Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/CbuNIfosxt4lJxFHzj_MPsVNWo0.roa
File: CbuNIfosxt4lJxFHzj_MPsVNWo0.roa (raw, json)
Hash identifier: sOGZraWSHfaS0DguFEMqsA71jPNr/W7r9xd4fsbBwcY=
Subject key identifier: 09:BB:8D:21:FA:2C:C6:DE:25:27:11:47:CE:3F:CC:3E:C5:4D:5A:8D
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195A2D766E486ECD96442E8951ABD098444
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/CbuNIfosxt4lJxFHzj_MPsVNWo0.roa
Signing time: Mon 17 Mar 2025 06:43:00 +0000
ROA not before: Mon 17 Mar 2025 06:43:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137897
IP address blocks: 31.56.87.0/24 maxlen: 24
31.56.122.0/24 maxlen: 24
31.57.65.0/24 maxlen: 24
31.57.222.0/23 maxlen: 24
31.59.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Mar 2025 06:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a2:d7:66:e4:86:ec:d9:64:42:e8:95:1a:bd:09:84:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 17 06:43:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09bb8d21fa2cc6de25271147ce3fcc3ec54d5a8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e8:1d:d5:f8:62:ec:8b:32:60:65:18:a6:50:
2d:e4:52:a0:be:4e:cf:56:49:27:3e:95:65:bd:fb:
2f:67:13:da:e6:f3:1f:e0:6c:14:4d:4f:e7:e9:e6:
e2:e3:86:b7:15:fb:79:2b:0a:62:d3:75:67:56:06:
ee:fa:de:cd:17:0f:f4:8a:67:d3:9e:45:1f:ad:3c:
63:e2:17:ad:eb:62:f5:76:f8:bb:e7:53:52:6e:07:
be:84:fc:ac:c7:9b:ad:8d:75:cf:f4:85:b4:38:90:
56:4b:7e:df:0c:05:e3:6d:ee:15:55:bc:74:1d:8e:
20:13:66:68:36:a9:04:fc:00:88:c9:b8:d1:83:95:
f4:1c:d8:58:52:cc:a7:f0:8a:be:49:78:93:3d:31:
7d:ab:f4:c4:9e:ef:ee:3b:40:4c:8c:ca:a9:66:f2:
3f:c1:b2:56:80:d3:bb:71:51:17:17:48:c3:d7:95:
9d:9e:c6:ac:34:94:0e:97:3f:c1:dc:ed:56:cb:3a:
b8:27:9b:4c:0c:d7:8c:cd:a7:f0:65:e9:e4:e5:2f:
56:76:c1:b6:70:b7:0c:60:ea:e6:ff:a8:67:08:c8:
b1:42:20:1a:a6:9d:a4:d6:1d:54:7b:9c:bf:ed:58:
b7:fd:a0:a5:70:df:f1:76:8e:55:e3:ea:e4:84:4c:
09:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:BB:8D:21:FA:2C:C6:DE:25:27:11:47:CE:3F:CC:3E:C5:4D:5A:8D
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/CbuNIfosxt4lJxFHzj_MPsVNWo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.87.0/24
31.56.122.0/24
31.57.65.0/24
31.57.222.0/23
31.59.41.0/24
Signature Algorithm: sha256WithRSAEncryption
84:e0:58:03:20:84:99:cc:28:6c:ea:88:f0:4b:22:b2:d9:34:
9d:c5:d1:aa:11:7a:e4:20:7a:7a:88:9f:94:c0:d1:61:11:76:
ba:a3:b4:6c:23:a4:06:f2:36:66:a7:ab:35:6f:78:ce:34:58:
e1:0d:7c:65:78:bc:25:e6:79:43:29:ad:1e:f2:b3:8a:4b:b6:
dc:f6:cb:29:1d:75:67:23:ed:0f:66:a0:f1:cf:87:44:49:7f:
35:d0:25:76:f4:b5:67:54:39:82:26:97:da:4d:10:cd:19:a3:
a3:71:57:e2:0e:2b:ef:f4:b7:74:a5:99:2b:64:77:b4:d7:0a:
a4:45:ca:02:94:5a:d4:06:d3:59:7b:54:22:d6:d5:b6:5f:14:
b8:60:26:4d:c0:4c:28:1b:56:8f:fa:d9:9f:57:c3:0b:f7:df:
8c:ae:5f:75:8d:50:cd:17:44:a9:f6:7d:de:82:69:53:7c:55:
6a:e2:93:b8:04:a2:af:1b:f2:40:01:2c:52:9a:9a:72:14:ba:
21:f1:97:58:a2:94:ed:5b:b9:ea:08:79:59:40:fe:71:b0:b5:
c4:86:47:db:bd:f4:8a:2d:41:65:ef:9d:6c:c9:b8:5d:e6:fa:
c6:f2:13:51:b0:7d:25:be:28:9e:c8:af:7a:7b:f7:3c:ec:e0:
6e:b8:e7:bb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZWi12bkhuzZZELolRq9CYREMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzE3MDY0MzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWJiOGQyMWZhMmNjNmRlMjUyNzExNDdjZTNmY2MzZWM1NGQ1YThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOgd1fhi7IsyYGUYplAt5FKgvk7P
VkknPpVlvfsvZxPa5vMf4GwUTU/n6ebi44a3Fft5Kwpi03VnVgbu+t7NFw/0imfT
nkUfrTxj4het62L1dvi751NSbge+hPysx5utjXXP9IW0OJBWS37fDAXjbe4VVbx0
HY4gE2ZoNqkE/ACIybjRg5X0HNhYUsyn8Iq+SXiTPTF9q/TEnu/uO0BMjMqpZvI/
wbJWgNO7cVEXF0jD15WdnsasNJQOlz/B3O1Wyzq4J5tMDNeMzafwZenk5S9WdsG2
cLcMYOrm/6hnCMixQiAapp2k1h1Ue5y/7Vi3/aClcN/xdo5V4+rkhEwJrwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAm7jSH6LMbeJScRR84/zD7FTVqNMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQ2J1Tklmb3N4dDRsSnhGSHpqX01Qc1ZOV28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHzhXAwQA
Hzh6AwQAHzlBAwQBHzneAwQAHzspMA0GCSqGSIb3DQEBCwUAA4IBAQCE4FgDIISZ
zChs6ojwSyKy2TSdxdGqEXrkIHp6iJ+UwNFhEXa6o7RsI6QG8jZmp6s1b3jONFjh
DXxleLwl5nlDKa0e8rOKS7bc9sspHXVnI+0PZqDxz4dESX810CV29LVnVDmCJpfa
TRDNGaOjcVfiDivv9Ld0pZkrZHe01wqkRcoClFrUBtNZe1Qi1tW2XxS4YCZNwEwo
G1aP+tmfV8ML99+Mrl91jVDNF0Sp9n3egmlTfFVq4pO4BKKvG/JAASxSmppyFLoh
8ZdYopTtW7nqCHlZQP5xsLXEhkfbvfSKLUFl751sybhd5vrG8hNRsH0lviieyK96
e/c87OBuuOe7
-----END CERTIFICATE-----
Generated at Mon Apr 28 00:31:49 2025 by rpki-client