Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/0PMkbNIa7o6-FgkkUGQQM5DlilA.roa
File: 0PMkbNIa7o6-FgkkUGQQM5DlilA.roa (raw, json)
Hash identifier: hUEtNfzrVrpqBHgjFnPGLmF3pOwB/HCm5lJOxL+iIng=
Subject key identifier: D0:F3:24:6C:D2:1A:EE:8E:BE:16:09:24:50:64:10:33:90:E5:8A:50
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01936F1112E3008AF33DFAB20EC05ABF8B90
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/0PMkbNIa7o6-FgkkUGQQM5DlilA.roa
Signing time: Wed 27 Nov 2024 19:20:10 +0000
ROA not before: Wed 27 Nov 2024 19:20:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.56.3.0/24 maxlen: 24
31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.48.0/24 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.127.0/24 maxlen: 24
31.57.65.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.184.0/23 maxlen: 24
31.57.186.0/23 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.58.49.0/24 maxlen: 24
31.59.68.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Nov 2024 07:17:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6f:11:12:e3:00:8a:f3:3d:fa:b2:0e:c0:5a:bf:8b:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 27 19:20:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0f3246cd21aee8ebe1609245064103390e58a50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b1:4b:0b:28:b9:8e:23:ae:bb:b7:d3:39:7b:
f6:db:7c:cb:b8:6e:e9:25:ee:fe:12:d8:1c:56:2b:
f7:da:09:aa:e8:3d:e3:d0:f9:bd:8c:fc:dc:67:fb:
02:ba:7e:a5:2f:3b:4a:d7:b0:cb:cd:59:22:15:d9:
db:b4:50:3f:62:a3:fd:f8:5d:e2:2b:a0:ec:e8:96:
0b:d7:7a:d5:4b:f2:03:82:9a:53:14:fe:12:d5:b1:
2c:c7:b6:d0:8d:37:60:5c:7e:cd:24:3b:72:27:6f:
56:8e:3c:8a:9a:3c:e3:fc:15:48:9f:ff:e7:59:bd:
1b:b9:1a:30:f6:89:08:50:5e:a5:c1:5d:f3:4a:6f:
40:50:27:cf:5d:a2:54:e4:ed:85:dd:d9:36:fd:50:
eb:2c:7c:f5:8c:f0:91:b0:26:5a:9c:21:ec:d3:56:
d5:9a:fd:44:75:e0:9b:b2:53:14:d9:8b:4c:a0:c6:
01:93:3d:3c:4d:b3:db:33:f7:99:9a:0a:20:52:8a:
dc:e2:42:07:73:b9:30:85:fa:8b:ce:51:52:d6:c0:
82:f2:91:9b:6e:68:ea:d1:72:58:5f:c5:86:d7:62:
d4:04:9a:76:b0:d4:0b:63:09:6f:0b:d2:9e:b0:6a:
60:12:f9:43:63:95:fe:d2:40:4a:0f:f9:81:9e:da:
e7:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F3:24:6C:D2:1A:EE:8E:BE:16:09:24:50:64:10:33:90:E5:8A:50
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/0PMkbNIa7o6-FgkkUGQQM5DlilA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.3.0-31.56.5.255
31.56.24.0/24
31.56.42.0/23
31.56.48.0/24
31.56.57.0/24
31.56.89.0/24
31.56.120.0/22
31.56.127.0/24
31.57.65.0/24
31.57.132.0/23
31.57.146.0/23
31.57.176.0-31.57.187.255
31.57.192.0/22
31.57.232.0/22
31.58.49.0/24
31.59.68.0/24
31.59.96.0/22
31.59.112.0/22
31.59.184.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:a5:21:c7:e1:38:ed:30:8d:21:42:d1:c3:27:e5:c7:22:03:
1a:0f:c5:e7:ad:aa:be:60:61:01:c0:a3:ba:3e:d1:04:60:fc:
8d:2c:9e:81:bf:7a:43:55:db:0b:27:d9:1d:7a:b9:3b:be:41:
dd:ce:fd:50:33:d4:0d:86:5f:1a:8a:a6:55:2b:0d:5f:d5:71:
0a:87:b8:f9:d5:b8:74:99:9d:26:e2:5d:45:3e:53:d6:92:6f:
8c:83:e4:45:f3:be:e3:5c:76:a6:ac:11:80:66:44:f7:06:7a:
43:3e:2d:92:6f:b2:4e:f8:d6:1e:67:9c:c0:d2:f2:d9:c8:07:
7a:22:4a:68:fc:b6:f4:5e:f8:4e:e8:3d:ae:aa:e0:a8:7a:70:
e6:1d:34:2c:bf:e7:d9:cc:ed:15:b0:98:e9:1a:24:97:01:71:
0c:9e:f3:8b:2a:08:3d:14:71:b6:78:7e:12:fa:6f:84:f8:44:
d8:2c:40:9c:93:39:ab:c3:e9:7c:88:d9:85:94:67:3e:4c:93:
11:c0:be:a6:f5:93:ac:ae:29:ce:ce:1d:07:9d:63:fa:2b:c9:
e4:13:5b:d1:26:1f:67:38:f0:b4:66:62:a6:eb:94:16:0e:d8:
77:92:e9:b0:cd:2a:4a:10:ac:ec:cc:8b:98:82:f3:43:f4:a2:
23:2f:17:57
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZNvERLjAIrzPfqyDsBav4uQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTI3MTkyMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGYzMjQ2Y2QyMWFlZThlYmUxNjA5MjQ1MDY0MTAzMzkwZTU4YTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7FLCyi5jiOuu7fTOXv223zLuG7p
Je7+EtgcViv32gmq6D3j0Pm9jPzcZ/sCun6lLztK17DLzVkiFdnbtFA/YqP9+F3i
K6Ds6JYL13rVS/IDgppTFP4S1bEsx7bQjTdgXH7NJDtyJ29WjjyKmjzj/BVIn//n
Wb0buRow9okIUF6lwV3zSm9AUCfPXaJU5O2F3dk2/VDrLHz1jPCRsCZanCHs01bV
mv1EdeCbslMU2YtMoMYBkz08TbPbM/eZmgogUorc4kIHc7kwhfqLzlFS1sCC8pGb
bmjq0XJYX8WG12LUBJp2sNQLYwlvC9KesGpgEvlDY5X+0kBKD/mBntrnIwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFNDzJGzSGu6OvhYJJFBkEDOQ5YpQMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMFBNa2JOSWE3bzYtRmdra1VHUVFNNURsaWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIwDAME
AB84AwMEAR84BAMEAB84GAMEAR84KgMEAB84MAMEAB84OQMEAB84WQMEAh84eAME
AB84fwMEAB85QQMEAR85hAMEAR85kjAMAwQEHzmwAwQCHzm4AwQCHznAAwQCHzno
AwQAHzoxAwQAHztEAwQCHztgAwQCHztwAwQCHzu4MA0GCSqGSIb3DQEBCwUAA4IB
AQBLpSHH4TjtMI0hQtHDJ+XHIgMaD8Xnraq+YGEBwKO6PtEEYPyNLJ6Bv3pDVdsL
J9kderk7vkHdzv1QM9QNhl8aiqZVKw1f1XEKh7j51bh0mZ0m4l1FPlPWkm+Mg+RF
877jXHamrBGAZkT3BnpDPi2Sb7JO+NYeZ5zA0vLZyAd6Ikpo/Lb0XvhO6D2uquCo
enDmHTQsv+fZzO0VsJjpGiSXAXEMnvOLKgg9FHG2eH4S+m+E+ETYLECckzmrw+l8
iNmFlGc+TJMRwL6m9ZOsrinOzh0HnWP6K8nkE1vRJh9nOPC0ZmKm65QWDth3kumw
zSpKEKzszIuYgvND9KIjLxdX
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:10 2025 by rpki-client