Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/iAMj5XgQmrzjxt9k2Hgyk1jpCFQ.roa
File: iAMj5XgQmrzjxt9k2Hgyk1jpCFQ.roa (raw, json)
Hash identifier: gcjeTCfVgU/KqAhHw/Ka1f2Wv7qRPN0Mcp6L+6Ui9ww=
Subject key identifier: 88:03:23:E5:78:10:9A:BC:E3:C6:DF:64:D8:78:32:93:58:E9:08:54
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0196C818CD673FB8505489F674BEBB54D442
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/iAMj5XgQmrzjxt9k2Hgyk1jpCFQ.roa
Signing time: Tue 13 May 2025 05:23:10 +0000
ROA not before: Tue 13 May 2025 05:23:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202656
IP address blocks: 31.56.146.0/24 maxlen: 24
31.58.227.0/24 maxlen: 24
31.58.229.0/24 maxlen: 24
31.59.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 31 May 2025 16:10:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c8:18:cd:67:3f:b8:50:54:89:f6:74:be:bb:54:d4:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 13 05:23:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=880323e578109abce3c6df64d878329358e90854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:62:1e:99:31:a2:37:bb:92:2e:7d:76:53:c1:
07:fd:47:02:c4:f9:dc:b0:3a:ac:3f:2d:4b:d0:ba:
a2:09:d7:33:ca:42:cf:74:7f:c0:d7:29:61:da:5a:
fd:cd:00:0c:d4:f2:e2:b9:d7:73:d5:e3:89:9f:d9:
55:17:8c:c4:a9:10:e1:f2:73:57:fb:0c:a0:cb:8c:
d4:14:29:a8:2f:2e:2a:54:cd:4d:e0:03:5a:94:f0:
d6:7b:7c:79:af:37:f9:20:bb:54:c9:79:b6:85:d9:
44:7d:3e:5f:01:c8:ef:bd:1d:20:68:01:a9:28:08:
6a:21:96:50:bc:ba:36:bb:0b:33:5d:21:d4:48:88:
11:d5:31:77:39:cb:c1:89:b0:fe:7c:e8:e2:a8:2e:
48:4f:77:a7:e2:04:07:ae:e6:09:ff:33:1b:f0:d2:
a6:88:5a:b3:20:af:64:15:ae:17:e8:58:62:96:f4:
2d:94:3f:8c:a3:1d:f9:a5:e8:0a:22:98:23:23:20:
5b:cd:10:11:d8:17:8b:4b:69:7e:ce:a5:9c:ea:3a:
b8:28:5f:ad:df:da:b7:dc:e8:a1:8a:3f:2d:eb:9e:
34:3f:14:b3:32:7e:c6:cb:97:05:aa:d9:29:ab:fc:
0c:64:b0:8f:aa:85:47:26:18:de:f0:d2:71:9d:6c:
26:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:03:23:E5:78:10:9A:BC:E3:C6:DF:64:D8:78:32:93:58:E9:08:54
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/iAMj5XgQmrzjxt9k2Hgyk1jpCFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.146.0/24
31.58.227.0/24
31.58.229.0/24
31.59.35.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:99:e8:94:35:ba:b9:34:dc:92:a7:8e:c2:99:43:9e:5d:c0:
44:54:a5:66:a7:36:fd:54:05:6e:4a:dd:de:02:c3:9f:60:7a:
e6:65:6c:e4:d6:d4:bf:ee:be:50:18:1c:3e:50:f4:33:3f:80:
ec:66:31:d5:e4:4e:8f:a8:34:e2:1d:ba:59:c3:af:0a:55:0a:
bd:6c:90:6c:4d:e3:18:ee:3a:2c:4f:4b:80:0b:56:98:b6:13:
ba:f6:42:00:47:be:b6:18:ec:0f:9c:5f:a1:a0:98:ca:6a:bd:
42:d0:33:bc:b5:95:28:48:18:aa:4d:0f:fc:d3:47:4f:df:96:
a1:fa:4a:6a:72:55:4c:32:5c:33:01:b8:29:9f:48:92:84:48:
c8:9e:64:6b:4c:7c:d9:99:7c:28:2d:58:a6:e5:1b:22:f9:e3:
60:2c:ad:09:02:f7:d0:af:a4:9e:82:07:66:46:7e:e4:21:58:
15:52:ea:18:49:8d:7d:45:9a:a4:fa:35:83:5f:92:ca:44:e2:
41:ad:23:08:06:f5:0e:e1:33:7f:63:85:d4:98:9b:2d:f2:09:
e8:81:f4:d7:26:0d:ad:8a:25:cf:e0:af:ec:58:32:2c:4c:5f:
38:b2:b5:ff:55:c8:1f:a9:51:b6:c9:52:1e:47:b9:74:a6:a0:
24:a9:c3:52
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZbIGM1nP7hQVIn2dL67VNRCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNTEzMDUyMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODAzMjNlNTc4MTA5YWJjZTNjNmRmNjRkODc4MzI5MzU4ZTkwODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2IemTGiN7uSLn12U8EH/UcCxPnc
sDqsPy1L0LqiCdczykLPdH/A1ylh2lr9zQAM1PLiuddz1eOJn9lVF4zEqRDh8nNX
+wygy4zUFCmoLy4qVM1N4ANalPDWe3x5rzf5ILtUyXm2hdlEfT5fAcjvvR0gaAGp
KAhqIZZQvLo2uwszXSHUSIgR1TF3OcvBibD+fOjiqC5IT3en4gQHruYJ/zMb8NKm
iFqzIK9kFa4X6FhilvQtlD+Mox35pegKIpgjIyBbzRAR2BeLS2l+zqWc6jq4KF+t
39q33Oihij8t6540PxSzMn7Gy5cFqtkpq/wMZLCPqoVHJhje8NJxnWwmawIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIgDI+V4EJq848bfZNh4MpNY6QhUMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvaUFNajVYZ1FtcnpqeHQ5azJIZ3lrMWpwQ0ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHziSAwQA
HzrjAwQAHzrlAwQAHzsjMA0GCSqGSIb3DQEBCwUAA4IBAQC9meiUNbq5NNySp47C
mUOeXcBEVKVmpzb9VAVuSt3eAsOfYHrmZWzk1tS/7r5QGBw+UPQzP4DsZjHV5E6P
qDTiHbpZw68KVQq9bJBsTeMY7josT0uAC1aYthO69kIAR762GOwPnF+hoJjKar1C
0DO8tZUoSBiqTQ/800dP35ah+kpqclVMMlwzAbgpn0iShEjInmRrTHzZmXwoLVim
5Rsi+eNgLK0JAvfQr6SeggdmRn7kIVgVUuoYSY19RZqk+jWDX5LKROJBrSMIBvUO
4TN/Y4XUmJst8gnogfTXJg2tiiXP4K/sWDIsTF84srX/VcgfqVG2yVIeR7l0pqAk
qcNS
-----END CERTIFICATE-----
Generated at Thu Jun 5 03:56:41 2025 by rpki-client