Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/xDMmdBWPnRjv615ND2I-pRb01PA.roa
File: xDMmdBWPnRjv615ND2I-pRb01PA.roa (raw, json)
Hash identifier: 0fqiXk9G7K3ZWZjnOMFYHvj8GNcUPbbXfo9+dAn4fWo=
Subject key identifier: C4:33:26:74:15:8F:9D:18:EF:EB:5E:4D:0F:62:3E:A5:16:F4:D4:F0
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019606D5D7B44B3BA91B2955057C800E7F9C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/xDMmdBWPnRjv615ND2I-pRb01PA.roa
Signing time: Sat 05 Apr 2025 16:43:19 +0000
ROA not before: Sat 05 Apr 2025 16:43:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213730
IP address blocks: 31.57.253.0/24 maxlen: 24
31.57.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Apr 2025 18:51:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:06:d5:d7:b4:4b:3b:a9:1b:29:55:05:7c:80:0e:7f:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 5 16:43:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4332674158f9d18efeb5e4d0f623ea516f4d4f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9e:36:b6:a3:f4:9f:b2:15:2f:79:d6:a5:91:
c1:ad:14:9b:6e:45:57:83:09:31:a1:47:c8:e7:a5:
84:b7:82:8e:ec:4f:35:52:b1:4b:29:77:e3:04:b3:
ab:14:c9:95:28:d4:f6:83:ed:b6:e2:41:9a:95:aa:
a7:63:55:69:f4:7b:9b:9c:5f:1b:70:5d:bf:1c:04:
ad:41:3d:53:8d:a7:fc:1b:84:bd:a2:46:67:e6:62:
ad:d4:86:ba:ac:c3:1c:40:1d:55:a5:81:da:03:b1:
c5:ce:17:4b:64:76:f1:74:90:0f:a9:78:2c:18:ee:
36:b9:c7:9f:df:49:69:0a:7b:7c:ca:80:6b:67:f6:
dc:26:0c:31:4b:e4:99:98:3d:84:44:ff:b8:83:89:
c9:fd:38:04:ba:4d:99:48:ec:ed:fc:c7:f0:75:56:
d5:6d:96:9f:28:8a:99:8a:67:fc:1d:5d:ba:54:d1:
69:90:8e:2d:ad:b6:a2:83:e9:f0:b6:63:cf:a2:f2:
2e:2f:30:46:bf:ad:0b:c7:a6:98:67:1c:ad:36:c0:
cc:58:a3:b0:5f:bb:d1:c5:38:21:17:94:60:28:f9:
3f:a2:06:02:01:ad:70:20:ad:cf:28:96:26:de:7a:
54:71:f2:c8:a4:cc:a2:8d:b4:20:ae:3e:f4:e6:6f:
aa:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:33:26:74:15:8F:9D:18:EF:EB:5E:4D:0F:62:3E:A5:16:F4:D4:F0
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/xDMmdBWPnRjv615ND2I-pRb01PA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.253.0/24
31.57.255.0/24
Signature Algorithm: sha256WithRSAEncryption
37:d5:a5:e5:8a:94:2c:7a:89:95:3a:58:26:38:e8:cc:02:36:
29:c4:9d:f3:41:40:f8:42:4c:78:ac:ec:22:d1:ea:51:b1:38:
83:28:dc:7c:00:a1:ec:7e:42:45:1d:4e:d6:a5:4a:89:a6:1c:
f5:12:d4:a2:10:09:86:78:7a:78:d2:64:bd:84:c8:46:c7:0a:
d4:cf:ae:01:7a:36:f1:42:9f:a6:7e:3d:e2:c9:b7:b2:7c:c8:
9a:61:28:cc:af:1e:89:d0:0e:62:a9:4b:f8:13:66:68:df:ca:
30:b2:d9:4b:1a:04:3b:08:81:c1:25:60:e8:68:6b:7b:66:85:
0e:61:51:d8:c9:89:99:a3:19:e0:b7:f1:b1:a2:ce:bf:9d:77:
7e:38:9e:bd:7e:4c:2e:02:f8:1d:0f:23:77:d9:31:81:ef:8f:
d1:ec:21:0a:e4:e3:2f:ec:c8:7c:fb:0f:79:dc:61:a6:7d:e4:
e8:1b:5c:70:91:0b:05:2a:a3:a2:6e:fb:61:4e:67:4e:c3:aa:
9f:56:24:4e:70:d4:35:d2:d4:d9:f0:ee:2b:4b:08:7a:69:6a:
d4:02:fb:7a:31:3c:f0:f8:08:1a:eb:87:d0:a9:de:c8:54:76:
54:2a:65:e5:20:07:ed:74:99:aa:f9:a5:32:0a:fa:11:f6:ff:
e2:1a:33:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYG1de0SzupGylVBXyADn+cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDA1MTY0MzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDMzMjY3NDE1OGY5ZDE4ZWZlYjVlNGQwZjYyM2VhNTE2ZjRkNGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZ42tqP0n7IVL3nWpZHBrRSbbkVX
gwkxoUfI56WEt4KO7E81UrFLKXfjBLOrFMmVKNT2g+224kGalaqnY1Vp9HubnF8b
cF2/HAStQT1Tjaf8G4S9okZn5mKt1Ia6rMMcQB1VpYHaA7HFzhdLZHbxdJAPqXgs
GO42ucef30lpCnt8yoBrZ/bcJgwxS+SZmD2ERP+4g4nJ/TgEuk2ZSOzt/MfwdVbV
bZafKIqZimf8HV26VNFpkI4trbaig+nwtmPPovIuLzBGv60Lx6aYZxytNsDMWKOw
X7vRxTghF5RgKPk/ogYCAa1wIK3PKJYm3npUcfLIpMyijbQgrj705m+q4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMQzJnQVj50Y7+teTQ9iPqUW9NTwMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEveERNbWRCV1BuUmp2NjE1TkQySS1wUmIwMVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHzn9AwQA
Hzn/MA0GCSqGSIb3DQEBCwUAA4IBAQA31aXlipQseomVOlgmOOjMAjYpxJ3zQUD4
Qkx4rOwi0epRsTiDKNx8AKHsfkJFHU7WpUqJphz1EtSiEAmGeHp40mS9hMhGxwrU
z64BejbxQp+mfj3iybeyfMiaYSjMrx6J0A5iqUv4E2Zo38owstlLGgQ7CIHBJWDo
aGt7ZoUOYVHYyYmZoxngt/Gxos6/nXd+OJ69fkwuAvgdDyN32TGB74/R7CEK5OMv
7Mh8+w953GGmfeToG1xwkQsFKqOibvthTmdOw6qfViROcNQ10tTZ8O4rSwh6aWrU
Avt6MTzw+Aga64fQqd7IVHZUKmXlIAftdJmq+aUyCvoR9v/iGjOs
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:48:30 2025 by rpki-client