Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/fOCh5hAWLOCQhrWzps0UdB_VRrY.roa
File: fOCh5hAWLOCQhrWzps0UdB_VRrY.roa (raw, json)
Hash identifier: kBPxgSntn9c6m3Ri8Tq+0wjUVJaFDJ+48+5Vfzdea+0=
Subject key identifier: 7C:E0:A1:E6:10:16:2C:E0:90:86:B5:B3:A6:CD:14:74:1F:D5:46:B6
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01952E9CCFEE71404F1FA42CE8F70DE7B917
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/fOCh5hAWLOCQhrWzps0UdB_VRrY.roa
Signing time: Sat 22 Feb 2025 17:03:03 +0000
ROA not before: Sat 22 Feb 2025 17:03:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 31.56.69.0/24 maxlen: 24
31.56.72.0/24 maxlen: 24
31.56.84.0/24 maxlen: 24
31.56.200.0/24 maxlen: 24
31.56.202.0/24 maxlen: 24
31.57.104.0/24 maxlen: 24
31.57.181.0/24 maxlen: 24
31.57.215.0/24 maxlen: 24
31.57.219.0/24 maxlen: 24
31.57.221.0/24 maxlen: 24
31.57.252.0/24 maxlen: 24
31.57.253.0/24 maxlen: 24
31.57.255.0/24 maxlen: 24
31.58.56.0/23 maxlen: 24
31.58.64.0/23 maxlen: 24
31.58.88.0/24 maxlen: 24
31.58.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Mar 2025 10:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:2e:9c:cf:ee:71:40:4f:1f:a4:2c:e8:f7:0d:e7:b9:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 22 17:03:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ce0a1e610162ce09086b5b3a6cd14741fd546b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e0:7c:6e:e6:6f:67:e9:d2:04:af:57:be:e8:
94:1f:24:ce:a3:a6:b8:4e:66:72:b3:1d:3c:d1:5a:
06:97:3a:1a:9f:76:bf:99:6f:85:6a:0b:0a:13:4e:
3c:44:91:40:88:6d:0e:6f:64:32:b7:5d:63:24:ca:
bb:9d:e5:39:16:d2:14:f3:ce:6e:8a:aa:21:c5:ac:
c8:41:76:6f:1f:31:79:a8:44:65:66:1c:da:b2:1b:
c4:cf:27:a7:db:60:19:63:60:87:43:f2:a6:99:9a:
e4:9d:9c:b4:9f:ad:4e:68:3c:d4:d2:2b:e2:b7:e1:
40:0b:44:dd:4d:84:50:7f:a2:89:f2:78:83:f7:f0:
1f:ed:a8:5c:e3:62:17:06:5e:49:0c:fb:ff:7b:05:
04:b4:b6:c2:cb:7a:6d:98:ab:10:fe:bd:11:67:9d:
89:42:ce:b2:0d:c3:bd:3d:e2:8f:24:ab:07:c6:1d:
e5:1d:50:4d:25:5d:69:0f:e7:24:55:e5:aa:4a:05:
23:29:3c:6a:4e:44:0f:46:51:21:29:04:5e:ad:bb:
17:38:5b:3b:64:cf:4a:92:37:5b:82:d2:22:8a:5b:
93:da:fa:e1:0d:03:56:99:42:89:0e:4d:e7:32:90:
ab:54:68:a4:57:82:80:35:5d:5b:2d:a8:22:e7:92:
f6:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:E0:A1:E6:10:16:2C:E0:90:86:B5:B3:A6:CD:14:74:1F:D5:46:B6
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/fOCh5hAWLOCQhrWzps0UdB_VRrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.69.0/24
31.56.72.0/24
31.56.84.0/24
31.56.200.0/24
31.56.202.0/24
31.57.104.0/24
31.57.181.0/24
31.57.215.0/24
31.57.219.0/24
31.57.221.0/24
31.57.252.0/23
31.57.255.0/24
31.58.56.0/23
31.58.64.0/23
31.58.88.0/23
Signature Algorithm: sha256WithRSAEncryption
80:61:05:12:aa:47:d4:e5:8b:05:ce:9d:dc:12:d6:2f:32:ad:
dd:28:15:12:aa:d0:19:bb:40:ab:f2:6d:b6:6c:97:fd:47:0d:
a9:f5:22:58:0a:ea:4f:96:9e:ac:e8:22:24:79:a2:c6:ca:1a:
88:ec:c3:74:d1:ba:6b:b3:4a:c3:2f:e7:a6:8e:29:9e:60:f1:
be:52:88:6b:92:0f:d2:e8:6e:60:42:64:13:3d:f6:da:60:2b:
2c:2c:44:98:65:2f:e7:07:98:d9:0e:c6:26:67:60:a3:bf:92:
3a:16:b3:3e:05:9f:02:11:45:91:43:c6:96:64:12:c3:c9:1c:
7e:e5:33:35:c1:59:71:d5:6b:12:8c:db:00:b8:ea:59:14:6d:
a6:ef:42:7e:17:15:58:1a:c0:51:1b:4f:14:74:f4:39:2f:2e:
a4:a7:f5:81:dd:1d:90:d0:9a:8c:c9:b6:74:e2:af:8c:0d:05:
43:f0:c9:73:6a:05:5c:d5:0d:c7:8f:c1:d4:04:da:0a:ff:ba:
c1:c6:75:2b:cf:63:f9:46:49:14:13:bd:e2:34:a7:63:56:37:
03:ad:86:cc:15:ce:b2:a7:30:45:bc:28:d5:18:05:bc:64:54:
d5:52:39:90:e7:2e:81:ea:95:37:54:69:cc:b4:5d:0d:5d:9b:
b8:81:c7:50
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZUunM/ucUBPH6Qs6PcN57kXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjIyMTcwMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2UwYTFlNjEwMTYyY2UwOTA4NmI1YjNhNmNkMTQ3NDFmZDU0NmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeB8buZvZ+nSBK9XvuiUHyTOo6a4
TmZysx080VoGlzoan3a/mW+FagsKE048RJFAiG0Ob2Qyt11jJMq7neU5FtIU885u
iqohxazIQXZvHzF5qERlZhzashvEzyen22AZY2CHQ/KmmZrknZy0n61OaDzU0ivi
t+FAC0TdTYRQf6KJ8niD9/Af7ahc42IXBl5JDPv/ewUEtLbCy3ptmKsQ/r0RZ52J
Qs6yDcO9PeKPJKsHxh3lHVBNJV1pD+ckVeWqSgUjKTxqTkQPRlEhKQRerbsXOFs7
ZM9KkjdbgtIiiluT2vrhDQNWmUKJDk3nMpCrVGikV4KANV1bLagi55L2HwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFHzgoeYQFizgkIa1s6bNFHQf1Ua2MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZk9DaDVoQVdMT0NRaHJXenBzMFVkQl9WUnJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAHzhFAwQA
HzhIAwQAHzhUAwQAHzjIAwQAHzjKAwQAHzloAwQAHzm1AwQAHznXAwQAHznbAwQA
HzndAwQBHzn8AwQAHzn/AwQBHzo4AwQBHzpAAwQBHzpYMA0GCSqGSIb3DQEBCwUA
A4IBAQCAYQUSqkfU5YsFzp3cEtYvMq3dKBUSqtAZu0Cr8m22bJf9Rw2p9SJYCupP
lp6s6CIkeaLGyhqI7MN00bprs0rDL+emjimeYPG+Uohrkg/S6G5gQmQTPfbaYCss
LESYZS/nB5jZDsYmZ2Cjv5I6FrM+BZ8CEUWRQ8aWZBLDyRx+5TM1wVlx1WsSjNsA
uOpZFG2m70J+FxVYGsBRG08UdPQ5Ly6kp/WB3R2Q0JqMybZ04q+MDQVD8MlzagVc
1Q3Hj8HUBNoK/7rBxnUrz2P5RkkUE73iNKdjVjcDrYbMFc6ypzBFvCjVGAW8ZFTV
UjmQ5y6B6pU3VGnMtF0NXZu4gcdQ
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:05:11 2025 by rpki-client