Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/k87rqQrXwFw75-72z0nltadOPeo.roa
File: k87rqQrXwFw75-72z0nltadOPeo.roa (raw, json)
Hash identifier: 89+mOWek94ruGN9Dm5wuScrqJrgvz0ThBPb5LO73Z1k=
Subject key identifier: 93:CE:EB:A9:0A:D7:C0:5C:3B:E7:EE:F6:CF:49:E5:B5:A7:4E:3D:EA
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194E69F342EF5C0D1E520E89303DDD53C8D
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/k87rqQrXwFw75-72z0nltadOPeo.roa
Signing time: Sat 08 Feb 2025 17:33:00 +0000
ROA not before: Sat 08 Feb 2025 17:33:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205463
IP address blocks: 31.58.211.0/24 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.245.0/24 maxlen: 24
31.58.246.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 15:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e6:9f:34:2e:f5:c0:d1:e5:20:e8:93:03:dd:d5:3c:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 8 17:33:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93ceeba90ad7c05c3be7eef6cf49e5b5a74e3dea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:48:8a:25:f1:b5:f8:37:8a:ef:3c:92:b5:ef:
53:fa:ba:90:e7:a3:3d:ed:5e:10:e1:e6:b4:ee:fa:
67:9b:38:68:82:e7:34:cd:4d:04:71:7f:b0:24:cc:
af:f2:be:fc:15:2b:11:01:a9:8f:56:47:d9:78:3a:
10:7e:5a:f3:6f:a4:e5:5a:db:b9:42:67:23:22:0e:
29:24:50:02:19:23:03:74:3a:26:ba:25:49:4a:1b:
99:76:29:f4:34:ad:7c:ee:42:0f:dc:c7:b1:ca:b8:
40:26:27:7a:ad:91:70:e2:1c:dd:1f:a4:59:26:f9:
68:23:74:b7:0c:c6:84:39:1a:1d:6e:9e:67:56:63:
c8:68:7d:fa:c5:07:b0:b2:eb:0f:c5:7c:ee:f4:45:
b4:ec:5e:39:4f:78:c7:91:c0:23:6a:34:e4:75:0c:
a0:20:c5:18:bc:14:31:3a:df:f9:d2:f9:40:54:61:
fa:e1:3c:e0:f5:5c:40:8a:14:aa:11:4e:6d:8c:10:
cc:1a:df:d6:cd:06:e9:9b:ad:4f:38:d2:ba:4d:36:
f4:19:30:d2:74:e3:93:03:7d:1a:09:5e:19:fb:e2:
75:dd:71:05:99:f0:e5:54:4e:1c:5b:ac:ca:51:53:
67:8f:60:af:52:56:d2:72:4b:00:34:6d:7d:48:26:
3b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:CE:EB:A9:0A:D7:C0:5C:3B:E7:EE:F6:CF:49:E5:B5:A7:4E:3D:EA
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/k87rqQrXwFw75-72z0nltadOPeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.211.0/24
31.58.244.0-31.58.246.255
31.58.249.0-31.58.251.255
Signature Algorithm: sha256WithRSAEncryption
ad:3e:63:52:8a:69:0e:90:0c:0f:e6:bf:5f:a8:25:19:2b:0e:
93:19:c8:c2:3a:ed:eb:34:95:6c:12:ca:bd:a0:06:59:25:e7:
f1:76:93:be:80:86:b5:7d:03:fb:3a:88:17:25:fc:dd:14:59:
9e:2f:ce:b1:fc:4d:a5:c4:62:58:29:e2:69:f3:bc:59:10:8d:
3a:2f:15:45:33:65:72:ef:f2:1d:ed:0d:27:6d:3e:5e:24:2f:
69:1e:5a:ab:e5:a5:9f:47:19:a7:b5:e7:64:0c:5c:f7:28:25:
19:10:e5:a1:17:e9:fd:8a:94:a0:22:d3:c7:38:89:5b:ff:45:
a7:86:aa:45:27:1b:71:34:d5:bb:05:95:43:4e:e5:5c:08:b7:
72:d0:c2:b2:30:6c:ce:d6:25:11:d3:b8:a7:95:de:fe:34:94:
4d:1f:d7:34:82:6e:53:cc:b9:84:b3:c2:a9:5d:da:42:d4:6d:
21:18:d1:06:75:b8:45:65:c1:28:89:66:00:06:3e:76:b2:34:
e4:7f:1d:68:31:ba:30:a0:cb:e1:64:67:65:2d:f8:d3:d2:b4:
a2:68:77:6d:a2:5f:ea:c5:80:09:14:eb:90:d8:b6:bb:2a:fd:
c4:84:21:3c:42:38:ac:92:86:77:fd:27:be:a7:7e:9a:b9:c6:
b6:7e:3b:6e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZTmnzQu9cDR5SDokwPd1TyNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjA4MTczMzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2NlZWJhOTBhZDdjMDVjM2JlN2VlZjZjZjQ5ZTViNWE3NGUzZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0iKJfG1+DeK7zySte9T+rqQ56M9
7V4Q4ea07vpnmzhoguc0zU0EcX+wJMyv8r78FSsRAamPVkfZeDoQflrzb6TlWtu5
QmcjIg4pJFACGSMDdDomuiVJShuZdin0NK187kIP3MexyrhAJid6rZFw4hzdH6RZ
JvloI3S3DMaEORodbp5nVmPIaH36xQewsusPxXzu9EW07F45T3jHkcAjajTkdQyg
IMUYvBQxOt/50vlAVGH64Tzg9VxAihSqEU5tjBDMGt/WzQbpm61PONK6TTb0GTDS
dOOTA30aCV4Z++J13XEFmfDlVE4cW6zKUVNnj2CvUlbScksANG19SCY7/QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJPO66kK18BcO+fu9s9J5bWnTj3qMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvazg3cnFRclh3Rnc3NS03Mnowbmx0YWRPUGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAHzrTMAwD
BAIfOvQDBAAfOvYwDAMEAB86+QMEAh86+DANBgkqhkiG9w0BAQsFAAOCAQEArT5j
UoppDpAMD+a/X6glGSsOkxnIwjrt6zSVbBLKvaAGWSXn8XaTvoCGtX0D+zqIFyX8
3RRZni/OsfxNpcRiWCniafO8WRCNOi8VRTNlcu/yHe0NJ20+XiQvaR5aq+Wln0cZ
p7XnZAxc9yglGRDloRfp/YqUoCLTxziJW/9Fp4aqRScbcTTVuwWVQ07lXAi3ctDC
sjBsztYlEdO4p5Xe/jSUTR/XNIJuU8y5hLPCqV3aQtRtIRjRBnW4RWXBKIlmAAY+
drI05H8daDG6MKDL4WRnZS3409K0omh3baJf6sWACRTrkNi2uyr9xIQhPEI4rJKG
d/0nvqd+mrnGtn47bg==
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:58:10 2025 by rpki-client