Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/5GUBECaeDkma8mVsdHJx4e-r9oU.roa
File: 5GUBECaeDkma8mVsdHJx4e-r9oU.roa (raw, json)
Hash identifier: GrbLCVFKX+aBHKqFrGS3f7O9JyVTRLXD9TxviF99Wac=
Subject key identifier: E4:65:01:10:26:9E:0E:49:9A:F2:65:6C:74:72:71:E1:EF:AB:F6:85
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195A4EFBF916798E795C0ACE3A35F27817F
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/5GUBECaeDkma8mVsdHJx4e-r9oU.roa
Signing time: Mon 17 Mar 2025 16:28:50 +0000
ROA not before: Mon 17 Mar 2025 16:28:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 31.56.59.0/24 maxlen: 24
31.56.86.0/24 maxlen: 24
31.56.107.0/24 maxlen: 24
31.57.140.0/24 maxlen: 24
31.57.162.0/23 maxlen: 23
31.57.164.0/23 maxlen: 23
31.57.180.0/24 maxlen: 24
31.58.41.0/24 maxlen: 24
31.58.42.0/24 maxlen: 24
31.58.48.0/24 maxlen: 24
31.58.50.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Apr 2025 05:34:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a4:ef:bf:91:67:98:e7:95:c0:ac:e3:a3:5f:27:81:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 17 16:28:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4650110269e0e499af2656c747271e1efabf685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:6e:6b:aa:26:1a:d9:d8:3a:05:76:05:f0:25:
0f:2c:bc:cc:8f:7c:6e:82:4d:5b:22:19:ce:e2:7b:
eb:70:19:c5:4b:34:70:83:d1:d1:1b:f7:b0:4c:3c:
71:38:b1:b7:35:99:21:b6:e4:f7:cc:da:42:98:c7:
4c:32:02:a9:4d:02:c3:a6:bf:fb:9d:ab:40:55:08:
83:01:c5:ca:cd:05:ef:51:da:21:ec:5c:0f:dd:96:
76:27:96:0d:52:48:35:ca:c3:d9:49:5a:8f:8d:a4:
f4:db:4e:93:a2:22:96:5f:7f:96:9e:b1:65:4f:e1:
7b:5b:ee:0e:df:a7:62:92:53:51:42:d9:73:0a:2c:
8b:a4:ec:73:40:54:b6:2e:bd:5c:ff:57:35:f6:45:
d8:e0:4b:a3:30:d6:a4:95:44:b2:a7:6f:8f:de:6d:
2f:a0:71:9e:81:74:41:0a:d4:e2:c8:56:bf:17:28:
e4:c1:8c:dc:af:88:44:30:cd:f4:ac:96:f3:ca:ac:
70:4e:53:2f:fb:c0:75:31:3d:16:25:d8:3e:6f:57:
20:bd:6e:71:24:06:ef:b9:de:3f:03:2e:8d:17:31:
4e:e0:b1:65:b4:d9:04:59:a4:1f:87:82:77:28:3d:
e3:d4:37:d7:37:2a:37:ad:14:11:e8:1e:4a:ff:5e:
fe:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:65:01:10:26:9E:0E:49:9A:F2:65:6C:74:72:71:E1:EF:AB:F6:85
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/5GUBECaeDkma8mVsdHJx4e-r9oU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.59.0/24
31.56.86.0/24
31.56.107.0/24
31.57.140.0/24
31.57.162.0-31.57.165.255
31.57.180.0/24
31.58.41.0-31.58.42.255
31.58.48.0/24
31.58.50.0/24
Signature Algorithm: sha256WithRSAEncryption
33:b2:3e:42:0d:32:48:42:cc:2b:76:67:f5:97:6d:32:1a:3b:
d2:80:64:25:42:c5:b6:e9:0a:63:78:3f:e2:14:5d:5b:65:8c:
f8:c2:ef:3e:6f:00:54:b6:88:0f:83:22:54:08:27:a0:92:2b:
a9:df:1d:ee:7c:31:08:c8:ac:00:e5:9b:f3:d3:a3:0e:cc:2c:
ae:f3:ea:aa:fc:99:d9:85:fe:73:b5:6c:27:fa:b1:65:d7:c5:
bb:bf:50:d2:d0:20:71:1c:51:cc:0b:55:59:54:99:41:b4:29:
0d:bc:5d:b7:04:22:d4:f8:7f:7c:46:f9:63:a5:a3:48:a2:45:
6f:96:80:dd:06:39:fc:03:82:29:3e:b6:4e:bb:87:38:83:0c:
44:6f:1e:4d:11:c4:e5:65:d6:c2:7e:31:0b:83:68:03:02:aa:
fd:7a:ec:c3:36:e5:d0:a6:1c:f5:33:46:88:77:dc:50:19:2d:
8c:b6:37:88:da:2f:04:91:1b:d5:a9:19:21:5b:d5:e8:37:98:
c2:fb:3e:f3:04:b9:03:60:ca:83:3f:54:bb:52:4c:39:a0:64:
85:9e:2b:2e:b1:07:a2:4c:18:d8:f0:d9:31:f5:75:99:f7:23:
ac:07:be:3e:6c:14:9c:19:9d:59:4b:17:87:49:21:55:7d:d7:
f6:84:b2:c6
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZWk77+RZ5jnlcCs46NfJ4F/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzE3MTYyODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDY1MDExMDI2OWUwZTQ5OWFmMjY1NmM3NDcyNzFlMWVmYWJmNjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA125rqiYa2dg6BXYF8CUPLLzMj3xu
gk1bIhnO4nvrcBnFSzRwg9HRG/ewTDxxOLG3NZkhtuT3zNpCmMdMMgKpTQLDpr/7
natAVQiDAcXKzQXvUdoh7FwP3ZZ2J5YNUkg1ysPZSVqPjaT0206ToiKWX3+WnrFl
T+F7W+4O36diklNRQtlzCiyLpOxzQFS2Lr1c/1c19kXY4EujMNaklUSyp2+P3m0v
oHGegXRBCtTiyFa/FyjkwYzcr4hEMM30rJbzyqxwTlMv+8B1MT0WJdg+b1cgvW5x
JAbvud4/Ay6NFzFO4LFltNkEWaQfh4J3KD3j1DfXNyo3rRQR6B5K/17+ZwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFORlARAmng5JmvJlbHRyceHvq/aFMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNUdVQkVDYWVEa21hOG1Wc2RISng0ZS1yOW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQAHzg7AwQA
HzhWAwQAHzhrAwQAHzmMMAwDBAEfOaIDBAEfOaQDBAAfObQwDAMEAB86KQMEAB86
KgMEAB86MAMEAB86MjANBgkqhkiG9w0BAQsFAAOCAQEAM7I+Qg0ySELMK3Zn9Zdt
Mho70oBkJULFtukKY3g/4hRdW2WM+MLvPm8AVLaID4MiVAgnoJIrqd8d7nwxCMis
AOWb89OjDswsrvPqqvyZ2YX+c7VsJ/qxZdfFu79Q0tAgcRxRzAtVWVSZQbQpDbxd
twQi1Ph/fEb5Y6WjSKJFb5aA3QY5/AOCKT62TruHOIMMRG8eTRHE5WXWwn4xC4No
AwKq/Xrswzbl0KYc9TNGiHfcUBktjLY3iNovBJEb1akZIVvV6DeYwvs+8wS5A2DK
gz9Uu1JMOaBkhZ4rLrEHokwY2PDZMfV1mfcjrAe+PmwUnBmdWUsXh0khVX3X9oSy
xg==
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:04:28 2025 by rpki-client