Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Hdsvs7cHuiSPuH5cpImhzFuqK-Y.roa
File: Hdsvs7cHuiSPuH5cpImhzFuqK-Y.roa (raw, json)
Hash identifier: ZhO4q01ffiwG2SbO7Ut+KRqfhcNI62vh1jaG2jhEZpg=
Subject key identifier: 1D:DB:2F:B3:B7:07:BA:24:8F:B8:7E:5C:A4:89:A1:CC:5B:AA:2B:E6
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0192DF046ADF03E0AC3C86A192C78EC43FB0
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Hdsvs7cHuiSPuH5cpImhzFuqK-Y.roa
Signing time: Wed 30 Oct 2024 20:01:01 +0000
ROA not before: Wed 30 Oct 2024 20:01:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 31.57.11.0/24 maxlen: 24
31.57.131.0/24 maxlen: 24
31.57.150.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.59.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 10:08:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:df:04:6a:df:03:e0:ac:3c:86:a1:92:c7:8e:c4:3f:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 30 20:01:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ddb2fb3b707ba248fb87e5ca489a1cc5baa2be6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a4:83:4e:c1:4b:3c:83:5b:c6:38:ee:8a:50:
57:7b:ec:6a:8c:b4:b0:55:e3:4c:30:99:82:a1:88:
8e:5b:3a:93:a2:7a:84:ee:7b:f3:c2:73:11:e0:e2:
e0:b9:a7:99:9c:16:91:17:43:d4:90:d7:4e:c0:54:
92:b7:53:6f:06:56:cc:c8:dd:c4:8d:b6:d2:81:1d:
fd:6c:ad:8b:a8:f2:69:72:a0:e9:d1:9c:34:ab:cb:
ed:c5:b8:95:e5:5c:5d:ba:22:b3:66:9d:bb:98:1b:
45:e2:f2:60:83:57:cf:48:38:d2:2d:ac:c5:8e:ab:
15:b6:2e:0d:dc:86:25:44:a1:e3:ab:8e:70:11:0e:
bc:13:d0:bc:fe:42:66:48:81:a4:e5:5c:13:5a:30:
cb:c0:b8:dd:51:5d:a2:22:3d:8a:ee:ca:0f:05:66:
d9:ce:4a:95:75:1a:1e:0a:5e:ae:b4:4a:d8:a4:58:
b7:49:49:93:69:48:25:f6:04:63:6d:f3:60:d5:66:
2a:bc:b9:a9:e8:08:17:b1:2a:11:d1:03:71:5d:24:
d2:54:97:5c:98:ee:e0:cc:45:e3:27:89:79:95:d2:
d8:8e:0a:8a:d3:dd:59:18:c2:f2:d8:b7:d6:29:30:
9a:41:58:32:bb:2b:e0:dc:4c:1f:de:c9:cd:8b:80:
49:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:DB:2F:B3:B7:07:BA:24:8F:B8:7E:5C:A4:89:A1:CC:5B:AA:2B:E6
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Hdsvs7cHuiSPuH5cpImhzFuqK-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.11.0/24
31.57.131.0/24
31.57.150.0/24
31.58.34.0/23
31.59.107.0/24
Signature Algorithm: sha256WithRSAEncryption
30:52:f3:ae:f5:54:b2:1c:f5:1e:67:5f:35:45:fa:39:72:cd:
58:e1:82:06:81:a5:61:7e:8d:f6:0a:1d:a0:c4:46:17:16:76:
f9:ca:b8:52:c9:bd:83:e8:91:7c:91:89:5e:c3:3b:a0:7b:c5:
01:53:15:7e:04:7e:01:36:5d:66:fc:ac:19:c7:f7:0b:68:d8:
12:14:33:ae:d1:95:37:a3:b8:94:6d:aa:ab:d6:dd:f3:19:5a:
4c:96:5a:5b:90:c8:a7:be:5a:24:ea:29:af:d0:b6:31:7e:4b:
5b:e4:11:e9:62:39:0c:9f:0b:50:48:52:ce:97:19:c7:43:39:
34:b6:41:b0:de:11:f2:1b:ab:4c:16:e6:49:1c:2b:7d:3d:5c:
ad:77:e3:5d:4d:80:76:ec:8e:2a:c0:24:4f:eb:08:19:29:b6:
20:22:9c:08:00:35:eb:d0:86:e7:1c:42:7c:ed:bd:d1:9e:92:
59:8d:70:49:23:33:f3:d0:9a:52:79:96:46:7d:2c:00:7a:6d:
6b:d3:5c:4c:d7:09:c7:42:ef:31:0d:03:02:a5:2d:1d:fa:06:
12:d3:98:bb:84:2d:b0:4f:cc:55:c4:3e:33:2e:b2:18:2e:ce:
12:f8:2c:d3:db:d0:cf:ec:a6:ac:1e:ec:11:c0:5d:82:fa:64:
14:f2:ea:7a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZLfBGrfA+CsPIahkseOxD+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDMwMjAwMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGRiMmZiM2I3MDdiYTI0OGZiODdlNWNhNDg5YTFjYzViYWEyYmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKSDTsFLPINbxjjuilBXe+xqjLSw
VeNMMJmCoYiOWzqTonqE7nvzwnMR4OLguaeZnBaRF0PUkNdOwFSSt1NvBlbMyN3E
jbbSgR39bK2LqPJpcqDp0Zw0q8vtxbiV5VxduiKzZp27mBtF4vJgg1fPSDjSLazF
jqsVti4N3IYlRKHjq45wEQ68E9C8/kJmSIGk5VwTWjDLwLjdUV2iIj2K7soPBWbZ
zkqVdRoeCl6utErYpFi3SUmTaUgl9gRjbfNg1WYqvLmp6AgXsSoR0QNxXSTSVJdc
mO7gzEXjJ4l5ldLYjgqK091ZGMLy2LfWKTCaQVgyuyvg3Ewf3snNi4BJswIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFB3bL7O3B7okj7h+XKSJocxbqivmMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSGRzdnM3Y0h1aVNQdUg1Y3BJbWh6RnVxSy1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHzkLAwQA
HzmDAwQAHzmWAwQBHzoiAwQAHztrMA0GCSqGSIb3DQEBCwUAA4IBAQAwUvOu9VSy
HPUeZ181Rfo5cs1Y4YIGgaVhfo32Ch2gxEYXFnb5yrhSyb2D6JF8kYlewzuge8UB
UxV+BH4BNl1m/KwZx/cLaNgSFDOu0ZU3o7iUbaqr1t3zGVpMllpbkMinvlok6imv
0LYxfktb5BHpYjkMnwtQSFLOlxnHQzk0tkGw3hHyG6tMFuZJHCt9PVytd+NdTYB2
7I4qwCRP6wgZKbYgIpwIADXr0IbnHEJ87b3RnpJZjXBJIzPz0JpSeZZGfSwAem1r
01xM1wnHQu8xDQMCpS0d+gYS05i7hC2wT8xVxD4zLrIYLs4S+CzT29DP7KasHuwR
wF2C+mQU8up6
-----END CERTIFICATE-----
Generated at Tue Nov 5 13:26:32 2024 by rpki-client on console-fra.rpki-client.org