Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/PcOxog8JBudkcxExih0I4mHwLDA.roa
File: PcOxog8JBudkcxExih0I4mHwLDA.roa (raw, json)
Hash identifier: oMj/4VGdma6e5UdTJ9PLPojaC8XaH8B3rRthuNbaoYc=
Subject key identifier: 3D:C3:B1:A2:0F:09:06:E7:64:73:11:31:8A:1D:08:E2:61:F0:2C:30
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193870BB0627FED2ADC836B94A43B6D10F6
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/PcOxog8JBudkcxExih0I4mHwLDA.roa
Signing time: Mon 02 Dec 2024 11:05:10 +0000
ROA not before: Mon 02 Dec 2024 11:05:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205463
IP address blocks: 31.58.246.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Dec 2024 14:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:87:0b:b0:62:7f:ed:2a:dc:83:6b:94:a4:3b:6d:10:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 2 11:05:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3dc3b1a20f0906e7647311318a1d08e261f02c30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:1a:88:2a:8b:6d:e6:91:bd:9b:43:26:76:f4:
29:27:fe:a4:2e:ef:4a:bd:62:4e:0d:ac:1f:bb:6a:
0d:ad:05:48:9c:7a:2c:b5:67:16:82:84:37:c8:d8:
9f:e1:ee:a9:ad:07:0f:c6:d9:55:c9:d8:0a:94:ca:
3d:4c:13:38:e0:cf:27:96:f1:32:08:4b:0e:98:80:
24:00:b9:13:a7:5f:4c:7d:4a:05:35:df:33:0e:88:
fd:d7:35:57:45:33:ff:d3:f0:c1:8f:01:21:d4:52:
7c:b2:7e:d5:2e:50:71:5e:05:78:59:c8:dd:c4:0f:
ca:31:75:03:1d:e2:0e:a4:17:01:73:98:ab:20:2d:
2b:94:2d:9e:16:da:4b:2b:e3:87:88:4e:bd:dc:30:
7d:09:1d:84:18:b3:f3:0a:26:5e:c2:e9:3b:2e:c2:
f0:e0:34:38:63:8d:7d:15:b5:bb:02:1b:53:14:9b:
bc:0b:9f:64:b5:36:b9:69:26:b1:78:d8:82:95:23:
be:ca:00:1f:de:88:af:1c:4f:b1:9c:cf:08:ef:6a:
f1:98:fe:27:23:d6:b3:c4:40:53:b2:3c:0e:32:86:
26:7c:b3:96:ef:2b:5a:a0:2c:fb:c3:6d:cf:52:32:
04:37:62:d9:58:40:70:f2:48:42:38:74:a8:52:4e:
bd:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:C3:B1:A2:0F:09:06:E7:64:73:11:31:8A:1D:08:E2:61:F0:2C:30
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/PcOxog8JBudkcxExih0I4mHwLDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.246.0/23
31.58.249.0/24
Signature Algorithm: sha256WithRSAEncryption
91:f3:64:8f:89:6d:f8:41:10:69:a5:27:1b:fd:3a:f4:3e:ee:
1a:ae:a0:88:9f:c5:9e:60:3e:d7:e1:ae:87:17:e1:82:a2:9d:
f8:1b:bb:51:05:7d:dc:26:da:8f:6b:a7:42:7e:87:d6:25:5a:
7c:08:70:55:b2:21:26:6f:8d:a9:7a:1e:39:e7:84:fa:ee:83:
d3:b2:04:ae:48:42:cc:ad:b8:74:1b:3b:bd:47:95:34:b0:21:
6c:5e:e1:37:65:b9:ff:3b:46:1d:cd:09:59:0f:3d:89:ea:d2:
56:08:6c:6f:2a:88:97:27:76:e9:ce:ef:69:eb:fc:7e:cb:25:
4b:51:0e:f0:c4:73:7e:3a:71:5e:29:75:a7:4e:f5:cc:72:14:
b5:ea:44:2c:b3:d9:e1:14:2f:4c:c4:f0:33:27:e3:34:af:ca:
94:14:c1:5e:b3:91:a1:27:13:09:20:a8:ca:32:1c:8e:fe:22:
d3:6e:c5:d6:98:24:d2:e3:7c:71:30:bf:ed:ea:3b:d0:5f:97:
51:76:cb:31:85:71:4b:dc:94:0b:1e:2e:10:f0:67:5b:38:fe:
8f:3a:c6:24:e1:d9:a9:0f:0b:e3:71:86:e0:95:bf:94:30:f9:
d7:bb:1a:43:f1:e3:e0:54:b2:25:f4:56:87:0b:1a:2b:73:d6:
3d:8b:dd:73
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOHC7Bif+0q3INrlKQ7bRD2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjAyMTEwNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGMzYjFhMjBmMDkwNmU3NjQ3MzExMzE4YTFkMDhlMjYxZjAyYzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BqIKott5pG9m0MmdvQpJ/6kLu9K
vWJODawfu2oNrQVInHostWcWgoQ3yNif4e6prQcPxtlVydgKlMo9TBM44M8nlvEy
CEsOmIAkALkTp19MfUoFNd8zDoj91zVXRTP/0/DBjwEh1FJ8sn7VLlBxXgV4Wcjd
xA/KMXUDHeIOpBcBc5irIC0rlC2eFtpLK+OHiE693DB9CR2EGLPzCiZewuk7LsLw
4DQ4Y419FbW7AhtTFJu8C59ktTa5aSaxeNiClSO+ygAf3oivHE+xnM8I72rxmP4n
I9azxEBTsjwOMoYmfLOW7ytaoCz7w23PUjIEN2LZWEBw8khCOHSoUk69vQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD3DsaIPCQbnZHMRMYodCOJh8CwwMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUGNPeG9nOEpCdWRrY3hFeGloMEk0bUh3TERBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBHzr2AwQA
Hzr5MA0GCSqGSIb3DQEBCwUAA4IBAQCR82SPiW34QRBppScb/Tr0Pu4arqCIn8We
YD7X4a6HF+GCop34G7tRBX3cJtqPa6dCfofWJVp8CHBVsiEmb42peh4554T67oPT
sgSuSELMrbh0Gzu9R5U0sCFsXuE3Zbn/O0YdzQlZDz2J6tJWCGxvKoiXJ3bpzu9p
6/x+yyVLUQ7wxHN+OnFeKXWnTvXMchS16kQss9nhFC9MxPAzJ+M0r8qUFMFes5Gh
JxMJIKjKMhyO/iLTbsXWmCTS43xxML/t6jvQX5dRdssxhXFL3JQLHi4Q8GdbOP6P
OsYk4dmpDwvjcYbglb+UMPnXuxpD8ePgVLIl9FaHCxorc9Y9i91z
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:48:39 2025 by rpki-client