Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/5aldbzDkGxwPJYY6OdiNxZ6nc1Y.roa
File: 5aldbzDkGxwPJYY6OdiNxZ6nc1Y.roa (raw, json)
Hash identifier: 0WFpfiluHB4kGNLkFqNPIdCJ9jeJYomEogUtRrCONmM=
Subject key identifier: E5:A9:5D:6F:30:E4:1B:1C:0F:25:86:3A:39:D8:8D:C5:9E:A7:73:56
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193E3034B86DF591C0E952892D10246950B
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/5aldbzDkGxwPJYY6OdiNxZ6nc1Y.roa
Signing time: Fri 20 Dec 2024 07:41:04 +0000
ROA not before: Fri 20 Dec 2024 07:41:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215026
IP address blocks: 31.57.159.0/24 maxlen: 24
31.57.207.0/24 maxlen: 24
31.59.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e3:03:4b:86:df:59:1c:0e:95:28:92:d1:02:46:95:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 20 07:41:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5a95d6f30e41b1c0f25863a39d88dc59ea77356
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1b:89:81:fe:c1:03:d1:5c:1f:b4:69:4b:39:
3c:8b:54:9d:8c:55:54:7b:74:5b:44:fb:84:05:d8:
c8:9d:34:ed:64:f9:9d:41:7d:9c:45:6d:ca:a5:4f:
f3:00:a3:63:d3:97:31:72:2e:b9:61:94:58:4b:fb:
96:76:23:a0:3c:24:91:e0:84:07:31:26:62:76:90:
bf:4b:a4:db:98:b4:00:80:39:c5:8c:21:de:a7:f7:
6a:79:29:65:c6:4f:1b:da:c2:24:c4:82:68:9f:f0:
f6:55:a8:44:f0:f4:f4:07:54:fa:3c:de:13:82:7b:
27:d1:d7:b6:87:13:e0:c5:e6:a6:cb:df:18:65:99:
e4:a6:eb:35:57:a4:46:76:df:52:42:d7:6b:0a:53:
e5:70:bb:b9:f6:ed:76:4f:ae:8a:70:bf:45:66:1d:
b0:57:32:3e:39:e4:76:7b:b7:32:60:2d:9c:63:d0:
1b:ad:11:6f:37:b7:0f:eb:df:7a:27:14:51:af:f3:
97:02:bf:f3:65:bb:5c:34:b3:15:ba:c9:5a:3c:46:
19:0d:dc:bc:2d:74:e1:9d:ff:45:bc:7d:20:fc:93:
58:17:d1:31:4c:f5:1f:fb:be:97:fa:70:9e:23:bb:
d6:9a:68:73:3c:ac:56:f6:06:81:64:66:5f:04:db:
61:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:A9:5D:6F:30:E4:1B:1C:0F:25:86:3A:39:D8:8D:C5:9E:A7:73:56
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/5aldbzDkGxwPJYY6OdiNxZ6nc1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.159.0/24
31.57.207.0/24
31.59.98.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:39:42:04:9e:d9:24:9e:c7:14:83:cd:5d:0f:f2:56:76:c0:
09:8a:42:d1:96:23:fb:53:76:e3:66:4a:da:44:d7:cf:ab:ee:
e8:04:16:3c:a5:93:f7:9d:0f:67:e1:c2:64:7d:5e:c3:4a:33:
6c:cd:c9:d5:c6:f6:a1:f2:b4:44:01:78:04:1d:d4:24:7b:f7:
63:99:71:14:da:b9:8b:f9:67:63:ee:a7:2e:d8:5a:e1:be:3d:
ad:76:28:58:71:93:25:d3:e2:0f:48:65:74:39:e7:bb:e2:45:
56:30:a6:20:3c:bb:0e:b6:e5:0d:82:da:73:49:78:b8:e2:06:
82:c0:c0:0f:35:e8:50:83:6c:ba:16:2c:f3:37:8a:4c:94:b3:
85:0f:6b:09:c8:a5:c0:dc:0e:55:88:8a:ea:b8:82:cf:76:e9:
da:b8:39:c2:6e:a2:7f:42:cd:c4:71:dc:29:74:f3:4a:85:19:
6a:2d:2c:a7:a2:85:bf:f0:29:7a:c2:37:7f:c0:eb:49:44:52:
de:dc:35:22:fe:44:5e:01:cc:94:ca:60:51:e4:4a:9e:ef:94:
30:ec:c5:7e:5b:82:87:1e:13:fb:ad:0b:ff:66:75:7d:53:bf:
c6:8f:24:c4:1d:85:e7:cb:1e:ed:08:d8:15:5d:4c:92:f6:b5:
c0:78:3e:ce
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZPjA0uG31kcDpUoktECRpULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjIwMDc0MTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWE5NWQ2ZjMwZTQxYjFjMGYyNTg2M2EzOWQ4OGRjNTllYTc3MzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRuJgf7BA9FcH7RpSzk8i1SdjFVU
e3RbRPuEBdjInTTtZPmdQX2cRW3KpU/zAKNj05cxci65YZRYS/uWdiOgPCSR4IQH
MSZidpC/S6TbmLQAgDnFjCHep/dqeSllxk8b2sIkxIJon/D2VahE8PT0B1T6PN4T
gnsn0de2hxPgxeamy98YZZnkpus1V6RGdt9SQtdrClPlcLu59u12T66KcL9FZh2w
VzI+OeR2e7cyYC2cY9AbrRFvN7cP6996JxRRr/OXAr/zZbtcNLMVuslaPEYZDdy8
LXThnf9FvH0g/JNYF9ExTPUf+76X+nCeI7vWmmhzPKxW9gaBZGZfBNthFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOWpXW8w5BscDyWGOjnYjcWep3NWMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNWFsZGJ6RGtHeHdQSllZNk9kaU54WjZuYzFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHzmfAwQA
HznPAwQAHztiMA0GCSqGSIb3DQEBCwUAA4IBAQB6OUIEntkknscUg81dD/JWdsAJ
ikLRliP7U3bjZkraRNfPq+7oBBY8pZP3nQ9n4cJkfV7DSjNszcnVxvah8rREAXgE
HdQke/djmXEU2rmL+Wdj7qcu2Frhvj2tdihYcZMl0+IPSGV0Oee74kVWMKYgPLsO
tuUNgtpzSXi44gaCwMAPNehQg2y6FizzN4pMlLOFD2sJyKXA3A5ViIrquILPduna
uDnCbqJ/Qs3EcdwpdPNKhRlqLSynooW/8Cl6wjd/wOtJRFLe3DUi/kReAcyUymBR
5Eqe75Qw7MV+W4KHHhP7rQv/ZnV9U7/GjyTEHYXnyx7tCNgVXUyS9rXAeD7O
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:48:43 2025 by rpki-client