Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tTRjhYc1hy-boxmC1Tik2dhmXwU.roa
File: tTRjhYc1hy-boxmC1Tik2dhmXwU.roa (raw, json)
Hash identifier: c0K9AzgRQFSQ/xY/IPfiLDJBJkvppV6EQSo+J8Kbb+Q=
Subject key identifier: B5:34:63:85:87:35:87:2F:9B:A3:19:82:D5:38:A4:D9:D8:66:5F:05
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019662CE52050BB424CD8DBC31999DF0007A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tTRjhYc1hy-boxmC1Tik2dhmXwU.roa
Signing time: Wed 23 Apr 2025 13:20:10 +0000
ROA not before: Wed 23 Apr 2025 13:20:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204104
IP address blocks: 31.58.237.0/24 maxlen: 24
217.60.199.0/24 maxlen: 24
217.60.237.0/24 maxlen: 24
217.60.238.0/24 maxlen: 24
217.60.239.0/24 maxlen: 24
217.60.243.0/24 maxlen: 24
217.60.246.0/24 maxlen: 24
217.60.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Apr 2025 18:28:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:62:ce:52:05:0b:b4:24:cd:8d:bc:31:99:9d:f0:00:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 23 13:20:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b53463858735872f9ba31982d538a4d9d8665f05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:13:14:9e:ab:d7:80:dd:33:39:f9:12:f6:f5:
a7:e0:57:ab:5d:4a:21:16:35:26:63:bd:e4:57:44:
c2:08:d8:3f:b5:10:ae:e7:52:ef:45:1a:f6:9c:96:
5f:d2:7f:18:3b:25:ec:1c:af:46:a8:cc:68:26:87:
7f:d7:2b:a6:ad:c9:81:d7:2d:fb:df:6b:fd:0a:db:
3a:c3:40:32:a9:d1:f4:f2:1f:1d:ec:23:49:b0:17:
96:12:91:60:ed:63:01:90:b2:da:e3:15:03:70:f7:
04:ad:23:b6:85:05:c2:26:31:34:7d:b6:c4:01:62:
a3:2f:2f:a4:88:24:e8:0a:6f:f5:d5:45:5f:3e:9f:
8d:00:e5:ae:08:ac:8c:30:2e:9f:21:3a:7d:6d:c9:
f6:a2:c9:cf:60:13:0b:1f:8a:d4:1a:61:b3:30:36:
f9:74:e8:1c:e4:e7:b3:36:5f:43:03:87:0c:a1:8f:
b0:7b:55:25:02:22:a0:13:c5:b8:99:aa:7a:2f:c0:
15:07:c1:e7:f0:d8:67:7c:6d:d2:43:8d:bd:0c:22:
34:bf:a5:44:8a:4d:42:83:25:4b:b9:20:6f:ff:9e:
ca:57:75:0c:f3:da:33:3c:3e:bf:54:5e:51:9f:27:
91:df:ae:0c:7e:c0:77:da:0a:30:ef:ae:9d:e9:77:
59:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:34:63:85:87:35:87:2F:9B:A3:19:82:D5:38:A4:D9:D8:66:5F:05
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tTRjhYc1hy-boxmC1Tik2dhmXwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.237.0/24
217.60.199.0/24
217.60.237.0-217.60.239.255
217.60.243.0/24
217.60.246.0/24
217.60.248.0/24
Signature Algorithm: sha256WithRSAEncryption
24:3b:f2:a1:2d:8e:9b:97:ed:6d:2f:99:7a:70:df:57:fc:e3:
63:6f:25:f8:67:d3:91:d7:3b:ec:26:52:55:7d:6d:bb:46:70:
b0:b7:9d:0a:3b:0c:06:9d:ac:de:b8:4d:57:e2:8d:52:bf:fe:
38:72:df:e5:43:56:a7:e5:bf:a7:42:56:9f:a7:91:36:45:f9:
a0:0c:86:b6:f2:3e:c3:85:3c:88:f8:db:b8:da:b1:0e:90:72:
65:18:43:df:41:6e:f2:2c:69:70:0e:41:6b:d8:57:63:28:65:
7b:20:fa:46:8f:97:9c:45:12:cd:74:2e:c5:2b:4e:77:3f:51:
e9:4d:ee:38:5b:b4:2e:3d:ff:61:89:c4:cd:4d:14:62:18:6d:
b2:35:c4:aa:2e:ec:d5:83:9d:27:bc:5d:e3:06:8b:1e:a4:56:
69:64:8f:a7:5d:cc:39:71:8f:9d:bf:b2:a3:2c:02:d1:23:7c:
05:4b:a2:d4:ed:5b:9b:26:e2:07:53:f1:23:e3:b7:d1:ee:33:
d5:4f:59:10:21:3e:0c:c3:03:75:51:fe:1f:49:4f:6a:19:36:
4f:20:92:12:e0:71:4e:4e:e0:4f:e2:cd:cb:08:a2:d9:be:0d:
78:61:20:d7:6f:29:8b:44:37:45:26:cc:9f:5b:b2:31:f8:cb:
82:64:79:42
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZZizlIFC7QkzY28MZmd8AB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDIzMTMyMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTM0NjM4NTg3MzU4NzJmOWJhMzE5ODJkNTM4YTRkOWQ4NjY1ZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxMUnqvXgN0zOfkS9vWn4FerXUoh
FjUmY73kV0TCCNg/tRCu51LvRRr2nJZf0n8YOyXsHK9GqMxoJod/1yumrcmB1y37
32v9Cts6w0AyqdH08h8d7CNJsBeWEpFg7WMBkLLa4xUDcPcErSO2hQXCJjE0fbbE
AWKjLy+kiCToCm/11UVfPp+NAOWuCKyMMC6fITp9bcn2osnPYBMLH4rUGmGzMDb5
dOgc5OezNl9DA4cMoY+we1UlAiKgE8W4map6L8AVB8Hn8NhnfG3SQ429DCI0v6VE
ik1CgyVLuSBv/57KV3UM89ozPD6/VF5RnyeR364MfsB32gow766d6XdZSwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLU0Y4WHNYcvm6MZgtU4pNnYZl8FMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdFRSamhZYzFoeS1ib3htQzFUaWsyZGhtWHdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAHzrtAwQA
2TzHMAwDBADZPO0DBATZPOADBADZPPMDBADZPPYDBADZPPgwDQYJKoZIhvcNAQEL
BQADggEBACQ78qEtjpuX7W0vmXpw31f842NvJfhn05HXO+wmUlV9bbtGcLC3nQo7
DAadrN64TVfijVK//jhy3+VDVqflv6dCVp+nkTZF+aAMhrbyPsOFPIj427jasQ6Q
cmUYQ99BbvIsaXAOQWvYV2MoZXsg+kaPl5xFEs10LsUrTnc/UelN7jhbtC49/2GJ
xM1NFGIYbbI1xKou7NWDnSe8XeMGix6kVmlkj6ddzDlxj52/sqMsAtEjfAVLotTt
W5sm4gdT8SPjt9HuM9VPWRAhPgzDA3VR/h9JT2oZNk8gkhLgcU5O4E/izcsIotm+
DXhhINdvKYtEN0UmzJ9bsjH4y4JkeUI=
-----END CERTIFICATE-----
Generated at Tue Apr 29 15:33:13 2025 by rpki-client