Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/PoKmXcVgEBcGYFC2YHLAi0vpTHc.roa
File: PoKmXcVgEBcGYFC2YHLAi0vpTHc.roa (raw, json)
Hash identifier: AI/fw9mIuL6+Pu3M0CFbZVYCwFcPIEHHyZr8fXvRrGU=
Subject key identifier: 3E:82:A6:5D:C5:60:10:17:06:60:50:B6:60:72:C0:8B:4B:E9:4C:77
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01925047B21AE9B25503F956BAA452A1CB67
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/PoKmXcVgEBcGYFC2YHLAi0vpTHc.roa
Signing time: Thu 03 Oct 2024 02:48:48 +0000
ROA not before: Thu 03 Oct 2024 02:48:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 31.56.160.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.240.0/22 maxlen: 24
31.57.244.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 06:49:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:50:47:b2:1a:e9:b2:55:03:f9:56:ba:a4:52:a1:cb:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 3 02:48:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e82a65dc5601017066050b66072c08b4be94c77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:53:15:fb:25:dc:ae:87:ae:9d:9a:40:5a:18:
30:b8:19:98:65:03:23:82:26:3c:c7:62:b2:72:e6:
37:d5:03:b1:93:36:89:63:28:58:e0:9f:97:0a:e0:
17:32:db:81:ce:19:90:7d:b3:0e:87:ee:99:8f:f2:
b4:52:ad:f3:95:be:6b:be:5d:91:4c:bd:e7:6f:7b:
c3:fb:b0:a8:c9:00:87:31:3c:ed:6a:d0:bd:28:f2:
e9:28:ef:9d:e8:ad:03:4d:50:91:f6:3c:80:92:4a:
87:8a:7e:44:8b:fc:f3:05:2c:d7:cf:88:3a:44:d5:
a7:bf:04:79:d6:2b:ea:cf:9f:dc:d2:0d:2f:74:25:
22:95:c6:78:cf:eb:55:c9:b1:d7:0a:4f:cb:67:4a:
7e:55:7a:2a:83:0a:ac:f2:56:7e:ed:cb:3e:62:0d:
ae:2e:b8:0c:ac:01:8c:34:9c:07:90:e3:53:8d:07:
7b:90:12:a8:b0:9f:1b:b6:8c:d9:50:a2:d1:73:0f:
dc:0d:5a:ec:02:b7:73:f6:4e:a1:65:81:e9:c5:06:
57:6c:13:5a:dd:d6:94:a3:8d:c5:b7:3d:b0:cb:64:
f1:3f:36:f3:3c:65:88:26:e9:a4:17:8e:00:ae:99:
4f:48:5d:1e:ef:94:6a:12:fd:50:10:ce:d9:27:d2:
17:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:82:A6:5D:C5:60:10:17:06:60:50:B6:60:72:C0:8B:4B:E9:4C:77
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/PoKmXcVgEBcGYFC2YHLAi0vpTHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.160.0/21
31.57.192.0/22
31.57.224.0/22
31.57.232.0/22
31.57.240.0/21
31.57.252.0/22
Signature Algorithm: sha256WithRSAEncryption
89:1b:be:6a:e3:9e:f6:f4:a3:bb:85:6d:db:a2:bf:7f:4a:7a:
8f:5b:41:61:2c:10:82:67:4f:2a:0e:41:87:1e:8a:88:0d:f0:
46:b7:2b:35:8d:60:49:28:7c:d1:02:5f:2e:60:a3:00:ac:e6:
5c:b6:aa:20:5a:33:92:22:91:f0:78:e7:48:fa:d5:e7:27:26:
e2:cc:e4:da:67:57:3e:36:a2:bc:1d:28:82:53:6f:b7:88:2d:
24:33:a9:a1:f1:bf:8c:6d:4c:f6:7f:bb:d5:7d:6e:62:8e:2b:
01:8c:8a:dd:08:5e:8a:02:ac:90:55:86:55:84:25:a1:55:ef:
df:b6:9a:01:dc:f6:a5:f2:47:ca:36:4d:8e:93:f3:89:b6:60:
ba:84:0c:5a:a0:82:81:55:9e:ec:44:bb:2a:9d:e5:58:a5:9a:
d2:80:57:90:68:9a:7f:36:96:17:bc:7d:35:b0:b6:b8:1c:e7:
a2:b0:dc:e5:da:32:a3:12:19:fc:75:ba:49:7b:3a:fa:cd:9d:
85:37:1f:01:a6:a9:fd:01:a3:48:af:93:e8:48:c2:56:58:aa:
a3:ad:5e:96:f2:49:21:dd:ab:84:1c:e1:91:35:9c:f4:be:f1:
1b:16:3a:82:ec:58:92:64:4c:28:11:47:84:a4:23:ab:87:40:
99:39:91:47
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZJQR7Ia6bJVA/lWuqRSoctnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDAzMDI0ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTgyYTY1ZGM1NjAxMDE3MDY2MDUwYjY2MDcyYzA4YjRiZTk0Yzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lMV+yXcroeunZpAWhgwuBmYZQMj
giY8x2KycuY31QOxkzaJYyhY4J+XCuAXMtuBzhmQfbMOh+6Zj/K0Uq3zlb5rvl2R
TL3nb3vD+7CoyQCHMTztatC9KPLpKO+d6K0DTVCR9jyAkkqHin5Ei/zzBSzXz4g6
RNWnvwR51ivqz5/c0g0vdCUilcZ4z+tVybHXCk/LZ0p+VXoqgwqs8lZ+7cs+Yg2u
LrgMrAGMNJwHkONTjQd7kBKosJ8btozZUKLRcw/cDVrsArdz9k6hZYHpxQZXbBNa
3daUo43Ftz2wy2TxPzbzPGWIJumkF44ArplPSF0e75RqEv1QEM7ZJ9IXQQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFD6Cpl3FYBAXBmBQtmBywItL6Ux3MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUG9LbVhjVmdFQmNHWUZDMllITEFpMHZwVEhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDHzigAwQC
HznAAwQCHzngAwQCHznoAwQDHznwAwQCHzn8MA0GCSqGSIb3DQEBCwUAA4IBAQCJ
G75q45729KO7hW3bor9/SnqPW0FhLBCCZ08qDkGHHoqIDfBGtys1jWBJKHzRAl8u
YKMArOZctqogWjOSIpHweOdI+tXnJybizOTaZ1c+NqK8HSiCU2+3iC0kM6mh8b+M
bUz2f7vVfW5ijisBjIrdCF6KAqyQVYZVhCWhVe/ftpoB3Pal8kfKNk2Ok/OJtmC6
hAxaoIKBVZ7sRLsqneVYpZrSgFeQaJp/NpYXvH01sLa4HOeisNzl2jKjEhn8dbpJ
ezr6zZ2FNx8Bpqn9AaNIr5PoSMJWWKqjrV6W8kkh3auEHOGRNZz0vvEbFjqC7FiS
ZEwoEUeEpCOrh0CZOZFH
-----END CERTIFICATE-----
Generated at Thu Oct 3 09:16:10 2024 by rpki-client on console-fra.rpki-client.org