Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/oF9dFtiw0Sqo1by7G02El41DqOY.roa
File: oF9dFtiw0Sqo1by7G02El41DqOY.roa (raw, json)
Hash identifier: iylCFD08p384v5T7H8MPaZ/qEzJBEYvbcSMA9dmDQqc=
Subject key identifier: A0:5F:5D:16:D8:B0:D1:2A:A8:D5:BC:BB:1B:4D:84:97:8D:43:A8:E6
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019632B7FB733E7191ADCB9FAE28FF308295
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/oF9dFtiw0Sqo1by7G02El41DqOY.roa
Signing time: Mon 14 Apr 2025 05:14:00 +0000
ROA not before: Mon 14 Apr 2025 05:14:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36530
IP address blocks: 31.56.72.0/24 maxlen: 24
31.56.84.0/24 maxlen: 24
31.57.104.0/24 maxlen: 24
31.58.88.0/24 maxlen: 24
31.58.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Apr 2025 07:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:32:b7:fb:73:3e:71:91:ad:cb:9f:ae:28:ff:30:82:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 14 05:14:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a05f5d16d8b0d12aa8d5bcbb1b4d84978d43a8e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:65:25:d5:a6:ae:6d:6a:b7:7b:46:6b:a8:43:
3d:37:48:49:4f:ab:66:3a:fa:a9:50:38:fd:eb:dd:
b5:3b:3f:1a:39:21:55:7b:7d:aa:67:b3:3e:9e:cc:
56:3d:70:7a:d3:29:d4:2f:f2:b5:56:28:b9:27:01:
8d:d5:7d:00:c1:6e:45:41:30:b1:5f:fb:de:e8:16:
78:b3:d0:70:97:b1:d4:f4:ff:94:42:02:d6:c1:49:
e7:54:ed:a0:10:56:43:26:0a:41:b1:45:bd:d4:82:
2d:f5:4d:fb:9c:aa:6a:21:20:c7:f3:fa:a2:6a:70:
61:10:ce:49:14:d7:db:3c:42:0e:68:47:36:3f:70:
b6:9e:ba:ac:5c:ae:d8:87:19:3d:cd:e3:69:84:b8:
db:5a:02:49:48:d8:be:0e:4f:ce:03:83:0d:01:eb:
ca:60:42:b7:e7:ca:66:32:6c:91:d0:8f:9e:c6:a6:
34:cb:3a:f5:ba:f1:ed:36:5a:43:5e:ef:37:dc:65:
05:c2:3a:c7:41:0b:75:69:17:ac:2d:98:99:45:7b:
35:01:6e:f4:b4:01:74:05:9a:92:ba:ca:31:32:46:
f1:36:3a:42:8d:01:26:7f:0c:db:9d:56:b7:1e:c7:
14:21:a6:8b:d7:ac:1c:8d:04:74:f3:b1:af:43:ed:
b1:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:5F:5D:16:D8:B0:D1:2A:A8:D5:BC:BB:1B:4D:84:97:8D:43:A8:E6
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/oF9dFtiw0Sqo1by7G02El41DqOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.72.0/24
31.56.84.0/24
31.57.104.0/24
31.58.88.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:76:47:fd:66:16:33:0a:7d:55:12:13:c5:c7:8d:34:63:13:
51:b8:6d:de:50:37:09:65:cc:69:8a:da:e4:a4:13:4c:ba:02:
91:61:ef:f1:78:f5:df:f0:ae:97:ec:56:2b:58:8c:8b:da:f3:
4a:cf:d0:af:12:c3:ef:59:65:58:f3:98:cb:66:62:89:21:9c:
e8:5a:d2:43:4a:26:e4:e6:67:40:46:07:c0:3b:53:36:5f:13:
34:06:0e:23:f8:bd:93:50:4f:9b:f6:9e:9c:22:89:b5:36:fa:
37:0c:a0:76:0b:6f:8c:b7:54:7f:01:83:18:27:66:bc:ea:e2:
14:fd:ac:c7:56:dd:d7:6d:88:a3:cb:a5:cd:4e:b8:d1:44:3a:
57:04:c3:52:f1:0d:9e:55:b9:1a:ba:86:2c:8a:52:5b:bf:c6:
b1:07:3b:0c:ca:73:b5:da:90:ca:f2:c4:44:f3:a2:63:21:54:
d9:70:8b:c1:81:86:2f:84:ee:3f:9b:02:ee:a8:2a:63:04:22:
4a:12:ef:fc:ba:bc:fe:ba:93:3a:0a:1c:f6:ad:ba:35:ae:cc:
d2:2d:03:ae:3e:fe:70:af:02:f6:d8:3a:09:c8:0d:5a:9d:86:
bb:ee:83:a9:2b:df:7b:9f:33:c7:65:5b:ce:68:33:fb:75:30:
bc:7d:d4:7e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZYyt/tzPnGRrcufrij/MIKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDE0MDUxNDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDVmNWQxNmQ4YjBkMTJhYThkNWJjYmIxYjRkODQ5NzhkNDNhOGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2Ul1aaubWq3e0ZrqEM9N0hJT6tm
OvqpUDj96921Oz8aOSFVe32qZ7M+nsxWPXB60ynUL/K1Vii5JwGN1X0AwW5FQTCx
X/ve6BZ4s9Bwl7HU9P+UQgLWwUnnVO2gEFZDJgpBsUW91IIt9U37nKpqISDH8/qi
anBhEM5JFNfbPEIOaEc2P3C2nrqsXK7Yhxk9zeNphLjbWgJJSNi+Dk/OA4MNAevK
YEK358pmMmyR0I+exqY0yzr1uvHtNlpDXu833GUFwjrHQQt1aResLZiZRXs1AW70
tAF0BZqSusoxMkbxNjpCjQEmfwzbnVa3HscUIaaL16wcjQR087GvQ+2xCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKBfXRbYsNEqqNW8uxtNhJeNQ6jmMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvb0Y5ZEZ0aXcwU3FvMWJ5N0cwMkVsNDFEcU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzhIAwQA
HzhUAwQAHzloAwQBHzpYMA0GCSqGSIb3DQEBCwUAA4IBAQBNdkf9ZhYzCn1VEhPF
x400YxNRuG3eUDcJZcxpitrkpBNMugKRYe/xePXf8K6X7FYrWIyL2vNKz9CvEsPv
WWVY85jLZmKJIZzoWtJDSibk5mdARgfAO1M2XxM0Bg4j+L2TUE+b9p6cIom1Nvo3
DKB2C2+Mt1R/AYMYJ2a86uIU/azHVt3XbYijy6XNTrjRRDpXBMNS8Q2eVbkauoYs
ilJbv8axBzsMynO12pDK8sRE86JjIVTZcIvBgYYvhO4/mwLuqCpjBCJKEu/8urz+
upM6Chz2rbo1rszSLQOuPv5wrwL22DoJyA1anYa77oOpK997nzPHZVvOaDP7dTC8
fdR+
-----END CERTIFICATE-----
Generated at Sat May 10 22:33:10 2025 by rpki-client