Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/IPMglR9dWDBH6qp1tVr0EmFV4qQ.roa
File: IPMglR9dWDBH6qp1tVr0EmFV4qQ.roa (raw, json)
Hash identifier: wG8jzLaDSa7/DvgyBVRS7KVwLpIXG0YM9A4moVM9NPI=
Subject key identifier: 20:F3:20:95:1F:5D:58:30:47:EA:AA:75:B5:5A:F4:12:61:55:E2:A4
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195ECA4FB87B461ED9D9CD1C459755B0DB0
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/IPMglR9dWDBH6qp1tVr0EmFV4qQ.roa
Signing time: Mon 31 Mar 2025 14:39:50 +0000
ROA not before: Mon 31 Mar 2025 14:39:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36530
IP address blocks: 31.56.69.0/24 maxlen: 24
31.56.72.0/24 maxlen: 24
31.56.84.0/24 maxlen: 24
31.57.104.0/24 maxlen: 24
31.57.188.0/24 maxlen: 24
31.57.252.0/24 maxlen: 24
31.57.253.0/24 maxlen: 24
31.58.88.0/24 maxlen: 24
31.58.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Apr 2025 05:56:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ec:a4:fb:87:b4:61:ed:9d:9c:d1:c4:59:75:5b:0d:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 31 14:39:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20f320951f5d583047eaaa75b55af4126155e2a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:7d:e2:2e:44:81:b4:dc:66:3f:1d:dc:2b:2c:
18:a5:20:36:9d:1d:39:43:82:00:77:d8:66:c2:2a:
c4:1f:ed:64:ef:ca:a5:c1:e3:6b:5c:ac:a8:27:52:
e6:a5:73:c2:29:12:4f:ca:51:de:28:6b:63:e0:1f:
18:99:5b:cb:f7:c4:b9:a8:7b:38:fb:38:ac:7e:11:
9d:ae:05:67:d7:be:cf:73:71:5a:1c:be:59:de:5b:
14:eb:a0:fa:e0:c7:15:cf:8e:a7:e5:06:61:6f:e6:
62:7f:7b:c2:48:09:e1:27:a9:11:60:1d:15:f3:7d:
42:f4:3d:c2:b1:46:f1:ea:dc:28:1c:c0:67:2a:3d:
e2:0a:a0:ea:18:cf:e3:54:fe:29:f7:be:2d:38:b7:
e8:83:cd:c0:b6:3f:79:3a:6b:0c:98:1c:8f:ac:6b:
de:33:17:f7:ae:65:c8:00:70:25:84:bb:00:69:02:
aa:dd:2f:31:41:9a:5d:29:58:7a:9f:98:74:e3:61:
b2:4d:c7:73:30:ab:3e:7a:cc:f1:fb:2e:97:bd:a9:
8d:ae:83:5e:8f:30:eb:bb:2d:bf:8e:12:d4:01:21:
a2:1b:a7:93:d0:3e:8d:f1:f0:8e:13:16:51:fa:ec:
9f:92:fe:8b:1b:73:f2:dc:d6:b8:ad:da:6a:33:df:
a3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F3:20:95:1F:5D:58:30:47:EA:AA:75:B5:5A:F4:12:61:55:E2:A4
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/IPMglR9dWDBH6qp1tVr0EmFV4qQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.69.0/24
31.56.72.0/24
31.56.84.0/24
31.57.104.0/24
31.57.188.0/24
31.57.252.0/23
31.58.88.0/23
Signature Algorithm: sha256WithRSAEncryption
ba:0a:38:db:0a:a4:25:03:0b:22:6c:da:a0:71:30:22:6b:26:
02:bf:a3:46:36:cd:88:98:8e:c6:47:c0:67:54:06:d2:bb:f0:
9c:d5:46:eb:9e:41:07:7e:0a:4f:5c:d5:20:f7:af:b8:a3:d3:
59:36:47:78:62:cc:6d:c1:09:f0:6c:e1:6d:94:d6:d2:c1:2f:
e8:0f:96:0f:93:0d:fd:f4:6f:36:25:e7:0f:01:bb:00:02:b4:
6f:c3:19:a2:4e:09:31:9f:7c:f6:96:2c:a3:fc:c8:ea:44:14:
bd:f6:ee:46:e1:02:d5:25:e3:9c:48:3f:c2:d8:98:e2:20:5b:
93:62:c5:69:6d:de:83:ff:cc:c2:8a:78:11:5e:d3:e8:26:97:
a5:67:a2:a7:95:2a:b0:cd:14:07:02:8d:a4:78:57:98:b2:ea:
9c:dc:66:86:6f:a0:2d:63:34:96:da:3f:9d:fe:fc:62:93:09:
5a:17:5c:d5:ba:d1:07:59:97:0e:60:b0:c4:0a:cb:14:78:9f:
6b:50:75:6f:45:cf:e7:e0:f9:4c:06:a9:32:a4:c0:0d:14:aa:
f2:1e:90:48:69:54:b3:d1:88:83:80:b5:c2:4b:15:67:4d:dc:
bb:33:f2:1b:58:bc:c3:b7:93:3f:da:fe:20:05:01:f7:33:5c:
dd:44:c6:75
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZXspPuHtGHtnZzRxFl1Ww2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzMxMTQzOTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGYzMjA5NTFmNWQ1ODMwNDdlYWFhNzViNTVhZjQxMjYxNTVlMmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4X3iLkSBtNxmPx3cKywYpSA2nR05
Q4IAd9hmwirEH+1k78qlweNrXKyoJ1LmpXPCKRJPylHeKGtj4B8YmVvL98S5qHs4
+zisfhGdrgVn177Pc3FaHL5Z3lsU66D64McVz46n5QZhb+Zif3vCSAnhJ6kRYB0V
831C9D3CsUbx6twoHMBnKj3iCqDqGM/jVP4p974tOLfog83Atj95OmsMmByPrGve
Mxf3rmXIAHAlhLsAaQKq3S8xQZpdKVh6n5h042GyTcdzMKs+eszx+y6XvamNroNe
jzDruy2/jhLUASGiG6eT0D6N8fCOExZR+uyfkv6LG3Py3Na4rdpqM9+jTQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCDzIJUfXVgwR+qqdbVa9BJhVeKkMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSVBNZ2xSOWRXREJINnFwMXRWcjBFbUZWNHFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAHzhFAwQA
HzhIAwQAHzhUAwQAHzloAwQAHzm8AwQBHzn8AwQBHzpYMA0GCSqGSIb3DQEBCwUA
A4IBAQC6CjjbCqQlAwsibNqgcTAiayYCv6NGNs2ImI7GR8BnVAbSu/Cc1UbrnkEH
fgpPXNUg96+4o9NZNkd4YsxtwQnwbOFtlNbSwS/oD5YPkw399G82JecPAbsAArRv
wxmiTgkxn3z2liyj/MjqRBS99u5G4QLVJeOcSD/C2JjiIFuTYsVpbd6D/8zCingR
XtPoJpelZ6KnlSqwzRQHAo2keFeYsuqc3GaGb6AtYzSW2j+d/vxikwlaF1zVutEH
WZcOYLDECssUeJ9rUHVvRc/n4PlMBqkypMANFKryHpBIaVSz0YiDgLXCSxVnTdy7
M/IbWLzDt5M/2v4gBQH3M1zdRMZ1
-----END CERTIFICATE-----
Generated at Mon Apr 28 17:36:38 2025 by rpki-client