Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QjGLyoBFWaGUZW3Pjz0afSmRz0s.roa
File: QjGLyoBFWaGUZW3Pjz0afSmRz0s.roa (raw, json)
Hash identifier: fLyasz/JkCEQGiegroWrYdCP7g5p9Oey5c8MNHZ8O0A=
Subject key identifier: 42:31:8B:CA:80:45:59:A1:94:65:6D:CF:8F:3D:1A:7D:29:91:CF:4B
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01938CEBE5FA5D1F25C791D0E24C6342DD36
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QjGLyoBFWaGUZW3Pjz0afSmRz0s.roa
Signing time: Tue 03 Dec 2024 14:28:10 +0000
ROA not before: Tue 03 Dec 2024 14:28:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43641
IP address blocks: 31.56.116.0/24 maxlen: 24
31.56.125.0/24 maxlen: 24
31.56.127.0/24 maxlen: 24
31.57.192.0/24 maxlen: 24
31.57.193.0/24 maxlen: 24
31.57.195.0/24 maxlen: 24
31.57.232.0/24 maxlen: 24
31.57.233.0/24 maxlen: 24
31.57.234.0/24 maxlen: 24
31.57.235.0/24 maxlen: 24
31.58.145.0/24 maxlen: 24
31.58.148.0/24 maxlen: 24
31.58.149.0/24 maxlen: 24
31.58.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Dec 2024 20:56:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8c:eb:e5:fa:5d:1f:25:c7:91:d0:e2:4c:63:42:dd:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 3 14:28:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42318bca804559a194656dcf8f3d1a7d2991cf4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6c:09:d5:cc:cd:1c:b2:30:f1:f7:07:87:c4:
32:a3:fe:ae:fb:1e:8f:19:2c:4b:42:16:e6:4f:a2:
5f:0d:e1:08:84:65:14:0d:25:8a:fb:a1:fa:8e:b7:
8e:00:de:c5:9b:7f:e0:61:c9:d5:2f:a3:e0:63:0a:
95:7c:43:15:55:21:7d:9b:34:3f:5e:f3:69:dc:e8:
16:be:98:3d:47:f7:50:bf:3f:1c:44:62:9e:6d:8e:
ab:b9:df:07:0c:f9:95:2e:a0:30:1f:95:81:2e:ab:
b0:89:0c:d3:71:47:01:ce:af:8f:f6:a1:a9:c0:33:
8f:0d:6b:97:6f:7e:7a:83:e2:00:14:71:ae:a8:85:
c2:61:c1:bb:08:b1:78:0e:a1:94:59:fe:ca:9f:c1:
32:a2:27:3e:00:85:24:8c:9a:e5:6b:d4:17:f6:08:
91:82:45:6a:54:a2:e4:b2:e5:b0:e2:3a:37:3f:ec:
0d:18:7a:ba:a5:30:ff:a8:83:90:ab:b8:7a:67:d7:
b4:88:8d:d2:5f:4f:11:85:aa:2f:c3:10:59:93:e9:
b4:cf:81:85:f4:57:0c:96:67:a4:b6:59:31:1a:3b:
bf:a2:fe:06:ea:cb:57:53:a5:a8:e2:1b:ed:3d:50:
33:f7:a8:41:48:62:e1:c2:11:df:12:b3:6a:b6:ac:
75:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:31:8B:CA:80:45:59:A1:94:65:6D:CF:8F:3D:1A:7D:29:91:CF:4B
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QjGLyoBFWaGUZW3Pjz0afSmRz0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.116.0/24
31.56.125.0/24
31.56.127.0/24
31.57.192.0/23
31.57.195.0/24
31.57.232.0/22
31.58.145.0/24
31.58.148.0/23
31.58.151.0/24
Signature Algorithm: sha256WithRSAEncryption
53:74:1b:de:f7:b3:7d:c4:74:af:a2:3e:e7:25:20:e8:b1:ca:
07:ce:c2:0e:0e:70:db:ac:a1:c5:23:fa:e9:ad:8a:aa:e1:69:
41:5e:d2:3c:75:ae:33:27:96:b9:d0:45:92:2f:de:c6:ed:fe:
86:d1:cb:f4:87:49:a9:51:81:8e:42:79:14:d1:9e:ac:7f:d3:
4a:e0:6a:80:f9:8d:6b:ac:57:5b:77:4e:ee:2e:85:42:56:61:
f2:5b:58:05:76:5d:8a:8e:b6:66:46:68:99:bf:c8:d7:c5:36:
42:62:a1:01:39:24:20:6b:88:4f:9f:0a:d0:36:68:f3:33:ee:
e8:b7:8f:40:d8:af:6d:97:27:47:d6:5c:93:33:1d:c0:ad:96:
48:27:34:aa:bf:45:69:0c:55:39:27:3c:69:e9:28:98:31:89:
c3:1e:a1:38:eb:fe:ab:0a:b9:ec:67:08:8a:26:7d:dc:84:3a:
16:b2:50:fe:2c:ff:31:f8:37:c7:11:45:6c:ec:be:a1:70:75:
c1:f6:9e:62:fa:ca:21:01:29:60:67:a2:24:4c:8f:b0:21:6e:
59:a0:25:3b:b8:aa:d8:6f:28:a1:86:1a:78:f4:49:04:45:ac:
e0:7d:2c:10:d9:6c:5d:78:9e:a0:26:37:ee:6f:c5:d4:7e:5c:
22:f1:45:a7
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZOM6+X6XR8lx5HQ4kxjQt02MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjAzMTQyODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjMxOGJjYTgwNDU1OWExOTQ2NTZkY2Y4ZjNkMWE3ZDI5OTFjZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGwJ1czNHLIw8fcHh8Qyo/6u+x6P
GSxLQhbmT6JfDeEIhGUUDSWK+6H6jreOAN7Fm3/gYcnVL6PgYwqVfEMVVSF9mzQ/
XvNp3OgWvpg9R/dQvz8cRGKebY6rud8HDPmVLqAwH5WBLquwiQzTcUcBzq+P9qGp
wDOPDWuXb356g+IAFHGuqIXCYcG7CLF4DqGUWf7Kn8Eyoic+AIUkjJrla9QX9giR
gkVqVKLksuWw4jo3P+wNGHq6pTD/qIOQq7h6Z9e0iI3SX08RhaovwxBZk+m0z4GF
9FcMlmektlkxGju/ov4G6stXU6Wo4hvtPVAz96hBSGLhwhHfErNqtqx1eQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEIxi8qARVmhlGVtz489Gn0pkc9LMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUWpHTHlvQkZXYUdVWlczUGp6MGFmU21SejBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAHzh0AwQA
Hzh9AwQAHzh/AwQBHznAAwQAHznDAwQCHznoAwQAHzqRAwQBHzqUAwQAHzqXMA0G
CSqGSIb3DQEBCwUAA4IBAQBTdBve97N9xHSvoj7nJSDoscoHzsIODnDbrKHFI/rp
rYqq4WlBXtI8da4zJ5a50EWSL97G7f6G0cv0h0mpUYGOQnkU0Z6sf9NK4GqA+Y1r
rFdbd07uLoVCVmHyW1gFdl2KjrZmRmiZv8jXxTZCYqEBOSQga4hPnwrQNmjzM+7o
t49A2K9tlydH1lyTMx3ArZZIJzSqv0VpDFU5Jzxp6SiYMYnDHqE46/6rCrnsZwiK
Jn3chDoWslD+LP8x+DfHEUVs7L6hcHXB9p5i+sohASlgZ6IkTI+wIW5ZoCU7uKrY
byihhhp49EkERazgfSwQ2WxdeJ6gJjfub8XUflwi8UWn
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:48:42 2025 by rpki-client