Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/AKQB85WYSJdIbTi9a6_a3KSy6kc.roa
File: AKQB85WYSJdIbTi9a6_a3KSy6kc.roa (raw, json)
Hash identifier: 5i/fVJlw/L9W/3yZfdqjForKfHkvl2SAHpwiY/kEpH0=
Subject key identifier: 00:A4:01:F3:95:98:48:97:48:6D:38:BD:6B:AF:DA:DC:A4:B2:EA:47
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019367C73B4279490D8758CD69C85E2FAEE0
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/AKQB85WYSJdIbTi9a6_a3KSy6kc.roa
Signing time: Tue 26 Nov 2024 09:22:10 +0000
ROA not before: Tue 26 Nov 2024 09:22:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 31.56.112.0/21 maxlen: 24
31.56.114.0/23 maxlen: 23
31.56.118.0/23 maxlen: 23
31.57.11.0/24 maxlen: 24
31.57.131.0/24 maxlen: 24
31.57.150.0/24 maxlen: 24
31.57.176.0/24 maxlen: 24
31.57.178.0/24 maxlen: 24
31.57.179.0/24 maxlen: 24
31.57.181.0/24 maxlen: 24
31.57.182.0/24 maxlen: 24
31.57.183.0/24 maxlen: 24
31.57.194.0/24 maxlen: 24
31.57.224.0/22 maxlen: 23
31.57.252.0/22 maxlen: 23
31.58.59.0/24 maxlen: 24
31.58.129.0/24 maxlen: 24
31.58.142.0/24 maxlen: 24
31.58.146.0/24 maxlen: 24
31.58.152.0/22 maxlen: 22
31.58.167.0/24 maxlen: 24
31.58.176.0/22 maxlen: 22
31.58.200.0/22 maxlen: 22
31.58.216.0/22 maxlen: 22
31.58.240.0/22 maxlen: 22
31.58.252.0/22 maxlen: 22
31.59.41.0/24 maxlen: 24
31.59.56.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.58.0/24 maxlen: 24
31.59.64.0/22 maxlen: 22
31.59.80.0/22 maxlen: 22
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.124.0/22 maxlen: 22
31.59.176.0/22 maxlen: 22
31.59.180.0/22 maxlen: 22
31.59.188.0/22 maxlen: 22
31.59.192.0/22 maxlen: 22
31.59.216.0/22 maxlen: 24
31.59.228.0/24 maxlen: 24
31.59.229.0/24 maxlen: 24
31.59.231.0/24 maxlen: 24
31.59.244.0/24 maxlen: 24
31.59.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Nov 2024 07:53:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:67:c7:3b:42:79:49:0d:87:58:cd:69:c8:5e:2f:ae:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 26 09:22:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00a401f395984897486d38bd6bafdadca4b2ea47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:84:3e:87:2d:ea:88:9f:45:4d:b9:8a:cc:9b:
bb:c8:51:d6:d4:26:89:da:e2:ab:63:9f:9e:b8:4c:
8e:a3:4f:27:6b:be:80:dd:57:46:37:1d:38:ee:88:
04:77:46:8d:72:2a:7d:bb:f3:ef:82:86:a3:30:26:
4b:16:2e:f5:76:86:ac:bf:8d:5b:ba:6b:b0:62:f4:
82:9a:3d:d6:70:15:71:8c:69:40:a4:20:2d:05:2d:
57:65:fc:99:27:c3:cd:5c:ec:73:b1:5c:b3:e5:05:
96:8a:6e:44:22:6e:0a:a7:80:fb:81:27:45:05:73:
30:1d:2e:cf:12:06:8b:26:68:c3:4d:84:42:48:fc:
9f:fb:9c:62:a7:c5:32:9e:40:54:2d:33:dd:e3:1a:
59:dc:35:97:29:32:5a:41:17:e0:92:7e:76:97:b8:
ba:bb:f0:21:dc:8f:18:4c:55:86:66:5d:93:04:a5:
d5:dd:76:2f:23:4f:d7:c3:78:d7:a5:67:e4:ce:e1:
e5:9d:b7:df:63:33:7c:db:bd:ce:85:3b:b2:96:98:
24:2b:f9:9e:82:a5:9f:96:1d:aa:64:5a:0c:ee:3b:
96:72:93:fe:5d:01:87:72:01:60:1b:3f:1a:80:dd:
08:4f:d6:9f:2d:61:a8:01:9f:a1:c5:15:88:5d:55:
3e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:A4:01:F3:95:98:48:97:48:6D:38:BD:6B:AF:DA:DC:A4:B2:EA:47
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/AKQB85WYSJdIbTi9a6_a3KSy6kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.112.0/21
31.57.11.0/24
31.57.131.0/24
31.57.150.0/24
31.57.176.0/24
31.57.178.0/23
31.57.181.0-31.57.183.255
31.57.194.0/24
31.57.224.0/22
31.57.252.0/22
31.58.59.0/24
31.58.129.0/24
31.58.142.0/24
31.58.146.0/24
31.58.152.0/22
31.58.167.0/24
31.58.176.0/22
31.58.200.0/22
31.58.216.0/22
31.58.240.0/22
31.58.252.0/22
31.59.41.0/24
31.59.56.0-31.59.58.255
31.59.64.0/22
31.59.80.0/22
31.59.96.0/22
31.59.112.0/22
31.59.124.0/22
31.59.176.0/21
31.59.188.0-31.59.195.255
31.59.216.0/22
31.59.228.0/23
31.59.231.0/24
31.59.244.0/23
Signature Algorithm: sha256WithRSAEncryption
c2:80:49:e2:fa:48:de:e1:a2:33:c8:3c:58:19:82:46:92:87:
e3:6d:aa:db:1b:fd:4d:a3:03:d0:f5:d3:74:b6:54:d9:96:fe:
f4:8a:9d:8a:12:aa:34:b1:cb:16:9e:4b:63:be:67:d4:32:43:
12:37:84:75:b8:55:f8:fe:96:11:a2:bd:4a:ca:19:9c:51:e5:
d1:2c:60:2a:3b:30:f1:c7:48:57:63:72:a7:bc:bc:6a:59:d7:
fa:d2:58:4a:4e:c4:f7:79:23:17:d8:ea:31:93:f5:23:e3:b8:
17:12:d3:b0:8d:a3:33:55:b8:19:60:4e:59:c2:9a:9a:bb:5d:
a4:d0:50:2d:61:e6:ad:41:35:1d:89:2c:92:f9:a2:49:98:f5:
c9:f4:66:f8:34:8f:50:eb:8c:3c:2c:73:ab:e7:8c:ff:dd:91:
01:67:5b:c0:4e:bb:4f:ef:aa:dd:4a:c5:c3:53:b9:d8:43:c7:
e2:56:04:0d:e2:fd:d1:87:8d:9a:6c:e5:ef:ec:ab:90:e3:df:
fa:75:37:ec:19:37:95:aa:d1:16:31:b8:33:54:80:14:38:65:
e9:f4:18:83:b7:2a:ab:20:02:7e:ae:4d:46:9e:a0:13:ff:07:
cb:09:06:8a:9a:c9:ff:8a:b8:8b:cc:96:58:4d:b7:31:5e:89:
d8:71:92:10
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAZNnxztCeUkNh1jNacheL67gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTI2MDkyMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGE0MDFmMzk1OTg0ODk3NDg2ZDM4YmQ2YmFmZGFkY2E0YjJlYTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIQ+hy3qiJ9FTbmKzJu7yFHW1CaJ
2uKrY5+euEyOo08na76A3VdGNx047ogEd0aNcip9u/PvgoajMCZLFi71doasv41b
umuwYvSCmj3WcBVxjGlApCAtBS1XZfyZJ8PNXOxzsVyz5QWWim5EIm4Kp4D7gSdF
BXMwHS7PEgaLJmjDTYRCSPyf+5xip8UynkBULTPd4xpZ3DWXKTJaQRfgkn52l7i6
u/Ah3I8YTFWGZl2TBKXV3XYvI0/Xw3jXpWfkzuHlnbffYzN8273OhTuylpgkK/me
gqWflh2qZFoM7juWcpP+XQGHcgFgGz8agN0IT9afLWGoAZ+hxRWIXVU+FwIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFACkAfOVmEiXSG04vWuv2tyksupHMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQUtRQjg1V1lTSmRJYlRpOWE2X2EzS1N5NmtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkAwQD
HzhwAwQAHzkLAwQAHzmDAwQAHzmWAwQAHzmwAwQBHzmyMAwDBAAfObUDBAMfObAD
BAAfOcIDBAIfOeADBAIfOfwDBAAfOjsDBAAfOoEDBAAfOo4DBAAfOpIDBAIfOpgD
BAAfOqcDBAIfOrADBAIfOsgDBAIfOtgDBAIfOvADBAIfOvwDBAAfOykwDAMEAx87
OAMEAB87OgMEAh87QAMEAh87UAMEAh87YAMEAh87cAMEAh87fAMEAx87sDAMAwQC
Hzu8AwQCHzvAAwQCHzvYAwQBHzvkAwQAHzvnAwQBHzv0MA0GCSqGSIb3DQEBCwUA
A4IBAQDCgEni+kje4aIzyDxYGYJGkofjbarbG/1NowPQ9dN0tlTZlv70ip2KEqo0
scsWnktjvmfUMkMSN4R1uFX4/pYRor1KyhmcUeXRLGAqOzDxx0hXY3KnvLxqWdf6
0lhKTsT3eSMX2Ooxk/Uj47gXEtOwjaMzVbgZYE5Zwpqau12k0FAtYeatQTUdiSyS
+aJJmPXJ9Gb4NI9Q64w8LHOr54z/3ZEBZ1vATrtP76rdSsXDU7nYQ8fiVgQN4v3R
h42abOXv7KuQ49/6dTfsGTeVqtEWMbgzVIAUOGXp9BiDtyqrIAJ+rk1GnqAT/wfL
CQaKmsn/iriLzJZYTbcxXonYcZIQ
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:48:40 2025 by rpki-client