Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HtK7_gUBMddWQqE7OeDQNupsoGI.roa
File: HtK7_gUBMddWQqE7OeDQNupsoGI.roa (raw, json)
Hash identifier: IV2ixdyIGosRHSmdMGHhhQkLS5mpkJWvFmRd+3jfe+M=
Subject key identifier: 1E:D2:BB:FE:05:01:31:D7:56:42:A1:3B:39:E0:D0:36:EA:6C:A0:62
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193AB436BF4F6347ADC87C185FE643CEB20
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HtK7_gUBMddWQqE7OeDQNupsoGI.roa
Signing time: Mon 09 Dec 2024 11:52:22 +0000
ROA not before: Mon 09 Dec 2024 11:52:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205463
IP address blocks: 31.58.238.0/24 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.245.0/24 maxlen: 24
31.58.246.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 28 Dec 2024 09:43:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ab:43:6b:f4:f6:34:7a:dc:87:c1:85:fe:64:3c:eb:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 9 11:52:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ed2bbfe050131d75642a13b39e0d036ea6ca062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a7:9f:6d:1d:77:48:fd:7f:03:ce:bc:b8:9a:
9a:43:c8:bf:47:4a:a3:1a:55:33:5d:00:c0:31:67:
55:2d:76:e2:ad:98:c7:02:db:c2:e8:02:ee:9a:c1:
c4:a4:fa:97:85:4c:ff:96:94:30:4a:14:f7:29:ba:
37:8f:fe:7f:3f:9a:f8:0f:02:47:e0:d1:8e:d3:f6:
87:8d:28:1e:10:ef:3d:61:4c:61:a4:ac:cd:1e:8b:
28:9b:fd:13:cf:c9:35:f7:cf:03:d7:1b:18:2a:07:
79:bd:20:64:99:db:ed:43:bf:39:84:f6:72:9a:c5:
06:43:35:4f:8c:ab:ad:27:9b:10:bf:b4:d7:77:05:
8d:92:fb:4c:31:47:0c:14:50:99:f8:40:9b:4e:04:
7b:2e:97:f4:09:34:cf:14:8d:ff:23:55:16:d2:46:
34:7a:86:9e:f1:f5:3a:16:64:d2:3b:f3:37:1a:49:
0f:e4:14:72:eb:a3:e5:8c:7a:91:70:d0:12:c2:84:
b7:28:d1:fe:db:10:ae:55:fb:24:dc:f7:00:3b:2d:
60:a8:99:94:c9:08:e9:0e:10:a3:99:ca:91:44:11:
27:3e:30:a9:4d:3a:a6:5d:e1:de:7a:17:a0:9b:72:
0c:2c:b9:b3:45:f4:a5:6a:1f:43:56:35:73:43:b0:
01:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D2:BB:FE:05:01:31:D7:56:42:A1:3B:39:E0:D0:36:EA:6C:A0:62
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HtK7_gUBMddWQqE7OeDQNupsoGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.238.0/24
31.58.244.0/22
31.58.249.0/24
31.58.251.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:26:b9:85:00:45:ff:96:3d:67:bc:bd:dc:49:cf:3d:44:37:
6a:a4:c9:50:65:ba:50:ae:dc:98:ab:0c:3e:fe:af:c3:78:ff:
2a:86:c3:b4:38:d9:a6:d1:7a:48:88:76:ce:73:a1:87:c5:ec:
49:dc:ae:b8:27:90:0f:48:9a:32:0f:a2:be:f3:aa:cb:8e:a7:
74:d0:53:94:b4:83:8d:f8:0c:ef:c1:71:b4:e9:2b:2b:3d:ad:
35:12:cd:e9:e5:05:51:dc:8b:37:bc:c4:73:a7:56:8f:04:4b:
97:08:2d:ce:2c:98:89:ff:cb:b7:8e:5a:76:aa:48:03:c1:e4:
54:36:d1:36:4f:7b:a3:5a:4e:2f:6f:55:a0:4f:31:08:16:c2:
22:ea:4f:ab:00:e3:0b:eb:f6:5a:02:e5:f6:a6:a6:65:95:1f:
9b:06:34:26:d1:1a:83:c5:1d:02:76:6e:b7:c8:9a:d7:0e:ab:
d1:9c:8f:79:28:36:0f:75:49:9c:c8:05:76:a2:2b:71:6d:f1:
6f:24:ec:e3:18:5b:06:7d:c5:34:99:13:ca:cb:46:b7:c3:ed:
98:18:c2:6a:d2:83:f7:8c:e9:1a:86:81:9d:a4:2b:e9:38:87:
61:af:e8:0c:5e:64:e9:51:bc:cd:62:4b:9e:48:7e:bc:a0:c7:
80:4f:a4:02
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZOrQ2v09jR63IfBhf5kPOsgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjA5MTE1MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWQyYmJmZTA1MDEzMWQ3NTY0MmExM2IzOWUwZDAzNmVhNmNhMDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36efbR13SP1/A868uJqaQ8i/R0qj
GlUzXQDAMWdVLXbirZjHAtvC6ALumsHEpPqXhUz/lpQwShT3Kbo3j/5/P5r4DwJH
4NGO0/aHjSgeEO89YUxhpKzNHosom/0Tz8k1988D1xsYKgd5vSBkmdvtQ785hPZy
msUGQzVPjKutJ5sQv7TXdwWNkvtMMUcMFFCZ+ECbTgR7Lpf0CTTPFI3/I1UW0kY0
eoae8fU6FmTSO/M3GkkP5BRy66PljHqRcNASwoS3KNH+2xCuVfsk3PcAOy1gqJmU
yQjpDhCjmcqRRBEnPjCpTTqmXeHeehegm3IMLLmzRfSlah9DVjVzQ7ABNQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB7Su/4FATHXVkKhOzng0DbqbKBiMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSHRLN19nVUJNZGRXUXFFN09lRFFOdXBzb0dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzruAwQC
Hzr0AwQAHzr5AwQAHzr7MA0GCSqGSIb3DQEBCwUAA4IBAQAtJrmFAEX/lj1nvL3c
Sc89RDdqpMlQZbpQrtyYqww+/q/DeP8qhsO0ONmm0XpIiHbOc6GHxexJ3K64J5AP
SJoyD6K+86rLjqd00FOUtION+AzvwXG06SsrPa01Es3p5QVR3Is3vMRzp1aPBEuX
CC3OLJiJ/8u3jlp2qkgDweRUNtE2T3ujWk4vb1WgTzEIFsIi6k+rAOML6/ZaAuX2
pqZllR+bBjQm0RqDxR0Cdm63yJrXDqvRnI95KDYPdUmcyAV2oitxbfFvJOzjGFsG
fcU0mRPKy0a3w+2YGMJq0oP3jOkahoGdpCvpOIdhr+gMXmTpUbzNYkueSH68oMeA
T6QC
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:12 2025 by rpki-client