Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NvOKZa4gswVPaw7IxbIg-tXQAX8.roa
File: NvOKZa4gswVPaw7IxbIg-tXQAX8.roa (raw, json)
Hash identifier: Nwma2OWp7ITahVxOMAbfjZL7Pr1TOIfWZFmBY2rM+c0=
Subject key identifier: 36:F3:8A:65:AE:20:B3:05:4F:6B:0E:C8:C5:B2:20:FA:D5:D0:01:7F
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193893015DCEEB7ED17EEC55456ACCA3799
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NvOKZa4gswVPaw7IxbIg-tXQAX8.roa
Signing time: Mon 02 Dec 2024 21:04:10 +0000
ROA not before: Mon 02 Dec 2024 21:04:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 31.57.67.0/24 maxlen: 24
31.58.49.0/24 maxlen: 24
31.58.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Dec 2024 11:52:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:89:30:15:dc:ee:b7:ed:17:ee:c5:54:56:ac:ca:37:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 2 21:04:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36f38a65ae20b3054f6b0ec8c5b220fad5d0017f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d9:e8:13:a8:f0:e5:c6:52:39:9b:ea:ed:66:
01:c0:c7:db:82:3d:6c:d2:28:0d:7e:2b:9e:d7:95:
1e:67:f2:d6:63:6a:08:9c:ec:d6:32:c3:63:1f:ac:
f8:45:20:32:6c:30:6f:35:5a:15:01:a3:a7:80:9b:
e3:54:01:42:ab:70:12:01:cc:57:b9:eb:91:28:96:
87:57:96:e2:39:eb:6e:d2:af:30:f3:5a:16:b1:53:
d2:03:2b:67:ec:88:4b:6a:b5:17:1c:b2:12:e3:9b:
30:a4:a3:b5:95:80:71:9f:9c:26:9b:b5:71:2e:fa:
ad:21:5d:ca:3b:4b:35:88:81:44:8a:12:c2:af:b3:
49:04:e4:28:d2:d2:8e:8e:19:65:5c:19:37:85:10:
cb:27:89:54:84:9d:b8:c2:ea:fd:d6:32:d0:1f:35:
9c:41:39:84:c0:9c:67:89:12:80:6e:da:1e:65:c4:
9f:aa:93:92:73:ee:77:f8:1f:e9:3c:16:c4:2b:87:
7a:05:61:4d:eb:ed:91:72:d0:82:95:5d:cc:51:4b:
cb:ab:d4:e7:b4:e9:e8:07:81:29:df:18:d4:a9:ce:
43:77:c3:49:2b:dd:f1:9c:f9:55:27:ea:66:21:75:
68:02:19:01:99:38:83:56:95:76:a7:df:77:5b:40:
c1:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:F3:8A:65:AE:20:B3:05:4F:6B:0E:C8:C5:B2:20:FA:D5:D0:01:7F
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NvOKZa4gswVPaw7IxbIg-tXQAX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.67.0/24
31.58.49.0/24
31.58.169.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:06:28:ca:65:46:a0:f6:75:47:61:b4:1b:17:39:f4:0e:17:
6e:9e:1a:33:d6:9b:a0:c1:53:06:a3:16:c0:7c:61:aa:d7:99:
d7:9a:1f:0a:8f:68:1a:c0:66:59:55:b7:c5:9f:c8:a4:74:fe:
cb:fd:88:ad:fd:57:89:7a:70:62:24:90:eb:95:dc:b7:75:3b:
47:79:aa:ba:8f:1c:61:4a:4d:ec:9e:a6:41:7f:c4:ab:e2:0a:
0c:b5:f3:40:52:7b:fb:dd:3d:c8:b5:10:9b:14:3a:df:50:ec:
9d:af:00:d6:c5:12:c2:3c:0b:3c:89:08:71:0b:a9:71:01:6c:
df:09:9f:b7:96:7f:92:f9:f0:47:c2:f8:93:85:39:92:c7:65:
b8:99:f9:03:5e:bb:b6:06:b3:7b:66:1c:ef:8e:52:57:14:35:
ec:23:4d:e1:4f:5a:29:57:98:92:ba:d5:7c:30:2f:66:47:23:
73:7a:6e:98:e3:bd:d3:4c:1d:e2:cf:19:53:1b:86:b5:d1:bb:
95:41:09:3b:4f:12:6c:66:29:83:2e:36:ef:ef:7b:1a:a3:85:
4c:29:3e:64:fc:17:5f:8c:d8:e7:fb:27:f6:f0:8c:84:13:90:
b0:d8:47:4f:32:22:0b:61:bc:9c:04:6d:23:ea:fe:06:42:ee:
71:45:94:66
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZOJMBXc7rftF+7FVFasyjeZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjAyMjEwNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmYzOGE2NWFlMjBiMzA1NGY2YjBlYzhjNWIyMjBmYWQ1ZDAwMTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NnoE6jw5cZSOZvq7WYBwMfbgj1s
0igNfiue15UeZ/LWY2oInOzWMsNjH6z4RSAybDBvNVoVAaOngJvjVAFCq3ASAcxX
ueuRKJaHV5biOetu0q8w81oWsVPSAytn7IhLarUXHLIS45swpKO1lYBxn5wmm7Vx
LvqtIV3KO0s1iIFEihLCr7NJBOQo0tKOjhllXBk3hRDLJ4lUhJ24wur91jLQHzWc
QTmEwJxniRKAbtoeZcSfqpOSc+53+B/pPBbEK4d6BWFN6+2RctCClV3MUUvLq9Tn
tOnoB4Ep3xjUqc5Dd8NJK93xnPlVJ+pmIXVoAhkBmTiDVpV2p993W0DB1wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDbzimWuILMFT2sOyMWyIPrV0AF/MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTnZPS1phNGdzd1ZQYXc3SXhiSWctdFhRQVg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHzlDAwQA
HzoxAwQAHzqpMA0GCSqGSIb3DQEBCwUAA4IBAQCkBijKZUag9nVHYbQbFzn0Dhdu
nhoz1pugwVMGoxbAfGGq15nXmh8Kj2gawGZZVbfFn8ikdP7L/Yit/VeJenBiJJDr
ldy3dTtHeaq6jxxhSk3snqZBf8Sr4goMtfNAUnv73T3ItRCbFDrfUOydrwDWxRLC
PAs8iQhxC6lxAWzfCZ+3ln+S+fBHwviThTmSx2W4mfkDXru2BrN7ZhzvjlJXFDXs
I03hT1opV5iSutV8MC9mRyNzem6Y473TTB3izxlTG4a10buVQQk7TxJsZimDLjbv
73sao4VMKT5k/BdfjNjn+yf28IyEE5Cw2EdPMiILYbycBG0j6v4GQu5xRZRm
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:09 2025 by rpki-client