Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/I4wbD7aq7Ea2kcVl6MhxoPtjFJ0.roa
File: I4wbD7aq7Ea2kcVl6MhxoPtjFJ0.roa (raw, json)
Hash identifier: 8ww/ac0G3jKUPhzyj9hL7z57msMW2o9tpKu4MeBL1+E=
Subject key identifier: 23:8C:1B:0F:B6:AA:EC:46:B6:91:C5:65:E8:C8:71:A0:FB:63:14:9D
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01925647F3A91AE3D009FEA1F5F19010630A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/I4wbD7aq7Ea2kcVl6MhxoPtjFJ0.roa
Signing time: Fri 04 Oct 2024 06:46:48 +0000
ROA not before: Fri 04 Oct 2024 06:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133296
IP address blocks: 31.58.0.0/24 maxlen: 24
31.58.1.0/24 maxlen: 24
31.58.2.0/24 maxlen: 24
31.58.3.0/24 maxlen: 24
31.58.4.0/24 maxlen: 24
31.58.5.0/24 maxlen: 24
31.58.6.0/24 maxlen: 24
31.58.7.0/24 maxlen: 24
31.58.8.0/24 maxlen: 24
31.59.248.0/24 maxlen: 24
31.59.249.0/24 maxlen: 24
31.59.250.0/24 maxlen: 24
31.59.251.0/24 maxlen: 24
31.59.252.0/24 maxlen: 24
31.59.253.0/24 maxlen: 24
31.59.254.0/24 maxlen: 24
31.59.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Oct 2024 06:12:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:56:47:f3:a9:1a:e3:d0:09:fe:a1:f5:f1:90:10:63:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 4 06:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=238c1b0fb6aaec46b691c565e8c871a0fb63149d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:20:40:5c:7d:5a:2a:d4:02:ef:3e:68:c4:a3:
9d:73:e3:57:a4:51:56:2d:69:f5:f6:af:2e:34:2a:
fe:ff:81:df:aa:5e:77:40:d2:a0:b4:ca:e6:4a:51:
7f:49:f6:30:58:b3:15:31:58:60:40:d0:83:3c:44:
e0:74:1a:0c:84:af:12:60:f8:6d:b6:50:9a:fe:40:
22:8f:27:17:12:06:ce:ed:d6:02:e9:03:87:a8:30:
ff:12:85:29:e2:de:8f:b8:a8:6d:2f:5f:7b:df:35:
75:91:5b:91:c5:59:1c:79:e6:94:3b:0d:09:3d:d4:
ce:54:fb:3e:14:70:49:65:26:57:af:08:f0:80:80:
20:c6:0f:93:94:25:28:de:7c:cc:49:9b:f9:90:09:
a4:c8:1d:cb:5a:d7:cb:7c:b1:2f:6e:b2:79:81:4f:
29:a8:25:24:70:5e:b7:de:78:b7:79:51:75:89:59:
fe:12:43:35:a2:59:b0:4c:63:91:cf:2c:73:64:e1:
1d:f3:d4:9d:a2:f9:ab:74:c6:a3:ca:34:6d:a0:59:
20:29:1a:ff:eb:14:fc:fc:1b:c7:6e:6b:f7:84:2a:
9b:42:a6:b8:14:82:7f:59:3c:43:c0:22:7b:8c:48:
bf:05:06:bc:d8:5d:a7:39:60:1a:78:21:9e:d3:62:
fa:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:8C:1B:0F:B6:AA:EC:46:B6:91:C5:65:E8:C8:71:A0:FB:63:14:9D
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/I4wbD7aq7Ea2kcVl6MhxoPtjFJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.0.0-31.58.8.255
31.59.248.0/21
Signature Algorithm: sha256WithRSAEncryption
85:19:a2:79:32:e9:84:7e:11:a0:c8:cd:c4:54:2c:d7:dc:0c:
9b:a6:a4:a7:7b:9c:b5:b0:7b:64:b7:81:c7:8c:87:28:23:db:
88:ac:ec:13:28:85:c6:ed:e1:7c:0e:ea:e9:5a:fe:e3:29:44:
50:ea:00:0a:1b:da:b4:9d:ca:67:fb:6d:fe:af:a2:52:08:01:
03:77:76:72:43:e5:73:17:03:f1:3c:e1:ba:ea:c7:92:40:5f:
ac:2b:05:ba:a7:1a:f6:f9:fd:fd:b5:e6:c6:1f:f9:95:74:89:
34:de:3f:a0:f3:59:f4:da:f9:dc:49:63:30:3e:1c:e9:6c:c6:
fe:29:56:76:36:b7:77:e9:9a:2c:73:98:70:ac:86:1f:24:91:
e9:a2:b2:73:4b:cc:af:06:16:6c:c5:05:af:2f:b7:cf:99:8f:
d5:63:07:aa:1e:a3:55:9f:5d:22:ec:17:51:36:08:c5:98:bd:
79:5e:30:59:0b:d7:dc:37:53:26:88:d1:72:86:03:1f:68:c9:
9d:3e:22:d2:56:a6:a4:b8:31:36:b0:46:8f:90:03:a1:45:0b:
89:33:11:99:da:ef:fa:b1:4b:6f:f7:76:f8:c4:ee:f8:60:5f:
56:43:79:4c:5d:cd:29:45:bd:12:01:57:86:76:ed:14:02:aa:
de:d1:bd:c2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZJWR/OpGuPQCf6h9fGQEGMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDA0MDY0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzhjMWIwZmI2YWFlYzQ2YjY5MWM1NjVlOGM4NzFhMGZiNjMxNDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyBAXH1aKtQC7z5oxKOdc+NXpFFW
LWn19q8uNCr+/4Hfql53QNKgtMrmSlF/SfYwWLMVMVhgQNCDPETgdBoMhK8SYPht
tlCa/kAijycXEgbO7dYC6QOHqDD/EoUp4t6PuKhtL1973zV1kVuRxVkceeaUOw0J
PdTOVPs+FHBJZSZXrwjwgIAgxg+TlCUo3nzMSZv5kAmkyB3LWtfLfLEvbrJ5gU8p
qCUkcF633ni3eVF1iVn+EkM1olmwTGORzyxzZOEd89SdovmrdMajyjRtoFkgKRr/
6xT8/BvHbmv3hCqbQqa4FIJ/WTxDwCJ7jEi/BQa82F2nOWAaeCGe02L6+wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCOMGw+2quxGtpHFZejIcaD7YxSdMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSTR3YkQ3YXE3RWEya2NWbDZNaHhvUHRqRkowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAsDAwEfOgME
AB86CAMEAx87+DANBgkqhkiG9w0BAQsFAAOCAQEAhRmieTLphH4RoMjNxFQs19wM
m6akp3uctbB7ZLeBx4yHKCPbiKzsEyiFxu3hfA7q6Vr+4ylEUOoAChvatJ3KZ/tt
/q+iUggBA3d2ckPlcxcD8TzhuurHkkBfrCsFuqca9vn9/bXmxh/5lXSJNN4/oPNZ
9Nr53EljMD4c6WzG/ilWdja3d+maLHOYcKyGHySR6aKyc0vMrwYWbMUFry+3z5mP
1WMHqh6jVZ9dIuwXUTYIxZi9eV4wWQvX3DdTJojRcoYDH2jJnT4i0lampLgxNrBG
j5ADoUULiTMRmdrv+rFLb/d2+MTu+GBfVkN5TF3NKUW9EgFXhnbtFAKq3tG9wg==
-----END CERTIFICATE-----
Generated at Wed Oct 23 08:09:50 2024 by rpki-client on console-fra.rpki-client.org