HzsdAwQAHzsiMA0GCSqGSIb3DQEBCwUAA4IBAQA7wpFT0Er91kT6YizzIJpMkIgO
du/bMwX0vISKCEQjHwHYJQuscfGm1p3qYu5w2yHnFnPBN9JPesi3EtupOW5Lqhaa
tbRc6s42tDETc5JrN7quwU91xbffTWuUpE5v2Gi2ckYinB1u9vxOuTZfYQn3JjF5
kxAVy5d3PBYqkciHCnhj5MuC6XZZZakhBQZDjTQmmCTo89Z9M4fHGn+S/0twfdyH
P5EKluKBwXn1G720Q/D/bwIuH0DqEK+U0qC31VSetdeEpL2Hot4H8WW7zUrCNU43
hkGodOmn6vrYa73rO/lEboIdPAHi21igElKg4SvGVWVv3cE2o6Fg4azIs5fj
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:58:17 2025 by rpki-client