Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/rZ412se95OoBYCBr5iX3bi1FL1I.roa
File: rZ412se95OoBYCBr5iX3bi1FL1I.roa (raw, json)
Hash identifier: b9/ZCf647FLHacP5ceoRymMzjKRJtNNvIVNEFAEhCN4=
Subject key identifier: AD:9E:35:DA:C7:BD:E4:EA:01:60:20:6B:E6:25:F7:6E:2D:45:2F:52
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01955B96BE08E84334ADDCA4655094A56F5E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/rZ412se95OoBYCBr5iX3bi1FL1I.roa
Signing time: Mon 03 Mar 2025 10:39:20 +0000
ROA not before: Mon 03 Mar 2025 10:39:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215211
IP address blocks: 31.58.234.0/24 maxlen: 24
31.58.236.0/24 maxlen: 24
217.60.196.0/23 maxlen: 24
217.60.244.0/23 maxlen: 24
217.60.248.0/24 maxlen: 24
2a14:6e40::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 06 Mar 2025 20:44:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:96:be:08:e8:43:34:ad:dc:a4:65:50:94:a5:6f:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 3 10:39:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad9e35dac7bde4ea0160206be625f76e2d452f52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:90:1d:4d:87:59:be:a2:48:97:fc:7a:a1:5a:
e6:51:d6:d9:33:42:d8:75:56:c2:4b:98:77:b7:f0:
db:29:04:5e:69:8e:8b:a9:cb:a7:03:04:ad:4d:8f:
78:e7:23:65:b8:c1:d7:2f:06:87:16:c1:d5:4a:8f:
c9:b7:5f:c0:3f:e2:6d:f3:28:96:ef:ce:8b:6d:09:
f9:52:89:aa:a1:c0:d0:1e:db:d2:33:7d:78:19:5d:
7f:1c:72:76:fd:fa:3a:71:98:2d:94:ee:47:50:b1:
5f:b7:c6:e5:03:15:69:10:f0:d6:a5:42:63:eb:b0:
5f:20:a5:14:2f:88:75:41:e1:32:90:bb:56:9a:f9:
03:b2:56:a1:72:7f:02:ed:f0:c0:a9:b8:ba:ba:95:
f9:93:4a:f8:20:32:5b:c7:d8:e4:2c:8d:84:52:73:
2a:44:c2:02:54:c9:f5:0b:18:13:98:c4:02:7a:f2:
c2:eb:1e:b3:42:09:5d:bc:7e:a8:df:d5:46:f6:1b:
5c:40:6d:3f:42:60:00:6b:d4:9d:8b:6b:f5:03:bc:
5c:4b:f8:85:f7:5d:39:1e:2f:a7:02:6d:c7:7a:79:
81:60:08:10:a7:41:c7:56:20:78:b4:ef:97:d3:8a:
5c:35:de:8f:7a:c9:3a:a2:40:1b:33:2c:a7:93:c8:
69:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:9E:35:DA:C7:BD:E4:EA:01:60:20:6B:E6:25:F7:6E:2D:45:2F:52
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/rZ412se95OoBYCBr5iX3bi1FL1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.234.0/24
31.58.236.0/24
217.60.196.0/23
217.60.244.0/23
217.60.248.0/24
IPv6:
2a14:6e40::/32
Signature Algorithm: sha256WithRSAEncryption
54:e9:17:2c:44:c1:2b:b8:ea:9c:05:f4:3f:96:2d:42:a2:6e:
84:61:8c:e4:95:44:3d:cc:d3:6e:a0:c1:0b:c0:4b:94:d2:10:
db:8c:be:79:8e:31:a5:de:0e:88:06:6f:81:14:f6:e7:c2:b4:
3c:24:24:65:8c:41:a8:e7:e4:67:6e:be:32:af:86:98:9a:5c:
31:88:42:9d:5c:50:9a:8e:7f:f2:5d:7d:27:1c:bf:b0:1d:dc:
12:20:3e:3c:f7:73:c3:cb:e3:a0:a3:2f:a2:71:e5:19:ec:e8:
e0:be:8c:44:29:3c:28:69:3d:69:7d:fc:a2:c6:03:06:4a:16:
d6:32:4a:e4:3d:32:d0:9f:03:4c:a6:a0:7e:2a:a7:12:6c:82:
57:38:b8:86:0b:2c:81:81:87:f2:0b:d7:4a:c3:90:99:46:8d:
46:fb:25:c4:be:fd:92:8a:46:bb:48:c4:6f:af:8a:a8:5b:10:
83:1b:c9:68:bc:9d:53:06:bb:12:8c:c9:18:60:e0:4c:ea:e4:
cb:68:cc:8a:df:18:98:e6:41:7f:24:dc:be:d8:0f:1a:99:ef:
ca:73:aa:6a:97:0a:66:05:b5:ca:45:94:c2:94:c7:22:f2:ba:
bb:e0:45:76:90:4c:cb:2a:7d:f6:6c:e7:58:b5:ec:62:89:fa:
c0:aa:4f:4a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZVblr4I6EM0rdykZVCUpW9eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzAzMTAzOTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDllMzVkYWM3YmRlNGVhMDE2MDIwNmJlNjI1Zjc2ZTJkNDUyZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZAdTYdZvqJIl/x6oVrmUdbZM0LY
dVbCS5h3t/DbKQReaY6LqcunAwStTY945yNluMHXLwaHFsHVSo/Jt1/AP+Jt8yiW
786LbQn5UomqocDQHtvSM314GV1/HHJ2/fo6cZgtlO5HULFft8blAxVpEPDWpUJj
67BfIKUUL4h1QeEykLtWmvkDslahcn8C7fDAqbi6upX5k0r4IDJbx9jkLI2EUnMq
RMICVMn1CxgTmMQCevLC6x6zQgldvH6o39VG9htcQG0/QmAAa9Sdi2v1A7xcS/iF
9105Hi+nAm3HenmBYAgQp0HHViB4tO+X04pcNd6Pesk6okAbMyynk8hp7wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFK2eNdrHveTqAWAga+Yl924tRS9SMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvclo0MTJzZTk1T29CWUNCcjVpWDNiaTFGTDFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAHzrqAwQA
HzrsAwQB2TzEAwQB2Tz0AwQA2Tz4MA0EAgACMAcDBQAqFG5AMA0GCSqGSIb3DQEB
CwUAA4IBAQBU6RcsRMEruOqcBfQ/li1Com6EYYzklUQ9zNNuoMELwEuU0hDbjL55
jjGl3g6IBm+BFPbnwrQ8JCRljEGo5+Rnbr4yr4aYmlwxiEKdXFCajn/yXX0nHL+w
HdwSID4893PDy+Ogoy+iceUZ7OjgvoxEKTwoaT1pffyixgMGShbWMkrkPTLQnwNM
pqB+KqcSbIJXOLiGCyyBgYfyC9dKw5CZRo1G+yXEvv2Sika7SMRvr4qoWxCDG8lo
vJ1TBrsSjMkYYOBM6uTLaMyK3xiY5kF/JNy+2A8ame/Kc6pqlwpmBbXKRZTClMci
8rq74EV2kEzLKn32bOdYtexiifrAqk9K
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:02:13 2025 by rpki-client