Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_HirE_mnPCcbHn5q4TSRczCjKgw.roa
File: _HirE_mnPCcbHn5q4TSRczCjKgw.roa (raw, json)
Hash identifier: BV07B2H6XyOj0ykQQIm6QE3Psb5XK90gvl31xeK3SGg=
Subject key identifier: FC:78:AB:13:F9:A7:3C:27:1B:1E:7E:6A:E1:34:91:73:30:A3:2A:0C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01965D224C82A4F78042DA3F8C754BE3D176
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_HirE_mnPCcbHn5q4TSRczCjKgw.roa
Signing time: Tue 22 Apr 2025 10:54:11 +0000
ROA not before: Tue 22 Apr 2025 10:54:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 31.56.16.0/22 maxlen: 24
31.57.16.0/21 maxlen: 24
31.57.135.0/24 maxlen: 24
31.57.168.0/23 maxlen: 24
31.57.184.0/23 maxlen: 24
31.57.208.0/22 maxlen: 22
31.57.216.0/23 maxlen: 24
31.57.250.0/23 maxlen: 24
31.58.76.0/22 maxlen: 24
31.58.92.0/22 maxlen: 24
31.58.176.0/22 maxlen: 24
31.58.200.0/22 maxlen: 24
31.58.216.0/22 maxlen: 24
31.58.235.0/24 maxlen: 24
31.58.236.0/24 maxlen: 24
31.58.240.0/22 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
31.58.252.0/22 maxlen: 24
31.59.64.0/22 maxlen: 24
31.59.80.0/22 maxlen: 24
31.59.124.0/22 maxlen: 24
31.59.140.0/22 maxlen: 24
31.59.148.0/22 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/22 maxlen: 24
31.59.164.0/23 maxlen: 24
31.59.176.0/21 maxlen: 24
31.59.188.0/22 maxlen: 24
31.59.192.0/22 maxlen: 24
31.59.216.0/22 maxlen: 24
217.60.16.0/21 maxlen: 24
217.60.28.0/22 maxlen: 24
217.60.40.0/22 maxlen: 24
217.60.64.0/18 maxlen: 24
217.60.187.0/24 maxlen: 24
217.60.196.0/23 maxlen: 24
217.60.244.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Apr 2025 11:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5d:22:4c:82:a4:f7:80:42:da:3f:8c:75:4b:e3:d1:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 22 10:54:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc78ab13f9a73c271b1e7e6ae134917330a32a0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:80:8b:d5:de:5d:18:1f:f5:84:08:03:69:70:
28:49:24:61:7f:9f:33:ae:91:85:4f:17:4d:bb:74:
b1:4b:00:90:bd:01:0c:cd:96:45:96:6d:df:7d:6a:
38:be:9e:4e:de:c0:12:96:0a:73:d0:ea:4a:3b:ba:
c3:15:35:07:bf:2b:48:59:89:eb:43:d7:d0:04:59:
12:38:74:e5:1c:55:a6:47:6a:a5:8c:33:c6:78:0b:
19:f7:47:d3:d2:13:01:26:c3:bf:a9:15:73:81:58:
85:d9:e2:d5:00:ac:e9:f8:eb:28:df:19:42:4d:b0:
ad:38:2f:0c:4b:6b:b5:af:3b:2a:8c:a2:69:a1:3e:
23:83:61:ab:09:15:f7:55:83:3a:8e:72:77:90:86:
4b:9b:60:b7:99:6c:99:98:1f:7e:67:34:9d:2e:f3:
78:5c:a4:be:66:31:70:d7:15:06:00:23:0d:e2:a0:
5a:a7:08:3d:bf:b5:95:07:66:4b:08:d1:6e:7d:48:
5e:71:c6:2f:60:c9:90:90:18:6a:fe:1c:da:43:ce:
73:4f:75:f1:11:22:b9:36:d7:14:35:d6:b0:59:a3:
99:5c:fc:e4:bf:31:fe:a8:f8:71:66:e8:f8:55:ff:
0b:f7:da:b2:96:fc:08:c4:47:64:54:22:73:be:5d:
cf:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:78:AB:13:F9:A7:3C:27:1B:1E:7E:6A:E1:34:91:73:30:A3:2A:0C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_HirE_mnPCcbHn5q4TSRczCjKgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.16.0/22
31.57.16.0/21
31.57.135.0/24
31.57.168.0/23
31.57.184.0/23
31.57.208.0/22
31.57.216.0/23
31.57.250.0/23
31.58.76.0/22
31.58.92.0/22
31.58.176.0/22
31.58.200.0/22
31.58.216.0/22
31.58.235.0-31.58.236.255
31.58.240.0-31.58.244.255
31.58.247.0/24
31.58.251.0-31.58.255.255
31.59.64.0/22
31.59.80.0/22
31.59.124.0/22
31.59.140.0/22
31.59.148.0-31.59.165.255
31.59.176.0/21
31.59.188.0-31.59.195.255
31.59.216.0/22
217.60.16.0/21
217.60.28.0/22
217.60.40.0/22
217.60.64.0/18
217.60.187.0/24
217.60.196.0/23
217.60.244.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:1d:5c:e4:8e:4a:6d:f8:fa:da:67:80:59:3f:6f:8d:4c:f8:
12:72:ef:89:9d:40:4f:0d:4c:ff:ca:c9:b9:3f:b0:c3:9d:61:
25:a5:7e:17:3f:71:98:b8:2d:f0:1f:49:e3:17:39:8f:5a:5f:
88:7e:20:e3:63:92:30:e1:4c:9c:4a:ff:19:58:aa:a3:10:8e:
0b:17:9e:0d:57:a5:71:c5:55:28:49:da:e9:d8:c1:cb:17:3f:
6d:f2:5e:6e:81:0c:9b:eb:d0:03:e7:3d:71:52:1f:19:26:af:
63:58:21:7b:59:8a:04:49:8e:d2:00:01:e7:fc:f9:74:5a:e8:
11:69:33:00:9c:2a:2a:82:5f:d2:fc:e7:dd:ef:f7:e2:4c:4a:
47:87:e6:4f:08:5f:f1:66:cb:c2:e4:2e:59:cb:bb:ef:37:a0:
d2:26:b6:d6:fe:24:20:20:8b:c7:03:95:ae:6f:c6:fd:3c:91:
07:d2:86:7d:33:79:04:34:7e:60:6c:91:7d:f0:d2:ed:96:5d:
3f:64:14:af:3f:cf:80:8a:48:38:84:45:cc:df:c8:f4:7c:f7:
39:02:d5:02:61:4f:ab:7c:0e:cf:43:60:6d:ce:c2:18:6b:6e:
86:1d:0e:06:a2:34:1a:27:13:9b:e8:18:c5:e5:0c:5b:70:da:
50:e9:c7:7c
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISAZZdIkyCpPeAQto/jHVL49F2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDIyMTA1NDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzc4YWIxM2Y5YTczYzI3MWIxZTdlNmFlMTM0OTE3MzMwYTMyYTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYCL1d5dGB/1hAgDaXAoSSRhf58z
rpGFTxdNu3SxSwCQvQEMzZZFlm3ffWo4vp5O3sASlgpz0OpKO7rDFTUHvytIWYnr
Q9fQBFkSOHTlHFWmR2qljDPGeAsZ90fT0hMBJsO/qRVzgViF2eLVAKzp+Oso3xlC
TbCtOC8MS2u1rzsqjKJpoT4jg2GrCRX3VYM6jnJ3kIZLm2C3mWyZmB9+ZzSdLvN4
XKS+ZjFw1xUGACMN4qBapwg9v7WVB2ZLCNFufUheccYvYMmQkBhq/hzaQ85zT3Xx
ESK5NtcUNdawWaOZXPzkvzH+qPhxZuj4Vf8L99qylvwIxEdkVCJzvl3PuQIDAQAB
o4IC8DCCAuwwHQYDVR0OBBYEFPx4qxP5pzwnGx5+auE0kXMwoyoMMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvX0hpckVfbW5QQ2NiSG41cTRUU1JjekNqS2d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBAYIKwYBBQUHAQcBAf8EgfQwgfEwge4EAgABMIHnAwQC
HzgQAwQDHzkQAwQAHzmHAwQBHzmoAwQBHzm4AwQCHznQAwQBHznYAwQBHzn6AwQC
HzpMAwQCHzpcAwQCHzqwAwQCHzrIAwQCHzrYMAwDBAAfOusDBAAfOuwwDAMEBB86
8AMEAB869AMEAB869zALAwQAHzr7AwMAHzoDBAIfO0ADBAIfO1ADBAIfO3wDBAIf
O4wwDAMEAh87lAMEAR87pAMEAx87sDAMAwQCHzu8AwQCHzvAAwQCHzvYAwQD2TwQ
AwQC2TwcAwQC2TwoAwQG2TxAAwQA2Ty7AwQB2TzEAwQB2Tz0MA0GCSqGSIb3DQEB
CwUAA4IBAQBbHVzkjkpt+PraZ4BZP2+NTPgScu+JnUBPDUz/ysm5P7DDnWElpX4X
P3GYuC3wH0njFzmPWl+IfiDjY5Iw4UycSv8ZWKqjEI4LF54NV6VxxVUoSdrp2MHL
Fz9t8l5ugQyb69AD5z1xUh8ZJq9jWCF7WYoESY7SAAHn/Pl0WugRaTMAnCoqgl/S
/Ofd7/fiTEpHh+ZPCF/xZsvC5C5Zy7vvN6DSJrbW/iQgIIvHA5Wub8b9PJEH0oZ9
M3kENH5gbJF98NLtll0/ZBSvP8+Aikg4hEXM38j0fPc5AtUCYU+rfA7PQ2BtzsIY
a26GHQ4GojQaJxOb6BjF5QxbcNpQ6cd8
-----END CERTIFICATE-----
Generated at Mon Apr 28 16:37:46 2025 by rpki-client