Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1yyWcf859vaKdOCFoDNAZDVcpCU.roa
File: 1yyWcf859vaKdOCFoDNAZDVcpCU.roa (raw, json)
Hash identifier: c0iABQB6ybOPCPHRRtgAfaPbhmR4v+hoW3pqfMZohhc=
Subject key identifier: D7:2C:96:71:FF:39:F6:F6:8A:74:E0:85:A0:33:40:64:35:5C:A4:25
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01936C9FC532140696A0746B18E76C26467C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1yyWcf859vaKdOCFoDNAZDVcpCU.roa
Signing time: Wed 27 Nov 2024 07:57:10 +0000
ROA not before: Wed 27 Nov 2024 07:57:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 31.56.33.0/24 maxlen: 24
31.56.64.0/24 maxlen: 24
31.56.160.0/21 maxlen: 24
31.57.202.0/24 maxlen: 24
31.57.203.0/24 maxlen: 24
31.59.34.0/24 maxlen: 24
31.59.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Dec 2024 07:43:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6c:9f:c5:32:14:06:96:a0:74:6b:18:e7:6c:26:46:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 27 07:57:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d72c9671ff39f6f68a74e085a0334064355ca425
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6c:f2:e3:a4:59:96:36:96:7f:c5:c7:51:5a:
6f:31:b9:1a:c0:a9:d9:79:3f:13:15:f5:e7:ff:ad:
30:03:30:d3:9d:3b:aa:a3:4d:a0:9a:ca:e4:fd:f3:
b2:d8:d0:fb:23:b6:9d:24:52:2c:2e:9b:98:ce:35:
77:66:a9:2b:52:37:1d:a7:82:4f:43:63:8d:43:b1:
84:7a:74:53:c8:f2:fe:70:52:f9:56:ff:a4:7d:22:
d9:c4:cb:4c:dd:0c:93:bd:4e:2e:a8:42:9d:17:4a:
cb:17:03:7f:76:38:94:81:5f:9e:9c:99:cf:96:7d:
bd:bb:42:d8:e3:90:e5:b5:cb:6d:82:67:82:c9:b0:
62:27:33:67:a9:24:38:dc:1f:bb:b6:11:b3:3d:1a:
7d:e1:29:11:7c:8a:ce:2e:d5:4e:da:d5:dc:57:52:
4f:c6:9c:85:b0:95:e0:d4:67:24:7c:8d:d9:d6:b7:
ce:ab:b8:d7:00:32:c5:8a:53:74:57:52:d3:70:06:
04:a1:43:f0:57:39:e1:66:dd:4e:3a:05:9a:ea:33:
5a:5d:2b:4e:16:24:dd:38:df:1f:57:44:59:75:ae:
ad:41:55:ca:14:04:50:06:90:2b:70:b6:ff:93:b9:
a7:5e:49:42:22:fd:f5:89:1c:8c:d4:2d:e9:70:a5:
91:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:2C:96:71:FF:39:F6:F6:8A:74:E0:85:A0:33:40:64:35:5C:A4:25
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1yyWcf859vaKdOCFoDNAZDVcpCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.33.0/24
31.56.64.0/24
31.56.160.0/21
31.57.202.0/23
31.59.34.0/24
31.59.116.0/22
Signature Algorithm: sha256WithRSAEncryption
41:69:8f:73:b6:5d:57:3f:0c:29:9d:c5:eb:30:80:e4:fa:04:
d3:ff:96:da:dc:07:fd:fd:78:92:ce:77:3f:0f:24:2b:79:fb:
27:09:e6:a0:8a:6c:21:6c:2a:72:b9:ed:6f:d0:75:71:6a:f4:
ef:3c:c1:a1:4e:bd:5f:96:42:4b:25:b3:a3:69:b5:ac:46:4e:
f4:d4:9c:a9:8d:46:99:7c:2c:d3:55:1d:76:6f:ea:1e:c3:6e:
c1:d3:03:5b:fa:61:71:a5:7c:68:1a:04:90:1b:dd:4e:38:f5:
93:e7:55:ce:04:16:39:23:eb:e2:c7:6c:05:9f:6a:88:33:4e:
65:bf:6a:12:e7:6a:37:cc:16:d4:26:3e:c9:0b:17:52:09:9b:
99:c1:72:17:fc:75:ff:9e:d0:44:43:ba:73:a7:90:97:60:5a:
1a:bb:94:12:6c:ed:ea:30:f6:3a:1f:15:bb:10:28:a2:c2:84:
23:cd:4e:23:49:5a:e4:b0:33:b2:90:ba:18:7e:47:97:29:67:
8b:d7:9f:c4:e8:05:ce:2e:e2:db:aa:88:f2:4b:d1:9d:0e:a9:
e4:e4:6e:fd:ff:6b:a2:7c:23:cc:fb:9c:d2:c6:c1:f8:f9:cd:
27:46:ae:e5:f5:e2:b2:bc:32:16:85:b5:dc:41:e1:cf:8d:78:
e9:3a:59:3a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZNsn8UyFAaWoHRrGOdsJkZ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTI3MDc1NzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzJjOTY3MWZmMzlmNmY2OGE3NGUwODVhMDMzNDA2NDM1NWNhNDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGzy46RZljaWf8XHUVpvMbkawKnZ
eT8TFfXn/60wAzDTnTuqo02gmsrk/fOy2ND7I7adJFIsLpuYzjV3ZqkrUjcdp4JP
Q2ONQ7GEenRTyPL+cFL5Vv+kfSLZxMtM3QyTvU4uqEKdF0rLFwN/djiUgV+enJnP
ln29u0LY45DltcttgmeCybBiJzNnqSQ43B+7thGzPRp94SkRfIrOLtVO2tXcV1JP
xpyFsJXg1GckfI3Z1rfOq7jXADLFilN0V1LTcAYEoUPwVznhZt1OOgWa6jNaXStO
FiTdON8fV0RZda6tQVXKFARQBpArcLb/k7mnXklCIv31iRyM1C3pcKWRFwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNcslnH/Ofb2inTghaAzQGQ1XKQlMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMXl5V2NmODU5dmFLZE9DRm9ETkFaRFZjcENVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAHzghAwQA
HzhAAwQDHzigAwQBHznKAwQAHzsiAwQCHzt0MA0GCSqGSIb3DQEBCwUAA4IBAQBB
aY9ztl1XPwwpncXrMIDk+gTT/5ba3Af9/XiSznc/DyQrefsnCeagimwhbCpyue1v
0HVxavTvPMGhTr1flkJLJbOjabWsRk701JypjUaZfCzTVR12b+oew27B0wNb+mFx
pXxoGgSQG91OOPWT51XOBBY5I+vix2wFn2qIM05lv2oS52o3zBbUJj7JCxdSCZuZ
wXIX/HX/ntBEQ7pzp5CXYFoau5QSbO3qMPY6HxW7ECiiwoQjzU4jSVrksDOykLoY
fkeXKWeL15/E6AXOLuLbqojyS9GdDqnk5G79/2uifCPM+5zSxsH4+c0nRq7l9eKy
vDIWhbXcQeHPjXjpOlk6
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:48:38 2025 by rpki-client