Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4tV6urGedmDWGG43LSwEISW07k8.roa
File: 4tV6urGedmDWGG43LSwEISW07k8.roa (raw, json)
Hash identifier: gvY0eNbOtzwxmx3PQwaiiOm5S9QS4KEMM/NHhqMMnko=
Subject key identifier: E2:D5:7A:BA:B1:9E:76:60:D6:18:6E:37:2D:2C:04:21:25:B4:EE:4F
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01958B3571BFB15A17C30892ACAA20E199E1
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4tV6urGedmDWGG43LSwEISW07k8.roa
Signing time: Wed 12 Mar 2025 16:34:50 +0000
ROA not before: Wed 12 Mar 2025 16:34:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 31.56.73.0/24 maxlen: 24
31.56.85.0/24 maxlen: 24
31.57.153.0/24 maxlen: 24
31.57.236.0/24 maxlen: 24
31.58.43.0/24 maxlen: 24
31.58.128.0/24 maxlen: 24
31.58.153.0/24 maxlen: 24
31.58.162.0/24 maxlen: 24
31.58.164.0/24 maxlen: 24
31.58.166.0/24 maxlen: 24
31.59.88.0/24 maxlen: 24
31.59.122.0/24 maxlen: 24
31.59.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Mar 2025 10:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8b:35:71:bf:b1:5a:17:c3:08:92:ac:aa:20:e1:99:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 12 16:34:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2d57abab19e7660d6186e372d2c042125b4ee4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b4:59:52:e3:1f:cd:8e:23:44:59:63:53:20:
f2:85:ef:a0:c2:55:37:9d:f1:43:7e:62:c7:c5:f9:
ab:84:d7:4c:79:c7:b8:dd:e4:d3:21:89:7d:66:75:
0b:a7:4d:dc:ff:90:94:c4:ac:33:48:8e:8e:83:a1:
65:f6:53:41:3c:f9:c8:27:62:c0:44:65:0c:0a:75:
21:95:d3:39:3d:58:da:b0:65:fd:69:76:4c:b9:86:
8e:ed:fe:7a:c7:e4:5d:8e:d6:98:be:06:55:94:f6:
63:aa:92:0c:b1:4c:54:88:5c:f8:75:29:61:b1:90:
ce:28:59:f8:2e:4c:b0:59:46:5f:a1:17:03:5c:24:
2a:5e:8f:b6:9e:0f:45:be:22:ff:0a:0d:24:83:d7:
4f:b2:22:99:84:a1:bd:3f:d3:58:aa:fa:fa:d2:38:
f7:6e:23:4c:95:37:9e:86:0b:9a:c6:73:63:09:cb:
78:38:42:fb:e2:1c:33:92:41:4f:39:8a:ad:6c:fd:
80:df:19:ec:9c:a2:46:2c:7d:50:9c:9d:38:4b:9d:
e3:9c:09:d5:e2:7c:f4:48:a6:7a:36:56:ea:28:67:
ba:f9:53:1a:95:c3:75:b6:73:72:66:dd:f9:d2:01:
0b:06:2e:91:79:b4:a1:0d:3e:ab:29:d2:c5:77:7b:
8e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:D5:7A:BA:B1:9E:76:60:D6:18:6E:37:2D:2C:04:21:25:B4:EE:4F
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4tV6urGedmDWGG43LSwEISW07k8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.73.0/24
31.56.85.0/24
31.57.153.0/24
31.57.236.0/24
31.58.43.0/24
31.58.128.0/24
31.58.153.0/24
31.58.162.0/24
31.58.164.0/24
31.58.166.0/24
31.59.88.0/24
31.59.122.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:ee:07:80:de:e3:a1:78:85:5e:d9:53:db:f1:1c:8f:c4:3d:
e1:e5:a7:20:b2:84:ce:b8:fd:da:d1:4c:a3:08:d5:71:d3:0c:
c2:f2:c0:f1:16:c4:65:2b:65:cb:20:37:b0:4b:24:0f:29:80:
6b:95:64:8b:5d:0b:0d:07:7b:de:50:36:ab:b3:a6:71:5d:89:
03:9c:a9:47:dc:c3:5b:81:5e:06:df:97:45:e5:f3:26:b7:c0:
b5:6e:fa:ee:3e:f9:31:8e:1c:de:f1:3a:db:da:12:6a:2d:95:
ea:7a:47:cf:4a:bc:a7:12:f5:eb:65:0c:e1:00:ad:c2:4a:87:
01:27:04:43:06:69:4c:96:80:72:d7:56:dd:f3:fb:b1:96:56:
ac:a6:fb:85:bf:95:b1:7c:97:14:8d:85:a2:06:22:5c:d6:f5:
44:8e:f1:39:91:cb:43:97:c1:5b:71:a2:30:e2:0d:ac:81:2a:
d2:5a:c8:dd:c4:32:38:85:bd:0f:96:70:9b:b9:0f:ee:ce:18:
4e:18:ba:a2:00:26:f7:29:81:82:9b:71:1e:ee:b6:27:c2:ac:
40:7f:22:b7:0e:b2:0f:42:8c:91:00:94:af:15:70:29:bf:1d:
13:42:31:42:90:36:74:e4:23:f6:54:b4:99:9f:3a:41:12:c9:
03:65:ab:a1
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZWLNXG/sVoXwwiSrKog4ZnhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzEyMTYzNDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmQ1N2FiYWIxOWU3NjYwZDYxODZlMzcyZDJjMDQyMTI1YjRlZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7RZUuMfzY4jRFljUyDyhe+gwlU3
nfFDfmLHxfmrhNdMece43eTTIYl9ZnULp03c/5CUxKwzSI6Og6Fl9lNBPPnIJ2LA
RGUMCnUhldM5PVjasGX9aXZMuYaO7f56x+RdjtaYvgZVlPZjqpIMsUxUiFz4dSlh
sZDOKFn4LkywWUZfoRcDXCQqXo+2ng9FviL/Cg0kg9dPsiKZhKG9P9NYqvr60jj3
biNMlTeehguaxnNjCct4OEL74hwzkkFPOYqtbP2A3xnsnKJGLH1QnJ04S53jnAnV
4nz0SKZ6NlbqKGe6+VMalcN1tnNyZt350gELBi6RebShDT6rKdLFd3uOWwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFOLVerqxnnZg1hhuNy0sBCEltO5PMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNHRWNnVyR2VkbURXR0c0M0xTd0VJU1cwN2s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAHzhJAwQA
HzhVAwQAHzmZAwQAHznsAwQAHzorAwQAHzqAAwQAHzqZAwQAHzqiAwQAHzqkAwQA
HzqmAwQAHztYAwQBHzt6MA0GCSqGSIb3DQEBCwUAA4IBAQBv7geA3uOheIVe2VPb
8RyPxD3h5acgsoTOuP3a0UyjCNVx0wzC8sDxFsRlK2XLIDewSyQPKYBrlWSLXQsN
B3veUDars6ZxXYkDnKlH3MNbgV4G35dF5fMmt8C1bvruPvkxjhze8Trb2hJqLZXq
ekfPSrynEvXrZQzhAK3CSocBJwRDBmlMloBy11bd8/uxllaspvuFv5WxfJcUjYWi
BiJc1vVEjvE5kctDl8FbcaIw4g2sgSrSWsjdxDI4hb0PlnCbuQ/uzhhOGLqiACb3
KYGCm3Ee7rYnwqxAfyK3DrIPQoyRAJSvFXApvx0TQjFCkDZ05CP2VLSZnzpBEskD
Zauh
-----END CERTIFICATE-----
Generated at Sat May 10 09:53:13 2025 by rpki-client