Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/qb1sCix9VCPsLe5wKyUvvE1LYEw.roa
File: qb1sCix9VCPsLe5wKyUvvE1LYEw.roa (raw, json)
Hash identifier: btmNZ/kKaUkdqAz6KJr0KjfWMIgLVgTm0WhCKxjL72E=
Subject key identifier: A9:BD:6C:0A:2C:7D:54:23:EC:2D:EE:70:2B:25:2F:BC:4D:4B:60:4C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195A07BE9731B3A14E4F02E2FC18299249C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/qb1sCix9VCPsLe5wKyUvvE1LYEw.roa
Signing time: Sun 16 Mar 2025 19:43:49 +0000
ROA not before: Sun 16 Mar 2025 19:43:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 31.56.59.0/24 maxlen: 24
31.56.86.0/24 maxlen: 24
31.56.107.0/24 maxlen: 24
31.57.140.0/24 maxlen: 24
31.57.162.0/23 maxlen: 23
31.57.164.0/23 maxlen: 23
31.57.180.0/24 maxlen: 24
31.58.41.0/24 maxlen: 24
31.58.42.0/24 maxlen: 24
31.58.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 16:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a0:7b:e9:73:1b:3a:14:e4:f0:2e:2f:c1:82:99:24:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 16 19:43:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9bd6c0a2c7d5423ec2dee702b252fbc4d4b604c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0d:67:f0:55:8a:62:ac:c4:db:41:08:87:67:
b7:15:65:b0:21:aa:40:31:d3:ca:07:e2:d6:84:bc:
9c:5c:6f:88:37:82:27:28:b9:e9:ba:f5:ac:b0:99:
ff:8b:8e:1e:65:64:9c:17:c7:d9:05:36:c5:d3:1f:
b8:a5:1c:06:48:be:38:ae:29:d1:31:f0:c9:88:90:
05:20:1a:1d:85:f6:ba:88:50:74:f2:9c:f9:a2:6b:
da:d7:f5:f4:00:3e:dd:09:e4:e4:66:76:7e:0d:5c:
d6:bf:f8:94:65:a3:d4:e5:b4:16:c6:d6:05:70:d9:
e1:84:9a:07:f4:a9:3a:5f:02:ed:f8:84:1c:fd:aa:
a4:18:df:84:fd:e7:34:a4:8c:dd:90:b5:67:53:cc:
83:07:e7:94:e3:f9:36:11:bb:6e:25:ec:66:80:e0:
24:69:4d:01:a3:bb:6d:36:bf:38:98:59:b7:3e:d3:
fc:82:30:79:c0:38:0e:c3:f7:0e:c0:c8:2b:8b:cc:
c1:40:e8:64:87:b6:6c:75:c2:33:46:23:eb:40:db:
1f:67:23:02:1e:18:d0:5d:b4:7c:d5:f2:d7:be:3c:
ec:90:dc:53:f9:1c:38:38:f8:dc:7b:d0:0f:6d:a0:
82:a6:6d:7c:85:c0:d5:4d:74:1d:02:88:a5:d1:31:
45:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:BD:6C:0A:2C:7D:54:23:EC:2D:EE:70:2B:25:2F:BC:4D:4B:60:4C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/qb1sCix9VCPsLe5wKyUvvE1LYEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.59.0/24
31.56.86.0/24
31.56.107.0/24
31.57.140.0/24
31.57.162.0-31.57.165.255
31.57.180.0/24
31.58.41.0-31.58.42.255
31.58.48.0/24
Signature Algorithm: sha256WithRSAEncryption
52:aa:80:b0:a2:7c:b6:b5:c9:32:30:5a:57:bd:38:83:9a:97:
32:d1:48:e2:f6:96:dd:64:5e:89:9f:80:46:b8:53:52:8f:01:
f2:ab:3b:04:b0:6f:60:8d:8e:81:b2:ae:34:7e:9e:a3:fe:84:
db:09:82:54:3a:51:cc:2e:69:8c:40:c9:33:36:11:49:4e:0e:
25:4c:a3:14:a8:26:bb:94:df:98:84:a0:50:4e:4d:cc:51:30:
1d:11:37:6d:76:2f:b8:c0:41:84:f4:86:0a:55:74:1f:62:fe:
f7:97:ee:19:c9:e7:e0:6d:a0:a0:95:14:8f:2a:2b:e4:95:74:
66:c0:74:14:72:94:5f:cf:7a:80:96:dc:0e:4d:fc:c3:c4:c3:
37:b7:a1:16:32:c8:aa:ed:aa:46:57:9f:6b:da:cf:67:b8:02:
85:75:bc:d8:31:2b:b3:ad:bd:8e:81:db:d0:d6:76:29:37:d4:
d4:2b:f9:e5:42:1c:44:c0:99:56:da:ef:8d:88:bf:81:48:a7:
76:7f:47:33:ce:22:01:fb:41:fe:2a:09:1e:a9:bf:26:2b:3f:
dd:4e:8e:54:9e:63:aa:26:bb:6a:f0:e4:13:92:c0:00:2b:04:
a2:a6:50:3f:01:fe:55:8c:a6:01:72:94:da:f1:90:29:ea:75:
ef:0c:14:e9
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZWge+lzGzoU5PAuL8GCmSScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzE2MTk0MzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWJkNmMwYTJjN2Q1NDIzZWMyZGVlNzAyYjI1MmZiYzRkNGI2MDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAog1n8FWKYqzE20EIh2e3FWWwIapA
MdPKB+LWhLycXG+IN4InKLnpuvWssJn/i44eZWScF8fZBTbF0x+4pRwGSL44rinR
MfDJiJAFIBodhfa6iFB08pz5omva1/X0AD7dCeTkZnZ+DVzWv/iUZaPU5bQWxtYF
cNnhhJoH9Kk6XwLt+IQc/aqkGN+E/ec0pIzdkLVnU8yDB+eU4/k2EbtuJexmgOAk
aU0Bo7ttNr84mFm3PtP8gjB5wDgOw/cOwMgri8zBQOhkh7ZsdcIzRiPrQNsfZyMC
HhjQXbR81fLXvjzskNxT+Rw4OPjce9APbaCCpm18hcDVTXQdAoil0TFFQwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFKm9bAosfVQj7C3ucCslL7xNS2BMMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvcWIxc0NpeDlWQ1BzTGU1d0t5VXZ2RTFMWUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQAHzg7AwQA
HzhWAwQAHzhrAwQAHzmMMAwDBAEfOaIDBAEfOaQDBAAfObQwDAMEAB86KQMEAB86
KgMEAB86MDANBgkqhkiG9w0BAQsFAAOCAQEAUqqAsKJ8trXJMjBaV704g5qXMtFI
4vaW3WReiZ+ARrhTUo8B8qs7BLBvYI2OgbKuNH6eo/6E2wmCVDpRzC5pjEDJMzYR
SU4OJUyjFKgmu5TfmISgUE5NzFEwHRE3bXYvuMBBhPSGClV0H2L+95fuGcnn4G2g
oJUUjyor5JV0ZsB0FHKUX896gJbcDk38w8TDN7ehFjLIqu2qRlefa9rPZ7gChXW8
2DErs629joHb0NZ2KTfU1Cv55UIcRMCZVtrvjYi/gUindn9HM84iAftB/ioJHqm/
Jis/3U6OVJ5jqia7avDkE5LAACsEoqZQPwH+VYymAXKU2vGQKep17wwU6Q==
-----END CERTIFICATE-----
Generated at Sun Apr 27 18:03:38 2025 by rpki-client