Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/PHgDHu-EnpezzOoJ0MgkeURh_pA.roa
File: PHgDHu-EnpezzOoJ0MgkeURh_pA.roa (raw, json)
Hash identifier: PhDVjYEd2btAjbjQYODugoNAIKEV2ACmkc2rLuYDjPs=
Subject key identifier: 3C:78:03:1E:EF:84:9E:97:B3:CC:EA:09:D0:C8:24:79:44:61:FE:90
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019499A3A7DCC801E93AA18FAACDECEA1A1B
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/PHgDHu-EnpezzOoJ0MgkeURh_pA.roa
Signing time: Fri 24 Jan 2025 18:47:06 +0000
ROA not before: Fri 24 Jan 2025 18:47:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4515
IP address blocks: 31.56.87.0/24 maxlen: 24
31.56.122.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 26 Jan 2025 15:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:99:a3:a7:dc:c8:01:e9:3a:a1:8f:aa:cd:ec:ea:1a:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 24 18:47:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c78031eef849e97b3ccea09d0c824794461fe90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b6:ff:ff:bb:65:54:2e:02:ca:8e:53:56:5d:
1c:7a:a7:3d:af:03:68:f4:31:48:8e:aa:3a:4a:dd:
5c:a3:6f:07:8c:c0:fa:b4:d2:34:4f:67:7a:09:d6:
a9:41:2f:30:47:d3:08:76:2c:a9:3c:35:ac:ee:0a:
69:cf:a8:44:23:02:7f:21:37:ec:a7:e5:c3:99:f7:
f2:b4:ea:25:54:9a:5a:c2:3b:a4:cb:8c:4b:71:d9:
b9:e4:cc:9a:12:44:c5:bf:53:38:a4:e9:f6:4f:84:
2f:ab:ae:54:f9:1b:6d:1a:1f:1a:97:c0:d9:55:4b:
37:aa:86:61:14:b9:c5:8f:a0:1e:55:f3:a3:5d:52:
22:21:dc:33:4c:2b:8a:74:1f:a6:49:03:17:80:66:
9b:ef:ec:e9:6f:d7:e9:78:39:be:4d:4b:f2:c6:05:
c9:22:ba:78:65:39:7f:50:1d:43:ad:b6:fc:5f:d6:
7a:02:7b:40:4b:e6:3c:1a:0d:a4:bb:4d:be:e3:b4:
5a:67:a8:b8:e1:a4:e6:11:74:0e:f9:b3:82:d7:47:
fc:0f:fd:cf:aa:9e:bf:11:7c:70:2c:f1:65:ef:ec:
f1:0e:8c:b6:63:4e:89:8c:98:0a:56:46:be:4c:f0:
6b:a0:be:63:2f:0d:2c:da:f6:96:05:8c:7e:4b:67:
fa:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:78:03:1E:EF:84:9E:97:B3:CC:EA:09:D0:C8:24:79:44:61:FE:90
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/PHgDHu-EnpezzOoJ0MgkeURh_pA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.87.0/24
31.56.122.0/24
Signature Algorithm: sha256WithRSAEncryption
71:32:c8:bc:0d:b4:9c:4e:d7:bf:e1:60:69:1b:16:e4:a6:7d:
18:0d:28:95:b3:f1:7b:1b:71:aa:5b:f6:42:22:d4:78:08:3f:
7b:28:95:db:d2:9b:c2:f1:00:23:11:cc:39:bc:40:84:13:4d:
fd:a0:f7:80:41:5f:45:12:16:8a:5e:b0:29:a2:b4:30:f9:1e:
a5:52:12:e6:ed:46:af:41:9c:96:ae:99:4e:a9:66:a7:23:69:
f3:48:39:e0:33:25:48:5d:0d:ce:62:6d:5e:10:d1:e8:63:2e:
0f:bd:73:fb:79:51:30:55:8e:44:ea:ee:7e:0b:07:5a:b7:71:
88:05:d8:99:f5:70:6d:0a:cc:c9:c1:0a:58:34:eb:4f:80:b3:
ac:fe:38:69:95:77:09:7e:d1:e0:4f:bc:23:bf:1b:31:d7:a9:
aa:5f:78:2f:dd:49:cb:f5:a2:13:a2:6a:51:c0:a3:a3:29:d5:
c4:33:96:46:0b:22:dc:78:25:a6:fa:cc:ee:f8:41:51:77:e8:
2d:71:b8:6f:45:4d:a5:79:71:98:4f:25:e1:4b:5c:7f:96:1c:
33:a8:96:5d:61:a8:b4:07:b5:9f:90:0a:48:49:23:25:c9:9b:
7f:84:6b:a0:ff:c4:5d:b9:a0:84:00:b9:59:a2:4c:29:37:fd:
2b:6f:a2:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZSZo6fcyAHpOqGPqs3s6hobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTI0MTg0NzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzc4MDMxZWVmODQ5ZTk3YjNjY2VhMDlkMGM4MjQ3OTQ0NjFmZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbb//7tlVC4Cyo5TVl0ceqc9rwNo
9DFIjqo6St1co28HjMD6tNI0T2d6CdapQS8wR9MIdiypPDWs7gppz6hEIwJ/ITfs
p+XDmffytOolVJpawjuky4xLcdm55MyaEkTFv1M4pOn2T4Qvq65U+RttGh8al8DZ
VUs3qoZhFLnFj6AeVfOjXVIiIdwzTCuKdB+mSQMXgGab7+zpb9fpeDm+TUvyxgXJ
Irp4ZTl/UB1Drbb8X9Z6AntAS+Y8Gg2ku02+47RaZ6i44aTmEXQO+bOC10f8D/3P
qp6/EXxwLPFl7+zxDoy2Y06JjJgKVka+TPBroL5jLw0s2vaWBYx+S2f6aQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDx4Ax7vhJ6Xs8zqCdDIJHlEYf6QMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUEhnREh1LUVucGV6ek9vSjBNZ2tlVVJoX3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHzhXAwQA
Hzh6MA0GCSqGSIb3DQEBCwUAA4IBAQBxMsi8DbScTte/4WBpGxbkpn0YDSiVs/F7
G3GqW/ZCItR4CD97KJXb0pvC8QAjEcw5vECEE039oPeAQV9FEhaKXrAporQw+R6l
UhLm7UavQZyWrplOqWanI2nzSDngMyVIXQ3OYm1eENHoYy4PvXP7eVEwVY5E6u5+
Cwdat3GIBdiZ9XBtCszJwQpYNOtPgLOs/jhplXcJftHgT7wjvxsx16mqX3gv3UnL
9aITompRwKOjKdXEM5ZGCyLceCWm+szu+EFRd+gtcbhvRU2leXGYTyXhS1x/lhwz
qJZdYai0B7WfkApISSMlyZt/hGug/8RduaCEALlZokwpN/0rb6IL
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:51:36 2025 by rpki-client