Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QNeMSbL2HTI5V9Q4w-WDZnPJrhY.roa
File: QNeMSbL2HTI5V9Q4w-WDZnPJrhY.roa (raw, json)
Hash identifier: CLqoc8evRWdJtXDepIxWJoybx9CauwoSAVZjZaWhULs=
Subject key identifier: 40:D7:8C:49:B2:F6:1D:32:39:57:D4:38:C3:E5:83:66:73:C9:AE:16
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193CE4EAE8F269F2B9B4B12327D55FEC00E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QNeMSbL2HTI5V9Q4w-WDZnPJrhY.roa
Signing time: Mon 16 Dec 2024 07:11:23 +0000
ROA not before: Mon 16 Dec 2024 07:11:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39521
IP address blocks: 31.57.12.0/23 maxlen: 24
31.57.14.0/23 maxlen: 24
31.57.36.0/23 maxlen: 24
31.57.38.0/23 maxlen: 24
31.57.46.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ce:4e:ae:8f:26:9f:2b:9b:4b:12:32:7d:55:fe:c0:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 16 07:11:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40d78c49b2f61d323957d438c3e5836673c9ae16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d5:5f:a3:cb:51:4c:b7:c1:a9:8f:93:e0:2a:
cb:99:eb:df:27:f2:e6:7f:d0:d1:d6:ba:87:52:a3:
f3:5d:55:32:e6:bf:b5:56:1d:4c:42:4c:a4:22:aa:
98:bd:36:f7:65:15:60:a1:09:37:e2:0e:db:e5:fd:
61:12:fe:90:be:aa:5d:fc:b3:cf:18:c7:43:09:76:
2e:7b:f3:12:8f:5f:ca:55:4e:c1:c2:24:40:11:af:
9c:59:28:31:cd:41:d5:eb:1a:7f:20:5d:0c:4b:59:
6c:83:47:82:25:f6:2f:7b:d4:2f:1d:e2:7a:2d:29:
6b:73:a9:a0:21:9a:75:d5:29:cc:7d:64:4e:e6:e5:
36:5b:f2:f7:88:b2:8b:a7:7c:95:10:71:e3:e7:c6:
1b:d3:45:50:a3:6a:ae:f1:79:f9:0b:74:81:46:81:
83:5f:bd:d1:ce:ef:f8:4f:5c:a5:d2:63:33:17:61:
68:b6:a8:e1:79:4e:2f:40:90:8b:27:be:ae:3f:e7:
bc:69:04:02:96:7e:18:d4:f7:d5:3c:09:43:4a:12:
e3:97:ae:e7:55:7f:dd:8d:02:4e:1f:bb:61:aa:73:
7e:49:a1:8e:07:50:12:48:cb:e8:db:8d:27:b5:16:
17:d2:08:8d:9b:2f:f3:2c:f7:4d:71:08:88:a2:1b:
87:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D7:8C:49:B2:F6:1D:32:39:57:D4:38:C3:E5:83:66:73:C9:AE:16
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QNeMSbL2HTI5V9Q4w-WDZnPJrhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.12.0/22
31.57.36.0/22
31.57.46.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:d7:99:08:01:d4:08:53:d4:3a:e3:a6:f4:18:14:03:47:4c:
fd:f7:93:b2:2a:f7:00:b5:cb:8e:ed:77:6b:83:9b:73:75:13:
e3:17:0f:37:42:fd:5c:e9:0a:bf:18:b7:57:59:46:ea:26:0c:
75:aa:be:bd:1a:71:8d:a7:ce:e0:cc:9a:1d:56:bc:5e:59:f9:
13:ec:c7:8d:71:93:bb:d5:f9:37:07:04:3c:89:8d:1a:20:d0:
fc:34:bb:84:5b:66:34:e6:f9:f5:28:8a:50:f8:2d:9c:e1:85:
42:ef:9f:42:6b:54:0b:ff:51:a9:e3:a8:a9:90:e0:1c:7e:7e:
a6:2a:79:97:04:b2:88:be:ed:61:60:d7:9f:e7:ee:dc:b5:45:
ed:ba:f1:43:f8:c7:89:2b:7b:8a:cd:83:1e:7f:af:1a:3e:15:
2f:07:0f:39:b6:29:c2:91:28:f6:f1:39:17:51:41:5f:9e:a8:
09:7f:ed:f7:b3:57:aa:0f:fd:12:cf:b5:b3:c7:45:89:ee:06:
4f:e9:2f:4f:c7:9f:11:de:4f:ea:c8:69:15:ff:14:32:11:11:
46:e4:52:f2:f7:f8:6e:fc:bf:76:2d:ad:5d:99:20:8c:73:76:
94:66:9a:7e:09:16:47:84:2a:85:bb:8d:a2:1d:ab:05:d9:5c:
97:0f:58:d7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZPOTq6PJp8rm0sSMn1V/sAOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjE2MDcxMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQ3OGM0OWIyZjYxZDMyMzk1N2Q0MzhjM2U1ODM2NjczYzlhZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tVfo8tRTLfBqY+T4CrLmevfJ/Lm
f9DR1rqHUqPzXVUy5r+1Vh1MQkykIqqYvTb3ZRVgoQk34g7b5f1hEv6Qvqpd/LPP
GMdDCXYue/MSj1/KVU7BwiRAEa+cWSgxzUHV6xp/IF0MS1lsg0eCJfYve9QvHeJ6
LSlrc6mgIZp11SnMfWRO5uU2W/L3iLKLp3yVEHHj58Yb00VQo2qu8Xn5C3SBRoGD
X73Rzu/4T1yl0mMzF2FotqjheU4vQJCLJ76uP+e8aQQCln4Y1PfVPAlDShLjl67n
VX/djQJOH7thqnN+SaGOB1ASSMvo240ntRYX0giNmy/zLPdNcQiIohuHjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEDXjEmy9h0yOVfUOMPlg2Zzya4WMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUU5lTVNiTDJIVEk1VjlRNHctV0RablBKcmhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCHzkMAwQC
HzkkAwQBHzkuMA0GCSqGSIb3DQEBCwUAA4IBAQA/15kIAdQIU9Q646b0GBQDR0z9
95OyKvcAtcuO7Xdrg5tzdRPjFw83Qv1c6Qq/GLdXWUbqJgx1qr69GnGNp87gzJod
VrxeWfkT7MeNcZO71fk3BwQ8iY0aIND8NLuEW2Y05vn1KIpQ+C2c4YVC759Ca1QL
/1Gp46ipkOAcfn6mKnmXBLKIvu1hYNef5+7ctUXtuvFD+MeJK3uKzYMef68aPhUv
Bw85tinCkSj28TkXUUFfnqgJf+33s1eqD/0Sz7Wzx0WJ7gZP6S9Px58R3k/qyGkV
/xQyERFG5FLy9/hu/L92La1dmSCMc3aUZpp+CRZHhCqFu42iHasF2VyXD1jX
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:49:09 2025 by rpki-client