Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1or-iE1wvmvIxstkIlcUngF1E9E.roa
File: 1or-iE1wvmvIxstkIlcUngF1E9E.roa (raw, json)
Hash identifier: waRHFCnB5YiSg9u6+Cz6VClbjZFWiP7ONdoCVL/4J6I=
Subject key identifier: D6:8A:FE:88:4D:70:BE:6B:C8:C6:CB:64:22:57:14:9E:01:75:13:D1
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193893016895315FACD78D11E6A85EEBB59
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1or-iE1wvmvIxstkIlcUngF1E9E.roa
Signing time: Mon 02 Dec 2024 21:04:10 +0000
ROA not before: Mon 02 Dec 2024 21:04:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51847
IP address blocks: 31.57.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Dec 2024 11:52:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:89:30:16:89:53:15:fa:cd:78:d1:1e:6a:85:ee:bb:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 2 21:04:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d68afe884d70be6bc8c6cb642257149e017513d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1a:2a:25:b4:6d:eb:92:11:ce:03:d2:dd:2d:
82:c5:0a:40:65:68:ab:bf:5a:95:4a:9c:26:fe:5a:
3d:0f:50:fe:a9:e5:a2:07:e5:b1:73:42:1f:c3:2c:
a3:91:84:5e:73:68:b6:8d:83:3b:37:dd:82:28:f6:
f8:b8:e6:4a:10:20:ad:65:f7:2b:35:22:45:fb:54:
c1:1e:cb:51:69:be:01:d0:bd:2a:b6:f0:19:c7:a2:
db:d5:11:38:dc:65:4e:ef:ec:ce:3d:ec:85:f2:af:
88:27:9a:c7:e3:28:8d:4e:6e:34:9f:1e:a2:86:89:
fd:3d:5f:9f:94:7b:ee:fc:ef:8d:cc:9e:7b:df:bd:
20:30:a8:6c:f5:6c:2e:2b:2f:23:cc:73:53:1b:d4:
3c:ea:40:4d:29:be:66:dd:4a:7f:0f:38:35:b3:5a:
a3:4e:85:65:4c:d5:f3:e1:3f:cb:94:2f:96:7e:05:
20:30:7e:bc:ef:e6:3a:d9:88:83:a8:79:8e:6d:7b:
fb:f2:12:f3:4c:1d:45:38:70:99:68:93:15:e6:3e:
8b:f6:64:25:a0:72:98:8a:73:17:82:60:1d:7c:4a:
d9:61:a1:d3:71:12:f3:17:59:00:25:30:50:79:37:
fc:66:8e:66:ca:48:43:50:7a:bd:ad:fa:d1:20:97:
66:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:8A:FE:88:4D:70:BE:6B:C8:C6:CB:64:22:57:14:9E:01:75:13:D1
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1or-iE1wvmvIxstkIlcUngF1E9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.67.0/24
Signature Algorithm: sha256WithRSAEncryption
05:33:1e:7d:7f:89:ca:64:57:53:ff:56:0f:c0:05:1d:2d:49:
2f:33:66:44:4a:79:7c:de:55:f9:47:bf:24:e5:a9:64:e6:e1:
14:53:5c:c3:b5:3c:f2:7e:bc:1a:4c:f5:c8:97:6f:06:08:6f:
b5:9c:16:14:18:56:4c:11:8b:9b:d2:b6:7b:d4:e9:09:f0:89:
3b:89:8e:e4:c4:b0:03:8c:fb:4c:13:53:9c:fe:0d:24:8b:fe:
8c:9b:ab:8a:14:f2:fc:c2:15:1b:8f:58:2e:7f:53:3f:20:d0:
e1:21:99:db:1a:ab:09:8e:3b:6d:16:21:74:7b:c8:2f:fc:16:
5f:c4:90:bd:b8:c0:0b:9d:5f:04:c1:9b:a2:8c:40:90:0d:a7:
8f:13:db:ea:13:a2:ef:a3:2a:0f:ed:dc:af:41:a4:1e:4e:12:
56:6f:38:c9:de:1e:03:86:cc:e1:fa:30:ab:68:d4:7a:6f:96:
a3:96:27:9d:cd:3b:6a:df:6a:26:6e:9b:e2:ff:b3:9e:57:18:
b7:57:0d:49:09:9b:60:33:ca:3c:c6:ef:cd:b0:4a:67:62:47:
15:df:47:23:d3:ca:73:e3:6e:54:8d:07:1d:0f:ef:ec:5a:96:
b8:81:16:21:61:f9:bc:f0:56:87:d0:00:dc:08:4e:d1:87:be:
7f:8d:b3:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOJMBaJUxX6zXjRHmqF7rtZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjAyMjEwNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjhhZmU4ODRkNzBiZTZiYzhjNmNiNjQyMjU3MTQ5ZTAxNzUxM2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhoqJbRt65IRzgPS3S2CxQpAZWir
v1qVSpwm/lo9D1D+qeWiB+Wxc0IfwyyjkYRec2i2jYM7N92CKPb4uOZKECCtZfcr
NSJF+1TBHstRab4B0L0qtvAZx6Lb1RE43GVO7+zOPeyF8q+IJ5rH4yiNTm40nx6i
hon9PV+flHvu/O+NzJ57370gMKhs9WwuKy8jzHNTG9Q86kBNKb5m3Up/Dzg1s1qj
ToVlTNXz4T/LlC+WfgUgMH687+Y62YiDqHmObXv78hLzTB1FOHCZaJMV5j6L9mQl
oHKYinMXgmAdfErZYaHTcRLzF1kAJTBQeTf8Zo5mykhDUHq9rfrRIJdmhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNaK/ohNcL5ryMbLZCJXFJ4BdRPRMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMW9yLWlFMXd2bXZJeHN0a0lsY1VuZ0YxRTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHzlDMA0G
CSqGSIb3DQEBCwUAA4IBAQAFMx59f4nKZFdT/1YPwAUdLUkvM2ZESnl83lX5R78k
5alk5uEUU1zDtTzyfrwaTPXIl28GCG+1nBYUGFZMEYub0rZ71OkJ8Ik7iY7kxLAD
jPtME1Oc/g0ki/6Mm6uKFPL8whUbj1guf1M/INDhIZnbGqsJjjttFiF0e8gv/BZf
xJC9uMALnV8EwZuijECQDaePE9vqE6LvoyoP7dyvQaQeThJWbzjJ3h4Dhszh+jCr
aNR6b5ajliedzTtq32ombpvi/7OeVxi3Vw1JCZtgM8o8xu/NsEpnYkcV30cj08pz
425UjQcdD+/sWpa4gRYhYfm88FaH0ADcCE7Rh75/jbMd
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:13 2025 by rpki-client