Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Mu5ZjSRRv3eLo8qnPFC69BwTG9Q.roa
File: Mu5ZjSRRv3eLo8qnPFC69BwTG9Q.roa (raw, json)
Hash identifier: WvxZz+HQcIoiZ+RL85QGOmBYs0RdnKDRDRZ3ZixkYJ4=
Subject key identifier: 32:EE:59:8D:24:51:BF:77:8B:A3:CA:A7:3C:50:BA:F4:1C:13:1B:D4
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01944172F0E680732F9577536FD8D669005D
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Mu5ZjSRRv3eLo8qnPFC69BwTG9Q.roa
Signing time: Tue 07 Jan 2025 15:47:19 +0000
ROA not before: Tue 07 Jan 2025 15:47:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36530
IP address blocks: 31.56.69.0/24 maxlen: 24
31.56.72.0/24 maxlen: 24
31.56.84.0/24 maxlen: 24
31.56.88.0/24 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.132.0/24 maxlen: 24
31.57.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Jan 2025 06:42:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:41:72:f0:e6:80:73:2f:95:77:53:6f:d8:d6:69:00:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 7 15:47:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32ee598d2451bf778ba3caa73c50baf41c131bd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:82:22:41:ec:17:36:ed:07:a0:b3:9d:c6:10:
52:a0:12:ba:62:6a:84:0d:6f:02:8c:87:bb:c2:ba:
ae:a8:d5:28:a1:85:a0:f5:47:d5:28:3b:95:9f:08:
3f:4d:72:f5:02:7d:a3:0f:be:22:fd:f8:ec:32:7f:
2e:61:e2:5d:65:b8:b8:b8:13:1b:42:df:f3:f4:fd:
64:74:55:14:02:f5:51:e4:01:26:85:d6:11:bf:46:
0a:ee:0c:fa:ab:9a:ec:ca:64:18:7f:e6:fa:00:08:
d0:3e:2e:87:8d:e9:51:05:c9:d0:2d:0f:d9:f1:6f:
9e:83:cb:a3:7d:f0:75:35:b7:de:1b:7c:6a:70:ab:
23:b0:29:24:ca:80:a5:94:dc:95:03:1d:45:9e:2c:
af:e7:cf:55:c0:5e:ea:09:c4:e1:01:ba:04:a9:0a:
19:ac:1a:ff:4f:38:f7:c7:3f:e3:d6:12:db:86:3d:
73:b8:44:d0:34:08:76:d2:f7:68:eb:f4:11:66:c1:
d6:6d:05:b5:04:18:f6:90:46:52:db:1c:ed:9b:d9:
36:b4:ac:f1:f2:30:db:e0:7f:89:21:13:8b:de:2f:
d3:b5:19:d6:8b:cd:0a:01:02:26:46:73:8e:a1:df:
3a:51:21:d7:83:94:b4:dc:83:8d:8b:fc:81:87:db:
64:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:EE:59:8D:24:51:BF:77:8B:A3:CA:A7:3C:50:BA:F4:1C:13:1B:D4
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Mu5ZjSRRv3eLo8qnPFC69BwTG9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.69.0/24
31.56.72.0/24
31.56.84.0/24
31.56.88.0/24
31.57.104.0/21
31.57.132.0/23
Signature Algorithm: sha256WithRSAEncryption
86:d1:3b:00:7e:ac:4d:a8:7c:60:40:a7:e4:78:30:60:75:6b:
e8:66:c3:04:80:cf:e1:1c:6e:85:98:67:18:a5:2d:86:f3:3d:
d1:8d:76:e3:5b:3a:78:53:b7:63:96:70:97:af:2e:ec:3c:ed:
30:12:ff:c7:90:95:59:99:a3:c1:8e:1f:e9:ed:f2:8d:73:0b:
a9:d2:9c:a6:80:50:6b:04:db:c9:39:53:f0:3a:03:f5:09:49:
a9:2e:10:6c:e2:fa:19:bb:f9:41:0b:cd:ed:b2:b7:b7:0a:e3:
7f:04:68:4b:fd:bc:68:6d:51:72:10:17:b7:27:c7:26:d8:9f:
4d:b9:f0:98:93:51:47:8e:71:d6:f0:5e:f6:97:a3:0a:b3:40:
8f:ff:3c:fa:a5:b0:c1:ce:11:b7:6d:ff:ae:83:04:11:92:bd:
2f:b7:4c:69:b9:6f:68:de:8b:e5:3d:48:cd:8b:08:9f:ea:5c:
70:7f:c4:d0:55:47:9c:71:59:fa:8d:66:3f:70:04:52:c6:c4:
60:39:9d:63:c4:ea:62:a4:06:de:a2:d5:55:73:5e:4d:42:39:
cc:cd:af:ec:9f:5c:1e:e9:a5:34:ca:c0:f7:db:8e:c9:a0:a1:
6d:27:37:55:13:c5:8b:09:b4:02:d5:bc:c5:ce:83:54:f8:3c:
a5:48:48:48
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZRBcvDmgHMvlXdTb9jWaQBdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTA3MTU0NzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmVlNTk4ZDI0NTFiZjc3OGJhM2NhYTczYzUwYmFmNDFjMTMxYmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7IIiQewXNu0HoLOdxhBSoBK6YmqE
DW8CjIe7wrquqNUooYWg9UfVKDuVnwg/TXL1An2jD74i/fjsMn8uYeJdZbi4uBMb
Qt/z9P1kdFUUAvVR5AEmhdYRv0YK7gz6q5rsymQYf+b6AAjQPi6HjelRBcnQLQ/Z
8W+eg8ujffB1NbfeG3xqcKsjsCkkyoCllNyVAx1Fniyv589VwF7qCcThAboEqQoZ
rBr/Tzj3xz/j1hLbhj1zuETQNAh20vdo6/QRZsHWbQW1BBj2kEZS2xztm9k2tKzx
8jDb4H+JIROL3i/TtRnWi80KAQImRnOOod86USHXg5S03IONi/yBh9tktwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDLuWY0kUb93i6PKpzxQuvQcExvUMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTXU1WmpTUlJ2M2VMbzhxblBGQzY5QndURzlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAHzhFAwQA
HzhIAwQAHzhUAwQAHzhYAwQDHzloAwQBHzmEMA0GCSqGSIb3DQEBCwUAA4IBAQCG
0TsAfqxNqHxgQKfkeDBgdWvoZsMEgM/hHG6FmGcYpS2G8z3RjXbjWzp4U7djlnCX
ry7sPO0wEv/HkJVZmaPBjh/p7fKNcwup0pymgFBrBNvJOVPwOgP1CUmpLhBs4voZ
u/lBC83tsre3CuN/BGhL/bxobVFyEBe3J8cm2J9NufCYk1FHjnHW8F72l6MKs0CP
/zz6pbDBzhG3bf+ugwQRkr0vt0xpuW9o3ovlPUjNiwif6lxwf8TQVUeccVn6jWY/
cARSxsRgOZ1jxOpipAbeotVVc15NQjnMza/sn1we6aU0ysD3247JoKFtJzdVE8WL
CbQC1bzFzoNU+DylSEhI
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:04 2025 by rpki-client