Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/XHos1KMIKNozWPMfT531eVmOpQE.roa
File: XHos1KMIKNozWPMfT531eVmOpQE.roa (raw, json)
Hash identifier: Ru4r01EQtTO385FNXGQZDXZ7Va3z34ucealDQmLiR7Q=
Subject key identifier: 5C:7A:2C:D4:A3:08:28:DA:33:58:F3:1F:4F:9D:F5:79:59:8E:A5:01
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0192FBD2FD454A11C9D15BCF29FA23C10152
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/XHos1KMIKNozWPMfT531eVmOpQE.roa
Signing time: Tue 05 Nov 2024 10:16:01 +0000
ROA not before: Tue 05 Nov 2024 10:16:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 31.56.112.0/21 maxlen: 24
31.56.118.0/23 maxlen: 23
31.57.11.0/24 maxlen: 24
31.57.131.0/24 maxlen: 24
31.57.150.0/24 maxlen: 24
31.57.176.0/24 maxlen: 24
31.57.178.0/24 maxlen: 24
31.57.179.0/24 maxlen: 24
31.57.181.0/24 maxlen: 24
31.57.182.0/24 maxlen: 24
31.57.183.0/24 maxlen: 24
31.57.194.0/24 maxlen: 24
31.57.224.0/22 maxlen: 23
31.57.252.0/22 maxlen: 23
31.58.49.0/24 maxlen: 24
31.58.59.0/24 maxlen: 24
31.58.129.0/24 maxlen: 24
31.58.142.0/24 maxlen: 24
31.58.146.0/24 maxlen: 24
31.58.152.0/22 maxlen: 22
31.58.176.0/22 maxlen: 22
31.58.200.0/22 maxlen: 22
31.58.216.0/22 maxlen: 22
31.58.240.0/22 maxlen: 22
31.58.252.0/22 maxlen: 22
31.59.41.0/24 maxlen: 24
31.59.56.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.58.0/24 maxlen: 24
31.59.64.0/22 maxlen: 22
31.59.80.0/22 maxlen: 22
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.124.0/22 maxlen: 22
31.59.176.0/22 maxlen: 22
31.59.180.0/22 maxlen: 22
31.59.184.0/22 maxlen: 22
31.59.188.0/22 maxlen: 22
31.59.192.0/22 maxlen: 22
31.59.216.0/22 maxlen: 24
31.59.228.0/24 maxlen: 24
31.59.229.0/24 maxlen: 24
31.59.231.0/24 maxlen: 24
31.59.244.0/24 maxlen: 24
31.59.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 09:02:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fb:d2:fd:45:4a:11:c9:d1:5b:cf:29:fa:23:c1:01:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 5 10:16:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c7a2cd4a30828da3358f31f4f9df579598ea501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4e:a3:4a:74:81:3b:c2:4c:75:3a:aa:30:f3:
40:11:ef:ea:39:c8:43:b6:9d:1c:ad:b4:06:d6:fa:
28:67:c7:ce:86:b1:75:9c:36:fa:c1:60:2e:81:8a:
6b:18:10:5a:d7:31:3b:a6:a6:2e:78:5d:01:6c:8a:
8d:07:3a:26:f5:5e:87:77:78:f0:5d:5c:74:e3:53:
97:fb:03:50:61:d9:aa:70:35:48:11:da:2e:d2:41:
16:83:5b:c7:eb:f1:82:e7:36:4a:72:9e:68:7b:87:
9b:e7:bb:c2:a7:ce:62:59:21:d0:0a:c6:37:28:0b:
93:f3:a2:4a:ce:26:cc:cb:6f:c9:d6:ed:4c:c9:7b:
13:d7:ca:03:52:c7:95:e3:df:1b:87:61:db:fe:c7:
16:a7:5b:55:fc:a8:69:43:3c:1d:aa:2d:f3:7a:3e:
c6:0a:e3:31:a0:bc:43:06:11:16:a8:51:15:bd:06:
d8:10:cc:9c:1f:5b:15:30:0e:d9:b7:63:4d:93:07:
8d:39:eb:01:be:1e:0b:90:e9:31:41:fd:d3:1e:85:
cf:55:b2:62:67:cd:dc:39:a9:31:2a:70:dc:25:c7:
51:58:2b:dc:44:63:85:12:93:7a:7d:b0:a0:93:03:
a6:ea:d2:f7:0d:d7:e6:b4:9f:3e:84:5d:6a:60:53:
d0:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:7A:2C:D4:A3:08:28:DA:33:58:F3:1F:4F:9D:F5:79:59:8E:A5:01
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/XHos1KMIKNozWPMfT531eVmOpQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.112.0/21
31.57.11.0/24
31.57.131.0/24
31.57.150.0/24
31.57.176.0/24
31.57.178.0/23
31.57.181.0-31.57.183.255
31.57.194.0/24
31.57.224.0/22
31.57.252.0/22
31.58.49.0/24
31.58.59.0/24
31.58.129.0/24
31.58.142.0/24
31.58.146.0/24
31.58.152.0/22
31.58.176.0/22
31.58.200.0/22
31.58.216.0/22
31.58.240.0/22
31.58.252.0/22
31.59.41.0/24
31.59.56.0-31.59.58.255
31.59.64.0/22
31.59.80.0/22
31.59.96.0/22
31.59.112.0/22
31.59.124.0/22
31.59.176.0-31.59.195.255
31.59.216.0/22
31.59.228.0/23
31.59.231.0/24
31.59.244.0/23
Signature Algorithm: sha256WithRSAEncryption
60:4b:75:bc:6f:54:d8:1e:ab:08:10:a4:4f:e9:4a:33:0f:65:
ec:a4:d1:9b:fb:d9:ce:84:9d:4c:96:1e:ae:a7:1a:a6:f9:66:
13:6e:b8:a6:d9:52:ec:81:dd:fe:f8:51:24:c7:b4:29:06:35:
02:02:05:c3:de:f5:5b:07:89:54:ac:23:d2:f2:4e:67:79:7c:
3b:50:02:2f:f0:34:e0:9e:fd:71:8b:f4:13:42:b0:c7:5c:cc:
44:5c:9c:94:9f:76:e7:b1:34:ef:9a:5a:96:9e:fe:51:a5:8a:
21:1d:bf:56:fe:10:4b:4e:be:e8:14:af:23:6c:12:a9:31:95:
7c:76:41:57:df:de:66:4e:3b:9b:ac:96:3d:1f:52:a9:5c:be:
73:1b:9c:e5:95:29:15:c5:22:10:18:fd:4e:7b:7c:80:80:2a:
5e:a8:14:30:ba:84:41:27:d6:ac:38:e2:6f:1a:21:d2:4c:16:
5d:4e:3d:b0:25:0e:58:e7:6c:05:5b:be:7c:5a:c9:62:57:c9:
9a:3e:f7:ff:ca:93:e2:9f:c5:66:04:c8:9b:a3:d8:18:ef:b2:
d8:c0:64:57:6c:e6:87:8c:35:93:c4:1c:5e:a2:08:06:f5:23:
c9:6a:9d:2d:e9:b2:c0:8d:f8:10:ea:b2:77:b5:a8:f6:ff:b6:
96:49:50:5d
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAZL70v1FShHJ0VvPKfojwQFSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTA1MTAxNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzdhMmNkNGEzMDgyOGRhMzM1OGYzMWY0ZjlkZjU3OTU5OGVhNTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvE6jSnSBO8JMdTqqMPNAEe/qOchD
tp0crbQG1vooZ8fOhrF1nDb6wWAugYprGBBa1zE7pqYueF0BbIqNBzom9V6Hd3jw
XVx041OX+wNQYdmqcDVIEdou0kEWg1vH6/GC5zZKcp5oe4eb57vCp85iWSHQCsY3
KAuT86JKzibMy2/J1u1MyXsT18oDUseV498bh2Hb/scWp1tV/KhpQzwdqi3zej7G
CuMxoLxDBhEWqFEVvQbYEMycH1sVMA7Zt2NNkweNOesBvh4LkOkxQf3THoXPVbJi
Z83cOakxKnDcJcdRWCvcRGOFEpN6fbCgkwOm6tL3DdfmtJ8+hF1qYFPQ6QIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFFx6LNSjCCjaM1jzH0+d9XlZjqUBMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvWEhvczFLTUlLTm96V1BNZlQ1MzFlVm1PcFFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCB5QQCAAEwgd4DBAMf
OHADBAAfOQsDBAAfOYMDBAAfOZYDBAAfObADBAEfObIwDAMEAB85tQMEAx85sAME
AB85wgMEAh854AMEAh85/AMEAB86MQMEAB86OwMEAB86gQMEAB86jgMEAB86kgME
Ah86mAMEAh86sAMEAh86yAMEAh862AMEAh868AMEAh86/AMEAB87KTAMAwQDHzs4
AwQAHzs6AwQCHztAAwQCHztQAwQCHztgAwQCHztwAwQCHzt8MAwDBAQfO7ADBAIf
O8ADBAIfO9gDBAEfO+QDBAAfO+cDBAEfO/QwDQYJKoZIhvcNAQELBQADggEBAGBL
dbxvVNgeqwgQpE/pSjMPZeyk0Zv72c6EnUyWHq6nGqb5ZhNuuKbZUuyB3f74USTH
tCkGNQICBcPe9VsHiVSsI9LyTmd5fDtQAi/wNOCe/XGL9BNCsMdczERcnJSfduex
NO+aWpae/lGliiEdv1b+EEtOvugUryNsEqkxlXx2QVff3mZOO5uslj0fUqlcvnMb
nOWVKRXFIhAY/U57fICAKl6oFDC6hEEn1qw44m8aIdJMFl1OPbAlDljnbAVbvnxa
yWJXyZo+9//Kk+KfxWYEyJuj2BjvstjAZFds5oeMNZPEHF6iCAb1I8lqnS3pssCN
+BDqsne1qPb/tpZJUF0=
-----END CERTIFICATE-----
Generated at Thu Nov 7 10:45:01 2024 by rpki-client on console-ams.rpki-client.org