Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/3CoZ0k8U3dvboHxAHMqqlfzXr5k.roa
File: 3CoZ0k8U3dvboHxAHMqqlfzXr5k.roa (raw, json)
Hash identifier: gIZM1pos08R2N3Fre3mnhWXHEiI1NA0dpkxVbxxHtnM=
Subject key identifier: DC:2A:19:D2:4F:14:DD:DB:DB:A0:7C:40:1C:CA:AA:95:FC:D7:AF:99
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01969A36957FC711198DC49A1D834237D9C0
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/3CoZ0k8U3dvboHxAHMqqlfzXr5k.roa
Signing time: Sun 04 May 2025 07:33:10 +0000
ROA not before: Sun 04 May 2025 07:33:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4766
IP address blocks: 31.56.172.0/24 maxlen: 24
31.56.173.0/24 maxlen: 24
31.56.242.0/24 maxlen: 24
31.56.243.0/24 maxlen: 24
31.56.244.0/24 maxlen: 24
31.56.245.0/24 maxlen: 24
217.60.0.0/21 maxlen: 24
217.60.3.0/24 maxlen: 24
217.60.7.0/24 maxlen: 24
217.60.12.0/22 maxlen: 24
217.60.15.0/24 maxlen: 24
217.60.24.0/22 maxlen: 24
217.60.36.0/22 maxlen: 24
217.60.44.0/22 maxlen: 24
217.60.60.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 04 May 2025 07:51:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9a:36:95:7f:c7:11:19:8d:c4:9a:1d:83:42:37:d9:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 4 07:33:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc2a19d24f14dddbdba07c401ccaaa95fcd7af99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ae:78:48:97:0d:1c:fc:7c:96:0c:06:43:a4:
1d:40:1a:f5:39:24:15:1d:c3:22:28:e5:d5:10:eb:
f7:db:a2:0e:e3:36:4d:de:f8:48:f0:fa:b7:06:82:
d3:b7:c2:f7:33:32:06:0f:83:1d:cc:f9:c6:ad:fb:
bb:79:f9:ac:3f:d9:d3:b1:2e:47:c0:37:e0:91:ac:
6a:0b:4d:f0:f5:2f:5b:57:be:74:b6:7e:bc:0e:f8:
8f:a2:73:07:10:93:a0:b5:9a:3e:c3:96:b4:c2:31:
cb:7b:29:f5:dd:5a:a2:13:93:5a:df:6f:eb:96:6f:
a1:88:0e:2f:4a:bb:71:d1:63:36:53:e5:b3:b7:3e:
e3:36:9d:e3:ca:d7:9f:48:5c:2c:ff:7a:ef:71:fd:
c1:8d:2f:9a:f9:f3:df:80:1a:0d:5d:90:93:c3:9a:
94:a9:95:6f:0b:33:f6:79:2e:84:b2:93:c1:f8:2a:
4c:17:37:ff:f4:e2:43:77:16:4c:d1:00:aa:a8:ba:
be:6f:53:07:fb:b9:f6:d0:82:eb:9a:7c:3d:09:79:
89:25:7c:63:94:5e:38:e6:35:05:59:3a:1e:84:98:
84:2a:9e:82:ad:77:aa:76:61:ee:38:89:a0:b1:e0:
10:d2:b1:7e:25:ad:f1:b9:bc:30:06:e3:b4:c2:34:
8e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:2A:19:D2:4F:14:DD:DB:DB:A0:7C:40:1C:CA:AA:95:FC:D7:AF:99
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/3CoZ0k8U3dvboHxAHMqqlfzXr5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.172.0/23
31.56.242.0-31.56.245.255
217.60.0.0/21
217.60.12.0/22
217.60.24.0/22
217.60.36.0/22
217.60.44.0/22
217.60.60.0/22
Signature Algorithm: sha256WithRSAEncryption
32:53:00:83:63:eb:6f:a9:02:5b:bf:88:b3:be:6e:fc:db:1a:
d6:34:bb:0b:a5:14:ef:2a:9d:25:ce:ef:60:34:eb:8f:d9:9c:
c8:39:4c:2c:85:2a:b0:68:3d:62:20:3c:39:e7:36:d1:b5:9a:
16:af:35:c1:58:e0:0d:8c:53:f8:97:e5:8b:c2:c4:6d:64:a3:
a5:47:f4:33:9c:58:e5:87:fd:4f:fd:a3:03:0f:63:44:19:cb:
f9:b2:94:45:c1:77:ac:80:57:aa:11:7f:07:ca:bd:f7:6e:27:
c4:f3:32:7c:5b:60:77:62:bf:48:64:ff:83:a2:07:7b:de:d5:
7b:98:42:d6:d3:a5:0a:99:f0:89:da:de:fd:bf:0a:63:87:73:
09:28:b2:83:1f:09:45:10:eb:15:ab:2a:e0:ba:1c:55:e3:57:
59:22:cd:2d:5f:a7:e2:d0:4e:20:21:7e:4a:62:64:88:42:6e:
08:44:91:8f:91:48:09:68:32:42:55:ec:5e:c1:0e:79:ca:c7:
7d:e6:8e:83:d6:10:5a:de:27:dc:d8:93:21:50:f7:af:55:a7:
d6:b7:85:12:23:16:2f:6c:75:c4:bf:09:61:cb:a8:0c:09:73:
4a:23:49:d6:12:c5:24:25:0e:03:b2:a7:c6:d4:b5:f9:4e:49:
a5:18:ae:c8
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZaaNpV/xxEZjcSaHYNCN9nAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNTA0MDczMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzJhMTlkMjRmMTRkZGRiZGJhMDdjNDAxY2NhYWE5NWZjZDdhZjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta54SJcNHPx8lgwGQ6QdQBr1OSQV
HcMiKOXVEOv326IO4zZN3vhI8Pq3BoLTt8L3MzIGD4MdzPnGrfu7efmsP9nTsS5H
wDfgkaxqC03w9S9bV750tn68DviPonMHEJOgtZo+w5a0wjHLeyn13VqiE5Na32/r
lm+hiA4vSrtx0WM2U+Wztz7jNp3jytefSFws/3rvcf3BjS+a+fPfgBoNXZCTw5qU
qZVvCzP2eS6EspPB+CpMFzf/9OJDdxZM0QCqqLq+b1MH+7n20ILrmnw9CXmJJXxj
lF445jUFWToehJiEKp6CrXeqdmHuOImgseAQ0rF+Ja3xubwwBuO0wjSOFQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFNwqGdJPFN3b26B8QBzKqpX816+ZMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvM0NvWjBrOFUzZHZib0h4QUhNcXFsZnpYcjVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBHzisMAwD
BAEfOPIDBAEfOPQDBAPZPAADBALZPAwDBALZPBgDBALZPCQDBALZPCwDBALZPDww
DQYJKoZIhvcNAQELBQADggEBADJTAINj62+pAlu/iLO+bvzbGtY0uwulFO8qnSXO
72A064/ZnMg5TCyFKrBoPWIgPDnnNtG1mhavNcFY4A2MU/iX5YvCxG1ko6VH9DOc
WOWH/U/9owMPY0QZy/mylEXBd6yAV6oRfwfKvfduJ8TzMnxbYHdiv0hk/4OiB3ve
1XuYQtbTpQqZ8Ina3v2/CmOHcwkosoMfCUUQ6xWrKuC6HFXjV1kizS1fp+LQTiAh
fkpiZIhCbghEkY+RSAloMkJV7F7BDnnKx33mjoPWEFreJ9zYkyFQ969Vp9a3hRIj
Fi9sdcS/CWHLqAwJc0ojSdYSxSQlDgOyp8bUtflOSaUYrsg=
-----END CERTIFICATE-----
Generated at Sun May 11 13:26:47 2025 by rpki-client