Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/W7k2xvF-d8JG5GTdcPulB6wQWMY.roa
File: W7k2xvF-d8JG5GTdcPulB6wQWMY.roa (raw, json)
Hash identifier: C22DOPrvNBKlezdVg8NnsAMKlOuosGV2QnwQ6cRzY04=
Subject key identifier: 5B:B9:36:C6:F1:7E:77:C2:46:E4:64:DD:70:FB:A5:07:AC:10:58:C6
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195943A66BB86EB606F2BD5E7CD2C5A6431
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/W7k2xvF-d8JG5GTdcPulB6wQWMY.roa
Signing time: Fri 14 Mar 2025 10:36:50 +0000
ROA not before: Fri 14 Mar 2025 10:36:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210538
IP address blocks: 31.57.33.0/24 maxlen: 24
31.57.154.0/24 maxlen: 24
31.57.156.0/24 maxlen: 24
31.58.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 17:55:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:3a:66:bb:86:eb:60:6f:2b:d5:e7:cd:2c:5a:64:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 14 10:36:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5bb936c6f17e77c246e464dd70fba507ac1058c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:56:8d:c2:a9:13:c8:1c:4a:62:0a:16:9f:2d:
7f:80:72:52:d1:ad:d9:4c:29:d0:ad:7d:36:e3:43:
24:62:0a:4d:a8:56:99:ae:37:ce:2f:a2:b9:c7:72:
2f:a6:fb:43:b3:58:e7:03:2e:41:03:f7:b0:91:8f:
e8:1c:8a:05:83:17:b7:1e:3b:95:ef:87:9d:40:c4:
e6:26:fa:19:dc:1c:8c:03:25:c0:1f:11:e2:d7:69:
30:61:ca:ff:3d:73:e8:a1:be:27:18:f4:75:95:11:
a9:67:cf:86:8c:82:59:8c:fb:2a:28:07:a5:e7:6d:
3b:48:fa:18:59:ec:77:cc:df:fe:8f:6b:4d:96:e1:
6a:46:3a:4e:3d:9b:6a:42:1a:b2:7a:29:33:bf:31:
a8:25:9c:c8:6e:1c:04:3c:e6:2d:f4:ba:16:71:f5:
be:46:67:26:69:d0:a0:bf:52:63:3a:ee:18:b8:9d:
df:03:45:11:e2:c2:1a:d1:82:ea:02:06:25:4e:c0:
03:2a:e1:08:b8:00:04:63:85:38:f2:b8:06:75:72:
70:ad:d8:c4:d5:bd:1c:b8:04:29:be:4e:96:a1:5c:
77:0e:aa:08:f4:2d:95:4e:a6:1d:17:20:b8:63:51:
60:b2:f3:d1:20:6d:44:45:f9:6b:7c:d6:de:ae:49:
72:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:B9:36:C6:F1:7E:77:C2:46:E4:64:DD:70:FB:A5:07:AC:10:58:C6
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/W7k2xvF-d8JG5GTdcPulB6wQWMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.33.0/24
31.57.154.0/24
31.57.156.0/24
31.58.91.0/24
Signature Algorithm: sha256WithRSAEncryption
28:b0:84:c6:53:22:8a:d8:bf:7f:74:76:a9:a1:f6:c9:c2:eb:
77:a4:70:96:6f:ea:f3:5d:fa:e3:c2:65:f8:e8:63:6c:87:7e:
e0:cf:4b:70:fb:19:2b:1c:a5:33:0b:e1:8f:91:ce:bf:bb:3d:
ff:47:46:f0:2c:e5:c4:ff:81:dc:76:bc:c4:6b:a7:2e:c8:80:
43:6d:79:77:b5:c5:3b:e8:83:a2:a8:b4:b9:bb:40:7b:ed:f8:
ca:a8:e9:8d:27:95:c5:d2:cc:12:a6:4a:bb:87:9c:38:2e:70:
86:58:06:fd:38:f9:94:71:cd:83:48:d3:7e:a9:7f:c3:b8:46:
65:19:55:14:6a:50:91:5f:0c:b6:01:69:7b:ea:6c:32:2f:54:
06:14:fc:5e:47:79:de:33:70:db:13:5b:8a:53:c4:36:01:80:
58:64:61:ac:b2:7d:57:97:83:ab:03:50:b4:e3:75:6e:55:6c:
fe:09:81:eb:c2:c6:9c:0e:be:cb:1a:b5:02:54:3f:67:81:6e:
a5:fb:53:94:c6:dc:50:bc:02:b0:5e:d8:5c:03:79:6f:38:b8:
97:ac:be:d3:a7:45:8e:ce:ac:c1:cc:f8:80:62:6c:2b:05:a3:
40:96:88:66:18:64:8e:d7:e7:9d:7c:c0:27:b0:fd:5a:4f:cd:
65:93:99:de
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZWUOma7hutgbyvV580sWmQxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzE0MTAzNjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmI5MzZjNmYxN2U3N2MyNDZlNDY0ZGQ3MGZiYTUwN2FjMTA1OGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2laNwqkTyBxKYgoWny1/gHJS0a3Z
TCnQrX0240MkYgpNqFaZrjfOL6K5x3IvpvtDs1jnAy5BA/ewkY/oHIoFgxe3HjuV
74edQMTmJvoZ3ByMAyXAHxHi12kwYcr/PXPoob4nGPR1lRGpZ8+GjIJZjPsqKAel
5207SPoYWex3zN/+j2tNluFqRjpOPZtqQhqyeikzvzGoJZzIbhwEPOYt9LoWcfW+
RmcmadCgv1JjOu4YuJ3fA0UR4sIa0YLqAgYlTsADKuEIuAAEY4U48rgGdXJwrdjE
1b0cuAQpvk6WoVx3DqoI9C2VTqYdFyC4Y1FgsvPRIG1ERflrfNberklyNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFu5NsbxfnfCRuRk3XD7pQesEFjGMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVzdrMnh2Ri1kOEpHNUdUZGNQdWxCNndRV01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzkhAwQA
HzmaAwQAHzmcAwQAHzpbMA0GCSqGSIb3DQEBCwUAA4IBAQAosITGUyKK2L9/dHap
ofbJwut3pHCWb+rzXfrjwmX46GNsh37gz0tw+xkrHKUzC+GPkc6/uz3/R0bwLOXE
/4HcdrzEa6cuyIBDbXl3tcU76IOiqLS5u0B77fjKqOmNJ5XF0swSpkq7h5w4LnCG
WAb9OPmUcc2DSNN+qX/DuEZlGVUUalCRXwy2AWl76mwyL1QGFPxeR3neM3DbE1uK
U8Q2AYBYZGGssn1Xl4OrA1C043VuVWz+CYHrwsacDr7LGrUCVD9ngW6l+1OUxtxQ
vAKwXthcA3lvOLiXrL7Tp0WOzqzBzPiAYmwrBaNAlohmGGSO1+edfMAnsP1aT81l
k5ne
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:52:43 2025 by rpki-client