Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/sk4zE9B1wNaMlpT25xZnf7PCrYw.roa
File: sk4zE9B1wNaMlpT25xZnf7PCrYw.roa (raw, json)
Hash identifier: ZY/SITAbN7rSg2jOGJmj1Q/Tn4CBdsxMaE4LXHyY1Pg=
Subject key identifier: B2:4E:33:13:D0:75:C0:D6:8C:96:94:F6:E7:16:67:7F:B3:C2:AD:8C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01959638590C43CD599B3D5AE4EB9BCAE611
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/sk4zE9B1wNaMlpT25xZnf7PCrYw.roa
Signing time: Fri 14 Mar 2025 19:53:49 +0000
ROA not before: Fri 14 Mar 2025 19:53:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 31.56.52.0/22 maxlen: 22
31.56.77.0/24 maxlen: 24
31.57.199.0/24 maxlen: 24
31.59.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 15:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:96:38:59:0c:43:cd:59:9b:3d:5a:e4:eb:9b:ca:e6:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 14 19:53:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b24e3313d075c0d68c9694f6e716677fb3c2ad8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:82:66:78:93:cf:d4:31:c2:87:0d:75:c1:d5:
6d:f7:b8:ce:53:fb:a0:f0:1c:fd:c0:e3:49:aa:82:
44:ec:f6:70:2a:a6:0c:d7:e7:f1:f3:5e:df:a8:5a:
2f:b6:d8:fc:17:f3:96:13:e1:cd:50:9a:d7:46:4c:
ac:78:6a:79:a4:db:d8:63:f6:ab:bd:98:8e:84:24:
bb:f5:10:32:9c:52:a0:f5:82:4c:e5:f6:bd:91:2d:
4b:fd:fd:de:67:7b:8f:a2:ce:e9:71:e7:14:11:46:
1b:47:fb:bd:56:21:90:f0:64:47:b5:cf:d8:7c:95:
3a:80:29:08:40:73:a5:f2:e9:09:6d:9e:72:c3:18:
e1:8b:23:7c:48:61:65:38:90:8d:d6:c7:1a:0b:f7:
38:7f:c6:4a:44:0b:06:b3:79:c4:7c:d0:7f:aa:e6:
4b:9a:d6:35:a8:8f:d6:47:3e:a0:7f:8a:42:4d:ee:
6e:cc:c4:92:97:57:76:32:bc:6d:0f:42:05:da:35:
51:23:f0:2b:06:b9:e0:c0:a0:14:bb:5f:8e:11:6b:
49:2e:38:ce:37:74:8e:34:a5:d7:89:81:e0:08:a3:
48:c9:9e:e4:07:d4:3d:12:9a:42:50:3a:48:ac:bb:
c8:fd:94:87:28:9a:c5:2e:5e:6b:ce:74:45:dc:56:
36:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:4E:33:13:D0:75:C0:D6:8C:96:94:F6:E7:16:67:7F:B3:C2:AD:8C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/sk4zE9B1wNaMlpT25xZnf7PCrYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.52.0/22
31.56.77.0/24
31.57.199.0/24
31.59.68.0/24
Signature Algorithm: sha256WithRSAEncryption
06:c9:d1:ed:23:01:7c:e5:33:57:b8:62:b3:15:f9:c8:45:74:
95:fd:b9:ca:83:c1:3c:72:d5:d2:2d:e2:1a:f7:6a:9d:65:76:
67:df:a5:11:1b:3d:35:48:22:a2:ee:af:27:ea:04:78:43:aa:
9f:4a:72:e4:96:eb:62:18:d1:08:f4:2b:12:e6:ff:b5:58:a0:
23:fc:cd:11:5c:8c:d9:84:42:65:29:6f:6e:42:41:19:78:85:
4b:04:b1:17:d3:f9:a9:a9:a5:1a:c0:23:f2:ca:8e:db:aa:f8:
02:d5:55:fc:37:7a:ad:08:e4:fc:a0:0e:b3:9f:9a:90:81:49:
d6:3a:eb:45:67:e9:f3:00:29:54:d7:6a:bb:32:6a:9e:63:e7:
d0:f1:f4:f9:b4:bf:ed:43:a0:f0:3a:32:2c:a2:7f:80:46:e0:
d3:72:99:a5:66:8b:a3:ff:07:04:37:33:00:f4:68:26:8f:c9:
ce:36:37:b3:34:57:f2:aa:7c:1e:b6:e3:35:72:3c:81:af:cf:
af:12:15:0b:41:b8:aa:52:79:05:b3:df:81:38:cc:4e:bf:08:
4b:35:ed:9f:74:0d:1c:7b:1e:e1:ed:45:6a:2f:09:c6:80:11:
c3:b7:e4:7a:17:4f:ed:0a:43:75:dc:e1:5a:64:9d:ef:7a:55:
f1:9a:ae:f0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZWWOFkMQ81Zmz1a5OubyuYRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzE0MTk1MzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjRlMzMxM2QwNzVjMGQ2OGM5Njk0ZjZlNzE2Njc3ZmIzYzJhZDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64JmeJPP1DHChw11wdVt97jOU/ug
8Bz9wONJqoJE7PZwKqYM1+fx817fqFovttj8F/OWE+HNUJrXRkyseGp5pNvYY/ar
vZiOhCS79RAynFKg9YJM5fa9kS1L/f3eZ3uPos7pcecUEUYbR/u9ViGQ8GRHtc/Y
fJU6gCkIQHOl8ukJbZ5ywxjhiyN8SGFlOJCN1scaC/c4f8ZKRAsGs3nEfNB/quZL
mtY1qI/WRz6gf4pCTe5uzMSSl1d2MrxtD0IF2jVRI/ArBrngwKAUu1+OEWtJLjjO
N3SONKXXiYHgCKNIyZ7kB9Q9EppCUDpIrLvI/ZSHKJrFLl5rznRF3FY2PQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLJOMxPQdcDWjJaU9ucWZ3+zwq2MMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvc2s0ekU5QjF3TmFNbHBUMjV4Wm5mN1BDcll3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCHzg0AwQA
HzhNAwQAHznHAwQAHztEMA0GCSqGSIb3DQEBCwUAA4IBAQAGydHtIwF85TNXuGKz
FfnIRXSV/bnKg8E8ctXSLeIa92qdZXZn36URGz01SCKi7q8n6gR4Q6qfSnLkluti
GNEI9CsS5v+1WKAj/M0RXIzZhEJlKW9uQkEZeIVLBLEX0/mpqaUawCPyyo7bqvgC
1VX8N3qtCOT8oA6zn5qQgUnWOutFZ+nzAClU12q7MmqeY+fQ8fT5tL/tQ6DwOjIs
on+ARuDTcpmlZouj/wcENzMA9Ggmj8nONjezNFfyqnwetuM1cjyBr8+vEhULQbiq
UnkFs9+BOMxOvwhLNe2fdA0cex7h7UVqLwnGgBHDt+R6F0/tCkN13OFaZJ3velXx
mq7w
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:00:42 2025 by rpki-client