Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8PZfeqznO5exWPutaQZOzU_Ip9k.roa
File: 8PZfeqznO5exWPutaQZOzU_Ip9k.roa (raw, json)
Hash identifier: JTeqazpztDO0tNamKMjcdtTSxzQt/VlYacz7fumQrIU=
Subject key identifier: F0:F6:5F:7A:AC:E7:3B:97:B1:58:FB:AD:69:06:4E:CD:4F:C8:A7:D9
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0192FD7AE133002B4C5E112641593C85E3D8
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8PZfeqznO5exWPutaQZOzU_Ip9k.roa
Signing time: Tue 05 Nov 2024 17:59:01 +0000
ROA not before: Tue 05 Nov 2024 17:59:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 31.57.153.0/24 maxlen: 24
31.57.236.0/24 maxlen: 24
31.57.240.0/24 maxlen: 24
31.58.43.0/24 maxlen: 24
31.58.128.0/24 maxlen: 24
31.58.163.0/24 maxlen: 24
31.58.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 08:03:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fd:7a:e1:33:00:2b:4c:5e:11:26:41:59:3c:85:e3:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 5 17:59:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0f65f7aace73b97b158fbad69064ecd4fc8a7d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:cb:68:48:f1:4c:1f:8c:b9:1c:1a:5c:2d:e8:
26:ba:87:a0:0c:ae:90:78:b7:cc:9f:67:47:ba:7b:
d7:36:2d:12:72:22:ac:bb:10:cd:70:e3:6b:32:11:
6b:17:d2:d1:ad:55:fc:ec:8f:96:51:97:6e:98:ab:
5a:11:52:3c:ff:23:3c:d5:1b:3a:3d:82:a5:d5:60:
20:4c:1a:54:42:01:e8:60:92:d4:89:ec:01:d7:70:
79:de:1e:f0:3a:0c:67:a6:e8:8e:c4:94:98:88:34:
b0:55:0c:04:22:90:99:cf:85:fb:b4:b7:7c:58:ca:
4a:a7:4f:ed:38:21:8f:a1:19:fa:99:80:08:5c:4a:
8a:2d:cf:65:50:7a:95:8a:b3:50:1c:58:03:8e:5f:
c5:33:6c:de:a4:a1:6f:a9:09:3f:e8:14:d1:4d:dc:
8b:5f:e9:f9:81:8a:6e:97:ee:72:3c:70:8a:05:0e:
4d:93:28:93:6a:6c:12:0b:95:70:81:6e:4f:db:5a:
f3:5a:5d:da:08:b0:bf:b6:83:4b:fc:4c:44:c9:49:
87:c9:e9:ea:72:30:45:11:d0:75:21:56:8a:4a:75:
66:f7:86:95:19:2a:61:d5:9e:f5:27:b3:4a:24:0c:
4a:4e:68:9a:f0:cb:dd:d9:b5:34:57:24:c5:43:36:
4e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:F6:5F:7A:AC:E7:3B:97:B1:58:FB:AD:69:06:4E:CD:4F:C8:A7:D9
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8PZfeqznO5exWPutaQZOzU_Ip9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.153.0/24
31.57.236.0/24
31.57.240.0/24
31.58.43.0/24
31.58.128.0/24
31.58.163.0/24
31.58.166.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:e8:61:80:f2:7c:55:7f:11:bc:3d:aa:f5:13:70:fa:e9:39:
1c:a8:14:2c:e4:82:87:3a:6a:98:11:31:47:e8:ce:17:fc:80:
ba:1e:0b:21:23:04:95:e9:fb:91:4c:da:e8:17:5e:e9:ca:4b:
12:78:39:df:09:f8:c5:79:50:c4:9b:65:d7:c7:25:e1:44:00:
16:c7:04:47:b3:d1:eb:6e:34:ae:cf:f5:85:c9:68:11:35:0b:
02:cc:18:23:47:43:1f:fc:40:01:7a:14:74:04:ef:96:36:07:
84:0f:c2:78:5a:e5:d6:68:c9:f0:5a:a6:f2:48:f1:e1:df:8d:
fa:72:d1:74:c2:ec:2b:7d:a8:35:4d:6c:73:01:24:fa:da:26:
29:8f:bb:85:24:f8:ad:9f:77:49:5c:50:36:bc:e7:b0:6a:e2:
4c:2e:4b:82:9e:60:b8:91:7b:60:fa:7b:e6:a5:93:15:7c:66:
72:4c:5b:3f:45:87:45:8f:28:0e:5a:ee:17:ed:cc:66:44:3b:
44:4e:e1:0d:cf:0f:49:a1:4d:81:d6:0c:6d:8f:d9:f8:47:c5:
e1:ca:79:75:2d:b8:c6:e3:4a:c2:9e:b5:f0:8b:84:a8:9f:a5:
4f:0e:94:03:3a:c4:ad:f6:4f:ec:42:35:e8:a9:c1:27:68:2d:
22:f6:31:c3
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZL9euEzACtMXhEmQVk8hePYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTA1MTc1OTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGY2NWY3YWFjZTczYjk3YjE1OGZiYWQ2OTA2NGVjZDRmYzhhN2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8toSPFMH4y5HBpcLegmuoegDK6Q
eLfMn2dHunvXNi0SciKsuxDNcONrMhFrF9LRrVX87I+WUZdumKtaEVI8/yM81Rs6
PYKl1WAgTBpUQgHoYJLUiewB13B53h7wOgxnpuiOxJSYiDSwVQwEIpCZz4X7tLd8
WMpKp0/tOCGPoRn6mYAIXEqKLc9lUHqVirNQHFgDjl/FM2zepKFvqQk/6BTRTdyL
X+n5gYpul+5yPHCKBQ5NkyiTamwSC5VwgW5P21rzWl3aCLC/toNL/ExEyUmHyenq
cjBFEdB1IVaKSnVm94aVGSph1Z71J7NKJAxKTmia8Mvd2bU0VyTFQzZOFQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPD2X3qs5zuXsVj7rWkGTs1PyKfZMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvOFBaZmVxem5PNWV4V1B1dGFRWk96VV9JcDlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAHzmZAwQA
HznsAwQAHznwAwQAHzorAwQAHzqAAwQAHzqjAwQAHzqmMA0GCSqGSIb3DQEBCwUA
A4IBAQAO6GGA8nxVfxG8Par1E3D66TkcqBQs5IKHOmqYETFH6M4X/IC6HgshIwSV
6fuRTNroF17pyksSeDnfCfjFeVDEm2XXxyXhRAAWxwRHs9HrbjSuz/WFyWgRNQsC
zBgjR0Mf/EABehR0BO+WNgeED8J4WuXWaMnwWqbySPHh3436ctF0wuwrfag1TWxz
AST62iYpj7uFJPitn3dJXFA2vOewauJMLkuCnmC4kXtg+nvmpZMVfGZyTFs/RYdF
jygOWu4X7cxmRDtETuENzw9JoU2B1gxtj9n4R8Xhynl1LbjG40rCnrXwi4Son6VP
DpQDOsSt9k/sQjXoqcEnaC0i9jHD
-----END CERTIFICATE-----
Generated at Thu Nov 7 10:45:01 2024 by rpki-client on console-ams.rpki-client.org