Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8nNtDgicNqo7zHppkPGJU6jAklQ.roa
File: 8nNtDgicNqo7zHppkPGJU6jAklQ.roa (raw, json)
Hash identifier: dgKUjVKilpo5/X0xwmkI0Q0xBczvZAaGB12irtbxP1c=
Subject key identifier: F2:73:6D:0E:08:9C:36:AA:3B:CC:7A:69:90:F1:89:53:A8:C0:92:54
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019267CFDD5FE0FD1CD2651A268705C37961
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8nNtDgicNqo7zHppkPGJU6jAklQ.roa
Signing time: Mon 07 Oct 2024 16:28:48 +0000
ROA not before: Mon 07 Oct 2024 16:28:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47585
IP address blocks: 31.57.10.0/24 maxlen: 24
31.57.189.0/24 maxlen: 24
31.57.191.0/24 maxlen: 24
31.57.204.0/24 maxlen: 24
31.57.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Dec 2024 13:03:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:67:cf:dd:5f:e0:fd:1c:d2:65:1a:26:87:05:c3:79:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 7 16:28:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2736d0e089c36aa3bcc7a6990f18953a8c09254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:42:62:d1:65:df:11:46:69:aa:f4:29:6b:14:
e0:70:f3:f6:e8:a3:47:a1:69:d7:70:33:fc:7b:31:
46:2d:b9:c1:5d:51:76:f2:6b:8b:a9:6a:d4:a9:85:
e7:10:3c:a9:6b:41:4a:61:bf:9d:a9:ed:d8:7d:7b:
fe:4f:1f:ed:a9:b5:f7:c9:16:f3:92:28:ae:c4:94:
7a:12:cc:bc:91:4b:c8:f8:18:df:1f:d4:c3:7c:00:
84:50:db:22:7b:a1:73:04:e6:ba:1d:ab:16:16:69:
2a:7f:d5:91:73:d5:32:77:40:77:5f:86:03:7c:d2:
ef:eb:95:ca:1c:1d:11:ad:0c:0f:0e:cd:ec:75:2c:
09:03:be:a8:9b:c0:44:99:38:d4:6c:2f:d5:db:7d:
bf:e4:d7:24:7c:9b:ee:b7:8a:08:72:9a:46:ab:c0:
ce:e6:67:02:2f:6b:bd:86:7c:d8:58:18:3d:3b:21:
06:ab:4c:e6:ee:1c:08:f0:87:55:65:90:27:db:be:
60:50:80:c7:45:9e:cd:e7:13:7c:d6:fc:7f:89:01:
6a:11:5a:38:ec:b0:62:45:e2:f6:d9:aa:07:ff:08:
22:9c:9a:5a:97:0f:49:ad:19:c8:ea:78:fa:91:d4:
14:25:b9:51:e4:34:84:c6:c1:d4:74:a4:a7:23:e8:
7b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:73:6D:0E:08:9C:36:AA:3B:CC:7A:69:90:F1:89:53:A8:C0:92:54
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8nNtDgicNqo7zHppkPGJU6jAklQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.10.0/24
31.57.189.0/24
31.57.191.0/24
31.57.204.0/24
31.57.228.0/24
Signature Algorithm: sha256WithRSAEncryption
74:35:40:13:ae:06:ad:26:73:fe:eb:8e:a5:4b:f7:6b:7a:92:
19:9b:9a:51:10:f1:f9:13:e9:ae:cf:60:5c:e7:cb:19:d9:86:
f1:66:d6:32:a2:b2:9e:f9:e0:4b:25:5d:e9:e0:04:92:c4:44:
94:02:92:d8:cc:0d:f3:49:c3:e4:bf:71:53:b2:94:21:5a:66:
6c:2a:8b:17:0b:77:9e:a9:58:82:32:42:72:d7:8f:b8:86:df:
e6:cb:c6:e1:c7:c2:7d:68:34:16:7e:49:a4:63:e3:ed:f7:91:
28:af:3a:00:f6:47:a5:c1:cd:f6:5a:05:70:ce:6b:71:89:20:
f5:6b:d8:94:c0:ac:11:b6:b3:65:3c:c5:cc:87:00:02:44:3d:
a6:09:6d:22:0e:e5:40:0d:ba:d6:53:2c:a9:f9:66:17:d4:3f:
98:d1:dc:04:d2:cd:70:f5:b3:9d:1f:7c:1c:6d:55:b3:8a:3c:
6b:a0:b8:34:9f:59:91:c4:ef:88:a6:3b:0e:94:8a:e3:ef:86:
2b:13:d1:4e:ed:86:8f:13:94:14:73:0f:2a:c1:20:49:36:b6:
fa:3d:e5:6d:5c:6b:12:75:1c:fa:a0:20:2a:65:67:7a:1f:cf:
15:08:98:1b:10:b6:0c:e5:53:f1:c6:0a:84:6a:09:05:1d:7b:
8e:fe:c8:f0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZJnz91f4P0c0mUaJocFw3lhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDA3MTYyODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjczNmQwZTA4OWMzNmFhM2JjYzdhNjk5MGYxODk1M2E4YzA5MjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkJi0WXfEUZpqvQpaxTgcPP26KNH
oWnXcDP8ezFGLbnBXVF28muLqWrUqYXnEDypa0FKYb+dqe3YfXv+Tx/tqbX3yRbz
kiiuxJR6Esy8kUvI+BjfH9TDfACEUNsie6FzBOa6HasWFmkqf9WRc9Uyd0B3X4YD
fNLv65XKHB0RrQwPDs3sdSwJA76om8BEmTjUbC/V232/5NckfJvut4oIcppGq8DO
5mcCL2u9hnzYWBg9OyEGq0zm7hwI8IdVZZAn275gUIDHRZ7N5xN81vx/iQFqEVo4
7LBiReL22aoH/wginJpalw9JrRnI6nj6kdQUJblR5DSExsHUdKSnI+h7SwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPJzbQ4InDaqO8x6aZDxiVOowJJUMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvOG5OdERnaWNOcW83ekhwcGtQR0pVNmpBa2xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHzkKAwQA
Hzm9AwQAHzm/AwQAHznMAwQAHznkMA0GCSqGSIb3DQEBCwUAA4IBAQB0NUATrgat
JnP+646lS/drepIZm5pREPH5E+muz2Bc58sZ2YbxZtYyorKe+eBLJV3p4ASSxESU
ApLYzA3zScPkv3FTspQhWmZsKosXC3eeqViCMkJy14+4ht/my8bhx8J9aDQWfkmk
Y+Pt95EorzoA9kelwc32WgVwzmtxiSD1a9iUwKwRtrNlPMXMhwACRD2mCW0iDuVA
DbrWUyyp+WYX1D+Y0dwE0s1w9bOdH3wcbVWzijxroLg0n1mRxO+IpjsOlIrj74Yr
E9FO7YaPE5QUcw8qwSBJNrb6PeVtXGsSdRz6oCAqZWd6H88VCJgbELYM5VPxxgqE
agkFHXuO/sjw
-----END CERTIFICATE-----
Generated at Sun Dec 1 16:15:42 2024 by rpki-client on console-ams.rpki-client.org