Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QRRt2Uoc-uZKGLXWs_ccROOW0kE.roa
File: QRRt2Uoc-uZKGLXWs_ccROOW0kE.roa (raw, json)
Hash identifier: nFvcjyuQ2B2HCk26u85goGmx6jEigJ6t3C/Rb5/tzhY=
Subject key identifier: 41:14:6D:D9:4A:1C:FA:E6:4A:18:B5:D6:B3:F7:1C:44:E3:96:D2:41
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01936D81E871A6CE20EF61A151A5A36B6EFA
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QRRt2Uoc-uZKGLXWs_ccROOW0kE.roa
Signing time: Wed 27 Nov 2024 12:04:10 +0000
ROA not before: Wed 27 Nov 2024 12:04:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.56.3.0/24 maxlen: 24
31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.48.0/24 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.127.0/24 maxlen: 24
31.57.65.0/24 maxlen: 24
31.57.67.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.184.0/23 maxlen: 24
31.57.186.0/23 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.58.49.0/24 maxlen: 24
31.59.68.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Nov 2024 19:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6d:81:e8:71:a6:ce:20:ef:61:a1:51:a5:a3:6b:6e:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 27 12:04:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41146dd94a1cfae64a18b5d6b3f71c44e396d241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cd:b1:37:3f:f3:d5:12:b3:ff:9d:fd:c7:02:
ab:39:8d:fe:57:1f:4d:82:aa:49:9c:b2:1b:a3:4d:
24:2b:5d:80:19:4e:8c:37:fe:d0:3a:16:a2:bf:0d:
60:80:dd:cd:33:6c:d1:a8:90:ba:cd:66:2e:58:97:
da:b1:f8:3a:c9:da:de:19:5d:4e:50:84:46:8e:33:
c9:56:79:db:a9:0b:ef:3a:9d:97:da:3f:7d:3c:c0:
89:c8:33:38:f2:41:25:cd:4a:e4:f7:c0:67:a6:81:
3c:94:24:98:d9:14:70:fc:43:ff:c6:28:26:98:92:
f4:85:6b:7c:1c:86:7e:cb:fa:8e:ea:23:70:a0:0a:
67:eb:6f:88:06:46:41:bf:8c:52:ef:53:8a:58:aa:
40:2c:5c:90:c5:aa:3f:0c:85:cc:d3:14:e9:94:46:
79:68:64:70:e8:05:73:76:de:c2:27:2a:a9:32:67:
8e:67:2f:4f:62:d0:d6:8d:77:b5:fc:ae:0f:df:e4:
74:3d:42:5e:9d:18:c4:8c:a6:6f:15:f7:71:56:46:
88:79:08:5b:4b:6f:f1:1b:41:b4:b8:37:6a:41:96:
cb:05:bf:98:65:60:e0:5f:35:78:3a:8f:6f:a3:24:
a1:c0:1f:74:68:ae:41:68:82:2a:ca:31:41:44:99:
d4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:14:6D:D9:4A:1C:FA:E6:4A:18:B5:D6:B3:F7:1C:44:E3:96:D2:41
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QRRt2Uoc-uZKGLXWs_ccROOW0kE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.3.0-31.56.5.255
31.56.24.0/24
31.56.42.0/23
31.56.48.0/24
31.56.57.0/24
31.56.89.0/24
31.56.120.0/22
31.56.127.0/24
31.57.65.0/24
31.57.67.0/24
31.57.132.0/23
31.57.146.0/23
31.57.176.0-31.57.187.255
31.57.192.0/22
31.57.232.0/22
31.58.49.0/24
31.59.68.0/24
31.59.96.0/22
31.59.112.0/22
31.59.184.0/22
Signature Algorithm: sha256WithRSAEncryption
43:9e:56:a4:2d:f6:09:2d:7e:da:95:1b:bf:ae:82:12:7b:e2:
08:b6:44:bb:00:60:3f:d4:71:67:a6:d9:1f:c5:fe:db:b4:2e:
1a:61:fa:7b:b4:d1:cc:0b:21:58:e3:60:fa:7b:33:3a:d1:06:
86:b2:0c:82:23:a5:97:47:c4:e6:3c:ef:b3:5a:54:7c:50:06:
6b:51:d5:f8:d4:2d:2a:ba:ad:a4:3b:03:43:b6:f0:36:67:a0:
21:4e:61:0e:4e:63:e2:98:4b:b3:f2:21:2e:79:0a:91:1c:aa:
98:a7:86:ac:da:1e:46:a0:76:4a:26:8e:ac:02:ac:42:bf:35:
17:0f:b7:c5:7f:53:37:d6:4d:45:95:55:1f:19:01:05:47:6e:
89:13:9f:7a:b2:81:46:93:3b:9a:95:42:40:10:31:5d:f5:40:
86:61:6c:1d:82:d7:9b:86:2d:b0:92:d7:1b:54:5a:a6:6a:fc:
c0:63:27:46:b6:aa:45:5f:ca:14:fd:86:41:8d:cb:bf:a1:92:
bc:9e:f9:c1:1c:57:89:ae:9b:1e:68:2b:2c:ad:f5:ca:9e:3a:
97:8a:74:37:1c:9f:4b:08:2c:63:d2:bb:9b:82:de:0e:41:92:
c5:9d:ec:4b:66:b2:66:ad:83:db:48:2e:b3:d8:1a:d4:04:b8:
05:ea:8f:38
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZNtgehxps4g72GhUaWja276MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTI3MTIwNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTE0NmRkOTRhMWNmYWU2NGExOGI1ZDZiM2Y3MWM0NGUzOTZkMjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs82xNz/z1RKz/539xwKrOY3+Vx9N
gqpJnLIbo00kK12AGU6MN/7QOhaivw1ggN3NM2zRqJC6zWYuWJfasfg6ydreGV1O
UIRGjjPJVnnbqQvvOp2X2j99PMCJyDM48kElzUrk98BnpoE8lCSY2RRw/EP/xigm
mJL0hWt8HIZ+y/qO6iNwoApn62+IBkZBv4xS71OKWKpALFyQxao/DIXM0xTplEZ5
aGRw6AVzdt7CJyqpMmeOZy9PYtDWjXe1/K4P3+R0PUJenRjEjKZvFfdxVkaIeQhb
S2/xG0G0uDdqQZbLBb+YZWDgXzV4Oo9voyShwB90aK5BaIIqyjFBRJnU3wIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFEEUbdlKHPrmShi11rP3HETjltJBMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUVJSdDJVb2MtdVpLR0xYV3NfY2NST09XMGtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgwDAME
AB84AwMEAR84BAMEAB84GAMEAR84KgMEAB84MAMEAB84OQMEAB84WQMEAh84eAME
AB84fwMEAB85QQMEAB85QwMEAR85hAMEAR85kjAMAwQEHzmwAwQCHzm4AwQCHznA
AwQCHznoAwQAHzoxAwQAHztEAwQCHztgAwQCHztwAwQCHzu4MA0GCSqGSIb3DQEB
CwUAA4IBAQBDnlakLfYJLX7alRu/roISe+IItkS7AGA/1HFnptkfxf7btC4aYfp7
tNHMCyFY42D6ezM60QaGsgyCI6WXR8TmPO+zWlR8UAZrUdX41C0quq2kOwNDtvA2
Z6AhTmEOTmPimEuz8iEueQqRHKqYp4as2h5GoHZKJo6sAqxCvzUXD7fFf1M31k1F
lVUfGQEFR26JE596soFGkzualUJAEDFd9UCGYWwdgtebhi2wktcbVFqmavzAYydG
tqpFX8oU/YZBjcu/oZK8nvnBHFeJrpseaCssrfXKnjqXinQ3HJ9LCCxj0rubgt4O
QZLFnexLZrJmrYPbSC6z2BrUBLgF6o84
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:08 2025 by rpki-client