Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TnGOLvNf24ZNRKSvoM_pkPx88Ic.roa
File: TnGOLvNf24ZNRKSvoM_pkPx88Ic.roa (raw, json)
Hash identifier: 62LmGneyg+tdOTVAur/6im/WBpFSP+GBPuKUNCF53+s=
Subject key identifier: 4E:71:8E:2E:F3:5F:DB:86:4D:44:A4:AF:A0:CF:E9:90:FC:7C:F0:87
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01937434AFCBFE79111FC049F9EF5480BE73
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TnGOLvNf24ZNRKSvoM_pkPx88Ic.roa
Signing time: Thu 28 Nov 2024 19:17:10 +0000
ROA not before: Thu 28 Nov 2024 19:17:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43641
IP address blocks: 31.56.116.0/24 maxlen: 24
31.56.125.0/24 maxlen: 24
31.57.192.0/24 maxlen: 24
31.57.195.0/24 maxlen: 24
31.57.233.0/24 maxlen: 24
31.57.234.0/24 maxlen: 24
31.58.145.0/24 maxlen: 24
31.58.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Dec 2024 14:23:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:74:34:af:cb:fe:79:11:1f:c0:49:f9:ef:54:80:be:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 28 19:17:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e718e2ef35fdb864d44a4afa0cfe990fc7cf087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:10:6b:a8:c8:c3:6a:97:f8:07:06:2a:69:6d:
d0:fa:15:a7:af:58:73:46:02:4c:55:a3:a7:25:13:
c4:9d:8a:13:f1:29:6c:c0:37:d7:f0:30:41:1b:0f:
ad:50:a6:6e:25:ab:0c:f5:5d:19:16:67:4e:a2:7e:
24:ab:be:cd:6a:fa:f4:d4:53:98:f7:ed:c2:6f:e0:
47:d5:61:75:e8:5c:79:30:31:84:67:43:d0:62:d4:
ee:20:d1:50:8f:9e:79:13:69:14:ab:ce:93:0b:54:
a4:5e:7b:70:41:e4:29:6b:e7:34:dd:e9:b8:3c:a7:
fe:7f:c8:e4:80:c8:08:b4:fe:cf:25:80:fd:ab:33:
8c:1c:95:1c:6e:e8:4d:f3:77:47:11:06:26:a3:76:
f4:26:77:db:ad:c8:01:08:06:57:e5:24:97:f3:06:
92:95:6f:20:41:c1:b8:c1:7b:4c:61:a4:a2:29:23:
d8:1d:58:5e:06:21:e0:8b:ea:b8:51:67:5b:5d:41:
cd:5e:e3:67:18:a0:d5:cc:35:c5:eb:09:78:7a:72:
4c:96:62:c7:34:bc:92:fc:08:74:25:aa:0b:ec:29:
18:1e:2e:e4:f0:50:a0:30:6a:d8:e1:51:34:ae:f6:
59:a7:37:84:d9:35:14:72:8d:60:93:0d:a2:6d:e5:
49:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:71:8E:2E:F3:5F:DB:86:4D:44:A4:AF:A0:CF:E9:90:FC:7C:F0:87
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TnGOLvNf24ZNRKSvoM_pkPx88Ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.116.0/24
31.56.125.0/24
31.57.192.0/24
31.57.195.0/24
31.57.233.0-31.57.234.255
31.58.145.0/24
31.58.149.0/24
Signature Algorithm: sha256WithRSAEncryption
45:e5:f9:7d:81:37:6f:9b:ff:85:d8:b0:7f:ed:40:f4:f1:7a:
02:e9:b2:c7:83:73:47:f2:25:6a:11:af:f2:e6:a4:5e:62:0a:
06:ca:3a:9a:13:eb:bf:f0:a7:eb:01:87:d7:00:12:6e:04:9f:
b4:4c:ee:d4:7b:3a:ab:3b:4c:8d:e4:ee:6b:3e:a2:a1:aa:8d:
5a:ef:4c:28:39:8d:e4:eb:36:5e:87:d1:42:4d:f8:b9:a1:8e:
b5:6e:f1:cf:14:ce:eb:c7:c3:d2:bb:6e:31:e3:71:ca:18:32:
d1:6a:0a:dc:b5:55:17:26:23:35:fb:6c:45:a5:51:9e:67:01:
29:25:1e:01:38:a3:09:14:c7:49:e6:30:de:63:ef:ea:43:e0:
69:05:52:87:b3:36:19:b9:fe:7e:57:48:ab:f1:24:c9:ed:48:
0f:e6:4b:da:75:31:e0:d7:82:79:25:22:da:8f:85:90:03:3f:
87:f4:19:cb:51:70:f8:29:44:df:3f:39:e3:b5:04:22:53:01:
fc:ba:ec:cd:e7:e7:8a:16:17:85:3d:61:22:b0:75:cb:50:c0:
3e:d4:6c:b0:c4:6b:07:f0:fc:ae:be:33:2d:ae:90:de:5c:d6:
88:1e:e1:67:3b:64:e1:7c:07:ad:32:1a:f9:1e:7e:e8:1a:06:
59:3e:02:1c
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZN0NK/L/nkRH8BJ+e9UgL5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTI4MTkxNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTcxOGUyZWYzNWZkYjg2NGQ0NGE0YWZhMGNmZTk5MGZjN2NmMDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhBrqMjDapf4BwYqaW3Q+hWnr1hz
RgJMVaOnJRPEnYoT8SlswDfX8DBBGw+tUKZuJasM9V0ZFmdOon4kq77Navr01FOY
9+3Cb+BH1WF16Fx5MDGEZ0PQYtTuINFQj555E2kUq86TC1SkXntwQeQpa+c03em4
PKf+f8jkgMgItP7PJYD9qzOMHJUcbuhN83dHEQYmo3b0JnfbrcgBCAZX5SSX8waS
lW8gQcG4wXtMYaSiKSPYHVheBiHgi+q4UWdbXUHNXuNnGKDVzDXF6wl4enJMlmLH
NLyS/Ah0JaoL7CkYHi7k8FCgMGrY4VE0rvZZpzeE2TUUco1gkw2ibeVJ1QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFE5xji7zX9uGTUSkr6DP6ZD8fPCHMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVG5HT0x2TmYyNFpOUktTdm9NX3BrUHg4OEljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAHzh0AwQA
Hzh9AwQAHznAAwQAHznDMAwDBAAfOekDBAAfOeoDBAAfOpEDBAAfOpUwDQYJKoZI
hvcNAQELBQADggEBAEXl+X2BN2+b/4XYsH/tQPTxegLpsseDc0fyJWoRr/LmpF5i
CgbKOpoT67/wp+sBh9cAEm4En7RM7tR7Oqs7TI3k7ms+oqGqjVrvTCg5jeTrNl6H
0UJN+LmhjrVu8c8UzuvHw9K7bjHjccoYMtFqCty1VRcmIzX7bEWlUZ5nASklHgE4
owkUx0nmMN5j7+pD4GkFUoezNhm5/n5XSKvxJMntSA/mS9p1MeDXgnklItqPhZAD
P4f0GctRcPgpRN8/OeO1BCJTAfy67M3n54oWF4U9YSKwdctQwD7UbLDEawfw/K6+
My2ukN5c1oge4Wc7ZOF8B60yGvkefugaBlk+Ahw=
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:13 2025 by rpki-client