Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KqOQmPSDfIHJCreVSQumRAkarrM.roa
File: KqOQmPSDfIHJCreVSQumRAkarrM.roa (raw, json)
Hash identifier: x0Y6FKQW+/lCj84n3mExBa7zAOajSrPnBdDJ8g8WBXM=
Subject key identifier: 2A:A3:90:98:F4:83:7C:81:C9:0A:B7:95:49:0B:A6:44:09:1A:AE:B3
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019325E1BA0D13E1A0F5BA84CCC23AFEA1E2
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KqOQmPSDfIHJCreVSQumRAkarrM.roa
Signing time: Wed 13 Nov 2024 14:16:10 +0000
ROA not before: Wed 13 Nov 2024 14:16:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.48.0/24 maxlen: 24
31.56.62.0/24 maxlen: 24
31.56.85.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.127.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Nov 2024 07:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:25:e1:ba:0d:13:e1:a0:f5:ba:84:cc:c2:3a:fe:a1:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 13 14:16:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2aa39098f4837c81c90ab795490ba644091aaeb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:67:1e:b3:50:e6:fd:45:c6:ec:4c:24:d1:e3:
06:d3:92:11:da:3f:62:53:e5:39:6d:dc:e2:92:b5:
c6:24:15:62:02:20:b5:4f:d7:dd:66:60:49:06:34:
53:77:ba:26:fb:7e:92:b1:a2:5d:ed:3f:3e:64:35:
d9:70:9d:f0:8b:36:b2:60:16:57:87:59:4b:97:8a:
02:92:7e:af:97:12:25:2e:d9:3e:00:2e:4d:67:e2:
7d:a7:8f:f7:ed:d3:d0:03:d0:87:04:9c:a4:81:79:
b1:b8:67:fc:c2:e7:fb:97:94:1e:ce:88:3d:47:9b:
f9:ec:59:d1:8b:9a:76:d4:4f:14:d5:25:64:78:6d:
45:31:67:e3:a0:78:bb:87:c7:06:7d:f8:6b:f5:28:
9c:cb:54:21:8b:93:58:b9:21:c0:6d:41:d3:52:53:
5b:28:96:62:2c:ba:fd:8c:34:1e:0d:b1:c1:97:14:
cf:46:34:04:d3:dd:a8:ec:6f:f2:17:cc:e9:6a:64:
41:fd:08:d7:5e:47:c6:86:94:57:97:d3:4a:a4:20:
48:c9:3e:f1:95:34:7b:00:d0:68:ff:18:55:b2:d4:
34:59:16:cd:25:51:59:4d:ab:e0:9a:a1:6d:26:b4:
d1:39:21:97:4e:f5:49:1c:f4:4d:0a:3b:0e:3c:ca:
ac:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:A3:90:98:F4:83:7C:81:C9:0A:B7:95:49:0B:A6:44:09:1A:AE:B3
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KqOQmPSDfIHJCreVSQumRAkarrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.48.0/24
31.56.62.0/24
31.56.85.0/24
31.56.89.0/24
31.56.120.0/22
31.56.127.0/24
31.57.132.0/23
31.57.176.0/21
31.57.192.0/22
31.57.232.0/22
Signature Algorithm: sha256WithRSAEncryption
c2:31:d5:6d:ea:0b:60:32:5f:e6:c4:e6:8b:dc:95:8e:a7:b6:
8a:b9:2f:9f:ad:6d:42:4d:c5:3f:ac:07:c4:92:8a:37:0b:d8:
3e:25:28:4c:2c:d7:3e:68:b5:38:a5:74:a2:7a:66:8d:c8:bf:
19:f9:64:60:95:a6:e6:4c:14:0e:53:46:04:2a:03:f0:e6:40:
3a:2b:3c:47:77:13:1f:98:0d:b4:40:d3:e0:f4:55:07:40:ec:
a8:b7:78:fa:a6:13:a6:f9:28:55:9b:68:c7:00:0b:f5:00:da:
9b:9d:9f:e9:0c:e2:c3:3b:d4:bc:56:93:68:aa:7f:76:44:2f:
e7:93:3c:5c:b6:8b:5f:89:a5:80:67:36:d7:a3:6a:52:f9:72:
af:21:25:81:13:b2:9d:f4:73:3c:6f:a0:c2:0b:bd:14:f8:13:
03:c4:d9:2d:6a:ed:5c:8b:c2:e0:c5:cf:11:07:36:33:17:d6:
de:bf:4a:3e:84:5f:82:be:9f:5e:80:7f:ca:e8:ea:9c:74:32:
73:6b:f5:0f:a1:4e:79:7f:fa:35:88:3b:c0:a9:9d:b3:09:af:
3a:2e:7f:31:22:28:61:d1:6d:d2:c0:73:ca:0a:74:ae:1b:47:
e3:47:f1:e1:55:b3:e3:85:ed:01:58:83:3a:a5:55:33:30:99:
89:4f:27:95
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZMl4boNE+Gg9bqEzMI6/qHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTEzMTQxNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWEzOTA5OGY0ODM3YzgxYzkwYWI3OTU0OTBiYTY0NDA5MWFhZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumces1Dm/UXG7Ewk0eMG05IR2j9i
U+U5bdzikrXGJBViAiC1T9fdZmBJBjRTd7om+36SsaJd7T8+ZDXZcJ3wizayYBZX
h1lLl4oCkn6vlxIlLtk+AC5NZ+J9p4/37dPQA9CHBJykgXmxuGf8wuf7l5Qezog9
R5v57FnRi5p21E8U1SVkeG1FMWfjoHi7h8cGffhr9Sicy1Qhi5NYuSHAbUHTUlNb
KJZiLLr9jDQeDbHBlxTPRjQE092o7G/yF8zpamRB/QjXXkfGhpRXl9NKpCBIyT7x
lTR7ANBo/xhVstQ0WRbNJVFZTavgmqFtJrTROSGXTvVJHPRNCjsOPMqspwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFCqjkJj0g3yByQq3lUkLpkQJGq6zMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvS3FPUW1QU0RmSUhKQ3JlVlNRdW1SQWthcnJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQBHzgEAwQA
HzgYAwQBHzgqAwQAHzgwAwQAHzg+AwQAHzhVAwQAHzhZAwQCHzh4AwQAHzh/AwQB
HzmEAwQDHzmwAwQCHznAAwQCHznoMA0GCSqGSIb3DQEBCwUAA4IBAQDCMdVt6gtg
Ml/mxOaL3JWOp7aKuS+frW1CTcU/rAfEkoo3C9g+JShMLNc+aLU4pXSiemaNyL8Z
+WRglabmTBQOU0YEKgPw5kA6KzxHdxMfmA20QNPg9FUHQOyot3j6phOm+ShVm2jH
AAv1ANqbnZ/pDOLDO9S8VpNoqn92RC/nkzxctotfiaWAZzbXo2pS+XKvISWBE7Kd
9HM8b6DCC70U+BMDxNktau1ci8Lgxc8RBzYzF9bev0o+hF+Cvp9egH/K6OqcdDJz
a/UPoU55f/o1iDvAqZ2zCa86Ln8xIihh0W3SwHPKCnSuG0fjR/HhVbPjhe0BWIM6
pVUzMJmJTyeV
-----END CERTIFICATE-----
Generated at Fri Nov 15 08:29:06 2024 by rpki-client on console-ams.rpki-client.org