Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/saNMLKufcPYLccRJ3hsb3zuttBk.roa
File: saNMLKufcPYLccRJ3hsb3zuttBk.roa (raw, json)
Hash identifier: vdGiRuN+dGdXEMvgXj17bDh0u0erVe69RSC2CJrGaNs=
Subject key identifier: B1:A3:4C:2C:AB:9F:70:F6:0B:71:C4:49:DE:1B:1B:DF:3B:AD:B4:19
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195A9C5C73B8299B5923524DCAE735B3F52
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/saNMLKufcPYLccRJ3hsb3zuttBk.roa
Signing time: Tue 18 Mar 2025 15:01:05 +0000
ROA not before: Tue 18 Mar 2025 15:01:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.126.0/24 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
31.57.184.0/22 maxlen: 24
31.59.79.0/24 maxlen: 24
31.59.136.0/21 maxlen: 24
31.59.144.0/21 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/21 maxlen: 24
31.59.168.0/21 maxlen: 24
31.59.228.0/24 maxlen: 24
31.59.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 06:11:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a9:c5:c7:3b:82:99:b5:92:35:24:dc:ae:73:5b:3f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 18 15:01:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1a34c2cab9f70f60b71c449de1b1bdf3badb419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b6:c8:6a:67:4e:f2:bb:85:2b:c6:a0:58:cb:
b0:cf:e6:bf:61:57:e0:e1:88:b5:72:ca:51:4f:12:
bc:68:5a:68:e3:50:5c:a7:40:8a:c0:6f:2a:ae:4b:
1a:42:6f:35:fc:28:71:70:92:5b:4e:9c:36:62:0f:
6e:69:1d:b4:26:4b:0b:d5:4f:7f:f0:e5:76:46:4d:
01:99:da:a3:44:f1:5f:d6:ca:08:83:03:4e:b9:2d:
d9:2e:c4:5e:6c:74:34:6c:60:41:d7:d2:85:3b:35:
3a:ad:a8:df:a2:b6:e1:1c:1c:7c:fa:17:09:0b:c4:
7c:1b:53:b8:73:ff:50:38:42:fd:67:6e:e9:f9:cf:
22:cf:4b:c6:05:0f:02:20:be:f0:47:ec:94:13:41:
35:c2:2c:c8:6e:a1:4a:32:fc:e9:ca:e4:71:ae:b2:
81:9c:2f:32:b6:a8:5d:1d:60:00:2b:c3:b3:3b:84:
f6:ea:9e:5f:ba:45:55:7f:50:4d:b4:2f:93:48:5b:
46:45:74:5a:6e:11:12:0c:64:d6:45:37:1f:c6:b1:
bf:71:44:fb:dc:15:c6:6c:19:8f:96:e0:b1:9e:4d:
d1:e3:bd:22:6e:e1:71:61:66:70:e1:03:5a:a6:57:
0d:c5:99:08:3e:86:c3:38:64:0d:96:99:ed:84:d1:
fe:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:A3:4C:2C:AB:9F:70:F6:0B:71:C4:49:DE:1B:1B:DF:3B:AD:B4:19
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/saNMLKufcPYLccRJ3hsb3zuttBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.126.0/24
31.56.142.0/23
31.56.148.0/22
31.57.184.0/22
31.59.79.0/24
31.59.136.0-31.59.175.255
31.59.228.0/24
31.59.230.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:82:34:a4:d9:52:97:85:21:41:a0:30:2d:eb:bd:7a:ab:95:
da:7e:c5:8f:1d:a4:84:ab:d5:3d:56:58:4e:6c:6a:e5:74:f3:
32:cf:df:36:9a:be:82:18:60:5f:67:08:19:46:e1:64:41:db:
5d:3f:f2:a2:9d:92:2a:0c:0e:a5:d3:30:77:62:c8:44:6e:87:
4e:44:0f:e7:b3:3f:4b:43:89:c7:94:81:1c:44:40:61:ce:08:
ba:34:e0:a8:b3:aa:7c:e4:72:c9:d7:8a:f1:2c:14:de:68:92:
6f:5f:3c:0b:01:01:fe:b4:8a:56:64:d9:c6:9d:7c:42:3f:0f:
3e:b2:cc:1c:ad:60:02:f7:d1:fd:f3:b1:06:f9:6f:bb:f8:3f:
e7:36:d0:23:f7:65:ba:cc:67:d3:39:36:78:08:cc:ed:4b:8a:
fc:d2:8f:d0:b5:a1:d5:3c:f2:f6:aa:c1:e3:fa:5e:9f:0c:b8:
21:55:ae:e8:a6:38:9b:7a:c6:a0:16:b2:26:eb:5f:74:47:52:
df:f9:8a:51:08:3d:f4:20:6e:f0:22:28:00:e3:de:e9:0b:b6:
e9:19:5a:fa:a9:c0:ab:4d:89:6c:59:9f:ff:1a:ba:c5:98:c9:
66:fd:38:04:83:25:99:65:2a:fe:4d:96:7d:b7:bf:9e:a3:31:
21:96:fd:04
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZWpxcc7gpm1kjUk3K5zWz9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzE4MTUwMTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWEzNGMyY2FiOWY3MGY2MGI3MWM0NDlkZTFiMWJkZjNiYWRiNDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rbIamdO8ruFK8agWMuwz+a/YVfg
4Yi1cspRTxK8aFpo41Bcp0CKwG8qrksaQm81/ChxcJJbTpw2Yg9uaR20JksL1U9/
8OV2Rk0BmdqjRPFf1soIgwNOuS3ZLsRebHQ0bGBB19KFOzU6rajforbhHBx8+hcJ
C8R8G1O4c/9QOEL9Z27p+c8iz0vGBQ8CIL7wR+yUE0E1wizIbqFKMvzpyuRxrrKB
nC8ytqhdHWAAK8OzO4T26p5fukVVf1BNtC+TSFtGRXRabhESDGTWRTcfxrG/cUT7
3BXGbBmPluCxnk3R470ibuFxYWZw4QNaplcNxZkIPobDOGQNlpnthNH+HwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFLGjTCyrn3D2C3HESd4bG987rbQZMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvc2FOTUxLdWZjUFlMY2NSSjNoc2IzenV0dEJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQDHzgIAwQA
Hzh+AwQBHziOAwQCHziUAwQCHzm4AwQAHztPMAwDBAMfO4gDBAQfO6ADBAAfO+QD
BAAfO+YwDQYJKoZIhvcNAQELBQADggEBAI+CNKTZUpeFIUGgMC3rvXqrldp+xY8d
pISr1T1WWE5sauV08zLP3zaavoIYYF9nCBlG4WRB210/8qKdkioMDqXTMHdiyERu
h05ED+ezP0tDiceUgRxEQGHOCLo04KizqnzkcsnXivEsFN5okm9fPAsBAf60ilZk
2cadfEI/Dz6yzBytYAL30f3zsQb5b7v4P+c20CP3ZbrMZ9M5NngIzO1LivzSj9C1
odU88vaqweP6Xp8MuCFVruimOJt6xqAWsibrX3RHUt/5ilEIPfQgbvAiKADj3ukL
tukZWvqpwKtNiWxZn/8ausWYyWb9OASDJZllKv5Nln23v56jMSGW/QQ=
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:50:48 2025 by rpki-client