Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/n5MWrcl_ljEPHGPhuhZsRJeAwzo.roa
File: n5MWrcl_ljEPHGPhuhZsRJeAwzo.roa (raw, json)
Hash identifier: ngdai+MEpjVDm5U0biukWnUXdkgRF8u7CCPYevLKHT8=
Subject key identifier: 9F:93:16:AD:C9:7F:96:31:0F:1C:63:E1:BA:16:6C:44:97:80:C3:3A
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194920EBCB910CBD5E31C2F350A221123D9
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/n5MWrcl_ljEPHGPhuhZsRJeAwzo.roa
Signing time: Thu 23 Jan 2025 07:27:06 +0000
ROA not before: Thu 23 Jan 2025 07:27:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26737
IP address blocks: 31.56.42.0/24 maxlen: 24
31.56.43.0/24 maxlen: 24
31.57.208.0/24 maxlen: 24
31.57.209.0/24 maxlen: 24
31.57.210.0/24 maxlen: 24
31.57.211.0/24 maxlen: 24
31.57.212.0/24 maxlen: 24
31.57.213.0/24 maxlen: 24
31.57.214.0/24 maxlen: 24
31.57.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Mar 2025 16:16:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:92:0e:bc:b9:10:cb:d5:e3:1c:2f:35:0a:22:11:23:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 23 07:27:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f9316adc97f96310f1c63e1ba166c449780c33a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:de:4b:a3:ae:20:61:74:d7:3e:0d:23:04:0a:
23:1a:c9:eb:58:ce:ae:1f:e1:78:d9:9b:ad:0e:8f:
b1:77:74:ec:65:82:51:e2:85:51:4f:eb:2e:78:11:
28:17:ac:c3:c3:7c:18:a6:67:e6:aa:e2:96:bc:f2:
d4:88:16:21:27:98:37:4f:25:59:f5:8e:15:19:8d:
79:f2:1f:a7:b1:3e:89:c6:cb:d8:41:68:24:c8:b3:
3f:81:76:46:50:f9:19:e2:38:af:68:be:24:f2:0c:
1d:38:b9:b0:8a:bc:da:4d:2d:68:6b:28:2e:63:ff:
94:9d:5b:aa:2a:30:80:3d:80:18:01:4e:5c:36:4a:
4e:7d:54:35:59:c6:94:34:a6:85:e6:d1:cf:f2:88:
d5:7f:01:0a:52:ca:0d:a2:d1:22:ef:b0:61:3f:64:
8b:84:f5:bf:e9:1d:b2:b4:66:dc:99:ee:38:65:3a:
3f:0b:29:2b:d8:64:94:a4:8b:8a:13:5d:04:bf:5a:
eb:d8:66:70:be:bd:cd:60:2d:66:be:ed:ea:64:f5:
f1:33:ec:33:da:35:44:41:e6:a3:7c:4c:74:0c:87:
2c:29:65:82:89:fe:44:dd:6f:de:5d:1e:42:cf:d5:
77:3a:e4:29:53:d8:1a:64:a2:b8:74:74:a8:84:43:
79:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:93:16:AD:C9:7F:96:31:0F:1C:63:E1:BA:16:6C:44:97:80:C3:3A
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/n5MWrcl_ljEPHGPhuhZsRJeAwzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.42.0/23
31.57.208.0-31.57.214.255
31.57.216.0/24
Signature Algorithm: sha256WithRSAEncryption
16:a7:ca:01:f5:57:f8:02:aa:fc:9d:a1:1c:52:0f:95:11:3b:
16:2a:e4:6c:c3:b6:3b:17:c3:80:5b:46:88:f0:62:b2:85:f5:
a5:5e:a4:47:ab:82:e5:ac:5c:9d:eb:e0:1f:95:00:cf:3b:da:
82:92:ee:22:a5:af:c1:e4:79:79:95:95:4b:39:a5:f0:b2:a6:
34:68:7d:46:f1:f1:98:e1:52:8d:73:d8:71:61:eb:00:08:70:
68:fd:97:74:c3:0e:b9:82:59:8b:69:a3:b2:7a:5f:e8:3d:d5:
c7:72:93:a5:6b:0f:d2:ea:8e:b3:87:0b:71:94:f8:bb:34:35:
fa:46:d2:f4:54:1d:e0:b3:38:4b:2d:8d:2a:56:73:8a:b7:2a:
f7:42:29:3f:be:f1:2b:69:44:3e:a1:2d:09:95:fd:d9:7b:4f:
2a:ae:63:9f:6d:db:bc:37:1d:9d:90:e9:17:27:a5:d2:fc:a4:
6c:90:45:f2:7e:c2:5c:38:8c:82:e7:fb:ca:68:81:39:f7:63:
39:27:42:8a:44:8a:23:5b:c7:57:5c:04:99:55:13:a3:10:0f:
e6:f0:4b:bf:20:43:f1:82:16:5f:94:a5:a2:02:a9:60:45:df:
7e:05:6d:35:a4:6b:8d:d9:03:fc:85:60:00:49:db:ce:ae:44:
93:a8:1b:31
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZSSDry5EMvV4xwvNQoiESPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTIzMDcyNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjkzMTZhZGM5N2Y5NjMxMGYxYzYzZTFiYTE2NmM0NDk3ODBjMzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjN5Lo64gYXTXPg0jBAojGsnrWM6u
H+F42ZutDo+xd3TsZYJR4oVRT+sueBEoF6zDw3wYpmfmquKWvPLUiBYhJ5g3TyVZ
9Y4VGY158h+nsT6JxsvYQWgkyLM/gXZGUPkZ4jivaL4k8gwdOLmwirzaTS1oaygu
Y/+UnVuqKjCAPYAYAU5cNkpOfVQ1WcaUNKaF5tHP8ojVfwEKUsoNotEi77BhP2SL
hPW/6R2ytGbcme44ZTo/Cykr2GSUpIuKE10Ev1rr2GZwvr3NYC1mvu3qZPXxM+wz
2jVEQeajfEx0DIcsKWWCif5E3W/eXR5Cz9V3OuQpU9gaZKK4dHSohEN5GwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJ+TFq3Jf5YxDxxj4boWbESXgMM6MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvbjVNV3JjbF9sakVQSEdQaHVoWnNSSmVBd3pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBHzgqMAwD
BAQfOdADBAAfOdYDBAAfOdgwDQYJKoZIhvcNAQELBQADggEBABanygH1V/gCqvyd
oRxSD5UROxYq5GzDtjsXw4BbRojwYrKF9aVepEerguWsXJ3r4B+VAM872oKS7iKl
r8HkeXmVlUs5pfCypjRofUbx8ZjhUo1z2HFh6wAIcGj9l3TDDrmCWYtpo7J6X+g9
1cdyk6VrD9LqjrOHC3GU+Ls0NfpG0vRUHeCzOEstjSpWc4q3KvdCKT++8StpRD6h
LQmV/dl7TyquY59t27w3HZ2Q6RcnpdL8pGyQRfJ+wlw4jILn+8pogTn3YzknQopE
iiNbx1dcBJlVE6MQD+bwS78gQ/GCFl+UpaICqWBF334FbTWka43ZA/yFYABJ286u
RJOoGzE=
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:48:52 2025 by rpki-client