Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Wl2_O2UbkXhbAO3mfaSxUFJMprQ.roa
File: Wl2_O2UbkXhbAO3mfaSxUFJMprQ.roa (raw, json)
Hash identifier: /wQSiwdns1NjAB/uxF3Zm3acE+kLXHaS/+kZD9y72as=
Subject key identifier: 5A:5D:BF:3B:65:1B:91:78:5B:00:ED:E6:7D:A4:B1:50:52:4C:A6:B4
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194300A27483B020608E95245E6F7E69818
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Wl2_O2UbkXhbAO3mfaSxUFJMprQ.roa
Signing time: Sat 04 Jan 2025 06:39:19 +0000
ROA not before: Sat 04 Jan 2025 06:39:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214677
IP address blocks: 31.56.7.0/24 maxlen: 24
31.56.26.0/24 maxlen: 24
31.57.254.0/24 maxlen: 24
31.58.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Feb 2025 06:42:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:30:0a:27:48:3b:02:06:08:e9:52:45:e6:f7:e6:98:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 4 06:39:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a5dbf3b651b91785b00ede67da4b150524ca6b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:54:a1:fb:89:8a:89:70:80:c0:76:07:87:f0:
17:01:f5:5d:da:88:90:d3:94:f0:0f:88:7d:78:fe:
fc:38:a1:d8:97:e1:88:f5:52:2f:dd:38:2d:19:a8:
af:b3:99:30:eb:1d:35:d6:3c:d2:26:4a:8c:fa:d3:
75:38:83:fa:08:56:0e:d8:10:e7:b2:00:7e:43:e4:
4f:11:b3:92:b1:07:11:57:a4:8a:60:f5:75:fd:16:
10:0c:dd:90:20:6b:c7:45:36:97:05:4e:8c:c4:ff:
34:10:74:3f:eb:b5:51:5b:17:f4:0f:11:29:6f:b4:
70:f2:53:3f:a0:36:eb:a5:dd:8c:8b:e2:25:5c:4d:
c8:85:e8:85:0a:5a:f3:7d:bd:89:99:c8:f2:74:65:
c8:e3:8d:c2:c9:91:fe:dc:e1:68:1c:e6:be:43:4a:
31:fd:99:d8:c3:3e:34:6d:41:ad:86:a9:9e:f3:cb:
e0:df:d5:d4:0d:d6:9a:4a:1a:26:9c:60:99:11:0a:
7a:13:76:82:0e:23:ba:3b:af:f4:8d:95:34:3c:1d:
02:73:89:69:01:e3:eb:39:42:40:78:94:61:c2:04:
e2:f5:30:81:1e:93:3a:69:36:db:39:03:42:87:39:
9e:90:ee:e1:0f:1b:5e:dd:4a:1e:15:af:66:84:b6:
87:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:5D:BF:3B:65:1B:91:78:5B:00:ED:E6:7D:A4:B1:50:52:4C:A6:B4
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Wl2_O2UbkXhbAO3mfaSxUFJMprQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.7.0/24
31.56.26.0/24
31.57.254.0/24
31.58.156.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:bf:6b:ff:08:7f:f9:47:84:c9:a2:c5:ab:05:37:d5:27:b1:
29:36:81:3c:c8:b5:20:ee:06:c0:ee:76:6a:3e:f3:0d:d5:f1:
da:a9:81:89:16:f2:78:a6:c4:4b:d0:9d:df:b6:8b:e4:e0:51:
73:6d:99:6d:27:2a:d0:5b:b9:97:9c:fd:33:f0:54:f1:74:66:
0f:ef:3f:85:5b:62:04:70:32:cb:8d:37:f5:b2:c7:3f:8b:e2:
a1:cb:50:de:3a:49:e3:96:58:51:ef:86:ee:5d:c3:80:59:5b:
72:c2:ca:82:f7:9b:e4:80:1f:c7:c2:f6:8b:10:0d:c5:0a:f2:
c2:12:10:3d:f3:4c:bb:18:eb:3f:25:4b:f1:e7:e3:c5:8b:63:
6d:14:c0:c8:9f:92:9e:02:81:c6:dd:f3:72:ca:09:72:d1:c7:
46:59:63:32:44:ab:cd:ff:59:62:55:fb:64:e0:c9:7c:8d:73:
45:b8:62:d0:29:9e:85:91:65:37:62:de:bc:c8:b2:76:6d:39:
34:c7:a8:12:36:86:6a:be:66:cf:89:4f:79:e8:9e:6d:ca:0b:
22:78:aa:fc:34:d8:0a:1b:7e:93:fe:95:2a:37:4f:0c:e3:ef:
b6:27:3e:42:64:49:ff:0d:30:0d:bc:b4:91:9f:12:2b:50:c5:
5b:ca:a3:c1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQwCidIOwIGCOlSReb35pgYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTA0MDYzOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTVkYmYzYjY1MWI5MTc4NWIwMGVkZTY3ZGE0YjE1MDUyNGNhNmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31Sh+4mKiXCAwHYHh/AXAfVd2oiQ
05TwD4h9eP78OKHYl+GI9VIv3TgtGaivs5kw6x011jzSJkqM+tN1OIP6CFYO2BDn
sgB+Q+RPEbOSsQcRV6SKYPV1/RYQDN2QIGvHRTaXBU6MxP80EHQ/67VRWxf0DxEp
b7Rw8lM/oDbrpd2Mi+IlXE3IheiFClrzfb2JmcjydGXI443CyZH+3OFoHOa+Q0ox
/ZnYwz40bUGthqme88vg39XUDdaaShomnGCZEQp6E3aCDiO6O6/0jZU0PB0Cc4lp
AePrOUJAeJRhwgTi9TCBHpM6aTbbOQNChzmekO7hDxte3UoeFa9mhLaH1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFpdvztlG5F4WwDt5n2ksVBSTKa0MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvV2wyX08yVWJrWGhiQU8zbWZhU3hVRkpNcHJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzgHAwQA
HzgaAwQAHzn+AwQAHzqcMA0GCSqGSIb3DQEBCwUAA4IBAQC9v2v/CH/5R4TJosWr
BTfVJ7EpNoE8yLUg7gbA7nZqPvMN1fHaqYGJFvJ4psRL0J3ftovk4FFzbZltJyrQ
W7mXnP0z8FTxdGYP7z+FW2IEcDLLjTf1ssc/i+Khy1DeOknjllhR74buXcOAWVty
wsqC95vkgB/HwvaLEA3FCvLCEhA980y7GOs/JUvx5+PFi2NtFMDIn5KeAoHG3fNy
ygly0cdGWWMyRKvN/1liVftk4Ml8jXNFuGLQKZ6FkWU3Yt68yLJ2bTk0x6gSNoZq
vmbPiU956J5tygsieKr8NNgKG36T/pUqN08M4++2Jz5CZEn/DTANvLSRnxIrUMVb
yqPB
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:01:02 2025 by rpki-client