Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wf8ZXKdVRMWub5FiGtlIcWQmRbo.roa
File: wf8ZXKdVRMWub5FiGtlIcWQmRbo.roa (raw, json)
Hash identifier: 5iWD5IlAqRbLGA2Mmo59rpQxjKu7E6tC69uwjYvB3UA=
Subject key identifier: C1:FF:19:5C:A7:55:44:C5:AE:6F:91:62:1A:D9:48:71:64:26:45:BA
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019677FC1403BBC46FCBE95A0F1C1E3F9218
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wf8ZXKdVRMWub5FiGtlIcWQmRbo.roa
Signing time: Sun 27 Apr 2025 16:02:11 +0000
ROA not before: Sun 27 Apr 2025 16:02:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215242
IP address blocks: 31.58.211.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
217.60.251.0/24 maxlen: 24
217.60.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Apr 2025 12:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:77:fc:14:03:bb:c4:6f:cb:e9:5a:0f:1c:1e:3f:92:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 27 16:02:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1ff195ca75544c5ae6f91621ad94871642645ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:56:45:2a:c3:35:13:e8:d3:35:15:22:6b:af:
cc:ce:d9:7c:5e:0e:27:30:96:df:14:99:48:01:51:
7d:ce:b0:e6:32:9f:3d:61:7e:f7:e8:64:4e:23:47:
21:c3:2c:62:fc:dd:dc:ae:b8:c0:8e:8d:c0:be:14:
92:60:5f:23:a3:36:1b:fa:67:d6:9c:d3:86:04:f9:
0a:e0:24:ac:b9:e5:08:3b:f3:af:76:e4:13:ba:d4:
c6:08:52:28:a9:2f:f4:f9:46:ae:7c:83:13:6a:7b:
48:ca:c1:12:7d:4d:ed:b8:1c:9e:ee:b1:b2:ab:2d:
bb:f8:d0:91:92:54:e1:b1:d0:c9:3e:2b:1f:42:6e:
7a:2a:28:ef:e4:d5:29:3f:bf:49:64:38:ef:52:3f:
a0:d8:86:e1:0f:11:cf:7f:00:c9:63:ba:06:b7:2f:
8c:63:38:d6:4f:cc:f1:c9:8f:14:25:84:04:04:31:
9e:db:0a:a5:96:a8:f4:6d:38:29:9d:17:52:84:9f:
2d:2c:0a:ce:e9:05:b7:f8:78:92:a0:83:8c:c9:b9:
26:c7:a9:31:c7:b0:c2:4d:4e:f3:19:ae:82:d6:f4:
56:c5:76:ac:84:ee:99:b5:ed:e5:8d:b6:da:02:81:
91:e8:2f:36:11:a6:f9:7d:c7:6a:10:fa:d8:7d:10:
60:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:FF:19:5C:A7:55:44:C5:AE:6F:91:62:1A:D9:48:71:64:26:45:BA
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wf8ZXKdVRMWub5FiGtlIcWQmRbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.211.0/24
31.58.250.0/23
217.60.251.0/24
217.60.254.0/24
Signature Algorithm: sha256WithRSAEncryption
22:72:52:90:30:e9:0d:02:ea:d5:61:0e:4e:5a:3e:02:aa:45:
1a:cd:e4:fb:f4:c8:f6:ae:41:35:00:c9:9a:2a:c4:fa:a1:1a:
ba:9e:e1:3f:30:58:03:d5:6b:e2:b3:b7:39:74:59:78:2c:b3:
01:8c:cc:ec:88:76:89:8a:81:6c:56:95:b8:35:6f:57:e7:3e:
52:a0:3b:71:79:23:69:c7:2a:18:c1:bd:33:7f:1e:34:22:9e:
65:85:c0:ed:75:40:1d:2f:a2:19:35:3a:9d:75:fd:cf:36:ec:
65:12:58:ae:35:f8:7b:b4:1a:c4:22:9a:d7:fd:d3:4a:2e:cd:
16:a8:79:04:dd:12:f5:48:68:f8:fb:13:8a:9d:43:aa:50:b0:
52:f8:1e:62:f6:9f:38:9e:a4:6f:08:64:3c:19:34:86:10:39:
30:64:be:62:41:75:b9:3a:2d:08:37:67:27:b3:41:e3:30:59:
3f:7d:77:df:06:ce:36:1c:ca:8d:81:b3:d5:2b:a1:69:ef:bf:
17:4c:53:67:9c:2f:17:1e:3b:b1:d3:a5:fe:cb:11:63:74:07:
8b:03:1b:93:23:3e:dd:3b:04:4b:76:8c:79:36:07:fa:39:25:
e2:c3:bf:15:34:b3:f8:bd:74:a7:d2:4a:70:6e:3a:27:32:52:
23:1e:6c:ee
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZZ3/BQDu8Rvy+laDxweP5IYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDI3MTYwMjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWZmMTk1Y2E3NTU0NGM1YWU2ZjkxNjIxYWQ5NDg3MTY0MjY0NWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlZFKsM1E+jTNRUia6/Mztl8Xg4n
MJbfFJlIAVF9zrDmMp89YX736GROI0chwyxi/N3crrjAjo3AvhSSYF8jozYb+mfW
nNOGBPkK4CSsueUIO/OvduQTutTGCFIoqS/0+UaufIMTantIysESfU3tuBye7rGy
qy27+NCRklThsdDJPisfQm56Kijv5NUpP79JZDjvUj+g2IbhDxHPfwDJY7oGty+M
YzjWT8zxyY8UJYQEBDGe2wqllqj0bTgpnRdShJ8tLArO6QW3+HiSoIOMybkmx6kx
x7DCTU7zGa6C1vRWxXashO6Zte3ljbbaAoGR6C82Eab5fcdqEPrYfRBgiwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMH/GVynVUTFrm+RYhrZSHFkJkW6MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvd2Y4WlhLZFZSTVd1YjVGaUd0bEljV1FtUmJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzrTAwQB
Hzr6AwQA2Tz7AwQA2Tz+MA0GCSqGSIb3DQEBCwUAA4IBAQAiclKQMOkNAurVYQ5O
Wj4CqkUazeT79Mj2rkE1AMmaKsT6oRq6nuE/MFgD1Wvis7c5dFl4LLMBjMzsiHaJ
ioFsVpW4NW9X5z5SoDtxeSNpxyoYwb0zfx40Ip5lhcDtdUAdL6IZNTqddf3PNuxl
EliuNfh7tBrEIprX/dNKLs0WqHkE3RL1SGj4+xOKnUOqULBS+B5i9p84nqRvCGQ8
GTSGEDkwZL5iQXW5Oi0IN2cns0HjMFk/fXffBs42HMqNgbPVK6Fp778XTFNnnC8X
Hjux06X+yxFjdAeLAxuTIz7dOwRLdox5Ngf6OSXiw78VNLP4vXSn0kpwbjonMlIj
Hmzu
-----END CERTIFICATE-----
Generated at Sat May 10 05:00:18 2025 by rpki-client