Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9RVxQxZ8QSM-_f-4pKDI4BcUxzo.roa
File: 9RVxQxZ8QSM-_f-4pKDI4BcUxzo.roa (raw, json)
Hash identifier: yp0HAhKzUWl1jv9e3C9gDWxDeejuaBZO8XTdzzvyqVI=
Subject key identifier: F5:15:71:43:16:7C:41:23:3E:FD:FF:B8:A4:A0:C8:E0:17:14:C7:3A
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194733DD96D801A27FF1D0EF06E16DE7660
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9RVxQxZ8QSM-_f-4pKDI4BcUxzo.roa
Signing time: Fri 17 Jan 2025 07:50:20 +0000
ROA not before: Fri 17 Jan 2025 07:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 31.56.52.0/22 maxlen: 22
31.57.196.0/24 maxlen: 24
31.57.197.0/24 maxlen: 24
31.57.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 07:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:73:3d:d9:6d:80:1a:27:ff:1d:0e:f0:6e:16:de:76:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 17 07:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5157143167c41233efdffb8a4a0c8e01714c73a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1c:d3:d4:83:a5:e6:fe:a5:de:4a:ec:c6:1c:
b4:0f:50:2e:0b:a1:d6:53:04:14:de:75:a0:c4:ad:
34:47:32:bc:f7:df:6a:45:87:5a:bf:44:e5:43:58:
96:e5:99:a6:42:b2:cb:69:3b:18:25:0d:9d:60:32:
57:52:fe:c5:cb:3c:0f:a0:42:0d:31:9f:73:23:fb:
cd:d2:22:56:76:19:b4:32:14:b2:28:cb:b9:35:00:
0e:51:62:b3:bb:76:72:f2:39:14:fe:eb:e8:e8:d3:
af:00:af:a2:c7:fa:ae:b1:9c:23:7d:72:f2:88:88:
ad:34:02:6f:8e:23:74:d7:1d:18:18:6e:54:25:d1:
d3:61:56:b8:46:e0:e5:8d:28:d3:8b:4c:2e:09:0d:
a8:1b:a2:b9:5d:3c:66:db:c5:7e:ea:25:1e:78:4c:
85:18:4d:50:3e:81:10:65:f7:c6:3d:1d:5a:d8:e8:
28:19:1e:a1:34:08:c1:c8:bb:d5:1c:1c:b4:b5:ff:
be:1a:40:47:c2:0c:11:60:9d:de:52:99:29:c8:48:
59:5d:92:46:6b:b7:18:02:2a:a4:ec:45:2f:3e:db:
38:ba:cf:96:0e:0a:3c:bb:f5:9d:fc:73:85:b9:f1:
2c:0f:1d:18:cc:07:1e:da:ce:60:d2:8f:38:b2:7d:
5d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:15:71:43:16:7C:41:23:3E:FD:FF:B8:A4:A0:C8:E0:17:14:C7:3A
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9RVxQxZ8QSM-_f-4pKDI4BcUxzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.52.0/22
31.57.196.0/23
31.57.199.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:7e:7b:cd:13:3c:6e:f8:03:8a:6d:52:04:e8:a8:ca:00:2a:
92:9a:c7:b8:a9:ba:c0:ce:40:fd:2b:4f:5e:02:f3:79:ef:ff:
25:ee:b1:16:74:ea:3f:94:f6:9b:91:21:c4:9e:aa:39:6f:51:
58:83:05:ae:e0:6a:ff:25:71:b7:57:d3:c5:49:9f:cc:f3:2a:
f9:fd:20:1a:79:be:72:93:59:10:62:7f:63:4f:5e:65:57:51:
5c:86:ea:5b:ba:10:42:fa:02:14:ba:89:c8:8c:5b:d1:b2:66:
1c:b8:d8:4b:a6:b5:68:4b:88:c0:e3:8e:00:d9:b3:06:9c:f5:
0a:6a:1b:13:bc:6a:96:f0:24:67:63:b2:5d:4d:4b:6e:58:ac:
5d:85:6b:27:95:91:05:0f:00:36:a6:17:53:68:cf:c8:de:33:
a9:8a:da:29:c2:58:22:26:d1:4c:71:b6:e0:61:5c:83:7d:df:
70:e9:65:fb:de:1f:cb:ce:9a:f1:a2:18:ab:e8:16:19:bb:cd:
cf:f1:25:b8:9c:5f:b2:aa:81:3f:c9:8a:2d:9e:2e:95:7d:bc:
b3:a8:e7:54:17:b6:23:8b:d1:94:1a:8b:0e:a7:ac:fc:84:5f:
79:4a:8b:49:ee:14:4a:50:05:e7:01:a4:0e:fc:7f:c7:95:af:
6d:b7:25:bc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRzPdltgBon/x0O8G4W3nZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTE3MDc1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTE1NzE0MzE2N2M0MTIzM2VmZGZmYjhhNGEwYzhlMDE3MTRjNzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRzT1IOl5v6l3krsxhy0D1AuC6HW
UwQU3nWgxK00RzK8999qRYdav0TlQ1iW5ZmmQrLLaTsYJQ2dYDJXUv7FyzwPoEIN
MZ9zI/vN0iJWdhm0MhSyKMu5NQAOUWKzu3Zy8jkU/uvo6NOvAK+ix/qusZwjfXLy
iIitNAJvjiN01x0YGG5UJdHTYVa4RuDljSjTi0wuCQ2oG6K5XTxm28V+6iUeeEyF
GE1QPoEQZffGPR1a2OgoGR6hNAjByLvVHBy0tf++GkBHwgwRYJ3eUpkpyEhZXZJG
a7cYAiqk7EUvPts4us+WDgo8u/Wd/HOFufEsDx0YzAce2s5g0o84sn1dKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPUVcUMWfEEjPv3/uKSgyOAXFMc6MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvOVJWeFF4WjhRU00tX2YtNHBLREk0QmNVeHpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCHzg0AwQB
HznEAwQAHznHMA0GCSqGSIb3DQEBCwUAA4IBAQAPfnvNEzxu+AOKbVIE6KjKACqS
mse4qbrAzkD9K09eAvN57/8l7rEWdOo/lPabkSHEnqo5b1FYgwWu4Gr/JXG3V9PF
SZ/M8yr5/SAaeb5yk1kQYn9jT15lV1FchupbuhBC+gIUuonIjFvRsmYcuNhLprVo
S4jA444A2bMGnPUKahsTvGqW8CRnY7JdTUtuWKxdhWsnlZEFDwA2phdTaM/I3jOp
itopwlgiJtFMcbbgYVyDfd9w6WX73h/Lzprxohir6BYZu83P8SW4nF+yqoE/yYot
ni6VfbyzqOdUF7Yji9GUGosOp6z8hF95SotJ7hRKUAXnAaQO/H/Hla9ttyW8
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:07:39 2025 by rpki-client