Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/unHsn4zrW4RabKvt_H-cpOL6rMw.roa
File: unHsn4zrW4RabKvt_H-cpOL6rMw.roa (raw, json)
Hash identifier: THznsFPXHUFdnPXun28hoEBWA3Bn0XogSw6iWlFANTA=
Subject key identifier: BA:71:EC:9F:8C:EB:5B:84:5A:6C:AB:ED:FC:7F:9C:A4:E2:FA:AC:CC
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195D922C920E90825AC650CBE88F16753D3
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/unHsn4zrW4RabKvt_H-cpOL6rMw.roa
Signing time: Thu 27 Mar 2025 19:44:50 +0000
ROA not before: Thu 27 Mar 2025 19:44:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.126.0/24 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
31.57.116.0/24 maxlen: 24
31.57.184.0/22 maxlen: 24
31.59.79.0/24 maxlen: 24
31.59.228.0/24 maxlen: 24
31.59.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Apr 2025 10:46:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d9:22:c9:20:e9:08:25:ac:65:0c:be:88:f1:67:53:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 27 19:44:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba71ec9f8ceb5b845a6cabedfc7f9ca4e2faaccc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8c:c8:a8:5d:09:57:4c:d6:01:33:4b:f2:01:
67:f2:47:20:f2:6b:4f:7b:0c:f8:43:d1:7b:f0:d5:
ea:af:0a:a8:61:20:20:7d:26:ec:5a:a0:9a:e5:69:
8c:f1:ba:92:3e:64:96:d3:79:c6:0d:38:66:ff:56:
93:69:b4:cc:32:7c:50:0d:5c:9c:7e:0d:4e:4d:02:
00:e7:d9:e1:f0:ff:55:3c:27:30:fa:eb:11:af:86:
67:dd:13:8f:bc:53:20:da:88:f0:e9:4f:86:fc:26:
19:f2:8e:04:d6:c0:50:51:b5:74:30:5f:8d:b8:19:
b3:02:7c:e4:10:d4:11:14:ff:45:89:52:7c:1c:64:
6f:36:92:3a:0d:28:74:79:65:a8:0f:93:29:fb:ab:
c7:95:dc:11:2a:b1:6d:2d:11:dd:0f:d0:33:fa:26:
50:6f:c1:d5:63:ac:fb:78:eb:90:4c:09:06:d1:8f:
7e:9e:6e:58:7f:42:70:63:c2:f4:ae:22:69:26:ac:
77:9e:f2:63:3b:27:9a:13:f3:92:31:2e:f0:df:86:
f0:48:8b:be:40:18:4d:45:d7:4c:81:61:24:6d:29:
f0:1d:46:d5:6d:65:3c:e5:c2:dd:8c:d5:55:da:bb:
19:b2:aa:7e:76:0e:85:4f:be:ce:44:2f:2f:2c:76:
fa:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:71:EC:9F:8C:EB:5B:84:5A:6C:AB:ED:FC:7F:9C:A4:E2:FA:AC:CC
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/unHsn4zrW4RabKvt_H-cpOL6rMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.126.0/24
31.56.142.0/23
31.56.148.0/22
31.57.116.0/24
31.57.184.0/22
31.59.79.0/24
31.59.228.0/24
31.59.230.0/24
Signature Algorithm: sha256WithRSAEncryption
21:29:5b:62:78:4a:f2:32:91:73:bb:22:4e:61:b1:93:68:f3:
8d:db:ad:d1:c8:f9:95:41:a4:70:b9:ad:09:2c:ce:b6:ca:6a:
9a:6d:bb:ce:af:b1:0a:20:fe:18:8b:bb:90:79:e0:82:6d:4c:
47:36:64:91:dd:76:d5:08:8e:28:22:ec:35:9c:d8:ea:ea:fa:
d5:d4:ad:ce:94:35:1b:38:b4:0b:55:10:5f:1e:9f:2a:a4:dc:
4a:01:19:ee:d6:d9:26:d9:8c:6c:6c:38:8f:88:ff:d0:77:36:
f7:d4:10:32:18:7f:62:e1:e2:24:20:de:af:3c:16:c7:4c:67:
a8:da:54:c0:d3:5f:5e:f5:14:2b:9f:e9:12:03:1f:7e:47:ba:
d0:de:86:33:c4:53:7d:f4:88:eb:4c:fd:69:50:53:11:b0:b4:
84:aa:0c:bc:63:6c:fa:8b:c5:f8:f8:ed:88:3c:7d:12:2a:b3:
e1:b0:f0:58:05:b0:2d:64:b6:6e:29:8e:5c:43:29:0e:93:62:
0f:45:f3:ef:f8:76:40:3d:88:41:b2:6d:42:cd:d0:55:2a:2d:
9b:2e:a6:50:d2:33:73:eb:64:1d:f1:0f:bf:06:28:ff:0d:c9:
2c:8b:de:e3:0d:87:5a:c2:19:ad:ba:fc:86:ce:ad:86:4c:c2:
7e:af:62:a5
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZXZIskg6QglrGUMvojxZ1PTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzI3MTk0NDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTcxZWM5ZjhjZWI1Yjg0NWE2Y2FiZWRmYzdmOWNhNGUyZmFhY2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4zIqF0JV0zWATNL8gFn8kcg8mtP
ewz4Q9F78NXqrwqoYSAgfSbsWqCa5WmM8bqSPmSW03nGDThm/1aTabTMMnxQDVyc
fg1OTQIA59nh8P9VPCcw+usRr4Zn3ROPvFMg2ojw6U+G/CYZ8o4E1sBQUbV0MF+N
uBmzAnzkENQRFP9FiVJ8HGRvNpI6DSh0eWWoD5Mp+6vHldwRKrFtLRHdD9Az+iZQ
b8HVY6z7eOuQTAkG0Y9+nm5Yf0JwY8L0riJpJqx3nvJjOyeaE/OSMS7w34bwSIu+
QBhNRddMgWEkbSnwHUbVbWU85cLdjNVV2rsZsqp+dg6FT77ORC8vLHb6MwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLpx7J+M61uEWmyr7fx/nKTi+qzMMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdW5Ic240enJXNFJhYkt2dF9ILWNwT0w2ck13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQDHzgIAwQA
Hzh+AwQBHziOAwQCHziUAwQAHzl0AwQCHzm4AwQAHztPAwQAHzvkAwQAHzvmMA0G
CSqGSIb3DQEBCwUAA4IBAQAhKVtieEryMpFzuyJOYbGTaPON263RyPmVQaRwua0J
LM62ymqabbvOr7EKIP4Yi7uQeeCCbUxHNmSR3XbVCI4oIuw1nNjq6vrV1K3OlDUb
OLQLVRBfHp8qpNxKARnu1tkm2YxsbDiPiP/Qdzb31BAyGH9i4eIkIN6vPBbHTGeo
2lTA019e9RQrn+kSAx9+R7rQ3oYzxFN99IjrTP1pUFMRsLSEqgy8Y2z6i8X4+O2I
PH0SKrPhsPBYBbAtZLZuKY5cQykOk2IPRfPv+HZAPYhBsm1CzdBVKi2bLqZQ0jNz
62Qd8Q+/Bij/Dcksi97jDYdawhmtuvyGzq2GTMJ+r2Kl
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:50:54 2025 by rpki-client