Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/X3m3KAPvRo53DiDjWaNbkwoSqjg.roa
File: X3m3KAPvRo53DiDjWaNbkwoSqjg.roa (raw, json)
Hash identifier: RLDj6FLiqNpawsKMJmZ0L5wsTm2eh23BFF/4QtcsDBg=
Subject key identifier: 5F:79:B7:28:03:EF:46:8E:77:0E:20:E3:59:A3:5B:93:0A:12:AA:38
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01946EE0B167A5B91D3BEB98D2D227DB0E17
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/X3m3KAPvRo53DiDjWaNbkwoSqjg.roa
Signing time: Thu 16 Jan 2025 11:30:06 +0000
ROA not before: Thu 16 Jan 2025 11:30:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26737
IP address blocks: 31.56.42.0/24 maxlen: 24
31.56.43.0/24 maxlen: 24
31.56.87.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.57.208.0/24 maxlen: 24
31.57.209.0/24 maxlen: 24
31.57.210.0/24 maxlen: 24
31.57.211.0/24 maxlen: 24
31.57.212.0/24 maxlen: 24
31.57.213.0/24 maxlen: 24
31.57.214.0/24 maxlen: 24
31.57.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Jan 2025 07:25:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:e0:b1:67:a5:b9:1d:3b:eb:98:d2:d2:27:db:0e:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 16 11:30:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f79b72803ef468e770e20e359a35b930a12aa38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e4:13:6a:d2:24:f9:43:57:b4:4c:97:42:78:
65:8f:1f:b6:0e:62:8b:6c:10:00:07:ed:d0:d9:21:
d2:6e:a5:33:e0:f6:85:be:c5:ce:7c:7b:9e:39:e1:
4f:4c:1f:68:0e:13:9f:5a:7f:04:90:4c:2c:a9:37:
ba:77:aa:12:35:02:e1:6e:56:59:07:71:01:4d:11:
8b:9c:f9:7c:e0:15:88:d0:36:9b:d0:42:f0:dc:9c:
50:d8:d0:c2:45:c6:bf:68:8f:d5:86:60:a3:87:12:
85:10:bb:78:e5:c8:af:35:e8:d3:3b:60:21:e9:6c:
57:0d:0a:94:1e:fa:96:90:cb:ba:dc:00:91:ab:94:
c1:8e:ef:a6:00:65:1b:8e:63:47:7f:a7:d7:ec:50:
0c:cf:21:b4:93:d9:53:f4:24:e0:39:16:08:14:ee:
34:46:4c:eb:ab:c8:20:6e:4d:2a:61:e6:79:35:9d:
7c:54:fe:57:08:ab:b8:9d:8b:96:a6:ba:4a:2b:b8:
f7:17:88:4a:cd:b5:4a:62:30:36:bb:45:8c:7a:26:
9d:b8:b5:a5:fd:90:bc:58:c1:d3:93:a9:97:58:f4:
18:ef:b3:9b:3f:63:9c:78:d0:0d:22:6a:74:d9:69:
a5:34:06:57:ee:01:eb:6a:aa:65:7e:fa:1d:a8:16:
29:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:79:B7:28:03:EF:46:8E:77:0E:20:E3:59:A3:5B:93:0A:12:AA:38
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/X3m3KAPvRo53DiDjWaNbkwoSqjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.42.0/23
31.56.87.0/24
31.56.89.0/24
31.57.208.0-31.57.214.255
31.57.216.0/24
Signature Algorithm: sha256WithRSAEncryption
13:1f:2e:61:24:9f:3b:24:da:c5:a7:1e:d7:7a:de:b0:35:b7:
52:6a:5b:20:a6:48:80:25:88:27:33:9c:80:41:c0:ca:ac:c0:
aa:f3:48:5d:9a:ce:a1:8b:7b:a6:be:3e:96:ad:53:d7:70:df:
f5:51:99:5d:43:84:05:60:37:d3:14:d4:ee:9e:85:4f:e1:af:
0c:e0:52:9f:eb:99:aa:3d:c4:eb:3a:0b:c3:f1:4a:57:20:68:
bf:63:df:50:c7:47:fb:73:24:c8:f6:6f:a3:86:f3:5f:0f:40:
26:41:eb:e5:30:ad:7b:20:68:54:98:12:89:27:79:69:2b:ea:
82:48:e6:d5:d5:60:e7:b1:7c:c6:2c:8a:ad:7b:7c:47:35:80:
07:8c:ad:5f:dd:a7:ff:e3:13:bb:c4:78:b0:5e:27:7c:bf:23:
ae:50:6d:fc:6d:78:e7:09:64:76:c3:1d:b0:a2:9a:05:a2:61:
92:c3:a8:e5:ce:55:58:76:af:ea:f3:92:78:2d:a5:d1:aa:e8:
fc:db:7d:ca:37:30:28:a3:09:d4:ea:f0:2a:94:34:88:eb:df:
e1:87:2a:2d:46:34:71:57:a3:32:b6:54:e6:ab:a3:ce:54:8e:
85:46:a0:d8:0c:8d:4c:3a:15:38:47:57:79:56:61:ff:13:e9:
67:4c:68:a0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZRu4LFnpbkdO+uY0tIn2w4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTE2MTEzMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjc5YjcyODAzZWY0NjhlNzcwZTIwZTM1OWEzNWI5MzBhMTJhYTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+QTatIk+UNXtEyXQnhljx+2DmKL
bBAAB+3Q2SHSbqUz4PaFvsXOfHueOeFPTB9oDhOfWn8EkEwsqTe6d6oSNQLhblZZ
B3EBTRGLnPl84BWI0Dab0ELw3JxQ2NDCRca/aI/VhmCjhxKFELt45civNejTO2Ah
6WxXDQqUHvqWkMu63ACRq5TBju+mAGUbjmNHf6fX7FAMzyG0k9lT9CTgORYIFO40
Rkzrq8ggbk0qYeZ5NZ18VP5XCKu4nYuWprpKK7j3F4hKzbVKYjA2u0WMeiaduLWl
/ZC8WMHTk6mXWPQY77ObP2OceNANImp02WmlNAZX7gHraqplfvodqBYp1QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFF95tygD70aOdw4g41mjW5MKEqo4MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvWDNtM0tBUHZSbzUzRGlEaldhTmJrd29TcWpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBHzgqAwQA
HzhXAwQAHzhZMAwDBAQfOdADBAAfOdYDBAAfOdgwDQYJKoZIhvcNAQELBQADggEB
ABMfLmEknzsk2sWnHtd63rA1t1JqWyCmSIAliCcznIBBwMqswKrzSF2azqGLe6a+
PpatU9dw3/VRmV1DhAVgN9MU1O6ehU/hrwzgUp/rmao9xOs6C8PxSlcgaL9j31DH
R/tzJMj2b6OG818PQCZB6+UwrXsgaFSYEokneWkr6oJI5tXVYOexfMYsiq17fEc1
gAeMrV/dp//jE7vEeLBeJ3y/I65QbfxteOcJZHbDHbCimgWiYZLDqOXOVVh2r+rz
kngtpdGq6Pzbfco3MCijCdTq8CqUNIjr3+GHKi1GNHFXozK2VOaro85UjoVGoNgM
jUw6FThHV3lWYf8T6WdMaKA=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:05:35 2025 by rpki-client