Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pT7hAjUvAi0mhEPAscozky7V0UE.roa
File: pT7hAjUvAi0mhEPAscozky7V0UE.roa (raw, json)
Hash identifier: BqxhsUK1OiUeApM6/gLKfsBj7jas1aU+DW0GSPt9pY4=
Subject key identifier: A5:3E:E1:02:35:2F:02:2D:26:84:43:C0:B1:CA:33:93:2E:D5:D1:41
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019647C6C4651B556FFA62BE53E2AC3129D8
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pT7hAjUvAi0mhEPAscozky7V0UE.roa
Signing time: Fri 18 Apr 2025 07:22:10 +0000
ROA not before: Fri 18 Apr 2025 07:22:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 31.56.52.0/22 maxlen: 22
31.56.59.0/24 maxlen: 24
31.56.77.0/24 maxlen: 24
31.57.199.0/24 maxlen: 24
31.58.86.0/24 maxlen: 24
31.59.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Apr 2025 14:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:47:c6:c4:65:1b:55:6f:fa:62:be:53:e2:ac:31:29:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 18 07:22:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a53ee102352f022d268443c0b1ca33932ed5d141
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b2:21:63:4d:9d:8e:c3:76:4d:b1:9d:e6:88:
3d:e5:0b:0e:37:44:f1:a0:14:cc:c9:8a:ef:fd:42:
2c:e7:67:95:8b:cf:bb:bc:36:58:b1:eb:4c:76:7b:
3e:31:19:a6:89:60:2f:22:7e:dc:9f:90:0b:31:44:
6c:95:7a:44:e4:81:ce:75:9b:c5:7d:74:4e:af:b6:
b6:3b:58:8f:1a:be:b1:fa:50:2a:c7:8a:12:0a:a9:
ec:c3:6f:e7:9a:c8:13:89:19:56:39:a8:2a:e7:a3:
90:2a:2c:5a:93:b5:8a:23:07:d9:b3:6c:09:bf:7e:
6c:37:75:6a:3c:34:c8:ce:f7:e3:d6:f4:b7:8f:88:
5f:89:3c:1e:21:07:be:ff:f9:2c:5c:e3:b2:40:80:
6c:77:38:f4:fa:59:8e:03:37:35:9f:b0:10:9d:b4:
04:15:8b:f4:80:9d:9d:34:e3:79:1d:03:c2:ca:f6:
24:db:90:bd:17:ea:a8:45:21:45:c2:f3:ed:50:e3:
89:8b:c1:62:c7:81:22:ee:64:d0:f9:fd:11:f0:34:
32:72:ec:eb:1f:89:57:5b:aa:be:27:83:22:b4:df:
40:01:8a:2c:71:9a:ba:b3:46:f7:a5:2b:55:a9:17:
ad:48:52:35:bf:5c:fd:28:be:ef:6e:df:fa:e4:41:
da:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:3E:E1:02:35:2F:02:2D:26:84:43:C0:B1:CA:33:93:2E:D5:D1:41
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pT7hAjUvAi0mhEPAscozky7V0UE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.52.0/22
31.56.59.0/24
31.56.77.0/24
31.57.199.0/24
31.58.86.0/24
31.59.68.0/24
Signature Algorithm: sha256WithRSAEncryption
16:b5:21:52:61:be:02:6a:3d:3b:b3:a7:0e:04:83:a5:38:65:
95:0e:11:37:7c:7d:8b:d7:90:46:f6:e5:c4:72:70:eb:ea:64:
ab:26:58:80:b2:a8:c4:aa:fd:45:78:2c:55:2d:ff:b1:56:93:
da:02:26:56:03:f9:6a:8d:7a:b6:92:3f:8e:a2:57:99:ef:66:
25:5d:8e:b7:35:57:6a:98:90:ff:44:c6:cb:88:d0:ea:9f:9a:
a9:77:e6:04:4b:ba:63:cc:61:6a:5a:65:f4:ef:a0:7d:c5:e8:
a4:d4:7f:a5:47:0b:6d:b5:5b:4b:d9:c2:0b:11:aa:a7:cd:bd:
33:15:aa:eb:92:ce:4e:68:f7:a0:90:ad:46:99:41:8c:1d:76:
cc:63:11:4f:9e:7f:9a:65:a9:9f:d9:d7:4d:36:37:b0:d2:ba:
d3:ea:f9:83:8a:10:36:ef:a5:aa:54:a8:02:28:2e:81:2d:67:
da:f0:ad:dc:ac:c7:17:a6:16:e5:98:83:7a:2e:2b:26:0f:0a:
d8:f3:43:4d:04:f0:15:b0:ff:d0:ca:35:2e:7a:26:e9:6a:b1:
ca:00:c7:2a:8a:2b:4a:72:a5:a5:0e:86:7d:be:ea:7a:9f:6d:
5c:8a:7a:eb:84:ca:91:4b:96:88:63:41:d2:65:3d:c9:74:28:
61:1f:7e:1b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZZHxsRlG1Vv+mK+U+KsMSnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDE4MDcyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTNlZTEwMjM1MmYwMjJkMjY4NDQzYzBiMWNhMzM5MzJlZDVkMTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7IhY02djsN2TbGd5og95QsON0Tx
oBTMyYrv/UIs52eVi8+7vDZYsetMdns+MRmmiWAvIn7cn5ALMURslXpE5IHOdZvF
fXROr7a2O1iPGr6x+lAqx4oSCqnsw2/nmsgTiRlWOagq56OQKixak7WKIwfZs2wJ
v35sN3VqPDTIzvfj1vS3j4hfiTweIQe+//ksXOOyQIBsdzj0+lmOAzc1n7AQnbQE
FYv0gJ2dNON5HQPCyvYk25C9F+qoRSFFwvPtUOOJi8Fix4Ei7mTQ+f0R8DQycuzr
H4lXW6q+J4MitN9AAYoscZq6s0b3pStVqRetSFI1v1z9KL7vbt/65EHaRwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKU+4QI1LwItJoRDwLHKM5Mu1dFBMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvcFQ3aEFqVXZBaTBtaEVQQXNjb3preTdWMFVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCHzg0AwQA
Hzg7AwQAHzhNAwQAHznHAwQAHzpWAwQAHztEMA0GCSqGSIb3DQEBCwUAA4IBAQAW
tSFSYb4Caj07s6cOBIOlOGWVDhE3fH2L15BG9uXEcnDr6mSrJliAsqjEqv1FeCxV
Lf+xVpPaAiZWA/lqjXq2kj+OoleZ72YlXY63NVdqmJD/RMbLiNDqn5qpd+YES7pj
zGFqWmX076B9xeik1H+lRwtttVtL2cILEaqnzb0zFarrks5OaPegkK1GmUGMHXbM
YxFPnn+aZamf2ddNNjew0rrT6vmDihA276WqVKgCKC6BLWfa8K3crMcXphblmIN6
LismDwrY80NNBPAVsP/QyjUueibparHKAMcqiitKcqWlDoZ9vup6n21cinrrhMqR
S5aIY0HSZT3JdChhH34b
-----END CERTIFICATE-----
Generated at Sun May 11 04:26:43 2025 by rpki-client