Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BpRsRA4U3UjKTV4gRSQ_RYVrS9s.roa
File: BpRsRA4U3UjKTV4gRSQ_RYVrS9s.roa (raw, json)
Hash identifier: 3TYET39RJCUTy8ia3YmafMHqAH66NdSJYCoS4oQOUk8=
Subject key identifier: 06:94:6C:44:0E:14:DD:48:CA:4D:5E:20:45:24:3F:45:85:6B:4B:DB
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193DE3DFBEC7CD68E2EA1112DC98343EE7C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BpRsRA4U3UjKTV4gRSQ_RYVrS9s.roa
Signing time: Thu 19 Dec 2024 09:27:04 +0000
ROA not before: Thu 19 Dec 2024 09:27:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 31.56.73.0/24 maxlen: 24
31.57.153.0/24 maxlen: 24
31.57.236.0/24 maxlen: 24
31.57.240.0/24 maxlen: 24
31.58.43.0/24 maxlen: 24
31.58.128.0/24 maxlen: 24
31.58.162.0/24 maxlen: 24
31.58.163.0/24 maxlen: 24
31.58.164.0/24 maxlen: 24
31.58.166.0/24 maxlen: 24
31.59.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:de:3d:fb:ec:7c:d6:8e:2e:a1:11:2d:c9:83:43:ee:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 19 09:27:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06946c440e14dd48ca4d5e2045243f45856b4bdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bc:31:ee:36:58:62:90:27:e9:a7:63:bb:ec:
a2:d5:70:d2:7b:ce:8c:4f:c7:45:ff:e3:4d:9b:07:
ba:db:d9:2f:59:48:e8:9a:c1:8c:ba:42:a5:0f:65:
55:ae:69:28:38:26:ff:fd:72:5a:6e:30:61:46:10:
a1:49:18:b0:3c:be:e4:09:2a:d8:26:38:29:c2:bc:
5a:c0:86:fa:82:3f:6b:6e:14:f8:35:72:5d:db:c1:
28:ce:b3:0e:06:4e:c2:f1:e1:2b:e9:d0:aa:38:92:
f1:3f:fb:0b:22:0d:2a:61:44:9f:d4:3c:b1:06:65:
93:81:12:30:5c:57:9e:c4:70:6f:3c:37:b5:68:81:
ca:0e:77:1f:ca:2c:d9:dd:56:84:cf:9f:8d:b0:a9:
cf:5c:1d:cc:71:e2:0f:40:11:7b:ab:19:67:88:5a:
84:15:50:35:47:3a:56:fb:1a:78:d9:7d:f5:0a:dd:
9d:38:08:ba:97:6e:17:95:21:f1:35:9e:19:fa:1f:
fa:17:56:e0:9e:79:1d:85:e5:4d:a1:16:14:38:88:
f4:a4:1e:57:12:35:03:42:62:1f:d9:17:b5:28:6b:
10:b7:30:fe:d9:9d:e6:dd:84:a7:e1:0c:c3:9d:1b:
53:38:1b:60:30:02:99:92:c8:a6:ca:f0:ee:f2:91:
84:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:94:6C:44:0E:14:DD:48:CA:4D:5E:20:45:24:3F:45:85:6B:4B:DB
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BpRsRA4U3UjKTV4gRSQ_RYVrS9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.73.0/24
31.57.153.0/24
31.57.236.0/24
31.57.240.0/24
31.58.43.0/24
31.58.128.0/24
31.58.162.0-31.58.164.255
31.58.166.0/24
31.59.88.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:05:e7:6f:e6:23:83:d2:97:97:07:be:02:1e:89:e3:bb:1c:
c9:1d:6e:8d:da:6c:a6:31:7e:1f:b7:0d:5f:96:ee:41:84:59:
42:86:16:25:e5:2d:e4:ba:c8:9b:93:8f:40:c7:69:67:a0:c2:
6a:25:37:a5:35:b4:4a:03:44:41:b9:cb:39:ae:af:31:ae:5f:
8c:7f:53:9c:da:52:4f:2c:d4:91:eb:6f:c3:56:74:0e:86:ad:
64:6b:3e:ca:71:e0:fa:5a:4b:68:40:1a:41:8f:62:0e:13:aa:
23:c3:76:8d:0c:b6:b4:0b:de:47:dd:41:cb:e9:d9:f5:f4:c8:
40:58:23:ab:f6:38:08:6c:fb:9b:56:09:8e:42:ce:55:f6:d9:
02:08:ab:b8:29:e6:e3:48:21:9d:bf:4c:4f:fd:a0:19:5a:ad:
8b:37:45:f2:f3:9d:01:fa:56:44:f2:7e:22:78:2d:9d:c9:d8:
ca:fc:34:5b:65:3e:3e:28:87:99:02:43:3d:f0:a2:94:36:0d:
d0:36:8c:04:79:72:d4:16:b0:38:e1:27:45:25:96:e6:1f:d9:
72:3d:3a:19:a8:72:b5:b6:86:4d:d9:69:fb:28:dc:c9:50:91:
6b:da:da:a9:46:ac:00:6b:88:d7:59:26:9f:1a:06:6e:28:64:
33:32:18:59
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZPePfvsfNaOLqERLcmDQ+58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjE5MDkyNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjk0NmM0NDBlMTRkZDQ4Y2E0ZDVlMjA0NTI0M2Y0NTg1NmI0YmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLwx7jZYYpAn6adju+yi1XDSe86M
T8dF/+NNmwe629kvWUjomsGMukKlD2VVrmkoOCb//XJabjBhRhChSRiwPL7kCSrY
JjgpwrxawIb6gj9rbhT4NXJd28EozrMOBk7C8eEr6dCqOJLxP/sLIg0qYUSf1Dyx
BmWTgRIwXFeexHBvPDe1aIHKDncfyizZ3VaEz5+NsKnPXB3MceIPQBF7qxlniFqE
FVA1RzpW+xp42X31Ct2dOAi6l24XlSHxNZ4Z+h/6F1bgnnkdheVNoRYUOIj0pB5X
EjUDQmIf2Re1KGsQtzD+2Z3m3YSn4QzDnRtTOBtgMAKZksimyvDu8pGE1QIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFAaUbEQOFN1Iyk1eIEUkP0WFa0vbMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQnBSc1JBNFUzVWpLVFY0Z1JTUV9SWVZyUzlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAHzhJAwQA
HzmZAwQAHznsAwQAHznwAwQAHzorAwQAHzqAMAwDBAEfOqIDBAAfOqQDBAAfOqYD
BAAfO1gwDQYJKoZIhvcNAQELBQADggEBAMAF52/mI4PSl5cHvgIeieO7HMkdbo3a
bKYxfh+3DV+W7kGEWUKGFiXlLeS6yJuTj0DHaWegwmolN6U1tEoDREG5yzmurzGu
X4x/U5zaUk8s1JHrb8NWdA6GrWRrPspx4PpaS2hAGkGPYg4TqiPDdo0MtrQL3kfd
Qcvp2fX0yEBYI6v2OAhs+5tWCY5CzlX22QIIq7gp5uNIIZ2/TE/9oBlarYs3RfLz
nQH6VkTyfiJ4LZ3J2Mr8NFtlPj4oh5kCQz3wopQ2DdA2jAR5ctQWsDjhJ0UlluYf
2XI9OhmocrW2hk3Zafso3MlQkWva2qlGrABriNdZJp8aBm4oZDMyGFk=
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:51:17 2025 by rpki-client