Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-lM0UHLJHFyfHZIvCEICAHgeQqg.roa
File: 1-lM0UHLJHFyfHZIvCEICAHgeQqg.roa (raw, json)
Hash identifier: /ip4SS+aXlr645DeVKRr2SoVat1zxmvq/GKrDZZEAOg=
Subject key identifier: FA:53:34:50:72:C9:1C:5C:9F:1D:92:2F:08:42:02:00:78:1E:42:A8
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01932EB19526AB3528442BC477FE807F78C9
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-lM0UHLJHFyfHZIvCEICAHgeQqg.roa
Signing time: Fri 15 Nov 2024 07:20:10 +0000
ROA not before: Fri 15 Nov 2024 07:20:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
31.58.208.0/24 maxlen: 24
31.59.136.0/21 maxlen: 24
31.59.144.0/21 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/21 maxlen: 24
31.59.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Nov 2024 08:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2e:b1:95:26:ab:35:28:44:2b:c4:77:fe:80:7f:78:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 15 07:20:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa53345072c91c5c9f1d922f08420200781e42a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:da:a9:9f:02:74:65:e4:4f:e4:01:cb:dc:02:
61:42:97:1b:b6:f5:db:5e:00:80:f0:79:d1:a4:64:
36:d6:b8:af:75:cf:e0:7d:e0:69:62:91:88:12:36:
4f:6e:70:fc:d3:8b:4d:0a:5f:a7:70:d7:a5:cd:49:
2c:d6:f2:84:e6:7d:03:db:15:1b:db:9f:bd:ad:56:
14:b7:4c:f2:9a:0a:fd:a6:4b:c9:f3:a6:6f:0b:24:
5e:0d:f7:8e:2c:0a:09:5b:5c:34:fe:4b:75:99:56:
86:1f:a6:41:29:ef:6e:94:fe:6d:9c:d9:31:fd:04:
4e:ae:85:91:8a:f5:2f:c5:33:24:e1:da:13:17:e6:
2b:af:1f:36:e1:45:8a:52:b5:72:f6:2a:7a:78:e4:
07:d6:67:26:c3:1e:a5:33:46:09:d9:5e:f7:9f:c7:
64:49:ed:5e:cc:8e:36:0d:1c:37:06:bc:ce:d7:af:
ac:74:f0:77:01:54:a2:0a:7a:19:0d:9e:98:81:59:
38:e9:12:b0:81:25:6f:a0:42:11:d8:2b:13:3b:ef:
a2:d1:6e:d8:55:db:e1:c7:47:22:83:e0:80:1a:be:
4c:11:dd:88:c9:6f:53:af:ab:57:7d:f6:c4:63:09:
6f:62:77:a3:ef:14:0f:2f:14:f4:a6:e4:42:45:d3:
85:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:53:34:50:72:C9:1C:5C:9F:1D:92:2F:08:42:02:00:78:1E:42:A8
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-lM0UHLJHFyfHZIvCEICAHgeQqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.142.0/23
31.56.148.0/22
31.58.208.0/24
31.59.136.0-31.59.175.255
Signature Algorithm: sha256WithRSAEncryption
49:14:d2:25:91:3f:bb:06:1f:eb:f2:9f:40:99:2d:f2:a3:20:
ee:7f:26:2f:f4:8e:5d:05:32:c9:d5:a6:06:ee:64:f6:dc:e3:
39:3c:46:42:a2:3a:36:55:8d:00:f6:c6:40:d5:78:a1:fd:2c:
2a:7f:d3:f5:8f:15:79:17:37:35:65:d4:d8:60:a3:ec:22:87:
c1:da:b3:f4:f2:1c:ae:15:96:17:1c:0b:09:e8:3b:73:72:20:
8a:0c:e9:b2:f2:aa:27:44:fc:b2:7c:69:af:2a:98:7c:82:c6:
35:0b:69:f8:b0:eb:99:56:75:88:09:4d:d1:df:e2:d1:02:8d:
dd:d1:a3:52:0f:4e:43:e5:17:3d:42:a6:41:b4:37:b9:9e:07:
86:11:a2:1a:13:f8:b0:2d:3c:23:2c:b4:78:20:5e:9e:af:05:
71:ba:33:a9:16:14:8f:37:ff:67:3f:7e:91:1d:35:87:df:02:
f4:c9:67:9e:b5:53:42:eb:31:a0:b3:8b:7d:12:8d:be:76:bc:
33:7b:07:0b:d6:b9:89:aa:97:0b:36:4d:8b:fd:95:d0:5f:3f:
4e:d2:0d:02:4e:f4:84:3b:59:03:1d:2b:ea:78:a4:dc:ba:dc:
10:dd:6f:f9:13:0e:ab:08:b1:e3:99:39:f2:f3:11:2a:ca:b9:
f1:e0:f3:57
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZMusZUmqzUoRCvEd/6Af3jJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTE1MDcyMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTUzMzQ1MDcyYzkxYzVjOWYxZDkyMmYwODQyMDIwMDc4MWU0MmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtqpnwJ0ZeRP5AHL3AJhQpcbtvXb
XgCA8HnRpGQ21rivdc/gfeBpYpGIEjZPbnD804tNCl+ncNelzUks1vKE5n0D2xUb
25+9rVYUt0zymgr9pkvJ86ZvCyReDfeOLAoJW1w0/kt1mVaGH6ZBKe9ulP5tnNkx
/QROroWRivUvxTMk4doTF+Yrrx824UWKUrVy9ip6eOQH1mcmwx6lM0YJ2V73n8dk
Se1ezI42DRw3BrzO16+sdPB3AVSiCnoZDZ6YgVk46RKwgSVvoEIR2CsTO++i0W7Y
Vdvhx0cig+CAGr5MEd2IyW9Tr6tXffbEYwlvYnej7xQPLxT0puRCRdOF7QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPpTNFByyRxcnx2SLwhCAgB4HkKoMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMS1sTTBVSExKSEZ5ZkhaSXZDRUlDQUhnZVFxZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTIvNTExZjk1LWU0YmYtNDNmMS1hZjJmLWI4MTFjZmNiOWZk
NS8xL1R4c0pYNnRuWXp3Qko5WWY5b1Y0Wk9wckpjVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA/BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJgMEAx84CAME
AR84jgMEAh84lAMEAB860DAMAwQDHzuIAwQEHzugMA0GCSqGSIb3DQEBCwUAA4IB
AQBJFNIlkT+7Bh/r8p9AmS3yoyDufyYv9I5dBTLJ1aYG7mT23OM5PEZCojo2VY0A
9sZA1Xih/Swqf9P1jxV5Fzc1ZdTYYKPsIofB2rP08hyuFZYXHAsJ6DtzciCKDOmy
8qonRPyyfGmvKph8gsY1C2n4sOuZVnWICU3R3+LRAo3d0aNSD05D5Rc9QqZBtDe5
ngeGEaIaE/iwLTwjLLR4IF6erwVxujOpFhSPN/9nP36RHTWH3wL0yWeetVNC6zGg
s4t9Eo2+drwzewcL1rmJqpcLNk2L/ZXQXz9O0g0CTvSEO1kDHSvqeKTcutwQ3W/5
Ew6rCLHjmTny8xEqyrnx4PNX
-----END CERTIFICATE-----
Generated at Fri Nov 15 10:12:22 2024 by rpki-client on console-ams.rpki-client.org