Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Fi0Y4amNLczxBfvqG47f5QljcfY.roa
File: Fi0Y4amNLczxBfvqG47f5QljcfY.roa (raw, json)
Hash identifier: LJEWDluri81hqQi1IS0hh74gySuoHCq9n2ThldM0U9E=
Subject key identifier: 16:2D:18:E1:A9:8D:2D:CC:F1:05:FB:EA:1B:8E:DF:E5:09:63:71:F6
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0192E67777E8E2A090DA4F0D1758B4B5D70F
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Fi0Y4amNLczxBfvqG47f5QljcfY.roa
Signing time: Fri 01 Nov 2024 06:44:02 +0000
ROA not before: Fri 01 Nov 2024 06:44:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215224
IP address blocks: 31.56.1.0/24 maxlen: 24
31.57.144.0/24 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.231.0/24 maxlen: 24
31.58.230.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Nov 2024 09:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e6:77:77:e8:e2:a0:90:da:4f:0d:17:58:b4:b5:d7:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 1 06:44:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=162d18e1a98d2dccf105fbea1b8edfe5096371f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:5c:29:29:d0:95:3a:45:39:a7:8c:13:26:2b:
b6:5b:6c:50:63:94:61:9c:00:37:dd:93:02:15:2c:
c7:47:d0:7c:18:c0:df:3a:43:7c:79:a8:0b:17:05:
55:89:69:b9:c6:d7:f1:fc:ca:d9:7f:f7:6b:31:bf:
4f:ba:4a:25:94:9f:24:3a:c6:d2:19:c5:ec:10:25:
79:64:f9:ba:93:2b:97:3b:d8:f5:70:3d:9f:a0:58:
8c:93:63:22:2c:ef:75:de:85:28:a1:4d:8b:01:2a:
cd:33:d2:96:6f:3d:08:17:b5:37:bf:e7:0a:af:4f:
f2:aa:bd:3d:a4:d0:d7:7b:3c:18:5f:0a:4c:ae:7a:
43:bf:58:76:ca:72:9c:2b:05:ac:4a:1d:08:3a:66:
a3:19:28:52:40:00:ac:cb:0e:78:00:01:a3:37:59:
51:71:f5:f7:c1:f2:51:b9:bd:f9:b3:6d:96:a6:31:
81:e8:e8:20:f2:2a:cf:fc:4b:e8:25:2e:e4:0f:d6:
85:1c:ac:60:ab:55:97:d9:79:c8:64:4b:9b:2f:62:
8c:86:9f:0c:f6:8d:2e:58:27:fd:8f:f5:29:d0:d7:
64:2c:bf:8d:0b:fb:b4:d6:03:a9:ec:4d:3a:b8:72:
36:a5:a9:1b:bb:3e:e2:94:37:e2:c7:b7:21:57:57:
91:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:2D:18:E1:A9:8D:2D:CC:F1:05:FB:EA:1B:8E:DF:E5:09:63:71:F6
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Fi0Y4amNLczxBfvqG47f5QljcfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.1.0/24
31.57.144.0/24
31.57.146.0/23
31.57.231.0/24
31.58.230.0/23
Signature Algorithm: sha256WithRSAEncryption
30:8d:ee:e2:f0:ed:9f:58:9b:c4:99:76:f6:db:d7:69:1c:7a:
dd:c9:f8:73:74:cd:e2:93:21:9c:4b:4a:9a:aa:83:c2:c4:65:
6b:1f:90:af:31:e3:d4:18:ec:c8:a4:b8:37:e1:8a:e8:74:9c:
c5:2e:68:3c:fd:f8:2e:43:c4:60:6e:55:ab:b9:4e:4d:6c:0a:
e1:fc:88:6d:15:52:54:e5:76:62:aa:76:ed:1b:f9:e8:9e:68:
70:b0:22:8a:f3:b5:83:65:ab:fc:be:5f:49:b1:14:cc:8b:24:
2e:38:4c:90:ec:6f:e6:cc:e6:8a:e4:e9:18:58:aa:74:84:ee:
19:6f:6c:ba:20:8b:bc:e4:0e:c8:72:69:ae:64:67:03:67:5c:
81:40:78:19:58:c0:48:39:d4:0c:63:c7:eb:df:0a:db:d0:3f:
58:ed:c6:3f:29:66:f6:bd:1a:4e:c5:10:cf:bf:c1:6c:8f:38:
e9:23:e2:57:d3:24:eb:f0:5b:35:34:ee:d2:50:2f:0d:74:15:
e5:6b:24:56:fc:8f:72:ef:9c:db:30:86:2b:97:e3:31:e1:8c:
fa:43:71:30:d6:22:ad:37:ea:11:a0:f4:d5:11:c4:5e:69:26:
a8:42:4a:9a:58:4b:69:f0:8b:ed:92:72:dc:52:4c:1f:69:a3:
f9:72:63:77
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZLmd3fo4qCQ2k8NF1i0tdcPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTAxMDY0NDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjJkMThlMWE5OGQyZGNjZjEwNWZiZWExYjhlZGZlNTA5NjM3MWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA51wpKdCVOkU5p4wTJiu2W2xQY5Rh
nAA33ZMCFSzHR9B8GMDfOkN8eagLFwVViWm5xtfx/MrZf/drMb9PukollJ8kOsbS
GcXsECV5ZPm6kyuXO9j1cD2foFiMk2MiLO913oUooU2LASrNM9KWbz0IF7U3v+cK
r0/yqr09pNDXezwYXwpMrnpDv1h2ynKcKwWsSh0IOmajGShSQACsyw54AAGjN1lR
cfX3wfJRub35s22WpjGB6Ogg8irP/EvoJS7kD9aFHKxgq1WX2XnIZEubL2KMhp8M
9o0uWCf9j/Up0NdkLL+NC/u01gOp7E06uHI2pakbuz7ilDfix7chV1eRmQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBYtGOGpjS3M8QX76huO3+UJY3H2MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvRmkwWTRhbU5MY3p4QmZ2cUc0N2Y1UWxqY2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHzgBAwQA
HzmQAwQBHzmSAwQAHznnAwQBHzrmMA0GCSqGSIb3DQEBCwUAA4IBAQAwje7i8O2f
WJvEmXb229dpHHrdyfhzdM3ikyGcS0qaqoPCxGVrH5CvMePUGOzIpLg34YrodJzF
Lmg8/fguQ8RgblWruU5NbArh/IhtFVJU5XZiqnbtG/nonmhwsCKK87WDZav8vl9J
sRTMiyQuOEyQ7G/mzOaK5OkYWKp0hO4Zb2y6IIu85A7IcmmuZGcDZ1yBQHgZWMBI
OdQMY8fr3wrb0D9Y7cY/KWb2vRpOxRDPv8FsjzjpI+JX0yTr8Fs1NO7SUC8NdBXl
ayRW/I9y75zbMIYrl+Mx4Yz6Q3Ew1iKtN+oRoPTVEcReaSaoQkqaWEtp8IvtknLc
UkwfaaP5cmN3
-----END CERTIFICATE-----
Generated at Tue Nov 12 13:34:14 2024 by rpki-client on console-ams.rpki-client.org