Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/5RmvwCK4ceEA8r2vPwIGWfztjA4.roa
File: 5RmvwCK4ceEA8r2vPwIGWfztjA4.roa (raw, json)
Hash identifier: MUktK2Or/4pbsysu4I5YzuO83FPSNBs6m2ZAkuJsdx0=
Subject key identifier: E5:19:AF:C0:22:B8:71:E1:00:F2:BD:AF:3F:02:06:59:FC:ED:8C:0E
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194282367F130D930D9D50E1DE9E0AE8D63
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/5RmvwCK4ceEA8r2vPwIGWfztjA4.roa
Signing time: Thu 02 Jan 2025 17:49:56 +0000
ROA not before: Thu 02 Jan 2025 17:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211567
IP address blocks: 31.57.129.0/24 maxlen: 24
31.59.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Feb 2025 09:55:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:67:f1:30:d9:30:d9:d5:0e:1d:e9:e0:ae:8d:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e519afc022b871e100f2bdaf3f020659fced8c0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d9:d1:09:5b:36:dc:12:b7:d3:91:6d:e0:4c:
bf:17:dd:f1:7a:52:21:33:ca:32:f8:03:35:ad:64:
87:80:76:a3:ea:f8:ad:3f:d1:5b:01:0a:0e:6b:cf:
d7:de:7f:ae:a9:a4:bc:f6:d0:3f:7b:a5:37:18:05:
d1:78:a7:2b:f0:fd:6c:08:9d:fb:8b:53:6e:a5:7e:
bf:6b:d2:76:6f:fb:76:d1:50:b5:72:bb:0d:c4:53:
df:13:0c:d3:39:7f:5d:1c:96:50:57:67:9c:bb:6d:
45:fc:b8:5f:bc:22:94:1a:6e:c0:e9:b1:4c:f2:9e:
25:e0:c6:dd:38:c5:03:a8:e9:e2:3b:1f:70:fa:5b:
00:96:d8:5b:51:ca:71:ae:e3:32:76:2f:1f:5c:8b:
c3:85:53:12:cb:d7:cc:c6:10:fb:f0:ce:14:ae:a7:
af:7b:1b:7f:c8:d5:01:15:aa:78:80:6a:67:6e:86:
b5:1f:0f:4d:b8:28:2b:96:6f:1f:d1:73:4d:8f:ca:
e9:6b:d6:fe:c0:71:41:f3:65:43:5f:3a:25:90:34:
72:62:f3:31:7e:85:18:5a:0b:9c:dd:64:be:55:70:
d8:bb:a5:db:33:18:25:55:2d:5c:2e:96:2a:3c:b7:
e0:b6:91:17:8b:82:c4:93:55:e6:a6:60:83:74:62:
02:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:19:AF:C0:22:B8:71:E1:00:F2:BD:AF:3F:02:06:59:FC:ED:8C:0E
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/5RmvwCK4ceEA8r2vPwIGWfztjA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.129.0/24
31.59.230.0/24
Signature Algorithm: sha256WithRSAEncryption
93:9d:11:c8:87:84:31:85:f2:84:e5:7c:63:38:6d:29:16:8b:
b1:3b:de:6f:e0:7a:0e:10:56:be:ce:11:5c:4e:96:bc:ef:50:
29:3c:a9:24:a3:0f:58:23:d6:c4:68:f3:7c:35:64:0b:e4:81:
14:21:5c:50:3b:c1:11:f7:95:41:00:f9:06:ee:ec:0f:c1:1f:
1d:25:e2:81:7e:22:bd:3c:5c:56:90:11:da:7b:f6:f7:fa:92:
4b:f2:d9:79:37:50:63:4e:93:8d:0d:65:30:56:b7:1b:e1:69:
d4:18:7b:33:56:26:f6:21:59:8a:fa:e9:b4:50:ec:19:dc:a5:
f5:17:21:dc:2b:96:d9:72:2c:07:37:58:60:79:26:18:9a:42:
e9:26:40:2c:c6:51:da:29:01:2c:70:12:ea:d0:23:8f:2e:77:
b2:dc:74:60:3b:ee:59:70:38:5f:33:7d:dd:10:31:d4:c7:54:
e5:6b:84:08:40:38:41:93:b5:ed:23:86:d5:be:95:7b:55:9f:
39:94:d9:23:bd:23:9a:98:2d:c7:ae:8a:84:0f:b0:7d:67:1a:
91:d3:b9:f0:9b:d4:94:cf:40:5e:e4:94:74:83:c6:e6:e0:21:
eb:98:78:d7:fd:24:89:ea:ab:db:5a:78:16:68:66:f9:fa:a7:
fb:85:a9:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoI2fxMNkw2dUOHengro1jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTE5YWZjMDIyYjg3MWUxMDBmMmJkYWYzZjAyMDY1OWZjZWQ4YzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9nRCVs23BK305Ft4Ey/F93xelIh
M8oy+AM1rWSHgHaj6vitP9FbAQoOa8/X3n+uqaS89tA/e6U3GAXReKcr8P1sCJ37
i1NupX6/a9J2b/t20VC1crsNxFPfEwzTOX9dHJZQV2ecu21F/LhfvCKUGm7A6bFM
8p4l4MbdOMUDqOniOx9w+lsAlthbUcpxruMydi8fXIvDhVMSy9fMxhD78M4Urqev
ext/yNUBFap4gGpnboa1Hw9NuCgrlm8f0XNNj8rpa9b+wHFB82VDXzolkDRyYvMx
foUYWguc3WS+VXDYu6XbMxglVS1cLpYqPLfgtpEXi4LEk1XmpmCDdGICxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOUZr8AiuHHhAPK9rz8CBln87YwOMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNVJtdndDSzRjZUVBOHIydlB3SUdXZnp0akE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHzmBAwQA
HzvmMA0GCSqGSIb3DQEBCwUAA4IBAQCTnRHIh4QxhfKE5XxjOG0pFouxO95v4HoO
EFa+zhFcTpa871ApPKkkow9YI9bEaPN8NWQL5IEUIVxQO8ER95VBAPkG7uwPwR8d
JeKBfiK9PFxWkBHae/b3+pJL8tl5N1BjTpONDWUwVrcb4WnUGHszVib2IVmK+um0
UOwZ3KX1FyHcK5bZciwHN1hgeSYYmkLpJkAsxlHaKQEscBLq0COPLney3HRgO+5Z
cDhfM33dEDHUx1Tla4QIQDhBk7XtI4bVvpV7VZ85lNkjvSOamC3HroqED7B9ZxqR
07nwm9SUz0Be5JR0g8bm4CHrmHjX/SSJ6qvbWngWaGb5+qf7halC
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:12:22 2025 by rpki-client