Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BvfrHsLcGb77NNHxheq5rgau7TU.roa
File: BvfrHsLcGb77NNHxheq5rgau7TU.roa (raw, json)
Hash identifier: O2DQrITTvkMIyoWTZ3WHQBF3chmu09NtBd7jsX2na4M=
Subject key identifier: 06:F7:EB:1E:C2:DC:19:BE:FB:34:D1:F1:85:EA:B9:AE:06:AE:ED:35
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019676FF64FA7410BABD4AC6071D2E3B65B0
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BvfrHsLcGb77NNHxheq5rgau7TU.roa
Signing time: Sun 27 Apr 2025 11:26:11 +0000
ROA not before: Sun 27 Apr 2025 11:26:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 31.56.114.0/24 maxlen: 24
31.56.157.0/24 maxlen: 24
31.56.201.0/24 maxlen: 24
31.57.133.0/24 maxlen: 24
31.57.136.0/24 maxlen: 24
31.57.138.0/24 maxlen: 24
31.57.143.0/24 maxlen: 24
31.58.129.0/24 maxlen: 24
31.58.138.0/23 maxlen: 24
31.58.150.0/24 maxlen: 24
31.58.154.0/24 maxlen: 24
31.58.165.0/24 maxlen: 24
31.59.43.0/24 maxlen: 24
31.59.56.0/24 maxlen: 24
31.59.97.0/24 maxlen: 24
31.59.112.0/24 maxlen: 24
31.59.113.0/24 maxlen: 24
31.59.115.0/24 maxlen: 24
31.59.130.0/24 maxlen: 24
31.59.144.0/22 maxlen: 24
31.59.187.0/24 maxlen: 24
31.59.229.0/24 maxlen: 24
31.59.231.0/24 maxlen: 24
31.59.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Apr 2025 15:03:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:76:ff:64:fa:74:10:ba:bd:4a:c6:07:1d:2e:3b:65:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 27 11:26:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06f7eb1ec2dc19befb34d1f185eab9ae06aeed35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:84:7d:73:7f:9d:01:03:71:5c:5f:3b:3f:4a:
e4:de:cb:6e:3b:b2:03:75:09:2d:79:f1:ec:b7:09:
bd:28:ef:59:66:43:19:32:62:72:b7:37:9a:1d:41:
3f:96:2f:a4:06:ab:8a:88:10:c7:ad:56:dd:38:78:
17:6f:e0:12:1b:df:c6:ba:89:e3:ba:41:7d:88:2f:
50:21:ad:06:13:1b:0a:0d:40:61:8c:4c:03:15:98:
7c:3f:60:6d:08:0e:37:42:47:f4:45:1f:b7:4b:51:
b5:27:b4:7d:a0:d1:46:c1:17:f3:dc:ec:a0:63:7a:
26:84:f1:e3:d5:e5:ee:5c:78:b2:77:48:f4:f6:f5:
83:14:4c:1a:c2:b5:a8:5f:aa:b0:7a:b0:13:73:42:
d5:27:7c:68:e2:73:e4:35:19:d9:6e:6c:11:68:f1:
89:cf:d1:3b:37:20:da:0d:4e:3c:01:42:63:fb:40:
1a:5e:a3:38:eb:b5:33:ff:95:21:b1:2c:3c:af:03:
b8:64:14:6e:1d:4c:e3:d7:0a:34:49:16:95:d1:82:
e8:55:ec:97:c8:37:59:f5:67:61:36:52:8a:67:cd:
b7:77:ce:12:1f:26:f3:c3:bc:81:2a:41:a4:af:24:
8f:c7:99:26:cc:84:06:11:c7:78:e1:4e:e1:87:e3:
ea:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:F7:EB:1E:C2:DC:19:BE:FB:34:D1:F1:85:EA:B9:AE:06:AE:ED:35
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BvfrHsLcGb77NNHxheq5rgau7TU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.114.0/24
31.56.157.0/24
31.56.201.0/24
31.57.133.0/24
31.57.136.0/24
31.57.138.0/24
31.57.143.0/24
31.58.129.0/24
31.58.138.0/23
31.58.150.0/24
31.58.154.0/24
31.58.165.0/24
31.59.43.0/24
31.59.56.0/24
31.59.97.0/24
31.59.112.0/23
31.59.115.0/24
31.59.130.0/24
31.59.144.0/22
31.59.187.0/24
31.59.229.0/24
31.59.231.0/24
31.59.245.0/24
Signature Algorithm: sha256WithRSAEncryption
10:ed:c4:20:ff:08:d9:64:89:23:66:85:c8:8e:eb:40:b4:7a:
e6:3f:ce:30:f6:cb:39:5d:8c:f5:88:8d:4b:1c:11:03:b7:d8:
c8:64:3a:04:fc:45:23:d1:dd:ca:9b:e2:2d:9b:6f:01:c5:eb:
87:58:f0:8c:85:c1:79:ac:00:52:ee:df:ce:f3:2b:03:51:50:
ad:f8:d8:fa:0d:40:28:d2:0a:81:71:b5:29:d9:6f:2c:01:d1:
48:a4:b4:ff:47:30:f7:45:38:b1:1f:70:8c:3b:7d:0b:2f:85:
40:04:c3:35:6e:49:99:98:28:66:ff:cb:13:6b:96:24:53:5c:
3b:9c:0a:8d:f6:cf:c2:ab:33:35:46:3e:3e:e3:80:59:bf:fc:
64:fd:13:7a:18:ca:55:be:62:b3:ce:96:b1:a1:8e:52:87:1e:
f3:b0:d3:33:58:a6:d4:ac:dd:02:65:99:ca:ae:52:a5:0f:7d:
1f:07:75:80:b4:cd:46:b2:cd:c4:dc:70:5f:43:1e:d8:ea:1d:
00:f6:00:54:de:74:95:a0:2a:0e:19:21:0e:31:aa:39:50:53:
e4:fd:6e:aa:e7:a2:29:a3:13:88:c4:45:05:f6:c1:52:14:2e:
35:5f:80:eb:8d:66:32:e3:3b:18:e0:28:50:d9:40:7b:03:7f:
fe:3d:af:c4
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZZ2/2T6dBC6vUrGBx0uO2WwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDI3MTEyNjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmY3ZWIxZWMyZGMxOWJlZmIzNGQxZjE4NWVhYjlhZTA2YWVlZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4R9c3+dAQNxXF87P0rk3stuO7ID
dQktefHstwm9KO9ZZkMZMmJytzeaHUE/li+kBquKiBDHrVbdOHgXb+ASG9/Guonj
ukF9iC9QIa0GExsKDUBhjEwDFZh8P2BtCA43Qkf0RR+3S1G1J7R9oNFGwRfz3Oyg
Y3omhPHj1eXuXHiyd0j09vWDFEwawrWoX6qwerATc0LVJ3xo4nPkNRnZbmwRaPGJ
z9E7NyDaDU48AUJj+0AaXqM467Uz/5UhsSw8rwO4ZBRuHUzj1wo0SRaV0YLoVeyX
yDdZ9WdhNlKKZ823d84SHybzw7yBKkGkrySPx5kmzIQGEcd44U7hh+Pq3wIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFAb36x7C3Bm++zTR8YXqua4Gru01MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQnZmckhzTGNHYjc3Tk5IeGhlcTVyZ2F1N1RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAf
OHIDBAAfOJ0DBAAfOMkDBAAfOYUDBAAfOYgDBAAfOYoDBAAfOY8DBAAfOoEDBAEf
OooDBAAfOpYDBAAfOpoDBAAfOqUDBAAfOysDBAAfOzgDBAAfO2EDBAEfO3ADBAAf
O3MDBAAfO4IDBAIfO5ADBAAfO7sDBAAfO+UDBAAfO+cDBAAfO/UwDQYJKoZIhvcN
AQELBQADggEBABDtxCD/CNlkiSNmhciO60C0euY/zjD2yzldjPWIjUscEQO32Mhk
OgT8RSPR3cqb4i2bbwHF64dY8IyFwXmsAFLu387zKwNRUK342PoNQCjSCoFxtSnZ
bywB0UiktP9HMPdFOLEfcIw7fQsvhUAEwzVuSZmYKGb/yxNrliRTXDucCo32z8Kr
MzVGPj7jgFm//GT9E3oYylW+YrPOlrGhjlKHHvOw0zNYptSs3QJlmcquUqUPfR8H
dYC0zUayzcTccF9DHtjqHQD2AFTedJWgKg4ZIQ4xqjlQU+T9bqrnoimjE4jERQX2
wVIULjVfgOuNZjLjOxjgKFDZQHsDf/49r8Q=
-----END CERTIFICATE-----
Generated at Sun May 11 22:47:59 2025 by rpki-client