Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/K_jUZoBS9oRFkZUfH5Rr1f5BXGM.roa
File: K_jUZoBS9oRFkZUfH5Rr1f5BXGM.roa (raw, json)
Hash identifier: BJiLoipqP1A4roosSPTvsnBHMHugp2kUgJReq5c96mE=
Subject key identifier: 2B:F8:D4:66:80:52:F6:84:45:91:95:1F:1F:94:6B:D5:FE:41:5C:63
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0192B3D1152805E192E01EE52C44979F2B8B
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/K_jUZoBS9oRFkZUfH5Rr1f5BXGM.roa
Signing time: Tue 22 Oct 2024 10:41:17 +0000
ROA not before: Tue 22 Oct 2024 10:41:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8100
IP address blocks: 31.58.68.0/22 maxlen: 24
31.58.76.0/22 maxlen: 22
31.58.84.0/22 maxlen: 24
31.58.92.0/22 maxlen: 24
31.58.100.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Oct 2024 10:20:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:d1:15:28:05:e1:92:e0:1e:e5:2c:44:97:9f:2b:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 22 10:41:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bf8d4668052f6844591951f1f946bd5fe415c63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e9:f0:41:24:18:a4:bb:8b:e0:34:96:a5:26:
bf:46:5b:13:ef:3a:1d:44:ae:c7:1e:fa:09:47:52:
a9:d2:eb:0e:7a:f0:00:96:80:28:04:10:3c:69:24:
50:20:48:1c:29:25:32:ba:24:f3:65:f8:78:3a:f2:
c4:8a:95:b9:a0:35:50:63:b0:f8:6c:18:e5:65:7c:
ca:76:06:6e:94:7b:38:56:40:50:af:2c:a9:b6:d6:
c5:2e:0b:65:cd:ce:dd:89:b0:b3:1f:1e:ea:75:f8:
2a:db:cc:2b:10:dc:f0:a7:ca:3c:1c:ea:c0:92:05:
0e:16:04:5e:b0:7e:bb:a5:a8:d7:ae:36:07:88:52:
3a:52:8d:41:ad:08:af:34:87:4b:04:d0:54:7a:0c:
aa:f8:3d:b9:fd:26:bb:4b:f8:72:06:10:cc:b1:ae:
42:e8:95:ec:0e:b1:72:00:69:36:3c:d3:f5:d6:cb:
47:9f:ad:00:6e:c6:a3:5a:6a:83:3d:5a:b9:a6:e6:
77:8c:e7:98:82:67:df:f6:e1:64:cc:1a:3e:f3:13:
c8:4c:0f:96:05:b1:6b:d6:80:e9:f3:3d:95:00:44:
c9:98:1f:42:e5:55:fc:9c:70:00:8f:cf:ca:45:ca:
79:a8:fe:2b:2a:39:ec:95:b3:09:5d:be:f2:44:76:
4c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:F8:D4:66:80:52:F6:84:45:91:95:1F:1F:94:6B:D5:FE:41:5C:63
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/K_jUZoBS9oRFkZUfH5Rr1f5BXGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.68.0/22
31.58.76.0/22
31.58.84.0/22
31.58.92.0/22
31.58.100.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:5b:f5:6a:d5:7e:38:42:6c:eb:c2:42:64:70:a2:75:e5:af:
8d:b7:b9:22:fd:b8:3a:1d:b4:90:05:27:4d:70:01:9d:36:db:
78:23:85:2f:e2:02:18:4a:e4:9d:51:cc:46:26:89:ac:8d:87:
d3:27:2a:41:cc:cd:95:02:bf:2d:ba:f2:7d:78:7b:ac:12:2f:
c6:c6:26:f7:2f:68:12:5e:23:1b:c0:e2:3d:39:29:d2:83:c1:
b9:f0:73:d8:e1:bd:c4:68:9f:a6:b6:e4:23:4e:2a:60:a2:4c:
08:de:d0:f6:26:9a:32:fd:af:f5:5c:be:44:ed:89:2a:09:66:
b2:73:c8:25:e6:26:75:31:8f:c1:93:8a:77:7a:86:09:7e:df:
bb:a3:18:b9:34:a8:6f:f4:bb:54:22:fe:92:55:86:16:d5:8b:
b7:b3:6a:5a:9a:5c:29:0d:e4:59:4a:a9:c5:99:cb:4f:8c:8b:
0b:9f:27:9b:f0:a4:95:e2:27:53:31:ff:c5:e1:ec:66:15:02:
e2:89:82:9c:6c:35:da:91:c8:ed:26:49:37:d8:ce:56:55:49:
ce:41:ca:d9:97:59:92:45:4e:7c:c8:86:82:7a:50:94:de:de:
49:14:da:84:df:8d:8f:84:fa:43:97:9c:16:80:c0:89:6a:cd:
48:dd:6c:bf
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZKz0RUoBeGS4B7lLESXnyuLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDIyMTA0MTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmY4ZDQ2NjgwNTJmNjg0NDU5MTk1MWYxZjk0NmJkNWZlNDE1YzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOnwQSQYpLuL4DSWpSa/RlsT7zod
RK7HHvoJR1Kp0usOevAAloAoBBA8aSRQIEgcKSUyuiTzZfh4OvLEipW5oDVQY7D4
bBjlZXzKdgZulHs4VkBQryypttbFLgtlzc7dibCzHx7qdfgq28wrENzwp8o8HOrA
kgUOFgResH67pajXrjYHiFI6Uo1BrQivNIdLBNBUegyq+D25/Sa7S/hyBhDMsa5C
6JXsDrFyAGk2PNP11stHn60AbsajWmqDPVq5puZ3jOeYgmff9uFkzBo+8xPITA+W
BbFr1oDp8z2VAETJmB9C5VX8nHAAj8/KRcp5qP4rKjnslbMJXb7yRHZMVQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCv41GaAUvaERZGVHx+Ua9X+QVxjMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvS19qVVpvQlM5b1JGa1pVZkg1UnIxZjVCWEdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCHzpEAwQC
HzpMAwQCHzpUAwQCHzpcAwQCHzpkMA0GCSqGSIb3DQEBCwUAA4IBAQAMW/Vq1X44
QmzrwkJkcKJ15a+Nt7ki/bg6HbSQBSdNcAGdNtt4I4Uv4gIYSuSdUcxGJomsjYfT
JypBzM2VAr8tuvJ9eHusEi/Gxib3L2gSXiMbwOI9OSnSg8G58HPY4b3EaJ+mtuQj
TipgokwI3tD2Jpoy/a/1XL5E7YkqCWayc8gl5iZ1MY/Bk4p3eoYJft+7oxi5NKhv
9LtUIv6SVYYW1Yu3s2pamlwpDeRZSqnFmctPjIsLnyeb8KSV4idTMf/F4exmFQLi
iYKcbDXakcjtJkk32M5WVUnOQcrZl1mSRU58yIaCelCU3t5JFNqE342PhPpDl5wW
gMCJas1I3Wy/
-----END CERTIFICATE-----
Generated at Thu Oct 24 12:46:46 2024 by rpki-client on console-fra.rpki-client.org