Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Nakge6ciTroj8rnTwkjdnHLoFqI.roa
File: Nakge6ciTroj8rnTwkjdnHLoFqI.roa (raw, json)
Hash identifier: jQZFjNOaGH+XHZ4evgrF+aEHataIfrMS8oyS5GVe20Q=
Subject key identifier: 35:A9:20:7B:A7:22:4E:BA:23:F2:B9:D3:C2:48:DD:9C:72:E8:16:A2
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01952E9EA29BD83D6D1F02F053BA4AD4F974
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Nakge6ciTroj8rnTwkjdnHLoFqI.roa
Signing time: Sat 22 Feb 2025 17:05:03 +0000
ROA not before: Sat 22 Feb 2025 17:05:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136501
IP address blocks: 31.57.32.0/24 maxlen: 24
31.58.172.0/22 maxlen: 24
31.59.76.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 09:43:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:2e:9e:a2:9b:d8:3d:6d:1f:02:f0:53:ba:4a:d4:f9:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 22 17:05:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35a9207ba7224eba23f2b9d3c248dd9c72e816a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a0:16:ee:81:e3:f8:48:94:08:c0:79:ca:ae:
db:96:a9:d0:15:14:e0:4f:54:f9:3f:07:62:67:20:
92:a7:7e:82:de:17:8b:a2:4f:45:80:d8:e6:2c:5c:
02:79:ee:9a:7d:98:07:29:ca:58:43:62:fc:78:64:
fe:2b:b2:ca:4d:a3:d0:6b:c8:39:0a:4d:98:cf:18:
fa:da:2c:7a:87:63:06:e2:a1:bb:b8:d7:9c:0b:58:
4e:90:9a:ae:e0:7f:e9:b8:ff:fe:23:69:9d:07:d7:
c6:3b:62:b2:1d:0e:3b:b4:68:c6:f3:43:ad:6b:6b:
83:d3:5b:33:9c:a9:6a:fe:49:c3:d7:06:df:15:88:
6e:e1:82:70:70:0e:c0:04:b7:11:46:b1:3a:8a:d9:
6d:dd:05:c9:4a:44:f2:a2:42:43:96:82:47:bb:80:
e6:60:12:1b:88:97:52:2e:4d:00:70:ca:67:c6:7e:
d4:91:34:70:f7:5f:f4:c9:7d:a6:7b:00:21:68:bf:
94:5f:cc:48:c9:90:01:ac:2c:ba:ca:a4:8d:16:d4:
d7:44:d7:cd:a5:92:ab:bd:fc:a1:4c:07:e5:7d:86:
bd:60:dc:5f:7a:cf:9f:8e:03:a9:d3:d7:3c:d5:9e:
7f:3a:6c:f4:4b:81:e3:c5:f5:ee:4d:5e:e2:5a:51:
d7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:A9:20:7B:A7:22:4E:BA:23:F2:B9:D3:C2:48:DD:9C:72:E8:16:A2
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Nakge6ciTroj8rnTwkjdnHLoFqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.32.0/24
31.58.172.0/22
31.59.76.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:db:b8:d4:f2:62:77:37:a2:b2:c4:3f:09:35:5b:75:5b:17:
86:6c:1c:83:68:06:c4:72:d4:cf:67:10:d4:36:ba:3e:2d:d1:
2f:c4:66:bd:61:b6:04:5e:53:6a:37:dc:ba:11:98:c3:4a:16:
c7:5d:a3:49:c4:98:76:32:91:1e:89:d1:94:3a:29:36:f0:36:
01:74:f1:59:94:ab:6b:9e:85:dd:28:fa:4c:b8:b2:cb:b0:58:
5e:05:d7:47:e3:04:dc:9f:f8:1c:a8:9a:cc:c7:d9:bf:e3:42:
fb:b9:04:39:e4:9f:34:7b:61:04:9c:f6:08:d7:fb:c1:23:b4:
0d:6d:ff:db:ec:15:8e:7b:c7:72:6d:da:4d:11:78:3e:0a:74:
b5:02:cd:e0:98:33:56:2f:21:34:e4:00:15:b8:27:9d:d1:c1:
d0:05:fa:10:2d:8b:03:2b:fe:6d:23:2e:02:c7:48:d0:bd:87:
f5:18:18:d4:c5:0e:6e:2a:f5:c6:e3:ec:b4:f5:6c:50:36:b0:
f4:a3:da:f8:af:9b:d1:9d:be:71:e0:77:a9:83:fc:2a:7c:81:
b5:ba:3c:01:cc:81:16:af:12:aa:04:bd:1b:f2:de:19:d2:f5:
fa:fc:ae:1a:2a:ff:81:be:d0:2a:7f:29:7c:72:4e:0c:f5:30:
78:f2:1f:f6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZUunqKb2D1tHwLwU7pK1Pl0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjIyMTcwNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWE5MjA3YmE3MjI0ZWJhMjNmMmI5ZDNjMjQ4ZGQ5YzcyZTgxNmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaAW7oHj+EiUCMB5yq7blqnQFRTg
T1T5PwdiZyCSp36C3heLok9FgNjmLFwCee6afZgHKcpYQ2L8eGT+K7LKTaPQa8g5
Ck2Yzxj62ix6h2MG4qG7uNecC1hOkJqu4H/puP/+I2mdB9fGO2KyHQ47tGjG80Ot
a2uD01sznKlq/knD1wbfFYhu4YJwcA7ABLcRRrE6itlt3QXJSkTyokJDloJHu4Dm
YBIbiJdSLk0AcMpnxn7UkTRw91/0yX2mewAhaL+UX8xIyZABrCy6yqSNFtTXRNfN
pZKrvfyhTAflfYa9YNxfes+fjgOp09c81Z5/Omz0S4HjxfXuTV7iWlHX3wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDWpIHunIk66I/K508JI3Zxy6BaiMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTmFrZ2U2Y2lUcm9qOHJuVHdramRuSExvRnFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHzkgAwQC
HzqsAwQCHztMMA0GCSqGSIb3DQEBCwUAA4IBAQCP27jU8mJ3N6KyxD8JNVt1WxeG
bByDaAbEctTPZxDUNro+LdEvxGa9YbYEXlNqN9y6EZjDShbHXaNJxJh2MpEeidGU
Oik28DYBdPFZlKtrnoXdKPpMuLLLsFheBddH4wTcn/gcqJrMx9m/40L7uQQ55J80
e2EEnPYI1/vBI7QNbf/b7BWOe8dybdpNEXg+CnS1As3gmDNWLyE05AAVuCed0cHQ
BfoQLYsDK/5tIy4Cx0jQvYf1GBjUxQ5uKvXG4+y09WxQNrD0o9r4r5vRnb5x4Hep
g/wqfIG1ujwBzIEWrxKqBL0b8t4Z0vX6/K4aKv+BvtAqfyl8ck4M9TB48h/2
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:12:55 2025 by rpki-client