Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pxde1oiwYBCNEi_3CVdY7xH4UZc.roa
File: pxde1oiwYBCNEi_3CVdY7xH4UZc.roa (raw, json)
Hash identifier: ULRcNrIYwZd68vbpasz5yasHcCx5f7vWATDfzYEVi9w=
Subject key identifier: A7:17:5E:D6:88:B0:60:10:8D:12:2F:F7:09:57:58:EF:11:F8:51:97
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01956D33B5BF1CE8C6A5F5D05898E4DB0C4F
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pxde1oiwYBCNEi_3CVdY7xH4UZc.roa
Signing time: Thu 06 Mar 2025 20:44:20 +0000
ROA not before: Thu 06 Mar 2025 20:44:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215211
IP address blocks: 31.58.234.0/24 maxlen: 24
217.60.196.0/23 maxlen: 24
217.60.244.0/23 maxlen: 24
217.60.248.0/24 maxlen: 24
2a14:6e40::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 12 Mar 2025 18:12:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6d:33:b5:bf:1c:e8:c6:a5:f5:d0:58:98:e4:db:0c:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 6 20:44:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7175ed688b060108d122ff7095758ef11f85197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7d:d9:d5:32:65:ad:bf:12:be:8a:3f:33:2a:
63:36:0a:34:fd:28:ae:38:58:05:3c:d4:49:00:0e:
e4:48:96:bc:5d:66:af:43:c9:da:14:f3:30:32:92:
ee:d9:29:80:3e:5d:38:aa:a1:f1:d8:27:7b:27:a8:
03:27:9d:be:bf:13:9c:43:c5:58:21:e6:90:af:bb:
e9:0b:6a:1d:70:03:ef:d8:fd:6f:3e:ff:fc:72:34:
36:c2:c8:e4:f3:54:2d:85:f9:2c:5d:2e:0d:1a:9d:
27:71:1c:46:7e:70:2a:ab:79:4a:c1:e3:fc:ff:54:
6a:4b:72:44:64:8f:22:25:bd:47:75:0a:83:21:4e:
08:30:9e:4c:51:05:6c:42:c0:71:8e:45:b5:8b:31:
00:93:5f:36:dd:82:e0:9b:8b:c3:0a:10:e8:9b:db:
af:af:88:4a:96:28:f0:70:6d:d2:8c:7d:49:93:48:
c0:e6:7f:46:af:8a:91:8c:4b:d8:13:6b:e1:8a:50:
a6:5b:e3:22:41:42:d7:48:52:4d:76:ac:66:a9:e5:
64:2a:f8:98:18:9d:50:90:5e:c9:f1:42:a6:35:7c:
bf:83:31:0e:b5:79:26:03:27:2c:be:b3:db:e6:5d:
5f:67:67:1c:6b:a3:c4:e3:30:bc:72:c1:bb:6c:0a:
a6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:17:5E:D6:88:B0:60:10:8D:12:2F:F7:09:57:58:EF:11:F8:51:97
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pxde1oiwYBCNEi_3CVdY7xH4UZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.234.0/24
217.60.196.0/23
217.60.244.0/23
217.60.248.0/24
IPv6:
2a14:6e40::/32
Signature Algorithm: sha256WithRSAEncryption
3d:c5:f1:2e:97:f2:23:25:df:d3:95:97:fb:a5:76:83:db:81:
b2:23:03:e0:45:96:6b:9e:c8:66:ad:9f:f5:76:b3:2c:c0:3e:
7f:10:ff:1c:6c:6a:1e:a8:8a:48:0c:65:1b:26:3d:6a:2f:19:
fc:60:5f:b2:66:9e:9b:8b:9c:50:27:d5:26:b7:82:66:36:25:
5e:9f:b5:c4:d4:aa:2a:99:20:90:e8:54:a5:aa:65:10:46:82:
1a:87:c9:95:25:a9:79:35:87:9d:df:26:4d:27:86:ac:2e:90:
3b:ae:fc:bb:2c:2f:19:a7:0f:b6:4c:21:3d:0c:45:e6:4b:b4:
0f:aa:96:03:b6:11:a0:f5:03:94:74:30:8e:79:14:51:a8:2e:
c3:c6:00:6a:1d:80:33:81:2f:fb:fd:7f:b0:73:d4:2e:2b:5e:
cf:10:13:e5:2c:77:19:c1:e3:6e:b2:a2:cd:63:bf:bc:3a:db:
30:06:23:a7:fa:37:1c:ab:7b:eb:cc:a9:ee:89:c3:2d:84:3b:
12:6b:d4:5a:15:e6:c3:b1:62:4d:03:46:0b:8a:1f:02:2b:19:
6a:9c:96:15:37:61:c3:26:79:00:39:4c:41:25:65:c0:34:ce:
ad:b5:61:13:34:8a:38:c3:40:18:85:9c:09:63:3a:de:6f:7c:
e2:fe:43:aa
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZVtM7W/HOjGpfXQWJjk2wxPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzA2MjA0NDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzE3NWVkNjg4YjA2MDEwOGQxMjJmZjcwOTU3NThlZjExZjg1MTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApX3Z1TJlrb8Svoo/MypjNgo0/Siu
OFgFPNRJAA7kSJa8XWavQ8naFPMwMpLu2SmAPl04qqHx2Cd7J6gDJ52+vxOcQ8VY
IeaQr7vpC2odcAPv2P1vPv/8cjQ2wsjk81QthfksXS4NGp0ncRxGfnAqq3lKweP8
/1RqS3JEZI8iJb1HdQqDIU4IMJ5MUQVsQsBxjkW1izEAk1823YLgm4vDChDom9uv
r4hKlijwcG3SjH1Jk0jA5n9Gr4qRjEvYE2vhilCmW+MiQULXSFJNdqxmqeVkKviY
GJ1QkF7J8UKmNXy/gzEOtXkmAycsvrPb5l1fZ2cca6PE4zC8csG7bAqmNwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKcXXtaIsGAQjRIv9wlXWO8R+FGXMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvcHhkZTFvaXdZQkNORWlfM0NWZFk3eEg0VVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAHzrqAwQB
2TzEAwQB2Tz0AwQA2Tz4MA0EAgACMAcDBQAqFG5AMA0GCSqGSIb3DQEBCwUAA4IB
AQA9xfEul/IjJd/TlZf7pXaD24GyIwPgRZZrnshmrZ/1drMswD5/EP8cbGoeqIpI
DGUbJj1qLxn8YF+yZp6bi5xQJ9Umt4JmNiVen7XE1KoqmSCQ6FSlqmUQRoIah8mV
Jal5NYed3yZNJ4asLpA7rvy7LC8Zpw+2TCE9DEXmS7QPqpYDthGg9QOUdDCOeRRR
qC7DxgBqHYAzgS/7/X+wc9QuK17PEBPlLHcZweNusqLNY7+8OtswBiOn+jccq3vr
zKnuicMthDsSa9RaFebDsWJNA0YLih8CKxlqnJYVN2HDJnkAOUxBJWXANM6ttWET
NIo4w0AYhZwJYzreb3zi/kOq
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:13:40 2025 by rpki-client