Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/J8-MaN24WnLp7jvPIbidYJTrdls.roa
File: J8-MaN24WnLp7jvPIbidYJTrdls.roa (raw, json)
Hash identifier: 4b0mPNyYIRtMSwGh5tRGDuqRb1mwMhSk2c923oZj9Zo=
Subject key identifier: 27:CF:8C:68:DD:B8:5A:72:E9:EE:3B:CF:21:B8:9D:60:94:EB:76:5B
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019336D0BEA3FC3F3D6B19993BF47ADBE445
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/J8-MaN24WnLp7jvPIbidYJTrdls.roa
Signing time: Sat 16 Nov 2024 21:11:10 +0000
ROA not before: Sat 16 Nov 2024 21:11:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
31.58.208.0/24 maxlen: 24
31.58.209.0/24 maxlen: 24
31.59.136.0/21 maxlen: 24
31.59.144.0/21 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/21 maxlen: 24
31.59.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Nov 2024 08:13:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:36:d0:be:a3:fc:3f:3d:6b:19:99:3b:f4:7a:db:e4:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 16 21:11:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27cf8c68ddb85a72e9ee3bcf21b89d6094eb765b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:8b:e2:31:24:18:00:23:82:6b:93:4c:85:c2:
01:b1:6d:23:ca:e6:b5:4c:db:bc:49:be:15:4f:4f:
25:b3:1c:22:0e:79:9e:19:96:8e:c9:e1:9e:d3:c0:
0a:ab:f4:b4:e2:15:cc:01:bd:93:58:b2:67:6e:88:
bb:8d:34:1b:a5:b1:1f:1f:3a:0e:9a:e8:43:a0:58:
6c:f7:a3:05:13:f5:e2:17:38:2a:6a:f6:53:a4:fb:
20:a9:93:25:7b:1c:ce:d2:3b:7c:2f:17:b0:15:6a:
2e:c8:1d:83:60:ae:da:55:ba:d5:69:8c:49:88:0c:
c6:30:17:da:96:74:4c:38:d5:f7:cc:a5:16:25:07:
6d:51:9e:d5:6b:29:07:4d:29:8e:2d:cf:56:c4:a3:
76:d2:27:96:a0:ac:15:b9:ea:84:b6:0c:3c:09:37:
64:02:c9:f8:2e:0c:38:a5:50:34:57:50:2b:00:99:
b5:66:ca:16:38:4a:78:b4:3c:a9:5d:b0:80:84:83:
42:a9:c5:94:07:04:c6:64:87:21:83:ea:9b:e7:95:
c8:b5:c3:6f:29:bf:cf:f3:d7:e2:97:78:f2:a3:ed:
f9:dc:32:1f:e8:b2:fe:74:c6:b7:3c:88:43:be:9d:
e8:4d:5e:8f:2c:26:0d:26:61:c7:97:41:a6:92:85:
4d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:CF:8C:68:DD:B8:5A:72:E9:EE:3B:CF:21:B8:9D:60:94:EB:76:5B
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/J8-MaN24WnLp7jvPIbidYJTrdls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.142.0/23
31.56.148.0/22
31.58.208.0/23
31.59.136.0-31.59.175.255
Signature Algorithm: sha256WithRSAEncryption
bc:f5:99:61:fe:b4:47:12:16:a9:45:23:ab:df:47:81:13:5f:
a7:08:b2:8b:65:0a:6e:74:26:40:5b:1a:35:35:22:40:0e:b4:
1c:5f:8a:15:1e:3c:d3:0b:87:c7:34:fa:3a:c1:4f:ec:06:9f:
93:b1:94:79:01:b0:20:d8:2f:e1:75:cb:41:81:ce:47:c5:1b:
d0:2c:b1:bd:e0:10:75:27:42:6e:9c:f2:27:c0:66:08:72:09:
2d:56:9c:70:4d:ca:80:79:5c:d7:5f:e7:b8:ec:46:10:25:3d:
3e:c6:61:1e:91:bb:a3:2f:67:37:5b:3b:a6:1c:03:97:c5:0f:
cc:34:7f:de:f8:2a:98:38:19:e8:0c:06:12:e8:cf:79:64:5c:
03:17:5b:22:9d:45:70:8e:87:22:06:11:e2:e9:0f:65:78:7c:
c3:69:9d:59:8a:7c:ab:ec:06:f9:d0:19:61:24:40:32:1b:4f:
f1:50:95:63:e4:ca:01:2d:03:54:f1:d2:fd:5e:ee:89:00:96:
3f:c0:2f:d1:7d:0c:4a:ae:5b:c3:36:94:e4:80:66:0a:fa:86:
3b:2e:55:70:77:6d:ac:71:73:91:67:d8:d5:15:c7:74:59:f2:
48:be:a5:b3:cf:be:e3:6a:25:4a:52:40:40:6b:19:a2:c8:8a:
e8:c1:73:f2
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZM20L6j/D89axmZO/R62+RFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTE2MjExMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2NmOGM2OGRkYjg1YTcyZTllZTNiY2YyMWI4OWQ2MDk0ZWI3NjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYviMSQYACOCa5NMhcIBsW0jyua1
TNu8Sb4VT08lsxwiDnmeGZaOyeGe08AKq/S04hXMAb2TWLJnboi7jTQbpbEfHzoO
muhDoFhs96MFE/XiFzgqavZTpPsgqZMlexzO0jt8LxewFWouyB2DYK7aVbrVaYxJ
iAzGMBfalnRMONX3zKUWJQdtUZ7VaykHTSmOLc9WxKN20ieWoKwVueqEtgw8CTdk
Asn4Lgw4pVA0V1ArAJm1ZsoWOEp4tDypXbCAhINCqcWUBwTGZIchg+qb55XItcNv
Kb/P89fil3jyo+353DIf6LL+dMa3PIhDvp3oTV6PLCYNJmHHl0GmkoVNdQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCfPjGjduFpy6e47zyG4nWCU63ZbMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSjgtTWFOMjRXbkxwN2p2UEliaWRZSlRyZGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQDHzgIAwQB
HziOAwQCHziUAwQBHzrQMAwDBAMfO4gDBAQfO6AwDQYJKoZIhvcNAQELBQADggEB
ALz1mWH+tEcSFqlFI6vfR4ETX6cIsotlCm50JkBbGjU1IkAOtBxfihUePNMLh8c0
+jrBT+wGn5OxlHkBsCDYL+F1y0GBzkfFG9Assb3gEHUnQm6c8ifAZghyCS1WnHBN
yoB5XNdf57jsRhAlPT7GYR6Ru6MvZzdbO6YcA5fFD8w0f974Kpg4GegMBhLoz3lk
XAMXWyKdRXCOhyIGEeLpD2V4fMNpnVmKfKvsBvnQGWEkQDIbT/FQlWPkygEtA1Tx
0v1e7okAlj/AL9F9DEquW8M2lOSAZgr6hjsuVXB3baxxc5Fn2NUVx3RZ8ki+pbPP
vuNqJUpSQEBrGaLIiujBc/I=
-----END CERTIFICATE-----
Generated at Sun Nov 17 10:24:02 2024 by rpki-client on console-ams.rpki-client.org