Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Hr_9ipJaHGpFAAlKX-vHX3N_TF0.roa
File: Hr_9ipJaHGpFAAlKX-vHX3N_TF0.roa (raw, json)
Hash identifier: 1tUvQnjv28PelEo4udJm+VcSshfybl+4f5u5E7nhLh4=
Subject key identifier: 1E:BF:FD:8A:92:5A:1C:6A:45:00:09:4A:5F:EB:C7:5F:73:7F:4C:5D
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01942C80B28DF8D812C994BEE18ED08133F0
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Hr_9ipJaHGpFAAlKX-vHX3N_TF0.roa
Signing time: Fri 03 Jan 2025 14:10:19 +0000
ROA not before: Fri 03 Jan 2025 14:10:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213799
IP address blocks: 31.58.211.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Jan 2025 14:12:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:2c:80:b2:8d:f8:d8:12:c9:94:be:e1:8e:d0:81:33:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 3 14:10:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ebffd8a925a1c6a4500094a5febc75f737f4c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a5:1c:ab:bd:54:d5:a6:82:43:fd:5a:43:43:
cf:6a:9e:c4:de:06:1f:33:64:7f:96:17:04:57:3b:
1d:13:85:97:0c:5b:bd:67:93:a1:1c:25:88:fe:e5:
eb:cc:2a:3c:4f:55:e2:91:00:46:ca:dd:ed:a9:a1:
1d:51:8a:42:c4:fe:d1:91:4b:c5:d9:5b:d2:da:e0:
a1:74:8c:13:dc:cd:5a:84:91:8f:86:42:83:4b:8c:
ed:39:25:75:f7:41:86:68:52:9b:79:1d:2a:b6:2c:
55:ff:14:f1:85:67:e5:33:d1:bb:34:9c:75:2a:f9:
ee:4d:32:de:e3:eb:7d:c6:5a:21:7b:43:9f:f5:ce:
e0:34:c3:60:2a:8c:2b:bb:e5:35:26:e1:67:2a:e5:
b5:23:0d:8d:71:6b:93:c1:ed:63:e3:1d:c7:6c:9d:
24:65:2a:64:64:02:6b:33:ca:86:b4:b9:f3:16:7c:
91:9a:7d:a7:77:a8:0d:1d:91:e7:dc:15:34:8b:ec:
5f:be:09:3b:38:e0:cf:2a:bc:06:7e:0f:fa:39:f4:
c4:eb:e3:f0:bb:df:14:c6:7c:1e:46:7c:6c:b1:a2:
34:6b:75:41:c4:d5:33:d8:14:6e:ec:60:20:c9:9e:
6e:30:2c:6e:b1:58:bf:4b:13:8e:e7:7e:5d:fd:ef:
f0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:BF:FD:8A:92:5A:1C:6A:45:00:09:4A:5F:EB:C7:5F:73:7F:4C:5D
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Hr_9ipJaHGpFAAlKX-vHX3N_TF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.211.0/24
31.58.247.0/24
31.58.250.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:e2:2e:8d:f6:31:79:ff:5a:aa:90:0e:9f:a2:30:0d:06:53:
ea:a1:23:9d:a8:f0:e4:2a:1f:3c:07:73:be:36:a4:f9:64:f5:
ce:be:e6:cf:60:a2:cb:5d:d1:7d:50:b0:2c:6e:a8:9a:ee:74:
66:c7:57:43:9a:f3:2d:31:33:bb:42:5c:3e:84:c8:8a:91:b7:
f6:8d:19:4f:f0:95:cc:3e:d3:04:55:91:2e:e6:80:dd:49:f8:
b4:a7:e2:e2:b3:2c:40:27:77:3d:58:18:f2:22:a4:be:03:9f:
a5:23:ee:43:7a:2c:f3:bc:47:1a:e4:9f:33:86:31:f0:be:35:
ce:d7:91:40:05:92:32:69:72:fb:ef:e0:e4:95:df:bc:a6:7d:
a4:78:f0:ab:0d:e4:ba:6e:38:4e:57:27:4c:bf:c4:1a:6e:3c:
54:fe:d4:85:3c:27:07:8a:da:81:4e:f8:59:df:f2:55:f2:a1:
31:ec:b5:f3:b6:48:8c:d3:72:d2:c3:29:f8:c3:8a:2a:b1:8f:
c0:55:1a:c6:7c:d2:86:ec:ee:c3:8a:cb:d6:04:07:5a:b5:98:
d7:59:4e:cb:ab:c3:4c:0d:a2:8b:61:1a:54:7a:e5:38:ab:5c:
96:cf:e7:3c:c5:24:33:75:86:64:0f:af:ce:85:18:0b:4c:b0:
f6:67:d2:31
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQsgLKN+NgSyZS+4Y7QgTPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAzMTQxMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWJmZmQ4YTkyNWExYzZhNDUwMDA5NGE1ZmViYzc1ZjczN2Y0YzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6Ucq71U1aaCQ/1aQ0PPap7E3gYf
M2R/lhcEVzsdE4WXDFu9Z5OhHCWI/uXrzCo8T1XikQBGyt3tqaEdUYpCxP7RkUvF
2VvS2uChdIwT3M1ahJGPhkKDS4ztOSV190GGaFKbeR0qtixV/xTxhWflM9G7NJx1
KvnuTTLe4+t9xlohe0Of9c7gNMNgKowru+U1JuFnKuW1Iw2NcWuTwe1j4x3HbJ0k
ZSpkZAJrM8qGtLnzFnyRmn2nd6gNHZHn3BU0i+xfvgk7OODPKrwGfg/6OfTE6+Pw
u98UxnweRnxssaI0a3VBxNUz2BRu7GAgyZ5uMCxusVi/SxOO535d/e/wvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB6//YqSWhxqRQAJSl/rx19zf0xdMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSHJfOWlwSmFIR3BGQUFsS1gtdkhYM05fVEYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHzrTAwQA
Hzr3AwQAHzr6MA0GCSqGSIb3DQEBCwUAA4IBAQAv4i6N9jF5/1qqkA6fojANBlPq
oSOdqPDkKh88B3O+NqT5ZPXOvubPYKLLXdF9ULAsbqia7nRmx1dDmvMtMTO7Qlw+
hMiKkbf2jRlP8JXMPtMEVZEu5oDdSfi0p+LisyxAJ3c9WBjyIqS+A5+lI+5Deizz
vEca5J8zhjHwvjXO15FABZIyaXL77+Dkld+8pn2kePCrDeS6bjhOVydMv8QabjxU
/tSFPCcHitqBTvhZ3/JV8qEx7LXztkiM03LSwyn4w4oqsY/AVRrGfNKG7O7DisvW
BAdatZjXWU7Lq8NMDaKLYRpUeuU4q1yWz+c8xSQzdYZkD6/OhRgLTLD2Z9Ix
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:11:21 2025 by rpki-client