Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/h2gojTISIAUwunb5O-BYwNvpw7g.roa
File: h2gojTISIAUwunb5O-BYwNvpw7g.roa (raw, json)
Hash identifier: uIF2425iN8wECFERwyktAMCgjEJcZLePjWPJ1I2yink=
Subject key identifier: 87:68:28:8D:32:12:20:05:30:BA:76:F9:3B:E0:58:C0:DB:E9:C3:B8
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195A9DB8276B3C004FBA0C1A541F4D1D515
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/h2gojTISIAUwunb5O-BYwNvpw7g.roa
Signing time: Tue 18 Mar 2025 15:24:49 +0000
ROA not before: Tue 18 Mar 2025 15:24:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205463
IP address blocks: 31.58.211.0/24 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.245.0/24 maxlen: 24
31.58.246.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
217.60.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Mar 2025 17:03:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a9:db:82:76:b3:c0:04:fb:a0:c1:a5:41:f4:d1:d5:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 18 15:24:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8768288d3212200530ba76f93be058c0dbe9c3b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:64:21:53:84:6d:84:29:d7:51:13:86:e7:85:
85:3d:df:20:70:bc:d7:9c:56:4d:02:e0:8f:3d:07:
33:41:3e:10:4e:b9:35:ba:47:8a:70:83:8f:41:7f:
8a:01:ba:0b:ba:9d:f6:7b:6d:8f:35:06:3c:78:08:
d4:5b:87:57:a7:8b:b3:36:e9:35:59:ce:66:65:43:
b2:8c:57:c3:1b:70:af:87:45:b4:13:e7:f1:5a:11:
d0:79:ff:ef:9f:ff:2d:14:f0:8b:2b:eb:d6:60:83:
3f:ca:a3:8e:ad:02:be:c5:19:3a:b0:98:eb:bc:11:
73:59:3b:a1:85:b0:00:f5:82:83:78:14:64:68:c4:
04:ab:d5:6e:b2:bd:f2:4a:72:49:3b:bb:e8:f8:13:
07:4b:5d:ac:ca:b3:c2:91:78:c0:ab:39:5a:5e:42:
0f:a9:73:69:92:68:ed:66:22:e7:b4:94:f1:da:00:
19:45:e6:a6:3d:c3:11:c6:cb:ab:79:c0:ed:d8:df:
67:2c:f6:44:b9:8f:fd:f4:f5:5d:43:58:89:af:df:
85:91:62:56:3d:05:73:7c:92:ab:0b:0e:6f:ba:82:
63:89:6f:1a:33:c4:b7:79:94:2e:0a:9d:24:03:c6:
31:74:2c:83:b2:d2:ed:d2:44:b9:a6:74:28:d8:3f:
51:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:68:28:8D:32:12:20:05:30:BA:76:F9:3B:E0:58:C0:DB:E9:C3:B8
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/h2gojTISIAUwunb5O-BYwNvpw7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.211.0/24
31.58.244.0-31.58.246.255
31.58.249.0-31.58.251.255
217.60.187.0/24
Signature Algorithm: sha256WithRSAEncryption
06:42:d3:80:0c:2a:21:90:41:46:fd:9f:e1:fa:36:50:34:9e:
01:45:12:d0:02:f9:ae:b0:0f:e2:88:3b:07:56:1a:ff:a3:c8:
9c:d7:e1:4d:e7:0d:05:2f:04:f4:4a:b3:e0:06:cf:34:bd:b0:
d6:04:ef:70:dd:c3:30:50:91:19:2e:fa:a9:e1:55:de:39:f5:
69:8a:0c:a2:db:ef:9f:b1:8f:3e:f8:b7:95:ed:11:1c:33:0f:
74:ae:77:d0:c8:8f:6a:77:00:7e:81:2c:a1:59:87:e7:69:49:
35:2f:a7:de:84:c2:7e:85:8f:ee:f5:57:0d:41:e3:96:8a:c5:
d8:02:24:7e:24:40:e0:06:1c:a9:99:05:38:3c:ab:3a:35:1f:
23:e3:46:d2:71:e7:ba:30:16:0b:7a:7a:14:59:e8:1c:d4:79:
15:71:e6:6c:b7:1d:34:f8:98:ce:f5:76:13:a8:81:e0:bd:ae:
96:18:27:67:80:48:d2:82:cf:bd:b6:10:24:3a:e3:3f:de:9b:
28:84:53:b2:f2:6f:a1:d3:83:94:19:d5:99:a4:c3:0c:7f:d1:
c0:6b:32:1d:8f:8b:c8:65:64:87:ad:65:7a:d9:4c:bb:7c:18:
41:42:8d:ae:72:91:f5:5f:ca:55:21:ff:68:bd:15:df:61:c8:
97:16:b8:99
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZWp24J2s8AE+6DBpUH00dUVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzE4MTUyNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzY4Mjg4ZDMyMTIyMDA1MzBiYTc2ZjkzYmUwNThjMGRiZTljM2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGQhU4RthCnXUROG54WFPd8gcLzX
nFZNAuCPPQczQT4QTrk1ukeKcIOPQX+KAboLup32e22PNQY8eAjUW4dXp4uzNuk1
Wc5mZUOyjFfDG3Cvh0W0E+fxWhHQef/vn/8tFPCLK+vWYIM/yqOOrQK+xRk6sJjr
vBFzWTuhhbAA9YKDeBRkaMQEq9Vusr3ySnJJO7vo+BMHS12syrPCkXjAqzlaXkIP
qXNpkmjtZiLntJTx2gAZReamPcMRxsurecDt2N9nLPZEuY/99PVdQ1iJr9+FkWJW
PQVzfJKrCw5vuoJjiW8aM8S3eZQuCp0kA8YxdCyDstLt0kS5pnQo2D9RkQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFIdoKI0yEiAFMLp2+TvgWMDb6cO4MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvaDJnb2pUSVNJQVV3dW5iNU8tQll3TnZwdzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAHzrTMAwD
BAIfOvQDBAAfOvYwDAMEAB86+QMEAh86+AMEANk8uzANBgkqhkiG9w0BAQsFAAOC
AQEABkLTgAwqIZBBRv2f4fo2UDSeAUUS0AL5rrAP4og7B1Ya/6PInNfhTecNBS8E
9Eqz4AbPNL2w1gTvcN3DMFCRGS76qeFV3jn1aYoMotvvn7GPPvi3le0RHDMPdK53
0MiPancAfoEsoVmH52lJNS+n3oTCfoWP7vVXDUHjlorF2AIkfiRA4AYcqZkFODyr
OjUfI+NG0nHnujAWC3p6FFnoHNR5FXHmbLcdNPiYzvV2E6iB4L2ulhgnZ4BI0oLP
vbYQJDrjP96bKIRTsvJvodODlBnVmaTDDH/RwGsyHY+LyGVkh61letlMu3wYQUKN
rnKR9V/KVSH/aL0V32HIlxa4mQ==
-----END CERTIFICATE-----
Generated at Thu Apr 10 12:34:20 2025 by rpki-client