Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/GCwgxS5Tog6EI_N7xlIg3BKOqOI.roa
File: GCwgxS5Tog6EI_N7xlIg3BKOqOI.roa (raw, json)
Hash identifier: Z8xNvTXaoa8QpoRVvJfQk1IzAj5lcdLMhHVbGZyxLgM=
Subject key identifier: 18:2C:20:C5:2E:53:A2:0E:84:23:F3:7B:C6:52:20:DC:12:8E:A8:E2
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019428233E6FE556633CB697C62541F60881
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/GCwgxS5Tog6EI_N7xlIg3BKOqOI.roa
Signing time: Thu 02 Jan 2025 17:49:45 +0000
ROA not before: Thu 02 Jan 2025 17:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 31.56.112.0/21 maxlen: 24
31.57.11.0/24 maxlen: 24
31.57.131.0/24 maxlen: 24
31.57.150.0/24 maxlen: 24
31.57.176.0/24 maxlen: 24
31.57.194.0/24 maxlen: 24
31.58.59.0/24 maxlen: 24
31.58.146.0/24 maxlen: 24
31.59.14.0/24 maxlen: 24
31.59.30.0/24 maxlen: 24
31.59.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Jan 2025 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:3e:6f:e5:56:63:3c:b6:97:c6:25:41:f6:08:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=182c20c52e53a20e8423f37bc65220dc128ea8e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b4:c9:6e:c7:8c:01:9b:b4:5a:b0:20:89:99:
96:cc:42:7f:fd:7c:07:a2:e5:7e:3e:72:3f:e2:5e:
41:5c:01:7b:ea:8d:b6:a0:da:e5:48:0f:41:9c:40:
77:f6:0e:ca:88:14:45:c0:67:3f:97:4f:77:6a:6e:
ff:05:e3:c9:93:4a:ff:cb:d7:a6:33:1f:47:56:d4:
27:2c:b1:5d:71:db:3e:a1:77:d6:da:69:e2:16:f0:
14:3a:2c:55:8a:58:01:12:c9:8f:ef:9c:10:13:0e:
db:56:4e:2a:a2:32:05:8d:70:35:65:e5:17:9c:3f:
d9:df:d3:48:9d:e5:3a:22:a1:59:56:41:c5:f3:69:
d3:0e:62:9f:88:a5:15:03:b7:6c:85:4c:b2:6d:a0:
c8:82:37:af:0a:c1:0b:bf:cf:5a:47:58:e9:36:d0:
c5:e7:04:40:f9:2a:df:33:a4:e2:98:e9:11:1e:aa:
c9:37:77:8e:87:0f:25:90:c8:63:bb:b0:b8:96:6a:
8a:a0:2b:59:b9:6b:40:12:67:6d:36:75:ce:4f:10:
d5:7e:ca:a6:fb:2d:a0:e9:71:ea:56:4c:aa:c8:ae:
ff:f1:36:3b:7c:81:6a:d5:90:4f:df:95:09:6b:0b:
74:95:e4:fb:48:ca:8f:76:9b:6b:64:41:60:34:1c:
e3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:2C:20:C5:2E:53:A2:0E:84:23:F3:7B:C6:52:20:DC:12:8E:A8:E2
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/GCwgxS5Tog6EI_N7xlIg3BKOqOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.112.0/21
31.57.11.0/24
31.57.131.0/24
31.57.150.0/24
31.57.176.0/24
31.57.194.0/24
31.58.59.0/24
31.58.146.0/24
31.59.14.0/24
31.59.30.0/24
31.59.97.0/24
Signature Algorithm: sha256WithRSAEncryption
93:85:19:4a:97:bd:69:b5:c3:51:4a:5c:c4:60:2c:9f:4e:97:
c6:af:a9:41:d4:3e:7b:7a:3e:9c:1e:c9:20:99:cc:b3:00:5e:
da:b6:e4:5d:59:a6:52:98:a6:68:78:10:7b:8a:03:43:b8:9d:
3e:e4:ba:8e:0a:15:aa:35:c9:4f:90:a4:6d:f7:02:93:61:27:
72:7a:c7:04:67:a7:42:db:e5:75:41:55:04:10:98:c2:1a:f9:
0f:bf:a9:0d:51:6b:62:f1:88:9f:2c:aa:b8:ed:3a:99:bf:a3:
f0:f3:96:fe:25:dc:0e:3e:9c:62:af:91:0d:67:93:3f:84:d6:
ca:37:ad:16:4f:23:a5:bc:d7:d8:29:ab:bf:e2:aa:bd:ce:09:
12:db:5f:f5:90:0b:04:0b:5e:fd:6b:fe:ea:da:eb:0f:17:cd:
59:8a:85:9e:ec:04:1f:99:c5:0c:e7:5d:e1:57:25:5a:76:0e:
02:00:d4:35:82:1a:6c:09:79:7d:e3:34:ba:6e:9f:f7:06:14:
6e:25:a8:89:e3:72:b9:23:b0:25:fb:e0:ea:31:79:79:4e:86:
c8:9b:8b:99:69:c9:33:bd:04:e9:ef:76:67:5e:40:21:07:d7:
85:6d:ba:82:71:c6:24:13:07:80:ac:dd:cd:fc:ab:a9:08:30:
48:a3:8b:5e
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZQoIz5v5VZjPLaXxiVB9giBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODJjMjBjNTJlNTNhMjBlODQyM2YzN2JjNjUyMjBkYzEyOGVhOGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLTJbseMAZu0WrAgiZmWzEJ//XwH
ouV+PnI/4l5BXAF76o22oNrlSA9BnEB39g7KiBRFwGc/l093am7/BePJk0r/y9em
Mx9HVtQnLLFdcds+oXfW2mniFvAUOixVilgBEsmP75wQEw7bVk4qojIFjXA1ZeUX
nD/Z39NIneU6IqFZVkHF82nTDmKfiKUVA7dshUyybaDIgjevCsELv89aR1jpNtDF
5wRA+SrfM6TimOkRHqrJN3eOhw8lkMhju7C4lmqKoCtZuWtAEmdtNnXOTxDVfsqm
+y2g6XHqVkyqyK7/8TY7fIFq1ZBP35UJawt0leT7SMqPdptrZEFgNBzjtwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFBgsIMUuU6IOhCPze8ZSINwSjqjiMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvR0N3Z3hTNVRvZzZFSV9ON3hsSWczQktPcU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQDHzhwAwQA
HzkLAwQAHzmDAwQAHzmWAwQAHzmwAwQAHznCAwQAHzo7AwQAHzqSAwQAHzsOAwQA
HzseAwQAHzthMA0GCSqGSIb3DQEBCwUAA4IBAQCThRlKl71ptcNRSlzEYCyfTpfG
r6lB1D57ej6cHskgmcyzAF7atuRdWaZSmKZoeBB7igNDuJ0+5LqOChWqNclPkKRt
9wKTYSdyescEZ6dC2+V1QVUEEJjCGvkPv6kNUWti8YifLKq47TqZv6Pw85b+JdwO
Ppxir5ENZ5M/hNbKN60WTyOlvNfYKau/4qq9zgkS21/1kAsEC179a/7q2usPF81Z
ioWe7AQfmcUM513hVyVadg4CANQ1ghpsCXl94zS6bp/3BhRuJaiJ43K5I7Al++Dq
MXl5TobIm4uZackzvQTp73ZnXkAhB9eFbbqCccYkEweArN3N/KupCDBIo4te
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:45:40 2025 by rpki-client