Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Mc1OIHJtcSH6tc9Y2Nl0Zs-VGCM.roa
File: Mc1OIHJtcSH6tc9Y2Nl0Zs-VGCM.roa (raw, json)
Hash identifier: TxsQ/iGANLZkP2pW+QQjw3nMV00LgH79iQcGiPFI6ho=
Subject key identifier: 31:CD:4E:20:72:6D:71:21:FA:B5:CF:58:D8:D9:74:66:CF:95:18:23
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01940CA61801EB5723B9B9538DD8EDC17CBB
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Mc1OIHJtcSH6tc9Y2Nl0Zs-VGCM.roa
Signing time: Sat 28 Dec 2024 09:43:19 +0000
ROA not before: Sat 28 Dec 2024 09:43:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205463
IP address blocks: 31.58.211.0/24 maxlen: 24
31.58.238.0/24 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.245.0/24 maxlen: 24
31.58.246.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:0c:a6:18:01:eb:57:23:b9:b9:53:8d:d8:ed:c1:7c:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 28 09:43:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31cd4e20726d7121fab5cf58d8d97466cf951823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:37:d8:ce:4d:d0:12:55:e2:61:8f:68:ae:5d:
09:37:df:7a:6b:95:34:39:ba:ed:9e:f7:65:26:e6:
4e:d9:32:4e:f6:7a:18:71:83:06:37:f5:e1:b3:a1:
5c:57:47:8a:6a:53:15:e8:e4:e6:8b:ee:b7:81:1e:
73:09:be:20:07:47:c4:25:19:ff:c6:d3:f1:1e:ba:
97:84:4a:c0:15:1c:eb:09:8a:03:90:12:f6:87:05:
48:f1:6f:45:d2:ac:c9:f9:88:ca:6e:9a:1f:42:37:
be:79:30:dd:09:04:a7:50:9f:89:e4:13:88:3f:3e:
b3:08:24:ef:53:88:93:6c:91:73:97:c3:5b:2a:f2:
32:11:b8:4b:44:2f:83:69:3d:85:51:72:84:82:f8:
1e:f3:0c:b7:58:ed:3f:b4:39:4e:33:c9:98:89:0d:
31:7c:a7:94:cb:bd:94:7c:01:c9:fe:f7:3c:e9:b1:
67:18:aa:da:12:11:17:52:d3:a4:be:16:ff:fb:58:
64:53:00:68:a4:d6:74:13:49:6a:35:b2:08:c3:a1:
97:e5:03:79:67:66:ee:9e:84:92:c1:89:aa:23:32:
d3:ca:a5:1b:d0:f9:70:f6:5a:73:ed:4d:79:6c:a7:
89:33:dc:36:20:fb:c2:13:40:4d:ba:9c:13:8f:08:
a2:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:CD:4E:20:72:6D:71:21:FA:B5:CF:58:D8:D9:74:66:CF:95:18:23
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Mc1OIHJtcSH6tc9Y2Nl0Zs-VGCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.211.0/24
31.58.238.0/24
31.58.244.0/22
31.58.249.0/24
31.58.251.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:4e:76:1d:4e:fb:9b:30:fb:39:0e:09:60:34:5a:44:3a:91:
6e:e7:8b:7f:0e:31:aa:21:b9:f5:b0:97:df:73:86:fa:79:a3:
55:e8:07:b6:cf:8a:08:e8:c3:2c:55:ba:ac:dd:12:fd:c2:77:
aa:c0:03:7e:0e:d9:42:82:50:01:d5:55:70:93:12:31:80:04:
c8:83:09:d6:c7:1b:f8:2f:fe:8e:25:ef:e0:db:35:f9:8a:b3:
7f:3d:e9:b8:dc:d3:f9:00:64:6e:be:bc:3c:9c:93:a2:46:8c:
a8:20:6d:9f:95:88:9d:16:31:4e:da:64:11:f7:2b:01:bb:1e:
bd:a6:71:b9:3b:2f:68:ab:50:a2:f2:3c:7a:19:f2:a7:93:b4:
1e:51:e3:ed:97:6f:a4:8d:9b:4e:47:bc:71:d3:5b:78:87:d4:
18:5b:00:f9:3d:ad:22:96:72:fe:f5:0f:08:10:de:43:91:47:
2a:e2:87:f9:c0:b2:e1:3e:25:27:f3:e8:cd:b2:ad:1a:00:4b:
0b:b0:bf:bb:e5:75:fb:58:d7:5d:29:b5:96:13:90:ce:02:0a:
80:ae:1f:38:a6:05:55:40:97:7a:70:de:d0:af:a0:f2:15:67:
53:2c:0d:18:08:b4:5b:27:34:a2:93:c1:48:43:9d:b6:fa:66:
00:83:45:f0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQMphgB61cjublTjdjtwXy7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjI4MDk0MzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWNkNGUyMDcyNmQ3MTIxZmFiNWNmNThkOGQ5NzQ2NmNmOTUxODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTfYzk3QElXiYY9orl0JN996a5U0
ObrtnvdlJuZO2TJO9noYcYMGN/Xhs6FcV0eKalMV6OTmi+63gR5zCb4gB0fEJRn/
xtPxHrqXhErAFRzrCYoDkBL2hwVI8W9F0qzJ+YjKbpofQje+eTDdCQSnUJ+J5BOI
Pz6zCCTvU4iTbJFzl8NbKvIyEbhLRC+DaT2FUXKEgvge8wy3WO0/tDlOM8mYiQ0x
fKeUy72UfAHJ/vc86bFnGKraEhEXUtOkvhb/+1hkUwBopNZ0E0lqNbIIw6GX5QN5
Z2bunoSSwYmqIzLTyqUb0Plw9lpz7U15bKeJM9w2IPvCE0BNupwTjwiiUwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDHNTiBybXEh+rXPWNjZdGbPlRgjMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTWMxT0lISnRjU0g2dGM5WTJObDBacy1WR0NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHzrTAwQA
HzruAwQCHzr0AwQAHzr5AwQAHzr7MA0GCSqGSIb3DQEBCwUAA4IBAQA7TnYdTvub
MPs5DglgNFpEOpFu54t/DjGqIbn1sJffc4b6eaNV6Ae2z4oI6MMsVbqs3RL9wneq
wAN+DtlCglAB1VVwkxIxgATIgwnWxxv4L/6OJe/g2zX5irN/Pem43NP5AGRuvrw8
nJOiRoyoIG2flYidFjFO2mQR9ysBux69pnG5Oy9oq1Ci8jx6GfKnk7QeUePtl2+k
jZtOR7xx01t4h9QYWwD5Pa0ilnL+9Q8IEN5DkUcq4of5wLLhPiUn8+jNsq0aAEsL
sL+75XX7WNddKbWWE5DOAgqArh84pgVVQJd6cN7Qr6DyFWdTLA0YCLRbJzSik8FI
Q522+mYAg0Xw
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:51:23 2025 by rpki-client