Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NDrb64O2igTPejFwmGt9aifhrro.roa
File: NDrb64O2igTPejFwmGt9aifhrro.roa (raw, json)
Hash identifier: 7aRGhubdc4ezlBjpmqX5ddRE4C/vGP2jR0JvCNUWS5E=
Subject key identifier: 34:3A:DB:EB:83:B6:8A:04:CF:7A:31:70:98:6B:7D:6A:27:E1:AE:BA
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019354E53F00969546AF3D87BBA7F8A40728
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NDrb64O2igTPejFwmGt9aifhrro.roa
Signing time: Fri 22 Nov 2024 17:22:10 +0000
ROA not before: Fri 22 Nov 2024 17:22:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
31.58.208.0/24 maxlen: 24
31.58.209.0/24 maxlen: 24
31.58.210.0/24 maxlen: 24
31.58.211.0/24 maxlen: 24
31.59.136.0/21 maxlen: 24
31.59.144.0/21 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/21 maxlen: 24
31.59.168.0/21 maxlen: 24
217.60.245.0/24 maxlen: 24
217.60.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Nov 2024 08:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:54:e5:3f:00:96:95:46:af:3d:87:bb:a7:f8:a4:07:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 22 17:22:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=343adbeb83b68a04cf7a3170986b7d6a27e1aeba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:bb:af:59:61:35:07:55:fc:91:dc:89:1a:27:
0d:8d:a3:71:ae:dd:61:60:dc:36:03:31:f9:40:13:
89:fd:5f:a3:e4:85:86:5d:df:42:45:93:90:46:4c:
54:05:91:b1:d1:ea:c5:0f:f0:52:2f:22:6d:2d:5c:
c4:01:a5:80:cf:be:8a:3e:6a:db:e4:ba:de:71:f4:
1a:5a:83:10:46:59:d7:5f:d0:73:5c:bd:56:aa:29:
01:bb:63:a5:cc:ba:cd:cf:3b:bf:b4:b0:4b:17:9a:
78:cf:c6:ad:db:97:56:ee:1f:ca:28:89:71:0f:42:
31:f3:49:0d:7d:45:f6:56:59:1a:c5:1a:a1:90:75:
e4:c0:66:bf:fe:04:50:d6:d7:82:d5:5b:f5:1a:f8:
13:58:0d:77:7b:db:d1:1f:82:17:0d:66:a3:95:d7:
39:0f:9f:82:47:5c:b7:98:d5:19:36:eb:02:8a:ad:
4d:8f:3f:ea:f9:25:85:72:aa:18:15:50:1b:71:0e:
19:66:9d:d4:8b:e8:f5:e4:23:0d:67:2c:cb:ca:7d:
5c:73:bb:ee:72:02:5c:74:87:8a:35:c1:42:9d:cb:
77:86:22:a3:9a:b0:bc:ee:c9:a8:88:05:8c:b5:87:
99:38:79:ab:55:56:42:60:94:52:ce:57:e7:0d:5c:
14:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:3A:DB:EB:83:B6:8A:04:CF:7A:31:70:98:6B:7D:6A:27:E1:AE:BA
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NDrb64O2igTPejFwmGt9aifhrro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.142.0/23
31.56.148.0/22
31.58.208.0/22
31.59.136.0-31.59.175.255
217.60.245.0/24
217.60.248.0/24
Signature Algorithm: sha256WithRSAEncryption
06:b3:0a:27:1c:99:61:5a:1b:86:66:1d:ae:9b:df:69:30:95:
be:d5:d9:19:b0:94:4f:3b:94:49:89:b2:12:f3:7a:bf:34:97:
ff:95:06:24:b3:f6:8a:7d:90:4d:ac:2e:4a:af:a7:62:60:60:
02:a2:e3:33:f4:c9:16:83:01:74:6b:24:e3:eb:43:86:f7:73:
d6:6c:72:00:bc:4b:06:97:26:3b:df:73:2c:62:ae:0d:c5:ce:
22:09:63:b6:84:8b:2b:10:4c:a6:5c:1b:22:db:24:fb:1b:2f:
61:c4:fd:d8:57:08:8f:fe:e3:49:be:1c:57:27:cb:1c:75:e9:
cd:24:d7:37:e2:92:a3:65:3e:21:a6:66:34:08:8f:e5:68:fe:
f2:c2:f2:de:30:70:17:6e:4b:04:e6:4f:56:a8:f2:f9:5f:b3:
26:73:23:ba:d2:bb:93:e7:50:16:b3:cc:e2:be:39:82:37:e9:
a8:aa:dd:48:da:f2:3a:aa:82:3f:d1:c4:a3:af:8f:01:68:9b:
b6:90:c0:2f:ba:57:2c:94:bf:6d:fd:7d:34:15:51:ed:e4:d8:
6a:68:39:f0:29:9e:01:13:28:ad:73:7b:1d:19:f5:32:70:93:
73:51:cf:bc:84:b5:e9:a8:b9:76:49:29:bc:ed:db:32:45:06:
9a:57:50:9d
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZNU5T8AlpVGrz2Hu6f4pAcoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTIyMTcyMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDNhZGJlYjgzYjY4YTA0Y2Y3YTMxNzA5ODZiN2Q2YTI3ZTFhZWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17uvWWE1B1X8kdyJGicNjaNxrt1h
YNw2AzH5QBOJ/V+j5IWGXd9CRZOQRkxUBZGx0erFD/BSLyJtLVzEAaWAz76KPmrb
5LrecfQaWoMQRlnXX9BzXL1WqikBu2OlzLrNzzu/tLBLF5p4z8at25dW7h/KKIlx
D0Ix80kNfUX2VlkaxRqhkHXkwGa//gRQ1teC1Vv1GvgTWA13e9vRH4IXDWajldc5
D5+CR1y3mNUZNusCiq1Njz/q+SWFcqoYFVAbcQ4ZZp3Ui+j15CMNZyzLyn1cc7vu
cgJcdIeKNcFCnct3hiKjmrC87smoiAWMtYeZOHmrVVZCYJRSzlfnDVwUxQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFDQ62+uDtooEz3oxcJhrfWon4a66MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTkRyYjY0TzJpZ1RQZWpGd21HdDlhaWZocnJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQDHzgIAwQB
HziOAwQCHziUAwQCHzrQMAwDBAMfO4gDBAQfO6ADBADZPPUDBADZPPgwDQYJKoZI
hvcNAQELBQADggEBAAazCiccmWFaG4ZmHa6b32kwlb7V2RmwlE87lEmJshLzer80
l/+VBiSz9op9kE2sLkqvp2JgYAKi4zP0yRaDAXRrJOPrQ4b3c9ZscgC8SwaXJjvf
cyxirg3FziIJY7aEiysQTKZcGyLbJPsbL2HE/dhXCI/+40m+HFcnyxx16c0k1zfi
kqNlPiGmZjQIj+Vo/vLC8t4wcBduSwTmT1ao8vlfsyZzI7rSu5PnUBazzOK+OYI3
6aiq3Uja8jqqgj/RxKOvjwFom7aQwC+6VyyUv239fTQVUe3k2GpoOfApngETKK1z
ex0Z9TJwk3NRz7yEtemouXZJKbzt2zJFBppXUJ0=
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:08 2025 by rpki-client