Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KajzRu8rkesJuIUoPtcurkmCtJM.roa
File: KajzRu8rkesJuIUoPtcurkmCtJM.roa (raw, json)
Hash identifier: 26glrC3CjXjOBajGm3r1wXtVNfA6Ah/AJdk7sCbfc70=
Subject key identifier: 29:A8:F3:46:EF:2B:91:EB:09:B8:85:28:3E:D7:2E:AE:49:82:B4:93
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0192FD212832B71CE5EC6ABCD90692601101
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KajzRu8rkesJuIUoPtcurkmCtJM.roa
Signing time: Tue 05 Nov 2024 16:21:01 +0000
ROA not before: Tue 05 Nov 2024 16:21:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.39.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.66.0/24 maxlen: 24
31.56.85.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.127.0/24 maxlen: 24
31.57.0.0/24 maxlen: 24
31.57.1.0/24 maxlen: 24
31.57.2.0/24 maxlen: 24
31.57.3.0/24 maxlen: 24
31.57.4.0/24 maxlen: 24
31.57.5.0/24 maxlen: 24
31.57.6.0/24 maxlen: 24
31.57.7.0/24 maxlen: 24
31.57.8.0/24 maxlen: 24
31.57.9.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.134.0/24 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.240.0/22 maxlen: 24
31.57.244.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 18:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fd:21:28:32:b7:1c:e5:ec:6a:bc:d9:06:92:60:11:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 5 16:21:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29a8f346ef2b91eb09b885283ed72eae4982b493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:da:c5:ec:41:92:de:db:f0:f0:ec:78:5c:62:
a4:8b:06:c0:96:5e:57:b0:6e:08:44:d4:64:04:c2:
c9:0a:a6:08:d8:70:0c:f4:9d:f0:b7:f9:a5:99:26:
48:25:82:0b:1f:a2:73:d2:72:a2:55:2a:95:06:33:
0a:fa:f4:8f:02:f4:0a:d1:b9:5d:eb:d4:9c:5a:2d:
dc:4a:ca:59:0d:1a:90:19:23:81:6d:54:78:10:66:
6a:29:0c:72:2f:3a:22:da:36:6b:ea:f9:3b:1f:7c:
e6:33:2b:9c:14:52:33:6b:b6:08:96:e0:d3:2b:61:
62:5d:cb:f8:c5:b6:68:bd:62:7f:df:42:6a:00:aa:
32:bf:58:c9:dd:16:23:bf:58:fc:b0:2b:8a:43:36:
7f:87:e1:c2:9f:9c:e5:61:d9:1e:0e:c5:7e:05:4c:
e3:ce:25:d1:7c:97:78:a7:8a:c6:6c:19:05:ab:04:
e7:3e:97:b6:10:f2:ce:b0:f6:7b:f3:55:6c:65:5d:
8f:fd:53:82:09:fa:6c:19:a8:a7:75:fd:ac:2d:94:
fd:f0:22:69:b2:b8:de:c5:69:91:a6:22:4f:c1:5d:
5f:53:5a:9b:79:57:7d:90:3a:32:a1:d9:53:d6:08:
d7:23:d4:6d:1d:81:24:c1:6c:bc:f5:d9:5b:c0:34:
fd:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A8:F3:46:EF:2B:91:EB:09:B8:85:28:3E:D7:2E:AE:49:82:B4:93
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KajzRu8rkesJuIUoPtcurkmCtJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.39.0/24
31.56.42.0/23
31.56.66.0/24
31.56.85.0/24
31.56.89.0/24
31.56.120.0/22
31.56.127.0/24
31.57.0.0-31.57.9.255
31.57.132.0-31.57.134.255
31.57.176.0/21
31.57.192.0/22
31.57.232.0/22
31.57.240.0/21
Signature Algorithm: sha256WithRSAEncryption
3c:f8:17:2a:e2:05:24:e8:50:75:a5:d0:e8:c5:a5:89:48:35:
08:1c:8e:f0:4b:8b:58:1e:b1:1b:c7:a4:5f:3a:cf:3a:3c:85:
33:c6:ca:f9:63:29:24:c0:c7:ad:5a:03:2e:f3:10:fb:4d:00:
17:f1:2a:9d:3e:97:a8:51:d4:25:2e:ad:b8:b4:18:be:d8:23:
ba:59:c5:2b:59:54:a2:a2:31:50:86:d3:66:1b:14:a4:c5:c7:
90:d4:b4:0c:cc:47:83:e1:40:64:d7:94:3e:e2:9d:91:0c:f1:
d6:7f:72:07:93:c0:ea:9c:e5:b8:ff:4e:7c:ad:0e:24:c0:48:
cf:39:a6:25:bf:7c:ba:75:67:a0:3c:d9:dd:f3:b8:a4:52:4a:
03:8d:df:1f:a5:55:c9:ee:3a:46:1b:a1:87:f6:b4:1f:18:96:
4c:db:ea:85:c4:19:6a:59:37:fa:86:cf:42:ad:44:dc:61:44:
47:17:ac:16:33:cc:08:78:e5:45:9a:4c:fc:82:54:ef:21:b3:
8f:7e:df:c1:44:a9:3c:96:35:f6:ca:b7:61:a8:f8:65:05:cb:
3b:82:86:d2:2f:55:c2:40:8a:2a:be:12:22:84:10:d3:09:7a:
02:17:f5:98:3c:50:ae:1b:7a:d3:8d:52:2e:cd:2a:4b:46:c0:
6c:2a:7c:5d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZL9ISgytxzl7Gq82QaSYBEBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTA1MTYyMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWE4ZjM0NmVmMmI5MWViMDliODg1MjgzZWQ3MmVhZTQ5ODJiNDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNrF7EGS3tvw8Ox4XGKkiwbAll5X
sG4IRNRkBMLJCqYI2HAM9J3wt/mlmSZIJYILH6Jz0nKiVSqVBjMK+vSPAvQK0bld
69ScWi3cSspZDRqQGSOBbVR4EGZqKQxyLzoi2jZr6vk7H3zmMyucFFIza7YIluDT
K2FiXcv4xbZovWJ/30JqAKoyv1jJ3RYjv1j8sCuKQzZ/h+HCn5zlYdkeDsV+BUzj
ziXRfJd4p4rGbBkFqwTnPpe2EPLOsPZ781VsZV2P/VOCCfpsGaindf2sLZT98CJp
srjexWmRpiJPwV1fU1qbeVd9kDoyodlT1gjXI9RtHYEkwWy89dlbwDT9RQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFCmo80bvK5HrCbiFKD7XLq5JgrSTMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvS2FqelJ1OHJrZXNKdUlVb1B0Y3Vya21DdEpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwbwQCAAEwaQMEAR84BAME
AB84GAMEAB84JwMEAR84KgMEAB84QgMEAB84VQMEAB84WQMEAh84eAMEAB84fzAL
AwMAHzkDBAEfOQgwDAMEAh85hAMEAB85hgMEAx85sAMEAh85wAMEAh856AMEAx85
8DANBgkqhkiG9w0BAQsFAAOCAQEAPPgXKuIFJOhQdaXQ6MWliUg1CByO8EuLWB6x
G8ekXzrPOjyFM8bK+WMpJMDHrVoDLvMQ+00AF/EqnT6XqFHUJS6tuLQYvtgjulnF
K1lUoqIxUIbTZhsUpMXHkNS0DMxHg+FAZNeUPuKdkQzx1n9yB5PA6pzluP9OfK0O
JMBIzzmmJb98unVnoDzZ3fO4pFJKA43fH6VVye46Rhuhh/a0HxiWTNvqhcQZalk3
+obPQq1E3GFERxesFjPMCHjlRZpM/IJU7yGzj37fwUSpPJY19sq3Yaj4ZQXLO4KG
0i9VwkCKKr4SIoQQ0wl6Ahf1mDxQrht6041SLs0qS0bAbCp8XQ==
-----END CERTIFICATE-----
Generated at Tue Nov 5 21:31:32 2024 by rpki-client on console-ams.rpki-client.org