Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/mk3RJ-QvseyFXzHyi5r0MU4CuSw.roa
File: mk3RJ-QvseyFXzHyi5r0MU4CuSw.roa (raw, json)
Hash identifier: zs/C/tAAl7m1TJx6D0QM3sQZHJU1Nde/lYzBp2h8GBc=
Subject key identifier: 9A:4D:D1:27:E4:2F:B1:EC:85:5F:31:F2:8B:9A:F4:31:4E:02:B9:2C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194DB1A6556AAC3A7372B4E9774E75C50F5
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/mk3RJ-QvseyFXzHyi5r0MU4CuSw.roa
Signing time: Thu 06 Feb 2025 11:52:07 +0000
ROA not before: Thu 06 Feb 2025 11:52:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.126.0/24 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
31.57.184.0/22 maxlen: 24
31.59.68.0/24 maxlen: 24
31.59.136.0/21 maxlen: 24
31.59.144.0/21 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/21 maxlen: 24
31.59.168.0/21 maxlen: 24
31.59.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Mar 2025 16:37:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:db:1a:65:56:aa:c3:a7:37:2b:4e:97:74:e7:5c:50:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 6 11:52:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a4dd127e42fb1ec855f31f28b9af4314e02b92c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2e:aa:8e:64:0d:4f:9d:b7:10:3c:22:75:fd:
ed:44:63:ff:c7:44:7e:66:e7:cf:0b:66:db:95:2d:
2d:04:2c:22:02:81:1f:97:25:33:9a:8b:eb:b1:55:
75:0b:77:b3:3d:e2:86:3d:e8:39:17:e6:d4:44:26:
69:c4:ea:ac:c5:cd:c9:8d:9e:e0:b8:46:6d:87:4f:
51:22:01:67:30:03:fc:44:2d:4b:2e:c3:35:aa:fb:
7d:59:27:f4:76:52:c4:f0:d7:b9:b3:4c:68:e7:16:
58:65:09:4e:bb:34:80:d2:5a:62:ec:d6:94:42:98:
f8:cb:b6:16:73:37:7e:87:c8:1b:d6:44:ee:cd:4a:
72:1e:c0:75:fd:9c:90:1b:bb:cc:f8:67:c6:d3:cc:
5c:15:7b:8b:9e:1b:80:3b:0f:9f:4b:25:b6:21:e6:
bf:ad:37:88:42:b7:54:2c:74:b6:c4:b6:ff:33:48:
4c:8e:f8:0f:e6:dd:22:ef:e1:31:a4:a4:a9:de:7a:
0a:b3:f1:c6:be:0a:ae:d7:c0:10:c4:f3:c7:47:c5:
44:62:c0:ae:71:64:f1:8b:b3:70:6f:ce:36:64:87:
41:84:06:2e:43:0d:be:b9:c0:55:71:45:8b:c6:c5:
63:1b:68:b8:99:36:ed:5e:49:ca:17:8e:6c:90:ce:
a7:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:4D:D1:27:E4:2F:B1:EC:85:5F:31:F2:8B:9A:F4:31:4E:02:B9:2C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/mk3RJ-QvseyFXzHyi5r0MU4CuSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.126.0/24
31.56.142.0/23
31.56.148.0/22
31.57.184.0/22
31.59.68.0/24
31.59.136.0-31.59.175.255
31.59.228.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:94:b7:6b:16:66:9f:dd:7e:68:9f:e7:e5:cc:8a:55:92:85:
9e:4e:f4:fb:7f:82:73:ae:d9:08:dc:c5:73:3a:2d:71:b0:f3:
66:b1:c1:b4:73:64:31:25:96:58:75:5b:c2:b6:cc:2d:61:dd:
54:67:27:ad:1d:a2:84:12:1b:2d:53:1e:a7:0f:4a:2c:45:52:
10:df:a2:a9:c9:ae:ca:53:ca:a0:66:b2:6e:5a:c1:ad:28:27:
ed:e0:16:a2:34:ef:e6:aa:b5:4b:d6:f5:b6:29:30:71:50:d0:
f1:bf:3b:3c:34:c1:2e:19:ab:3d:76:dd:57:97:8a:8f:7d:8a:
eb:34:bf:46:9f:60:6e:d0:92:27:04:81:46:8c:b2:08:5e:e2:
bf:98:e5:51:8d:3a:c3:33:c1:76:d4:97:bf:3e:a6:b2:a5:27:
4f:05:99:29:6f:88:e1:24:3d:15:31:15:c7:6e:7c:a6:05:fc:
d3:48:ed:0e:cb:f2:17:c7:12:15:b9:5a:ea:f7:ed:ea:f7:bf:
70:68:ac:d0:9a:2c:0f:e4:3e:52:cd:e9:cc:b9:df:24:69:8d:
a8:2d:f2:79:39:12:8b:f4:93:47:53:d1:b3:1f:17:25:a2:a7:
35:f6:82:ce:c4:69:02:b5:3d:a6:30:05:49:95:f4:0f:26:a1:
60:1b:74:8b
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZTbGmVWqsOnNytOl3TnXFD1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjA2MTE1MjA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTRkZDEyN2U0MmZiMWVjODU1ZjMxZjI4YjlhZjQzMTRlMDJiOTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqS6qjmQNT523EDwidf3tRGP/x0R+
ZufPC2bblS0tBCwiAoEflyUzmovrsVV1C3ezPeKGPeg5F+bURCZpxOqsxc3JjZ7g
uEZth09RIgFnMAP8RC1LLsM1qvt9WSf0dlLE8Ne5s0xo5xZYZQlOuzSA0lpi7NaU
Qpj4y7YWczd+h8gb1kTuzUpyHsB1/ZyQG7vM+GfG08xcFXuLnhuAOw+fSyW2Iea/
rTeIQrdULHS2xLb/M0hMjvgP5t0i7+ExpKSp3noKs/HGvgqu18AQxPPHR8VEYsCu
cWTxi7Nwb842ZIdBhAYuQw2+ucBVcUWLxsVjG2i4mTbtXknKF45skM6n2QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJpN0SfkL7HshV8x8oua9DFOArksMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvbWszUkotUXZzZXlGWHpIeWk1cjBNVTRDdVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQDHzgIAwQA
Hzh+AwQBHziOAwQCHziUAwQCHzm4AwQAHztEMAwDBAMfO4gDBAQfO6ADBAAfO+Qw
DQYJKoZIhvcNAQELBQADggEBAByUt2sWZp/dfmif5+XMilWShZ5O9Pt/gnOu2Qjc
xXM6LXGw82axwbRzZDElllh1W8K2zC1h3VRnJ60dooQSGy1THqcPSixFUhDfoqnJ
rspTyqBmsm5awa0oJ+3gFqI07+aqtUvW9bYpMHFQ0PG/Ozw0wS4Zqz123VeXio99
ius0v0afYG7QkicEgUaMsghe4r+Y5VGNOsMzwXbUl78+prKlJ08FmSlviOEkPRUx
FcdufKYF/NNI7Q7L8hfHEhW5Wur37er3v3BorNCaLA/kPlLN6cy53yRpjagt8nk5
Eov0k0dT0bMfFyWipzX2gs7EaQK1PaYwBUmV9A8moWAbdIs=
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:45:37 2025 by rpki-client