Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/o1WtMR4j_hwakywCg1xkqz6EDEM.roa
File: o1WtMR4j_hwakywCg1xkqz6EDEM.roa (raw, json)
Hash identifier: GygtBO55i7jmDyodIdQRlrpzBA/QwN+uxXA4sVKcJ1c=
Subject key identifier: A3:55:AD:31:1E:23:FE:1C:1A:93:2C:02:83:5C:64:AB:3E:84:0C:43
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0196589793EAAB0DEB74EA5C6FEA447CD89E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/o1WtMR4j_hwakywCg1xkqz6EDEM.roa
Signing time: Mon 21 Apr 2025 13:44:10 +0000
ROA not before: Mon 21 Apr 2025 13:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 31.56.16.0/22 maxlen: 24
31.57.16.0/21 maxlen: 24
31.57.135.0/24 maxlen: 24
31.58.176.0/22 maxlen: 24
31.58.200.0/22 maxlen: 24
31.58.216.0/22 maxlen: 24
31.58.235.0/24 maxlen: 24
31.58.236.0/24 maxlen: 24
31.58.240.0/22 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
31.58.252.0/22 maxlen: 24
31.59.64.0/22 maxlen: 24
31.59.80.0/22 maxlen: 24
31.59.124.0/22 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.176.0/21 maxlen: 24
31.59.188.0/22 maxlen: 24
31.59.192.0/22 maxlen: 24
31.59.216.0/22 maxlen: 24
217.60.16.0/21 maxlen: 24
217.60.28.0/22 maxlen: 24
217.60.40.0/22 maxlen: 24
217.60.64.0/18 maxlen: 24
217.60.187.0/24 maxlen: 24
217.60.196.0/23 maxlen: 24
217.60.244.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Apr 2025 14:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:58:97:93:ea:ab:0d:eb:74:ea:5c:6f:ea:44:7c:d8:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 21 13:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a355ad311e23fe1c1a932c02835c64ab3e840c43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3c:a4:1b:b6:25:0d:67:e0:17:c3:1d:28:e4:
c1:4e:9b:25:59:be:95:0d:11:21:c7:0d:e1:c6:1b:
de:21:77:40:32:87:26:a6:55:64:44:7a:7a:04:d0:
6f:46:2b:96:52:0a:bd:fc:ca:5d:8a:b6:76:98:f1:
42:3d:ed:1d:80:27:70:37:b7:66:52:a7:a3:ba:84:
18:91:6a:bb:8a:92:91:b3:1f:59:d2:8b:ce:01:c7:
3c:a7:bd:ba:cc:19:d8:59:bd:aa:99:f1:38:ad:80:
79:94:e6:4b:a4:73:c0:2d:c1:de:d7:e1:f0:af:39:
b5:3b:37:c4:59:75:ff:f4:30:57:55:cb:01:94:b6:
ee:f0:b1:d8:66:f8:14:3f:bf:0c:14:3a:6b:03:eb:
0d:bf:0c:2d:f7:ba:fd:df:da:d7:73:46:94:f6:b5:
31:23:0d:e8:ed:1c:f2:48:c3:e4:e5:3e:23:de:19:
01:38:8f:83:5c:d7:2f:f9:8a:6b:0d:90:be:24:4e:
df:ac:21:37:4e:c5:16:65:d3:24:dd:ae:ec:ff:66:
d6:62:ba:76:91:88:86:40:f6:79:4b:54:de:05:7a:
97:09:89:66:15:04:fc:ea:5a:cf:5c:19:20:f8:10:
d9:06:bb:45:73:92:39:6b:51:38:95:4c:1e:07:ce:
e4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:55:AD:31:1E:23:FE:1C:1A:93:2C:02:83:5C:64:AB:3E:84:0C:43
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/o1WtMR4j_hwakywCg1xkqz6EDEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.16.0/22
31.57.16.0/21
31.57.135.0/24
31.58.176.0/22
31.58.200.0/22
31.58.216.0/22
31.58.235.0-31.58.236.255
31.58.240.0-31.58.244.255
31.58.247.0/24
31.58.251.0-31.58.255.255
31.59.64.0/22
31.59.80.0/22
31.59.124.0/22
31.59.152.0/21
31.59.176.0/21
31.59.188.0-31.59.195.255
31.59.216.0/22
217.60.16.0/21
217.60.28.0/22
217.60.40.0/22
217.60.64.0/18
217.60.187.0/24
217.60.196.0/23
217.60.244.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:2f:8b:b8:e1:e1:5e:04:ed:65:16:49:66:ad:79:7e:e9:96:
42:96:67:18:24:01:fe:6e:fd:61:8e:22:67:d0:40:2c:ed:06:
68:54:ea:84:f6:f7:39:50:2b:6c:30:d7:bb:93:cd:03:b7:58:
1c:c2:90:cc:c4:91:ed:b4:bb:55:74:dc:51:af:15:84:80:2e:
e1:f1:6c:3e:8c:cd:c9:55:11:43:f4:95:71:9f:01:77:96:2d:
97:38:1b:80:55:58:4c:06:e8:6b:68:42:43:39:04:fa:d0:6a:
3f:12:1b:23:a3:ee:d7:7f:af:e6:b3:08:76:b3:c4:23:85:e1:
b2:10:8f:36:3d:6d:ac:1e:b3:45:44:1e:1e:69:0e:d7:8c:e8:
af:34:4c:fb:17:dc:75:2f:ea:1d:11:78:90:c6:8f:92:29:98:
68:fc:5c:81:2a:fb:ef:c5:ea:aa:83:36:e1:8c:fc:5c:a8:a7:
30:47:4f:b4:24:70:d2:13:2c:1d:c4:47:4d:85:23:cb:f5:7a:
0b:c1:3f:97:b9:ee:ec:7d:81:ee:6d:89:9d:94:11:da:8a:43:
a6:c6:8f:ee:92:b4:60:e5:21:c9:d0:74:d4:68:45:4b:21:ca:
00:99:78:74:7f:ce:1f:69:d1:7f:6d:98:6d:42:77:75:6a:41:
79:65:2e:c3
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAZZYl5Pqqw3rdOpcb+pEfNieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDIxMTM0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzU1YWQzMTFlMjNmZTFjMWE5MzJjMDI4MzVjNjRhYjNlODQwYzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTykG7YlDWfgF8MdKOTBTpslWb6V
DREhxw3hxhveIXdAMocmplVkRHp6BNBvRiuWUgq9/MpdirZ2mPFCPe0dgCdwN7dm
UqejuoQYkWq7ipKRsx9Z0ovOAcc8p726zBnYWb2qmfE4rYB5lOZLpHPALcHe1+Hw
rzm1OzfEWXX/9DBXVcsBlLbu8LHYZvgUP78MFDprA+sNvwwt97r939rXc0aU9rUx
Iw3o7RzySMPk5T4j3hkBOI+DXNcv+YprDZC+JE7frCE3TsUWZdMk3a7s/2bWYrp2
kYiGQPZ5S1TeBXqXCYlmFQT86lrPXBkg+BDZBrtFc5I5a1E4lUweB87kPwIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFKNVrTEeI/4cGpMsAoNcZKs+hAxDMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvbzFXdE1SNGpfaHdha3l3Q2cxeGtxejZFREVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTCBtgQCAAEwga8DBAIf
OBADBAMfORADBAAfOYcDBAIfOrADBAIfOsgDBAIfOtgwDAMEAB866wMEAB867DAM
AwQEHzrwAwQAHzr0AwQAHzr3MAsDBAAfOvsDAwAfOgMEAh87QAMEAh87UAMEAh87
fAMEAx87mAMEAx87sDAMAwQCHzu8AwQCHzvAAwQCHzvYAwQD2TwQAwQC2TwcAwQC
2TwoAwQG2TxAAwQA2Ty7AwQB2TzEAwQB2Tz0MA0GCSqGSIb3DQEBCwUAA4IBAQCa
L4u44eFeBO1lFklmrXl+6ZZClmcYJAH+bv1hjiJn0EAs7QZoVOqE9vc5UCtsMNe7
k80Dt1gcwpDMxJHttLtVdNxRrxWEgC7h8Ww+jM3JVRFD9JVxnwF3li2XOBuAVVhM
BuhraEJDOQT60Go/Ehsjo+7Xf6/mswh2s8QjheGyEI82PW2sHrNFRB4eaQ7XjOiv
NEz7F9x1L+odEXiQxo+SKZho/FyBKvvvxeqqgzbhjPxcqKcwR0+0JHDSEywdxEdN
hSPL9XoLwT+Xue7sfYHubYmdlBHaikOmxo/ukrRg5SHJ0HTUaEVLIcoAmXh0f84f
adF/bZhtQnd1akF5ZS7D
-----END CERTIFICATE-----
Generated at Sun May 11 13:12:30 2025 by rpki-client