Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BZGE03MG8Amni3bhMgsck9nxLwA.roa
File: BZGE03MG8Amni3bhMgsck9nxLwA.roa (raw, json)
Hash identifier: sGGvt6rWFVkIM4Rwin4MJk0ee3TYrUVHYFi0phr+2EY=
Subject key identifier: 05:91:84:D3:73:06:F0:09:A7:8B:76:E1:32:0B:1C:93:D9:F1:2F:00
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193216ECF3477B0EF015855B9CF91F7048E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BZGE03MG8Amni3bhMgsck9nxLwA.roa
Signing time: Tue 12 Nov 2024 17:32:10 +0000
ROA not before: Tue 12 Nov 2024 17:32:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.48.0/24 maxlen: 24
31.56.85.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.127.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Nov 2024 14:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:21:6e:cf:34:77:b0:ef:01:58:55:b9:cf:91:f7:04:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 12 17:32:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=059184d37306f009a78b76e1320b1c93d9f12f00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:97:25:48:06:56:cd:dd:f5:d6:28:f6:c1:82:
68:f7:57:12:04:d7:f6:f0:13:28:17:36:39:01:d0:
c4:20:cb:bf:b0:f9:71:60:61:19:16:39:01:1b:d2:
ae:c6:09:ef:80:24:ed:b0:29:e6:27:03:af:0b:a7:
49:2c:21:c4:a5:0b:9a:c4:b4:e3:18:a1:b5:6c:60:
cc:f5:02:37:1c:c3:6d:13:37:27:21:55:95:59:f2:
ea:24:d1:ba:77:05:77:33:0d:7f:83:ec:a9:fa:5d:
2a:64:cc:e8:8a:ee:ee:29:52:cc:81:53:ba:1c:f2:
5d:8d:29:49:9b:b9:d8:df:80:94:a4:74:6f:ea:5e:
16:85:6b:be:5a:b5:7d:30:8c:2a:12:90:46:36:8e:
c8:e4:09:3e:df:e1:31:18:2e:6c:b8:45:3f:13:4a:
f0:f9:71:2b:06:a3:1c:08:87:a4:84:21:72:92:79:
c4:d3:e8:7f:97:04:03:ae:49:ab:ed:c6:d2:15:dd:
3e:9f:01:17:38:2f:b3:5b:60:31:13:de:18:5c:28:
c2:e2:51:ee:48:8c:39:10:25:f7:03:92:5a:ad:ae:
01:f8:09:d5:99:7b:f0:bd:24:d2:31:ad:eb:a1:9d:
6f:16:7f:50:60:2e:64:12:6e:94:44:d3:5d:f2:21:
19:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:91:84:D3:73:06:F0:09:A7:8B:76:E1:32:0B:1C:93:D9:F1:2F:00
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BZGE03MG8Amni3bhMgsck9nxLwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.48.0/24
31.56.85.0/24
31.56.89.0/24
31.56.120.0/22
31.56.127.0/24
31.57.132.0/23
31.57.176.0/21
31.57.192.0/22
31.57.232.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:1a:c7:1b:84:1f:a0:ac:9b:47:ff:59:01:fc:d0:8d:7d:d9:
45:0e:6a:7e:47:1c:3e:85:45:a0:fd:a1:f2:5b:0a:77:5b:da:
2f:fd:8c:29:81:60:99:7e:66:3b:36:a3:e3:49:3d:9e:14:7d:
85:5a:f6:29:44:7a:93:6f:20:02:cd:51:ad:e1:ca:9a:9a:17:
d6:29:64:59:47:c8:70:0a:d1:1d:7a:7d:fe:3d:c0:1f:45:1e:
1f:1b:5e:1e:c4:50:50:8b:18:42:6b:98:67:70:18:e2:a5:c7:
6b:85:54:9e:a5:27:f3:22:eb:bd:0c:bf:d2:1e:cb:7c:d8:4e:
70:1e:12:ce:34:07:6d:a0:c2:50:45:77:31:46:79:ea:9d:11:
39:c5:e3:9a:33:b2:34:df:d5:c9:a9:b6:11:f2:24:f7:89:9b:
45:3c:82:29:7d:af:70:60:86:75:c3:62:b3:0e:1f:e3:55:96:
60:2a:1a:1c:5c:c5:47:01:2c:64:f0:af:6d:06:86:1f:95:6c:
e2:00:a4:f6:ee:a5:27:94:50:75:ff:47:eb:6e:73:bb:f7:ee:
a1:9d:2a:ac:6b:30:65:e6:e4:15:40:d0:4d:7b:65:7a:b2:1f:
91:1a:fa:24:a4:b4:88:31:65:5d:83:2e:a7:03:a4:8e:bc:09:
1d:8c:f3:8b
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZMhbs80d7DvAVhVuc+R9wSOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTEyMTczMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTkxODRkMzczMDZmMDA5YTc4Yjc2ZTEzMjBiMWM5M2Q5ZjEyZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5clSAZWzd311ij2wYJo91cSBNf2
8BMoFzY5AdDEIMu/sPlxYGEZFjkBG9KuxgnvgCTtsCnmJwOvC6dJLCHEpQuaxLTj
GKG1bGDM9QI3HMNtEzcnIVWVWfLqJNG6dwV3Mw1/g+yp+l0qZMzoiu7uKVLMgVO6
HPJdjSlJm7nY34CUpHRv6l4WhWu+WrV9MIwqEpBGNo7I5Ak+3+ExGC5suEU/E0rw
+XErBqMcCIekhCFyknnE0+h/lwQDrkmr7cbSFd0+nwEXOC+zW2AxE94YXCjC4lHu
SIw5ECX3A5Jara4B+AnVmXvwvSTSMa3roZ1vFn9QYC5kEm6URNNd8iEZNQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFAWRhNNzBvAJp4t24TILHJPZ8S8AMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQlpHRTAzTUc4QW1uaTNiaE1nc2NrOW54THdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQBHzgEAwQA
HzgYAwQBHzgqAwQAHzgwAwQAHzhVAwQAHzhZAwQCHzh4AwQAHzh/AwQBHzmEAwQD
HzmwAwQCHznAAwQCHznoMA0GCSqGSIb3DQEBCwUAA4IBAQC/GscbhB+grJtH/1kB
/NCNfdlFDmp+Rxw+hUWg/aHyWwp3W9ov/YwpgWCZfmY7NqPjST2eFH2FWvYpRHqT
byACzVGt4cqamhfWKWRZR8hwCtEden3+PcAfRR4fG14exFBQixhCa5hncBjipcdr
hVSepSfzIuu9DL/SHst82E5wHhLONAdtoMJQRXcxRnnqnRE5xeOaM7I039XJqbYR
8iT3iZtFPIIpfa9wYIZ1w2KzDh/jVZZgKhocXMVHASxk8K9tBoYflWziAKT27qUn
lFB1/0frbnO79+6hnSqsazBl5uQVQNBNe2V6sh+RGvokpLSIMWVdgy6nA6SOvAkd
jPOL
-----END CERTIFICATE-----
Generated at Wed Nov 13 16:39:58 2024 by rpki-client on console-ams.rpki-client.org