Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4KNzxswkY7yJU6wnXltmNmFKbXw.roa
File: 4KNzxswkY7yJU6wnXltmNmFKbXw.roa (raw, json)
Hash identifier: 8SE3cm5rVg9qvO2ZkDuX1X3JPb48VX0BX87OveupcGA=
Subject key identifier: E0:A3:73:C6:CC:24:63:BC:89:53:AC:27:5E:5B:66:36:61:4A:6D:7C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019658260CBC46098F1EC1C026A7DD20D746
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4KNzxswkY7yJU6wnXltmNmFKbXw.roa
Signing time: Mon 21 Apr 2025 11:40:10 +0000
ROA not before: Mon 21 Apr 2025 11:40:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 31.56.16.0/22 maxlen: 24
31.57.16.0/21 maxlen: 24
31.57.135.0/24 maxlen: 24
31.58.176.0/22 maxlen: 24
31.58.200.0/22 maxlen: 24
31.58.216.0/22 maxlen: 24
31.58.235.0/24 maxlen: 24
31.58.236.0/24 maxlen: 24
31.58.240.0/22 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
31.58.252.0/22 maxlen: 24
31.59.64.0/22 maxlen: 24
31.59.80.0/22 maxlen: 24
31.59.124.0/22 maxlen: 24
31.59.176.0/21 maxlen: 24
31.59.188.0/22 maxlen: 24
31.59.192.0/22 maxlen: 24
31.59.216.0/22 maxlen: 24
217.60.16.0/21 maxlen: 24
217.60.28.0/22 maxlen: 24
217.60.40.0/22 maxlen: 24
217.60.64.0/18 maxlen: 24
217.60.187.0/24 maxlen: 24
217.60.196.0/23 maxlen: 24
217.60.244.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Apr 2025 13:44:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:58:26:0c:bc:46:09:8f:1e:c1:c0:26:a7:dd:20:d7:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 21 11:40:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0a373c6cc2463bc8953ac275e5b6636614a6d7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3a:17:8f:af:50:14:ee:4f:37:31:9a:e4:c9:
c8:57:50:06:e0:35:c1:66:e9:ed:3a:b4:97:9f:40:
98:c8:0b:51:0d:56:a5:06:58:ea:72:20:54:a1:ce:
59:2e:15:e3:94:45:17:d1:10:f2:51:a1:0c:24:06:
63:41:06:44:e0:3e:bc:f3:18:5b:af:eb:7a:d6:87:
37:b3:e0:cf:41:f9:20:43:4a:05:2f:24:72:54:c1:
bf:94:93:e0:d7:5d:4a:f4:fe:b8:8e:27:47:97:48:
41:3d:51:a7:c8:0a:d9:52:1a:24:95:aa:78:f0:c4:
84:a3:28:f6:61:5e:90:5e:4a:f9:b4:f9:5d:aa:2c:
c2:03:c7:bf:9d:4e:3e:37:bf:39:05:09:d3:8e:2e:
76:cf:5f:18:2a:6d:94:12:f5:9a:d8:a6:54:59:5e:
2c:12:e7:43:87:a6:14:a0:39:83:ce:24:08:ab:7a:
13:c9:12:17:c5:18:3e:22:c0:93:5a:7c:9c:c5:e8:
67:9a:77:c1:a6:d9:6f:ad:e6:21:9b:76:2e:c0:09:
93:35:f8:59:08:59:4a:69:e9:f5:d4:21:eb:8e:d7:
00:5e:bf:5e:ae:0d:d9:46:88:56:fd:b5:c8:cd:27:
e8:69:42:17:c3:c4:76:c5:ad:7d:8a:f6:e5:23:c7:
c4:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:A3:73:C6:CC:24:63:BC:89:53:AC:27:5E:5B:66:36:61:4A:6D:7C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4KNzxswkY7yJU6wnXltmNmFKbXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.16.0/22
31.57.16.0/21
31.57.135.0/24
31.58.176.0/22
31.58.200.0/22
31.58.216.0/22
31.58.235.0-31.58.236.255
31.58.240.0-31.58.244.255
31.58.247.0/24
31.58.251.0-31.58.255.255
31.59.64.0/22
31.59.80.0/22
31.59.124.0/22
31.59.176.0/21
31.59.188.0-31.59.195.255
31.59.216.0/22
217.60.16.0/21
217.60.28.0/22
217.60.40.0/22
217.60.64.0/18
217.60.187.0/24
217.60.196.0/23
217.60.244.0/23
Signature Algorithm: sha256WithRSAEncryption
98:f7:3f:b8:14:9d:98:d2:be:35:45:76:60:fc:d0:97:03:45:
dc:14:70:16:aa:1a:17:ea:bf:5a:44:e4:24:51:14:94:8a:cb:
65:b0:f5:8f:c2:58:e6:0e:f4:81:05:5c:7c:e6:a7:88:5c:dd:
cb:5e:8c:69:4e:e3:a7:94:39:e1:76:0e:55:2d:a6:2d:f8:ce:
8b:5c:92:ba:ac:1d:5d:99:05:a9:ab:c3:04:76:c0:1d:cf:73:
c7:53:30:64:86:57:1a:60:a3:5c:43:2e:c4:a4:97:67:8f:67:
65:9e:15:53:db:10:d2:5d:a3:cb:aa:a1:19:17:3b:55:56:4c:
b1:52:01:6e:dd:c8:e1:85:66:d3:9e:16:16:23:18:6f:08:f8:
fd:58:f9:06:4e:ae:20:32:fe:0c:c0:85:19:6d:1f:f6:ca:2d:
98:be:47:92:74:8c:87:43:d6:d0:9c:6e:82:b4:97:b1:6a:2e:
f3:de:03:e9:6a:b3:b5:e2:88:ea:b0:73:fd:12:66:7a:c6:de:
e0:cf:73:d7:e4:f7:6a:92:08:22:c7:9e:63:b0:7a:a4:cc:65:
47:08:38:88:22:60:67:a7:81:e7:52:4c:d7:94:6b:be:f9:46:
44:ee:04:62:83:c2:4d:46:1f:68:b5:30:71:c0:e8:f4:d8:ea:
49:bb:2d:ad
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAZZYJgy8RgmPHsHAJqfdINdGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDIxMTE0MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGEzNzNjNmNjMjQ2M2JjODk1M2FjMjc1ZTViNjYzNjYxNGE2ZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvToXj69QFO5PNzGa5MnIV1AG4DXB
ZuntOrSXn0CYyAtRDValBljqciBUoc5ZLhXjlEUX0RDyUaEMJAZjQQZE4D688xhb
r+t61oc3s+DPQfkgQ0oFLyRyVMG/lJPg111K9P64jidHl0hBPVGnyArZUhoklap4
8MSEoyj2YV6QXkr5tPldqizCA8e/nU4+N785BQnTji52z18YKm2UEvWa2KZUWV4s
EudDh6YUoDmDziQIq3oTyRIXxRg+IsCTWnycxehnmnfBptlvreYhm3YuwAmTNfhZ
CFlKaen11CHrjtcAXr9erg3ZRohW/bXIzSfoaUIXw8R2xa19ivblI8fE/QIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFOCjc8bMJGO8iVOsJ15bZjZhSm18MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNEtOenhzd2tZN3lKVTZ3blhsdG1ObUZLYlh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHGBggrBgEFBQcBBwEB/wSBtjCBszCBsAQCAAEwgakDBAIf
OBADBAMfORADBAAfOYcDBAIfOrADBAIfOsgDBAIfOtgwDAMEAB866wMEAB867DAM
AwQEHzrwAwQAHzr0AwQAHzr3MAsDBAAfOvsDAwAfOgMEAh87QAMEAh87UAMEAh87
fAMEAx87sDAMAwQCHzu8AwQCHzvAAwQCHzvYAwQD2TwQAwQC2TwcAwQC2TwoAwQG
2TxAAwQA2Ty7AwQB2TzEAwQB2Tz0MA0GCSqGSIb3DQEBCwUAA4IBAQCY9z+4FJ2Y
0r41RXZg/NCXA0XcFHAWqhoX6r9aROQkURSUistlsPWPwljmDvSBBVx85qeIXN3L
XoxpTuOnlDnhdg5VLaYt+M6LXJK6rB1dmQWpq8MEdsAdz3PHUzBkhlcaYKNcQy7E
pJdnj2dlnhVT2xDSXaPLqqEZFztVVkyxUgFu3cjhhWbTnhYWIxhvCPj9WPkGTq4g
Mv4MwIUZbR/2yi2YvkeSdIyHQ9bQnG6CtJexai7z3gPparO14ojqsHP9EmZ6xt7g
z3PX5Pdqkggix55jsHqkzGVHCDiIImBnp4HnUkzXlGu++UZE7gRig8JNRh9otTBx
wOj02OpJuy2t
-----END CERTIFICATE-----
Generated at Fri May 2 12:43:38 2025 by rpki-client