Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/6kNqin2SV360qGIXGCduinaYROU.roa
File: 6kNqin2SV360qGIXGCduinaYROU.roa (raw, json)
Hash identifier: KTz9Vv0MPRhqQ0PPk9dDZDrHfqCZ2exf1a1UTTPdRJw=
Subject key identifier: EA:43:6A:8A:7D:92:57:7E:B4:A8:62:17:18:27:6E:8A:76:98:44:E5
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01960FE766A8F9F08AE2F0C3DC8BCA485053
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/6kNqin2SV360qGIXGCduinaYROU.roa
Signing time: Mon 07 Apr 2025 10:59:05 +0000
ROA not before: Mon 07 Apr 2025 10:59:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 31.57.11.0/24 maxlen: 24
31.57.99.0/24 maxlen: 24
31.57.131.0/24 maxlen: 24
31.57.150.0/24 maxlen: 24
31.57.200.0/24 maxlen: 24
31.58.147.0/24 maxlen: 24
31.58.226.0/24 maxlen: 24
31.59.120.0/24 maxlen: 24
31.59.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Apr 2025 19:36:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0f:e7:66:a8:f9:f0:8a:e2:f0:c3:dc:8b:ca:48:50:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 7 10:59:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ea436a8a7d92577eb4a8621718276e8a769844e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b0:fc:83:e2:9b:e2:11:49:30:03:bc:af:c7:
af:f6:2d:a9:6a:07:f8:01:24:c4:5c:ef:cb:31:25:
6a:9a:55:1d:7b:73:92:c6:0d:19:40:be:ac:69:24:
c6:a2:0d:90:dc:b1:89:0b:f8:11:ea:0d:26:01:eb:
41:b5:2e:1c:a4:1a:55:51:4e:c9:27:22:51:19:67:
36:12:3f:54:d8:67:86:74:39:8d:bd:1f:42:26:01:
17:60:22:a6:48:e0:da:07:ed:02:ca:b5:50:29:6b:
1b:20:e6:6b:89:c9:1b:34:df:4e:ab:85:3f:b9:c0:
75:f6:a3:b2:e5:f8:d4:6a:2b:f1:a2:bb:72:83:75:
d7:48:27:5b:41:50:7a:75:6c:9e:fb:16:15:1e:0b:
25:37:2d:7f:ea:1b:e0:4b:92:23:a8:f3:e4:bd:7c:
ef:8f:42:32:84:1d:88:d1:4f:13:ff:ec:0b:c5:e5:
74:25:15:12:59:4d:0b:40:29:16:cb:89:49:74:13:
ef:05:aa:a2:96:cc:30:6c:99:84:a1:33:5e:a9:b0:
a9:e6:00:9a:f3:27:b3:7a:f3:d1:25:d1:d2:10:70:
33:80:a2:6e:c5:2d:5f:9f:4e:03:a8:36:67:ce:d8:
00:c8:ed:ec:d3:49:35:61:28:06:74:ef:10:f5:33:
2b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:43:6A:8A:7D:92:57:7E:B4:A8:62:17:18:27:6E:8A:76:98:44:E5
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/6kNqin2SV360qGIXGCduinaYROU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.11.0/24
31.57.99.0/24
31.57.131.0/24
31.57.150.0/24
31.57.200.0/24
31.58.147.0/24
31.58.226.0/24
31.59.120.0/24
31.59.136.0/24
Signature Algorithm: sha256WithRSAEncryption
67:e8:44:20:1d:1b:f1:f2:de:58:cd:0a:10:3a:19:93:f4:4e:
b6:e5:2e:97:8d:97:81:93:f4:bf:68:3e:b2:e0:ca:a0:b4:d6:
7e:2b:25:1a:e7:55:72:15:bc:fd:a4:be:cb:5f:22:80:dc:ea:
4d:2f:a8:11:33:ac:bc:57:5e:ef:46:66:3b:a3:7a:c8:78:6d:
b5:14:65:b0:5f:5d:e5:b7:b8:2c:21:25:29:75:b2:f1:33:47:
a5:8a:55:ec:26:da:ed:c9:50:44:35:cc:88:00:89:15:46:c7:
2c:bb:3f:05:e3:db:38:be:dd:f6:e9:d7:b5:99:b2:36:76:34:
2b:60:42:35:3d:fd:b9:63:99:70:55:e8:c8:96:ed:1c:09:1c:
3d:b9:dc:8c:dd:16:6a:59:06:9c:5b:e8:65:36:71:dc:a1:ed:
22:2a:dd:4c:e2:c2:9b:c8:16:67:cb:43:ef:bb:0b:e4:2f:3a:
97:21:af:1d:47:57:b0:9b:19:ff:f2:f5:cc:f9:d4:8d:7a:1c:
1a:fa:a3:7b:80:38:31:88:8a:7f:86:32:75:f3:d0:31:50:56:
37:d3:c7:e9:d2:43:d2:2f:a9:10:b9:35:bd:e6:2e:68:3c:19:
d9:ef:29:a6:3f:b9:32:cf:d6:b4:ed:a5:19:7b:8f:37:5d:11:
09:f1:96:e9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZYP52ao+fCK4vDD3IvKSFBTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDA3MTA1OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTQzNmE4YTdkOTI1NzdlYjRhODYyMTcxODI3NmU4YTc2OTg0NGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLD8g+Kb4hFJMAO8r8ev9i2pagf4
ASTEXO/LMSVqmlUde3OSxg0ZQL6saSTGog2Q3LGJC/gR6g0mAetBtS4cpBpVUU7J
JyJRGWc2Ej9U2GeGdDmNvR9CJgEXYCKmSODaB+0CyrVQKWsbIOZrickbNN9Oq4U/
ucB19qOy5fjUaivxortyg3XXSCdbQVB6dWye+xYVHgslNy1/6hvgS5IjqPPkvXzv
j0IyhB2I0U8T/+wLxeV0JRUSWU0LQCkWy4lJdBPvBaqilswwbJmEoTNeqbCp5gCa
8yezevPRJdHSEHAzgKJuxS1fn04DqDZnztgAyO3s00k1YSgGdO8Q9TMr+QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOpDaop9kld+tKhiFxgnbop2mETlMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNmtOcWluMlNWMzYwcUdJWEdDZHVpbmFZUk9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAHzkLAwQA
HzljAwQAHzmDAwQAHzmWAwQAHznIAwQAHzqTAwQAHzriAwQAHzt4AwQAHzuIMA0G
CSqGSIb3DQEBCwUAA4IBAQBn6EQgHRvx8t5YzQoQOhmT9E625S6XjZeBk/S/aD6y
4MqgtNZ+KyUa51VyFbz9pL7LXyKA3OpNL6gRM6y8V17vRmY7o3rIeG21FGWwX13l
t7gsISUpdbLxM0elilXsJtrtyVBENcyIAIkVRscsuz8F49s4vt326de1mbI2djQr
YEI1Pf25Y5lwVejIlu0cCRw9udyM3RZqWQacW+hlNnHcoe0iKt1M4sKbyBZny0Pv
uwvkLzqXIa8dR1ewmxn/8vXM+dSNehwa+qN7gDgxiIp/hjJ189AxUFY308fp0kPS
L6kQuTW95i5oPBnZ7ymmP7kyz9a07aUZe483XREJ8Zbp
-----END CERTIFICATE-----
Generated at Sun Apr 27 20:20:44 2025 by rpki-client