Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/0aZaD1X288vOiFGIbPzl7eCnAVE.roa
File: 0aZaD1X288vOiFGIbPzl7eCnAVE.roa (raw, json)
Hash identifier: bv6EF1pDgMyH1RcmZvOMxSufcu0kmPBge5XthmKiQoo=
Subject key identifier: D1:A6:5A:0F:55:F6:F3:CB:CE:88:51:88:6C:FC:E5:ED:E0:A7:01:51
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019123A1635603D2295ACAED492508AE38BD
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/0aZaD1X288vOiFGIbPzl7eCnAVE.roa
Signing time: Mon 05 Aug 2024 17:41:04 +0000
ROA not before: Mon 05 Aug 2024 17:41:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215362
IP address blocks: 31.56.6.0/24 maxlen: 24
31.56.35.0/24 maxlen: 24
31.56.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Sep 2024 11:20:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:23:a1:63:56:03:d2:29:5a:ca:ed:49:25:08:ae:38:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Aug 5 17:41:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1a65a0f55f6f3cbce8851886cfce5ede0a70151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:22:55:74:d1:fe:51:03:d1:31:68:3a:7a:02:
cf:b7:39:dc:b5:85:e0:70:22:d5:04:38:86:4e:e4:
19:8d:d6:86:25:0c:31:9b:ce:a1:02:d8:83:38:32:
fc:a2:b5:84:13:44:b2:7f:46:1a:56:19:4a:7e:86:
cc:d1:a0:f8:82:f2:f1:16:17:e6:76:57:bc:e8:7f:
91:ae:68:e2:f8:e5:67:0e:6c:06:1c:e4:a4:f9:fe:
85:0e:bf:42:30:a4:69:c3:1b:77:32:41:91:58:42:
cd:6c:ea:c5:6f:b4:c8:64:6e:70:d5:23:7b:eb:f6:
c6:10:6c:aa:ed:0e:b4:70:cb:ec:fd:5c:f9:0a:1d:
a2:3b:53:56:ce:61:7f:ec:93:b8:27:ca:e1:5d:6d:
18:74:ce:45:0f:22:a6:3a:05:7a:0f:c3:fc:0f:c6:
85:19:50:cb:a7:71:37:4b:ed:53:88:89:b2:ca:55:
64:f0:79:c6:ae:e9:36:96:38:63:22:3d:94:38:9a:
05:c5:5c:83:10:e3:bb:c7:69:3a:76:5d:f0:76:09:
97:1b:e7:ed:9b:cc:70:3a:c8:48:70:cc:7d:34:0f:
24:b7:22:75:06:eb:63:41:79:ec:fd:c1:57:8d:19:
76:78:28:3b:c1:b4:69:30:61:d4:30:fc:5c:23:16:
c7:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A6:5A:0F:55:F6:F3:CB:CE:88:51:88:6C:FC:E5:ED:E0:A7:01:51
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/0aZaD1X288vOiFGIbPzl7eCnAVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.6.0/24
31.56.35.0/24
31.56.45.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:96:34:87:d7:7d:bd:f5:fa:28:1d:03:41:7a:64:66:49:59:
4e:b8:2d:70:6b:da:c8:cb:e2:8e:53:c9:0a:10:50:d6:b8:b9:
93:dc:35:b0:d9:e9:e3:aa:8e:6e:3a:db:d9:27:5f:db:98:52:
c6:59:9d:3e:73:03:24:cf:7b:26:7d:7b:9c:65:db:0d:83:da:
05:28:c9:58:c7:bf:a9:95:2d:ac:cc:a9:2f:03:a0:46:22:a5:
fa:6d:14:cf:53:04:3e:cf:95:67:8d:63:0d:76:04:66:41:2a:
f4:9a:d0:74:8f:6e:69:63:06:96:97:85:42:98:30:d4:d3:75:
78:4f:d3:f2:69:ae:2d:c0:2a:c9:6a:3a:36:6f:da:dc:41:ca:
a1:8c:4d:bf:83:73:18:57:7c:f2:4b:a9:33:09:f7:f9:5c:3a:
ba:27:0f:99:69:bc:d8:58:18:65:6d:11:cb:91:d4:5b:7b:7d:
9f:1b:e3:87:aa:a5:c8:4d:a7:05:49:21:e0:cb:97:74:16:43:
e4:4c:c1:ba:03:14:d5:d0:76:a4:56:be:a6:2a:fa:52:87:fc:
55:d3:ce:89:9f:4c:98:2a:74:eb:32:51:3f:42:65:8a:d5:d8:
81:90:fb:cd:7c:55:93:a1:98:37:c9:79:ca:a3:0a:b8:8b:3b:
d4:69:98:8a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZEjoWNWA9IpWsrtSSUIrji9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQwODA1MTc0MTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWE2NWEwZjU1ZjZmM2NiY2U4ODUxODg2Y2ZjZTVlZGUwYTcwMTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyJVdNH+UQPRMWg6egLPtznctYXg
cCLVBDiGTuQZjdaGJQwxm86hAtiDODL8orWEE0Syf0YaVhlKfobM0aD4gvLxFhfm
dle86H+Rrmji+OVnDmwGHOSk+f6FDr9CMKRpwxt3MkGRWELNbOrFb7TIZG5w1SN7
6/bGEGyq7Q60cMvs/Vz5Ch2iO1NWzmF/7JO4J8rhXW0YdM5FDyKmOgV6D8P8D8aF
GVDLp3E3S+1TiImyylVk8HnGruk2ljhjIj2UOJoFxVyDEOO7x2k6dl3wdgmXG+ft
m8xwOshIcMx9NA8ktyJ1ButjQXns/cFXjRl2eCg7wbRpMGHUMPxcIxbHdQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNGmWg9V9vPLzohRiGz85e3gpwFRMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMGFaYUQxWDI4OHZPaUZHSWJQemw3ZUNuQVZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHzgGAwQA
HzgjAwQAHzgtMA0GCSqGSIb3DQEBCwUAA4IBAQCpljSH13299fooHQNBemRmSVlO
uC1wa9rIy+KOU8kKEFDWuLmT3DWw2enjqo5uOtvZJ1/bmFLGWZ0+cwMkz3smfXuc
ZdsNg9oFKMlYx7+plS2szKkvA6BGIqX6bRTPUwQ+z5VnjWMNdgRmQSr0mtB0j25p
YwaWl4VCmDDU03V4T9Pyaa4twCrJajo2b9rcQcqhjE2/g3MYV3zyS6kzCff5XDq6
Jw+ZabzYWBhlbRHLkdRbe32fG+OHqqXITacFSSHgy5d0FkPkTMG6AxTV0HakVr6m
KvpSh/xV086Jn0yYKnTrMlE/QmWK1diBkPvNfFWToZg3yXnKowq4izvUaZiK
-----END CERTIFICATE-----
Generated at Sun Sep 1 12:45:46 2024 by rpki-client on console-fra.rpki-client.org