Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/gbO_gpWZt0sJdwpb6USbRGW1VoU.roa
File: gbO_gpWZt0sJdwpb6USbRGW1VoU.roa (raw, json)
Hash identifier: 6SKhylCjkWNn52oBURMxwD/V3a34zXURRdHvLgXgYJI=
Subject key identifier: 81:B3:BF:82:95:99:B7:4B:09:77:0A:5B:E9:44:9B:44:65:B5:56:85
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195ECA4FBE90B1DB79E33F4D8EE90B511AA
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/gbO_gpWZt0sJdwpb6USbRGW1VoU.roa
Signing time: Mon 31 Mar 2025 14:39:50 +0000
ROA not before: Mon 31 Mar 2025 14:39:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214025
IP address blocks: 31.56.69.0/24 maxlen: 24
31.56.72.0/24 maxlen: 24
31.56.84.0/24 maxlen: 24
31.58.88.0/24 maxlen: 24
31.58.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Apr 2025 10:59:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ec:a4:fb:e9:0b:1d:b7:9e:33:f4:d8:ee:90:b5:11:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 31 14:39:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81b3bf829599b74b09770a5be9449b4465b55685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:56:67:c9:80:e8:bf:24:d7:d4:a4:41:db:74:
c3:cf:36:0c:80:21:73:a6:1c:54:87:48:49:d8:33:
9b:58:7f:d2:45:c0:5d:53:5b:ba:91:84:3f:c8:0e:
cb:0c:35:96:a9:00:9a:5a:33:88:10:50:c8:38:82:
73:9b:91:73:2c:cb:12:74:62:00:87:dc:68:cc:03:
5c:8c:81:f4:2a:49:79:e8:d7:5a:86:5a:c4:c2:f2:
47:83:75:13:c0:0b:c8:1e:c9:7f:a1:df:e7:aa:29:
2d:89:8c:c6:a6:04:db:fc:cb:92:5d:52:56:3d:72:
88:47:e3:7d:a0:ea:16:8c:ae:4c:da:2a:b4:08:27:
9d:cb:2b:44:12:f0:96:72:7d:29:30:97:11:5a:ff:
3f:24:8d:65:f2:c0:4c:11:d1:8f:09:f7:5c:17:c5:
ab:11:9a:90:f3:30:53:77:98:01:28:b5:bc:7b:1b:
1a:76:20:d2:5a:07:c6:95:8b:50:0a:84:1e:eb:02:
41:14:1e:69:8f:ec:3a:8a:03:90:41:4f:9d:21:82:
c5:15:66:8c:ea:01:40:60:3c:c2:ce:58:1b:4c:b8:
16:b0:db:68:cf:0b:e3:ed:96:80:d9:59:e0:06:5a:
13:80:76:38:80:4b:7b:70:2f:5b:a4:4a:56:74:a6:
29:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B3:BF:82:95:99:B7:4B:09:77:0A:5B:E9:44:9B:44:65:B5:56:85
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/gbO_gpWZt0sJdwpb6USbRGW1VoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.69.0/24
31.56.72.0/24
31.56.84.0/24
31.58.88.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:e3:eb:96:68:0e:61:c4:a2:e5:89:95:d6:71:63:e1:98:67:
02:fc:37:49:42:52:b0:c3:dd:71:24:4e:ab:58:d7:3b:70:f4:
b7:df:5d:66:e5:e1:81:07:b0:5d:04:03:9b:84:c4:eb:fd:32:
1d:4d:fa:d7:b5:1f:d9:a1:d8:15:ed:69:09:a8:f6:42:33:29:
74:e7:ab:68:36:f2:44:6d:09:c7:19:57:d0:56:b7:90:85:1c:
ac:0d:ae:ab:a7:59:9b:15:b5:2c:0a:8a:25:50:94:75:99:13:
7c:ee:ef:10:32:fe:9c:15:8a:62:ae:87:0e:ea:70:0e:7a:08:
b1:b1:3c:19:f3:9b:cd:f2:22:d8:be:50:9d:4c:52:db:1d:5c:
d9:8d:a9:7e:69:8c:9f:b3:28:cf:f7:f4:45:90:f0:20:f5:3b:
86:32:98:21:c2:3a:95:da:3e:a1:c1:67:9b:f7:e7:c3:5c:b3:
6d:b6:9c:f7:6a:ce:21:4a:f6:8b:3e:0f:71:2e:4d:b2:d0:54:
3b:cf:1b:6b:30:a4:97:5c:3d:5d:25:5d:87:bb:ec:66:8a:94:
58:ae:3d:f8:a8:6b:28:d6:18:f6:90:fc:36:51:6b:36:df:f3:
06:de:8b:ab:23:40:2d:02:fc:70:91:e8:95:b5:8a:1c:73:85:
5e:92:58:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZXspPvpCx23njP02O6QtRGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzMxMTQzOTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWIzYmY4Mjk1OTliNzRiMDk3NzBhNWJlOTQ0OWI0NDY1YjU1Njg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1ZnyYDovyTX1KRB23TDzzYMgCFz
phxUh0hJ2DObWH/SRcBdU1u6kYQ/yA7LDDWWqQCaWjOIEFDIOIJzm5FzLMsSdGIA
h9xozANcjIH0Kkl56NdahlrEwvJHg3UTwAvIHsl/od/nqiktiYzGpgTb/MuSXVJW
PXKIR+N9oOoWjK5M2iq0CCedyytEEvCWcn0pMJcRWv8/JI1l8sBMEdGPCfdcF8Wr
EZqQ8zBTd5gBKLW8exsadiDSWgfGlYtQCoQe6wJBFB5pj+w6igOQQU+dIYLFFWaM
6gFAYDzCzlgbTLgWsNtozwvj7ZaA2VngBloTgHY4gEt7cC9bpEpWdKYpeQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIGzv4KVmbdLCXcKW+lEm0RltVaFMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZ2JPX2dwV1p0MHNKZHdwYjZVU2JSR1cxVm9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzhFAwQA
HzhIAwQAHzhUAwQBHzpYMA0GCSqGSIb3DQEBCwUAA4IBAQAL4+uWaA5hxKLliZXW
cWPhmGcC/DdJQlKww91xJE6rWNc7cPS3311m5eGBB7BdBAObhMTr/TIdTfrXtR/Z
odgV7WkJqPZCMyl056toNvJEbQnHGVfQVreQhRysDa6rp1mbFbUsCoolUJR1mRN8
7u8QMv6cFYpirocO6nAOegixsTwZ85vN8iLYvlCdTFLbHVzZjal+aYyfsyjP9/RF
kPAg9TuGMpghwjqV2j6hwWeb9+fDXLNttpz3as4hSvaLPg9xLk2y0FQ7zxtrMKSX
XD1dJV2Hu+xmipRYrj34qGso1hj2kPw2UWs23/MG3ourI0AtAvxwkeiVtYocc4Ve
klhp
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:56:19 2025 by rpki-client