Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/U0qEGJJ-NTaYsoIALyiTY3Gk4Bk.roa
File: U0qEGJJ-NTaYsoIALyiTY3Gk4Bk.roa (raw, json)
Hash identifier: 0vhdqQFtp8Xh4WtyBbBexR/iwNcxcJiUxn4P4QV5hLo=
Subject key identifier: 53:4A:84:18:92:7E:35:36:98:B2:82:00:2F:28:93:63:71:A4:E0:19
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0191BEBED478D2639D452E48421E1C38D6E2
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/U0qEGJJ-NTaYsoIALyiTY3Gk4Bk.roa
Signing time: Wed 04 Sep 2024 20:34:22 +0000
ROA not before: Wed 04 Sep 2024 20:34:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.39.0/24 maxlen: 24
31.56.45.0/24 maxlen: 24
31.56.65.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.112.0/21 maxlen: 24
31.56.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Sep 2024 06:28:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:be:be:d4:78:d2:63:9d:45:2e:48:42:1e:1c:38:d6:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Sep 4 20:34:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=534a8418927e353698b282002f28936371a4e019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:90:8a:98:c5:4c:0a:a9:d7:e7:e1:c2:85:41:
05:b2:66:07:93:2b:ad:58:ad:2d:8d:50:a4:ea:07:
f3:a5:87:3e:df:d2:fa:87:18:34:da:53:f5:cd:9a:
4c:fe:0f:bc:b9:ba:39:a4:9e:c8:f4:eb:74:b7:43:
0a:d9:e4:92:e4:f9:95:b0:4b:0f:bf:94:f9:a5:34:
23:4b:9e:da:4f:d4:d7:42:4b:2b:99:7a:60:6f:dc:
a5:c1:e2:4f:6d:0b:da:53:c8:a6:ed:cb:0e:b8:dd:
43:25:17:94:72:5e:10:c9:8d:5c:c7:75:54:7e:48:
69:fe:e0:66:85:8e:0b:5c:e8:28:00:32:1f:df:08:
5e:92:d9:0b:2c:60:33:74:f4:eb:4a:4e:64:b8:1a:
5d:c1:9a:af:a1:60:61:d5:51:d6:3c:b4:35:82:b2:
41:c4:d0:3f:72:91:3d:01:02:51:9b:7c:60:5e:2b:
5a:64:00:c7:0b:db:f8:d8:8b:e2:6f:84:1b:e2:17:
b9:7c:5e:04:e6:1e:dd:54:d4:59:a5:9a:60:15:e8:
31:ca:52:d5:06:5a:a7:f2:8d:70:01:c5:5d:8c:ce:
ef:f0:45:b4:43:54:05:9c:a0:8d:36:7d:b5:7f:37:
b5:3b:8b:28:9e:f0:63:36:c2:84:b4:9a:32:97:8f:
22:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:4A:84:18:92:7E:35:36:98:B2:82:00:2F:28:93:63:71:A4:E0:19
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/U0qEGJJ-NTaYsoIALyiTY3Gk4Bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.39.0/24
31.56.45.0/24
31.56.65.0/24
31.56.89.0/24
31.56.112.0/21
31.56.126.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:9f:27:86:06:79:4c:37:c5:cc:eb:d3:4a:5d:6b:04:bb:38:
66:bf:6c:f2:b4:fc:ad:69:50:6f:00:af:e9:26:96:38:e8:ed:
f4:f7:1d:8d:0d:14:97:c7:b6:e1:23:8f:05:50:a7:b0:fa:a4:
60:53:ce:c3:eb:37:d9:ee:94:ab:83:ee:ec:66:e5:4e:f3:be:
99:5e:70:48:ed:14:90:4b:d4:c8:22:94:dd:68:4b:68:64:bb:
89:c2:46:e4:46:ce:08:98:42:90:0a:5f:32:ba:7a:a5:83:d2:
18:94:de:4b:e4:b1:29:7e:40:17:3f:d8:95:15:7e:c9:c1:33:
61:a0:b2:3f:8e:33:b9:90:80:28:cb:6e:e8:de:e3:18:16:d4:
1c:9f:1f:5c:55:f7:a6:0a:44:43:5e:bf:b6:95:e4:37:f0:68:
8a:4b:10:5e:ee:4e:c0:c7:53:fb:bd:5b:1a:66:8d:86:0b:37:
34:f8:c6:b0:bc:d3:46:eb:cc:cd:34:cd:e9:0b:ae:5b:ff:44:
3c:47:e6:f3:d9:a9:a5:84:7b:61:e6:4e:d1:de:a4:95:00:b7:
6c:55:7b:7e:c6:63:63:21:b2:f2:9c:3d:21:a3:c8:ff:3c:ea:
57:f7:0e:09:65:ac:6c:4f:44:18:6c:61:7a:5f:ff:de:b1:94:
8f:a7:ed:c1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZG+vtR40mOdRS5IQh4cONbiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQwOTA0MjAzNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzRhODQxODkyN2UzNTM2OThiMjgyMDAyZjI4OTM2MzcxYTRlMDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5CKmMVMCqnX5+HChUEFsmYHkyut
WK0tjVCk6gfzpYc+39L6hxg02lP1zZpM/g+8ubo5pJ7I9Ot0t0MK2eSS5PmVsEsP
v5T5pTQjS57aT9TXQksrmXpgb9ylweJPbQvaU8im7csOuN1DJReUcl4QyY1cx3VU
fkhp/uBmhY4LXOgoADIf3whektkLLGAzdPTrSk5kuBpdwZqvoWBh1VHWPLQ1grJB
xNA/cpE9AQJRm3xgXitaZADHC9v42Ivib4Qb4he5fF4E5h7dVNRZpZpgFegxylLV
Blqn8o1wAcVdjM7v8EW0Q1QFnKCNNn21fze1O4sonvBjNsKEtJoyl48iFQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFNKhBiSfjU2mLKCAC8ok2NxpOAZMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVTBxRUdKSi1OVGFZc29JQUx5aVRZM0drNEJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBHzgEAwQA
HzgnAwQAHzgtAwQAHzhBAwQAHzhZAwQDHzhwAwQAHzh+MA0GCSqGSIb3DQEBCwUA
A4IBAQCPnyeGBnlMN8XM69NKXWsEuzhmv2zytPytaVBvAK/pJpY46O309x2NDRSX
x7bhI48FUKew+qRgU87D6zfZ7pSrg+7sZuVO876ZXnBI7RSQS9TIIpTdaEtoZLuJ
wkbkRs4ImEKQCl8yunqlg9IYlN5L5LEpfkAXP9iVFX7JwTNhoLI/jjO5kIAoy27o
3uMYFtQcnx9cVfemCkRDXr+2leQ38GiKSxBe7k7Ax1P7vVsaZo2GCzc0+MawvNNG
68zNNM3pC65b/0Q8R+bz2amlhHth5k7R3qSVALdsVXt+xmNjIbLynD0ho8j/POpX
9w4JZaxsT0QYbGF6X//esZSPp+3B
-----END CERTIFICATE-----
Generated at Fri Sep 6 07:58:14 2024 by rpki-client on console-fra.rpki-client.org