Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/EXxI_s3w-OcJ3BjgjxQsrEIdHFw.roa
File: EXxI_s3w-OcJ3BjgjxQsrEIdHFw.roa (raw, json)
Hash identifier: uKGdDDlW+ZDFQEouF0MHpCMER3Y7s2gsbr9O41ScplI=
Subject key identifier: 11:7C:48:FE:CD:F0:F8:E7:09:DC:18:E0:8F:14:2C:AC:42:1D:1C:5C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019246AB16816844CEB2ACA7424EBC83081B
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/EXxI_s3w-OcJ3BjgjxQsrEIdHFw.roa
Signing time: Tue 01 Oct 2024 06:01:10 +0000
ROA not before: Tue 01 Oct 2024 06:01:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 31.56.160.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.240.0/22 maxlen: 24
31.57.244.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 02:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:46:ab:16:81:68:44:ce:b2:ac:a7:42:4e:bc:83:08:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 1 06:01:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=117c48fecdf0f8e709dc18e08f142cac421d1c5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:42:8e:ec:80:41:f2:08:25:51:bf:3a:d0:1d:
c3:15:90:5c:c8:6a:c9:1a:b4:8d:c5:71:97:29:2b:
fc:92:02:65:64:d1:9b:2d:83:14:71:29:c8:20:e3:
3f:88:46:87:dc:8b:21:a9:da:24:88:9f:91:81:e4:
fb:49:89:f5:da:be:f2:85:5c:83:ce:fc:ef:9a:c6:
09:e0:89:2b:b1:5d:c3:c6:8d:37:97:d1:64:03:ef:
46:3f:e0:de:d9:bf:de:38:ed:5a:25:42:e3:7a:14:
00:f5:93:b4:ce:ae:8d:b1:7f:8e:09:fb:f7:36:69:
f0:94:eb:9c:2d:54:8f:79:18:19:35:1c:8e:91:a5:
77:37:b0:64:d2:c8:c3:ef:b9:2c:b9:1e:4e:4d:5b:
31:bb:a5:f3:78:ee:e6:03:86:b4:44:19:44:db:8d:
e8:a2:9b:ad:07:62:a1:98:d6:14:1d:e1:71:f4:38:
90:53:d5:a4:ba:39:0e:31:da:60:77:18:9c:0e:62:
a3:fa:c3:b0:73:8f:f1:2a:28:32:6f:b2:71:cb:d2:
1a:d2:29:40:1d:0d:45:ca:d9:bd:77:c1:76:fe:f0:
47:4a:2e:5d:16:42:ea:d7:8f:b0:13:0c:56:60:03:
d0:64:d0:08:ba:86:02:ef:ca:bb:5b:51:53:41:60:
6a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:7C:48:FE:CD:F0:F8:E7:09:DC:18:E0:8F:14:2C:AC:42:1D:1C:5C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/EXxI_s3w-OcJ3BjgjxQsrEIdHFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.160.0/21
31.57.192.0/22
31.57.224.0/22
31.57.232.0/22
31.57.240.0/21
31.57.252.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:ec:3d:e6:ed:42:53:9c:bb:62:ed:40:37:61:72:d0:b5:2a:
c2:59:e0:45:37:00:2d:03:98:cc:2f:ff:5c:c4:5b:20:88:5e:
ac:7c:dc:05:d2:a9:a3:11:e9:62:3f:18:a4:e3:3d:fb:9a:01:
76:a3:0a:5e:55:b7:43:f8:d5:05:63:e8:ac:55:af:bb:09:24:
1c:01:29:5a:42:f8:b4:2c:7d:00:49:d9:78:fa:16:38:2b:20:
71:b5:40:07:d3:07:df:0f:26:d7:0e:cf:2a:f3:02:60:30:a5:
6f:c4:c4:ed:54:82:ca:0b:fc:0e:09:ed:ca:ea:cc:e7:e4:4b:
6d:5d:17:c7:52:79:d2:17:b5:83:45:bb:07:27:29:ab:6e:11:
cf:eb:ac:5e:5a:6f:1f:79:25:c2:07:11:ce:7a:bf:43:7b:61:
9e:80:db:98:71:d5:c4:e1:cb:23:e0:89:d6:54:2a:cb:f4:2d:
a1:50:43:df:46:d1:0d:b9:b2:32:8b:7d:53:57:72:85:d9:c5:
f4:f0:07:7a:27:7d:c3:06:e2:66:4a:9b:de:98:ee:37:63:94:
7c:06:a0:b5:3e:36:2c:f2:2b:8d:24:7b:79:53:f0:8e:64:8c:
17:ab:68:1c:13:0a:28:b5:8e:02:b5:11:07:15:9e:ef:23:87:
59:2c:fe:53
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZJGqxaBaETOsqynQk68gwgbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDAxMDYwMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTdjNDhmZWNkZjBmOGU3MDlkYzE4ZTA4ZjE0MmNhYzQyMWQxYzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5UKO7IBB8gglUb860B3DFZBcyGrJ
GrSNxXGXKSv8kgJlZNGbLYMUcSnIIOM/iEaH3IshqdokiJ+RgeT7SYn12r7yhVyD
zvzvmsYJ4IkrsV3Dxo03l9FkA+9GP+De2b/eOO1aJULjehQA9ZO0zq6NsX+OCfv3
NmnwlOucLVSPeRgZNRyOkaV3N7Bk0sjD77ksuR5OTVsxu6XzeO7mA4a0RBlE243o
oputB2KhmNYUHeFx9DiQU9WkujkOMdpgdxicDmKj+sOwc4/xKigyb7Jxy9Ia0ilA
HQ1Fytm9d8F2/vBHSi5dFkLq14+wEwxWYAPQZNAIuoYC78q7W1FTQWBqFQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBF8SP7N8PjnCdwY4I8ULKxCHRxcMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvRVh4SV9zM3ctT2NKM0JqZ2p4UXNyRUlkSEZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDHzigAwQC
HznAAwQCHzngAwQCHznoAwQDHznwAwQCHzn8MA0GCSqGSIb3DQEBCwUAA4IBAQAN
7D3m7UJTnLti7UA3YXLQtSrCWeBFNwAtA5jML/9cxFsgiF6sfNwF0qmjEeliPxik
4z37mgF2owpeVbdD+NUFY+isVa+7CSQcASlaQvi0LH0ASdl4+hY4KyBxtUAH0wff
DybXDs8q8wJgMKVvxMTtVILKC/wOCe3K6szn5EttXRfHUnnSF7WDRbsHJymrbhHP
66xeWm8feSXCBxHOer9De2GegNuYcdXE4csj4InWVCrL9C2hUEPfRtENubIyi31T
V3KF2cX08Ad6J33DBuJmSpvemO43Y5R8BqC1PjYs8iuNJHt5U/COZIwXq2gcEwoo
tY4CtREHFZ7vI4dZLP5T
-----END CERTIFICATE-----
Generated at Thu Oct 3 04:25:25 2024 by rpki-client on console-fra.rpki-client.org