Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Ol5S8ghQHYcywdIC9ZrcFUT0wfI.roa
File: Ol5S8ghQHYcywdIC9ZrcFUT0wfI.roa (raw, json)
Hash identifier: yR68WbkqeqzL+5QdXzwqUOSmJuHKpWkcv7AkXvqyBK8=
Subject key identifier: 3A:5E:52:F2:08:50:1D:87:32:C1:D2:02:F5:9A:DC:15:44:F4:C1:F2
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01967D06F8BBCE6C4ADBE876E4D06BC676D5
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Ol5S8ghQHYcywdIC9ZrcFUT0wfI.roa
Signing time: Mon 28 Apr 2025 15:32:10 +0000
ROA not before: Mon 28 Apr 2025 15:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25369
IP address blocks: 31.56.196.0/22 maxlen: 24
31.58.36.0/22 maxlen: 24
31.58.44.0/22 maxlen: 24
31.58.52.0/22 maxlen: 24
31.58.60.0/22 maxlen: 24
31.59.121.0/24 maxlen: 24
31.59.196.0/22 maxlen: 24
31.59.200.0/22 maxlen: 24
31.59.204.0/22 maxlen: 24
31.59.208.0/22 maxlen: 24
31.59.212.0/22 maxlen: 24
31.59.220.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 May 2025 08:12:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7d:06:f8:bb:ce:6c:4a:db:e8:76:e4:d0:6b:c6:76:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 28 15:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a5e52f208501d8732c1d202f59adc1544f4c1f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fd:14:53:7c:e1:3d:36:57:2e:47:4e:ed:72:
c7:70:b7:b3:83:8b:e1:bd:52:48:04:f5:d4:9c:58:
9b:b4:5d:8d:a8:3d:3a:97:6a:80:a1:42:95:5e:2e:
38:b4:07:e3:4e:e4:4c:05:dd:5f:17:c9:19:b1:d8:
35:33:1b:fc:4e:ca:50:9d:08:02:e8:90:35:34:14:
9b:83:d9:b7:e1:a3:93:81:f0:fc:6e:8c:fd:0e:33:
de:a2:a4:23:b4:06:93:3d:c5:a8:80:c1:ed:6c:cb:
1c:c0:34:9d:35:48:8d:28:4f:55:41:cd:f3:33:02:
df:de:d7:5b:f8:cf:58:ea:78:a8:87:55:2d:43:4c:
29:7d:e5:55:28:ef:e4:67:e2:ae:bc:11:d3:fd:14:
9d:e2:3d:84:a7:55:0a:ae:4b:ba:4f:d1:f9:57:08:
a7:8b:24:ff:56:d7:5b:03:85:38:f0:68:12:b6:1e:
02:f6:04:b6:49:d1:a9:12:e5:8a:e1:cb:5e:4b:81:
9f:82:c9:27:2a:75:10:6c:da:e9:cb:d4:8d:18:ab:
12:7c:8e:0f:77:ca:46:1b:06:42:9c:fe:2b:72:81:
89:f7:d9:b6:f5:80:44:a6:27:22:25:be:ab:fe:2d:
6d:fa:44:f0:f3:85:be:62:7e:44:73:f5:54:b7:c5:
24:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:5E:52:F2:08:50:1D:87:32:C1:D2:02:F5:9A:DC:15:44:F4:C1:F2
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Ol5S8ghQHYcywdIC9ZrcFUT0wfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.196.0/22
31.58.36.0/22
31.58.44.0/22
31.58.52.0/22
31.58.60.0/22
31.59.121.0/24
31.59.196.0-31.59.215.255
31.59.220.0/22
Signature Algorithm: sha256WithRSAEncryption
74:78:7b:c7:4e:7d:18:cc:46:04:33:7c:13:aa:07:90:51:90:
ba:27:e5:8f:41:f6:c3:b0:29:ea:7b:72:a2:c6:3f:d3:7c:e6:
b4:6e:b4:82:a3:65:08:9f:ea:3c:9d:2b:aa:91:d8:49:0a:dc:
d3:5d:da:39:f3:96:4d:a8:c9:b9:b5:4c:57:23:be:0b:36:68:
ea:86:bd:32:25:3b:5d:c9:25:7c:c9:85:2a:31:4f:5b:3c:2a:
17:a3:ee:de:55:00:ef:be:18:91:55:c9:f2:36:91:cf:f7:f5:
26:06:e2:6b:ed:c3:15:a0:b8:02:ef:e2:f3:02:ef:b2:8f:58:
b4:72:95:5e:a8:c9:fe:ac:56:16:7f:26:95:29:a7:6a:b5:b5:
80:03:0c:0c:e1:46:32:e4:01:83:8f:27:ab:c1:37:dc:c7:2e:
b4:c1:36:2a:d0:05:ba:b7:ab:7a:98:7a:a9:58:bb:3a:05:fc:
42:3e:d6:55:81:ac:55:e8:bc:f8:7a:65:1d:bc:4d:c4:34:9d:
58:34:df:6c:bc:df:83:cc:3c:0e:35:5f:5b:1f:54:df:41:53:
56:61:c8:3c:5b:b2:cb:e0:80:33:de:38:ab:54:14:da:96:2c:
ef:88:94:5c:dc:98:e9:97:7f:ac:31:e8:f1:83:70:dd:49:0a:
7e:2a:17:fe
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZZ9Bvi7zmxK2+h25NBrxnbVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDI4MTUzMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTVlNTJmMjA4NTAxZDg3MzJjMWQyMDJmNTlhZGMxNTQ0ZjRjMWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkv0UU3zhPTZXLkdO7XLHcLezg4vh
vVJIBPXUnFibtF2NqD06l2qAoUKVXi44tAfjTuRMBd1fF8kZsdg1Mxv8TspQnQgC
6JA1NBSbg9m34aOTgfD8boz9DjPeoqQjtAaTPcWogMHtbMscwDSdNUiNKE9VQc3z
MwLf3tdb+M9Y6nioh1UtQ0wpfeVVKO/kZ+KuvBHT/RSd4j2Ep1UKrku6T9H5Vwin
iyT/VtdbA4U48GgSth4C9gS2SdGpEuWK4cteS4GfgsknKnUQbNrpy9SNGKsSfI4P
d8pGGwZCnP4rcoGJ99m29YBEpiciJb6r/i1t+kTw84W+Yn5Ec/VUt8UksQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFDpeUvIIUB2HMsHSAvWa3BVE9MHyMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvT2w1UzhnaFFIWWN5d2RJQzlacmNGVVQwd2ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCHzjEAwQC
HzokAwQCHzosAwQCHzo0AwQCHzo8AwQAHzt5MAwDBAIfO8QDBAMfO9ADBAIfO9ww
DQYJKoZIhvcNAQELBQADggEBAHR4e8dOfRjMRgQzfBOqB5BRkLon5Y9B9sOwKep7
cqLGP9N85rRutIKjZQif6jydK6qR2EkK3NNd2jnzlk2oybm1TFcjvgs2aOqGvTIl
O13JJXzJhSoxT1s8Khej7t5VAO++GJFVyfI2kc/39SYG4mvtwxWguALv4vMC77KP
WLRylV6oyf6sVhZ/JpUpp2q1tYADDAzhRjLkAYOPJ6vBN9zHLrTBNirQBbq3q3qY
eqlYuzoF/EI+1lWBrFXovPh6ZR28TcQ0nVg032y834PMPA41X1sfVN9BU1ZhyDxb
ssvggDPeOKtUFNqWLO+IlFzcmOmXf6wx6PGDcN1JCn4qF/4=
-----END CERTIFICATE-----
Generated at Sun May 11 19:11:20 2025 by rpki-client