Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HMgJQMGKQ0_nzqsfBxxSyKtjXEs.roa
File: HMgJQMGKQ0_nzqsfBxxSyKtjXEs.roa (raw, json)
Hash identifier: nIKWSBuE0jM86WOhU3MIfSTT4MVxcuUA7IKD5i6XRNg=
Subject key identifier: 1C:C8:09:40:C1:8A:43:4F:E7:CE:AB:1F:07:1C:52:C8:AB:63:5C:4B
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194087E62D4540366475FE69EDBCD40393D
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HMgJQMGKQ0_nzqsfBxxSyKtjXEs.roa
Signing time: Fri 27 Dec 2024 14:21:28 +0000
ROA not before: Fri 27 Dec 2024 14:21:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 31.56.112.0/21 maxlen: 24
31.57.11.0/24 maxlen: 24
31.57.131.0/24 maxlen: 24
31.57.150.0/24 maxlen: 24
31.57.176.0/24 maxlen: 24
31.57.194.0/24 maxlen: 24
31.57.224.0/22 maxlen: 23
31.57.252.0/22 maxlen: 23
31.58.59.0/24 maxlen: 24
31.58.142.0/24 maxlen: 24
31.58.146.0/24 maxlen: 24
31.58.176.0/22 maxlen: 22
31.58.200.0/22 maxlen: 22
31.58.216.0/22 maxlen: 22
31.58.240.0/22 maxlen: 22
31.58.252.0/22 maxlen: 22
31.59.14.0/24 maxlen: 24
31.59.30.0/24 maxlen: 24
31.59.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Dec 2024 15:29:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:08:7e:62:d4:54:03:66:47:5f:e6:9e:db:cd:40:39:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 27 14:21:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cc80940c18a434fe7ceab1f071c52c8ab635c4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:79:b4:d2:51:47:a8:95:97:17:b1:6e:d4:ff:
2d:7b:09:88:d9:b5:c9:2f:4d:c0:65:ce:b2:f6:89:
ed:63:ef:ac:5b:8b:2b:a3:30:62:3e:87:56:5a:9b:
29:f3:6f:2a:9a:83:36:8e:30:3e:f2:1a:e3:a5:7b:
c0:50:cd:7e:8e:0f:e5:22:f9:3b:73:a7:2e:63:9d:
7c:81:5c:f3:06:ad:c5:00:4a:94:e8:a4:fb:65:02:
92:e3:6a:30:89:d8:d5:1b:c9:40:f8:a6:e0:77:05:
ef:18:16:1b:a8:8e:21:4b:06:f5:fa:85:83:d4:a0:
8f:9a:0d:6f:3b:4b:cf:e7:5e:f8:87:9b:cc:3c:7f:
5e:4d:95:29:89:94:49:25:3c:9d:c8:b5:63:ef:e4:
a4:0b:76:b1:a3:45:84:cd:b8:a3:ea:36:e3:aa:78:
b4:d2:df:05:96:a0:47:7e:53:8c:e6:56:7f:4b:79:
75:6a:40:44:83:96:9f:22:b3:e1:ff:e4:e4:3a:b8:
a3:b4:f4:6d:93:d5:21:ab:6c:41:c5:c1:7a:8d:93:
f6:2f:66:0b:3f:d2:c6:b7:a6:33:a8:a5:97:88:32:
af:92:10:7b:f3:1d:1a:10:88:57:9a:dd:7e:b6:0a:
2f:1c:f3:38:d2:bf:c7:a1:88:b8:9a:3a:15:d2:e9:
9b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:C8:09:40:C1:8A:43:4F:E7:CE:AB:1F:07:1C:52:C8:AB:63:5C:4B
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HMgJQMGKQ0_nzqsfBxxSyKtjXEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.112.0/21
31.57.11.0/24
31.57.131.0/24
31.57.150.0/24
31.57.176.0/24
31.57.194.0/24
31.57.224.0/22
31.57.252.0/22
31.58.59.0/24
31.58.142.0/24
31.58.146.0/24
31.58.176.0/22
31.58.200.0/22
31.58.216.0/22
31.58.240.0/22
31.58.252.0/22
31.59.14.0/24
31.59.30.0/24
31.59.97.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:5b:85:79:cd:73:e2:82:c2:4f:75:58:1e:18:6d:7a:24:0d:
23:ca:bd:8f:09:7f:e1:b4:82:d2:bb:54:89:ec:8b:55:bb:26:
81:00:7e:4e:74:e4:96:01:bd:07:57:d9:b7:4c:6a:2f:80:5d:
22:35:5b:83:92:35:a1:99:64:42:7f:4a:68:1c:68:17:de:d1:
c7:50:2b:7d:40:5c:e5:2e:36:99:f7:8f:b9:c7:0d:b1:fc:7d:
7e:b5:8e:6f:20:88:4e:51:fe:22:d5:52:c3:54:22:dd:80:1d:
04:78:55:8d:ab:43:f1:87:85:9c:2b:c4:68:19:f8:cd:63:a5:
0f:e0:4c:3a:85:6d:cb:bd:b2:e9:15:73:40:af:08:81:38:41:
53:26:f4:bf:b3:6b:9c:3b:7a:71:a7:d2:e3:a3:70:af:da:31:
50:60:55:4e:48:89:de:88:c8:27:2b:fd:b3:ea:76:f0:1e:e3:
7e:dc:89:36:4c:45:88:d9:97:7c:c4:64:a8:d4:f2:45:f1:2f:
3b:66:4b:49:c8:56:21:03:fd:f6:02:60:62:f1:6b:87:97:71:
2b:5e:51:43:62:87:76:cd:a9:19:d0:8e:dd:cd:47:a5:dd:74:
5e:22:3b:ba:47:2d:85:39:8d:24:14:4a:84:1d:25:01:e3:08:
7a:35:e4:61
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZQIfmLUVANmR1/mntvNQDk9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjI3MTQyMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2M4MDk0MGMxOGE0MzRmZTdjZWFiMWYwNzFjNTJjOGFiNjM1YzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23m00lFHqJWXF7Fu1P8tewmI2bXJ
L03AZc6y9ontY++sW4srozBiPodWWpsp828qmoM2jjA+8hrjpXvAUM1+jg/lIvk7
c6cuY518gVzzBq3FAEqU6KT7ZQKS42owidjVG8lA+KbgdwXvGBYbqI4hSwb1+oWD
1KCPmg1vO0vP5174h5vMPH9eTZUpiZRJJTydyLVj7+SkC3axo0WEzbij6jbjqni0
0t8FlqBHflOM5lZ/S3l1akBEg5afIrPh/+TkOrijtPRtk9Uhq2xBxcF6jZP2L2YL
P9LGt6YzqKWXiDKvkhB78x0aEIhXmt1+tgovHPM40r/HoYi4mjoV0umbMQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFBzICUDBikNP586rHwccUsirY1xLMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSE1nSlFNR0tRMF9uenFzZkJ4eFN5S3RqWEVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAx84cAME
AB85CwMEAB85gwMEAB85lgMEAB85sAMEAB85wgMEAh854AMEAh85/AMEAB86OwME
AB86jgMEAB86kgMEAh86sAMEAh86yAMEAh862AMEAh868AMEAh86/AMEAB87DgME
AB87HgMEAB87YTANBgkqhkiG9w0BAQsFAAOCAQEAaluFec1z4oLCT3VYHhhteiQN
I8q9jwl/4bSC0rtUieyLVbsmgQB+TnTklgG9B1fZt0xqL4BdIjVbg5I1oZlkQn9K
aBxoF97Rx1ArfUBc5S42mfePuccNsfx9frWObyCITlH+ItVSw1Qi3YAdBHhVjatD
8YeFnCvEaBn4zWOlD+BMOoVty72y6RVzQK8IgThBUyb0v7NrnDt6cafS46Nwr9ox
UGBVTkiJ3ojIJyv9s+p28B7jftyJNkxFiNmXfMRkqNTyRfEvO2ZLSchWIQP99gJg
YvFrh5dxK15RQ2KHds2pGdCO3c1Hpd10XiI7ukcthTmNJBRKhB0lAeMIejXkYQ==
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:49:04 2025 by rpki-client