Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pXNT3wbY-35Nx6CltIXm-hmfRSo.roa
File: pXNT3wbY-35Nx6CltIXm-hmfRSo.roa (raw, json)
Hash identifier: SuFf9DJapDqVdOJnN/eHv/ktY9CVxXC5cwoTZITU6OY=
Subject key identifier: A5:73:53:DF:06:D8:FB:7E:4D:C7:A0:A5:B4:85:E6:FA:19:9F:45:2A
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01960FE8155079F94C3C84AB97E7F3B07CB6
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pXNT3wbY-35Nx6CltIXm-hmfRSo.roa
Signing time: Mon 07 Apr 2025 10:59:50 +0000
ROA not before: Mon 07 Apr 2025 10:59:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 31.56.72.0/24 maxlen: 24
31.56.84.0/24 maxlen: 24
31.57.104.0/24 maxlen: 24
31.57.188.0/24 maxlen: 24
31.58.56.0/23 maxlen: 24
31.58.64.0/23 maxlen: 24
31.58.88.0/24 maxlen: 24
31.58.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Apr 2025 05:13:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0f:e8:15:50:79:f9:4c:3c:84:ab:97:e7:f3:b0:7c:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 7 10:59:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a57353df06d8fb7e4dc7a0a5b485e6fa199f452a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5c:6e:6f:9f:6a:e0:a1:82:7b:23:1f:2b:7a:
ee:f1:6a:0e:71:76:0f:5e:a2:4b:2d:fb:41:5d:ba:
d3:bd:57:14:84:98:f1:73:6d:86:04:d2:5e:12:cf:
e4:25:0e:ea:cb:59:fe:03:cc:bd:b5:eb:77:a6:71:
46:6d:ad:8a:71:a2:92:a1:31:f2:bc:16:c1:85:c7:
37:9f:4d:54:2c:ef:d9:21:31:a3:be:6d:df:20:0b:
8e:d0:a4:d0:34:e0:4a:ad:18:eb:50:5c:08:d3:24:
79:fe:98:ef:43:b3:64:7e:f9:8b:2a:70:17:83:8f:
f0:4c:01:47:b7:2d:56:d0:9e:2c:2b:5d:32:82:23:
a6:a4:15:e7:35:4b:7d:47:fb:25:a2:c8:ba:93:32:
ed:27:45:70:89:9e:7a:d4:77:b1:d8:b0:c8:e2:c4:
00:8b:06:54:d1:a8:25:58:a4:ae:8b:ac:40:1f:97:
be:a1:65:aa:c2:4f:e2:47:48:76:46:ba:64:ec:69:
65:15:a6:be:11:76:15:8f:8c:2e:b2:a2:a2:f0:f0:
b6:1f:70:4c:87:bf:01:19:07:ed:f7:ea:cb:57:61:
7b:7e:0c:70:13:4e:2e:9d:c7:03:71:93:cd:87:b8:
5e:03:e3:2a:21:de:b1:0a:06:a7:1b:67:31:5b:21:
44:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:73:53:DF:06:D8:FB:7E:4D:C7:A0:A5:B4:85:E6:FA:19:9F:45:2A
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pXNT3wbY-35Nx6CltIXm-hmfRSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.72.0/24
31.56.84.0/24
31.57.104.0/24
31.57.188.0/24
31.58.56.0/23
31.58.64.0/23
31.58.88.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:05:12:9c:f3:65:71:91:8e:78:1e:31:f1:e1:8c:57:dc:67:
2e:ce:50:ee:c3:ff:cc:91:e9:2a:27:67:4e:ed:9e:aa:0c:7e:
86:02:93:83:5f:ec:77:b3:d9:33:6c:2a:28:0b:56:18:3a:e7:
07:f5:cc:4a:c0:bc:8d:5e:0b:de:14:22:c1:8c:20:78:bb:a6:
7d:89:33:22:25:35:af:c2:a0:be:31:34:58:23:2f:7f:c0:6f:
5d:97:a4:c0:5d:96:05:d5:9a:ec:d4:a9:e4:dd:25:1f:ba:2e:
de:1e:6c:d6:fd:cf:90:78:93:95:ad:4e:97:c3:66:1a:49:5b:
45:33:9f:0e:24:5e:cc:5e:02:c7:af:68:bd:d5:20:49:a2:18:
ea:e1:7c:ca:fa:9f:7c:68:ac:1b:ae:ae:9a:cd:4e:36:b2:4e:
ed:19:9c:fc:7c:73:bb:d8:0d:ae:b6:ca:c3:24:ff:ad:1b:6b:
31:86:fa:a6:95:ad:1a:fe:f0:40:76:b7:3e:26:01:c3:e9:14:
21:9b:20:61:1a:0f:6a:c0:ea:55:f8:b0:c9:e9:d6:21:a7:f8:
b3:c1:8d:05:5e:d6:59:ec:66:1b:94:5b:25:b9:4b:1b:41:c8:
52:74:75:68:14:db:2f:bb:63:10:16:69:95:fe:5e:8f:e6:4d:
45:1e:56:f3
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZYP6BVQeflMPISrl+fzsHy2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDA3MTA1OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTczNTNkZjA2ZDhmYjdlNGRjN2EwYTViNDg1ZTZmYTE5OWY0NTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVxub59q4KGCeyMfK3ru8WoOcXYP
XqJLLftBXbrTvVcUhJjxc22GBNJeEs/kJQ7qy1n+A8y9tet3pnFGba2KcaKSoTHy
vBbBhcc3n01ULO/ZITGjvm3fIAuO0KTQNOBKrRjrUFwI0yR5/pjvQ7NkfvmLKnAX
g4/wTAFHty1W0J4sK10ygiOmpBXnNUt9R/slosi6kzLtJ0VwiZ561Hex2LDI4sQA
iwZU0aglWKSui6xAH5e+oWWqwk/iR0h2Rrpk7GllFaa+EXYVj4wusqKi8PC2H3BM
h78BGQft9+rLV2F7fgxwE04unccDcZPNh7heA+MqId6xCganG2cxWyFEzQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKVzU98G2Pt+TcegpbSF5voZn0UqMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvcFhOVDN3YlktMzVOeDZDbHRJWG0taG1mUlNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAHzhIAwQA
HzhUAwQAHzloAwQAHzm8AwQBHzo4AwQBHzpAAwQBHzpYMA0GCSqGSIb3DQEBCwUA
A4IBAQBKBRKc82VxkY54HjHx4YxX3GcuzlDuw//MkekqJ2dO7Z6qDH6GApODX+x3
s9kzbCooC1YYOucH9cxKwLyNXgveFCLBjCB4u6Z9iTMiJTWvwqC+MTRYIy9/wG9d
l6TAXZYF1Zrs1Knk3SUfui7eHmzW/c+QeJOVrU6Xw2YaSVtFM58OJF7MXgLHr2i9
1SBJohjq4XzK+p98aKwbrq6azU42sk7tGZz8fHO72A2utsrDJP+tG2sxhvqmla0a
/vBAdrc+JgHD6RQhmyBhGg9qwOpV+LDJ6dYhp/izwY0FXtZZ7GYblFsluUsbQchS
dHVoFNsvu2MQFmmV/l6P5k1FHlbz
-----END CERTIFICATE-----
Generated at Tue Apr 29 20:40:02 2025 by rpki-client