Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/WhQ4w1Hagmg1pkEEpGn-DO2Ypzg.roa
File: WhQ4w1Hagmg1pkEEpGn-DO2Ypzg.roa (raw, json)
Hash identifier: 2f5gjT3U2/PaLjpcLXky7iWdoGmKkJJEC5PPe4jQrHE=
Subject key identifier: 5A:14:38:C3:51:DA:82:68:35:A6:41:04:A4:69:FE:0C:ED:98:A7:38
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193A110A525DC8C003867C47C09753D2A7D
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/WhQ4w1Hagmg1pkEEpGn-DO2Ypzg.roa
Signing time: Sat 07 Dec 2024 12:20:42 +0000
ROA not before: Sat 07 Dec 2024 12:20:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205463
IP address blocks: 31.58.238.0/24 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.245.0/24 maxlen: 24
31.58.246.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Dec 2024 11:52:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a1:10:a5:25:dc:8c:00:38:67:c4:7c:09:75:3d:2a:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 7 12:20:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a1438c351da826835a64104a469fe0ced98a738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:be:ba:39:cb:fc:c5:8c:93:b2:d5:e5:fa:e7:
4b:6d:75:b4:12:eb:b5:cd:de:4c:53:85:8b:6a:54:
a6:07:bf:04:67:68:4a:fc:99:0a:0b:90:7a:53:9e:
eb:22:73:82:ed:c3:7e:3b:3e:f2:6d:ae:51:a2:d1:
e9:02:bc:c6:23:c0:94:b7:68:bf:ed:e1:97:be:50:
9f:a1:2e:b4:fc:b3:b7:76:8f:86:26:a5:ac:bc:07:
1f:2b:38:4c:d2:83:e9:f1:0f:6f:87:27:fa:93:8d:
57:b1:bf:63:69:c5:4f:66:c4:14:da:6c:9a:64:47:
ef:44:5a:cf:de:bf:d5:6b:1b:49:9c:d6:4b:a6:01:
62:b5:91:d6:05:d7:a3:71:70:0d:d1:07:c0:ce:bf:
cd:b7:1f:80:ce:ed:8e:0e:27:34:2f:20:30:98:66:
0e:3a:89:8a:a6:0e:99:f1:43:2a:b4:51:04:8b:9a:
33:dc:f3:ad:cb:8d:97:8c:96:a6:d6:67:d9:fc:1e:
68:7b:42:75:58:03:dd:69:c2:bb:68:56:93:12:1f:
39:27:85:9a:b0:fe:ae:da:aa:0c:dd:08:8a:e3:32:
29:6b:ff:fe:93:8e:a9:b7:63:f5:cf:1c:9d:71:ac:
05:7c:ac:bf:f1:6a:6d:2f:37:1a:6a:b8:d7:4b:34:
96:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:14:38:C3:51:DA:82:68:35:A6:41:04:A4:69:FE:0C:ED:98:A7:38
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/WhQ4w1Hagmg1pkEEpGn-DO2Ypzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.238.0/24
31.58.244.0/22
31.58.249.0/24
Signature Algorithm: sha256WithRSAEncryption
16:2b:62:26:be:2c:0d:07:06:c4:2f:68:4f:97:7a:5a:2a:99:
e2:c9:58:82:c0:a3:c2:53:5c:74:45:5e:a4:58:78:c3:b0:4a:
80:24:eb:56:81:7b:9c:70:fc:9d:ba:d2:e7:35:89:b4:fb:63:
87:0f:2f:62:61:05:f0:96:a9:3a:db:67:e4:95:bc:23:ad:77:
58:a0:39:2c:eb:c6:d6:c3:dd:da:e8:07:12:ea:c0:3d:d6:ad:
3e:bb:a8:18:2f:a6:9e:02:f7:c3:21:b0:e3:0b:6f:6b:20:45:
01:22:13:7b:a5:3d:56:fb:79:98:f1:f6:3f:96:4a:4a:30:88:
16:fd:8e:4b:c1:b4:77:af:dd:99:19:e2:8b:64:a1:55:74:5f:
b9:5a:02:2b:5e:2b:6e:f8:b7:3d:dd:b9:fd:5f:66:93:a7:fc:
23:75:b7:0c:43:d1:00:f9:20:26:2a:27:aa:51:24:98:03:79:
48:ea:5e:d2:34:91:71:eb:a1:0b:d5:09:02:e4:7f:34:67:1f:
0b:1e:84:c1:0e:50:b3:04:c3:cb:dd:04:ff:e0:78:6d:cd:11:
f8:94:fa:a0:26:c3:ef:e8:cd:e9:c0:57:91:61:57:d3:52:c3:
2f:6d:6c:18:a0:8b:47:7f:af:1b:d5:8e:95:40:75:e9:50:45:
c8:8e:cf:82
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZOhEKUl3IwAOGfEfAl1PSp9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjA3MTIyMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTE0MzhjMzUxZGE4MjY4MzVhNjQxMDRhNDY5ZmUwY2VkOThhNzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr766Ocv8xYyTstXl+udLbXW0Euu1
zd5MU4WLalSmB78EZ2hK/JkKC5B6U57rInOC7cN+Oz7yba5RotHpArzGI8CUt2i/
7eGXvlCfoS60/LO3do+GJqWsvAcfKzhM0oPp8Q9vhyf6k41Xsb9jacVPZsQU2mya
ZEfvRFrP3r/VaxtJnNZLpgFitZHWBdejcXAN0QfAzr/Ntx+Azu2ODic0LyAwmGYO
OomKpg6Z8UMqtFEEi5oz3POty42XjJam1mfZ/B5oe0J1WAPdacK7aFaTEh85J4Wa
sP6u2qoM3QiK4zIpa//+k46pt2P1zxydcawFfKy/8WptLzcaarjXSzSWhwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFoUOMNR2oJoNaZBBKRp/gztmKc4MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvV2hRNHcxSGFnbWcxcGtFRXBHbi1ETzJZcHpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHzruAwQC
Hzr0AwQAHzr5MA0GCSqGSIb3DQEBCwUAA4IBAQAWK2ImviwNBwbEL2hPl3paKpni
yViCwKPCU1x0RV6kWHjDsEqAJOtWgXuccPydutLnNYm0+2OHDy9iYQXwlqk622fk
lbwjrXdYoDks68bWw93a6AcS6sA91q0+u6gYL6aeAvfDIbDjC29rIEUBIhN7pT1W
+3mY8fY/lkpKMIgW/Y5LwbR3r92ZGeKLZKFVdF+5WgIrXitu+Lc93bn9X2aTp/wj
dbcMQ9EA+SAmKieqUSSYA3lI6l7SNJFx66EL1QkC5H80Zx8LHoTBDlCzBMPL3QT/
4HhtzRH4lPqgJsPv6M3pwFeRYVfTUsMvbWwYoItHf68b1Y6VQHXpUEXIjs+C
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:13 2025 by rpki-client