Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ALurIQGk41z3-mIYS-u5tVEeOCc.roa
File: ALurIQGk41z3-mIYS-u5tVEeOCc.roa (raw, json)
Hash identifier: qkly37GGSym0xgpEWKVoBeXhL0uzl1AI58etDS/zNdY=
Subject key identifier: 00:BB:AB:21:01:A4:E3:5C:F7:FA:62:18:4B:EB:B9:B5:51:1E:38:27
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01914D0C0795C73579DAA086377FB0335898
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ALurIQGk41z3-mIYS-u5tVEeOCc.roa
Signing time: Tue 13 Aug 2024 18:41:59 +0000
ROA not before: Tue 13 Aug 2024 18:41:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 31.56.39.0/24 maxlen: 24
31.56.59.0/24 maxlen: 24
31.56.63.0/24 maxlen: 24
31.56.69.0/24 maxlen: 24
31.56.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Aug 2024 12:25:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4d:0c:07:95:c7:35:79:da:a0:86:37:7f:b0:33:58:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Aug 13 18:41:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00bbab2101a4e35cf7fa62184bebb9b5511e3827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:14:e6:94:b1:d2:16:da:77:c8:e8:15:59:e0:
d5:e7:75:8b:9e:4c:7e:65:92:1c:b9:a5:89:aa:c6:
b1:7f:31:84:ad:f4:1d:ba:ab:4a:df:63:44:72:b3:
00:1e:bc:6f:e8:1d:56:da:2e:18:de:7d:5c:2c:f0:
b5:20:a7:96:f7:2e:53:41:72:bd:2a:96:3d:d4:58:
aa:02:d0:19:fc:9d:c6:80:e8:9d:27:92:92:77:21:
c3:76:11:86:5a:eb:33:31:00:47:b9:35:09:c9:a1:
05:bb:76:70:e2:a1:ff:04:03:59:6b:a2:99:e6:35:
37:79:f0:15:f6:ca:eb:92:e2:dd:82:17:00:3c:c4:
2d:4e:10:01:d1:10:5a:53:c7:fe:be:a5:31:68:24:
2d:58:40:5b:b8:79:83:36:54:43:84:b4:3c:91:bf:
b6:72:33:2e:db:ac:1e:ca:06:6c:59:a0:ea:9d:2f:
fd:cc:7e:eb:a6:cf:a2:2c:f7:a0:5d:ea:68:4b:b6:
4f:fe:bf:15:4a:db:2c:47:68:a6:41:1b:1a:72:f8:
86:98:5a:29:5c:a7:7e:c7:95:26:56:87:9d:90:be:
83:1c:9c:eb:ba:56:33:9b:c0:45:05:d9:ee:9d:ae:
dd:3e:94:17:43:22:02:80:04:98:3c:d9:e7:61:3f:
7b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:BB:AB:21:01:A4:E3:5C:F7:FA:62:18:4B:EB:B9:B5:51:1E:38:27
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ALurIQGk41z3-mIYS-u5tVEeOCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.39.0/24
31.56.59.0/24
31.56.63.0/24
31.56.69.0/24
31.56.72.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:f3:60:ba:7b:fc:22:1a:e1:a2:5e:a6:c3:9b:bd:6b:cb:8a:
fb:37:64:97:b3:cc:6c:d8:e6:f9:53:48:2d:1a:b8:5a:30:72:
48:1d:9c:38:92:0a:cf:f7:e9:7c:4d:62:fd:64:44:b9:38:29:
96:89:1e:88:44:a6:16:6a:d6:87:9f:51:c0:23:1f:4f:14:cc:
06:4c:59:40:42:16:63:84:d8:94:30:57:5f:dd:02:cc:0f:3f:
8f:49:83:ed:25:af:07:9c:0d:84:03:40:22:32:fd:85:03:d8:
9a:a4:ac:a6:9c:8a:3f:0d:b2:d1:12:82:95:24:78:59:aa:28:
17:88:94:c2:d8:bc:93:cf:b9:c3:bf:f6:c3:62:e7:26:7a:a6:
19:02:0b:96:2e:fe:76:39:bc:42:62:43:0e:89:1c:38:52:3c:
8e:11:b2:e1:0e:49:b6:dc:f1:1a:22:60:bf:8f:64:43:12:2b:
4d:24:11:d0:bb:4a:d9:40:b2:93:16:b9:5f:d1:89:91:a3:40:
d2:5a:64:ce:0e:01:17:b3:ea:12:3a:53:f4:d6:1f:f0:9d:77:
80:e5:25:03:4a:dd:1d:3e:4b:d8:8b:37:bd:fe:4b:62:fb:74:
fc:78:a8:25:96:ab:7e:2f:05:c0:5b:4f:2c:3e:fa:2e:44:f5:
e3:f5:ad:94
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZFNDAeVxzV52qCGN3+wM1iYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQwODEzMTg0MTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGJiYWIyMTAxYTRlMzVjZjdmYTYyMTg0YmViYjliNTUxMWUzODI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRTmlLHSFtp3yOgVWeDV53WLnkx+
ZZIcuaWJqsaxfzGErfQduqtK32NEcrMAHrxv6B1W2i4Y3n1cLPC1IKeW9y5TQXK9
KpY91FiqAtAZ/J3GgOidJ5KSdyHDdhGGWuszMQBHuTUJyaEFu3Zw4qH/BANZa6KZ
5jU3efAV9srrkuLdghcAPMQtThAB0RBaU8f+vqUxaCQtWEBbuHmDNlRDhLQ8kb+2
cjMu26weygZsWaDqnS/9zH7rps+iLPegXepoS7ZP/r8VStssR2imQRsacviGmFop
XKd+x5UmVoedkL6DHJzrulYzm8BFBdnuna7dPpQXQyICgASYPNnnYT97cQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAC7qyEBpONc9/piGEvrubVRHjgnMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQUx1cklRR2s0MXozLW1JWVMtdTV0VkVlT0NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHzgnAwQA
Hzg7AwQAHzg/AwQAHzhFAwQAHzhIMA0GCSqGSIb3DQEBCwUAA4IBAQBv82C6e/wi
GuGiXqbDm71ry4r7N2SXs8xs2Ob5U0gtGrhaMHJIHZw4kgrP9+l8TWL9ZES5OCmW
iR6IRKYWataHn1HAIx9PFMwGTFlAQhZjhNiUMFdf3QLMDz+PSYPtJa8HnA2EA0Ai
Mv2FA9iapKymnIo/DbLREoKVJHhZqigXiJTC2LyTz7nDv/bDYucmeqYZAguWLv52
ObxCYkMOiRw4UjyOEbLhDkm23PEaImC/j2RDEitNJBHQu0rZQLKTFrlf0YmRo0DS
WmTODgEXs+oSOlP01h/wnXeA5SUDSt0dPkvYize9/kti+3T8eKgllqt+LwXAW08s
PvouRPXj9a2U
-----END CERTIFICATE-----
Generated at Thu Aug 15 17:31:36 2024 by rpki-client on console-ams.rpki-client.org