Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/YD5aIl6BCbbHtz-ut_QQM8cU5Lk.roa
File: YD5aIl6BCbbHtz-ut_QQM8cU5Lk.roa (raw, json)
Hash identifier: c1RPFI+exQQq1pFnedlKw98FpCwSowfZ5/mD/Ny1/ZQ=
Subject key identifier: 60:3E:5A:22:5E:81:09:B6:C7:B7:3F:AE:B7:F4:10:33:C7:14:E4:B9
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0191BEC27E9AF0B1AEA936BDFED67FF38D55
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/YD5aIl6BCbbHtz-ut_QQM8cU5Lk.roa
Signing time: Wed 04 Sep 2024 20:38:22 +0000
ROA not before: Wed 04 Sep 2024 20:38:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 05 Oct 2024 07:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:be:c2:7e:9a:f0:b1:ae:a9:36:bd:fe:d6:7f:f3:8d:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Sep 4 20:38:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=603e5a225e8109b6c7b73faeb7f41033c714e4b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:42:75:a2:c7:0a:2d:29:50:cd:4d:93:80:1a:
25:60:c2:69:70:d2:fa:ec:f5:8b:a5:e8:a1:56:ed:
d1:7e:85:43:a8:0e:61:56:bc:85:c5:f9:c7:37:8d:
e5:4e:94:a2:c2:0d:db:8f:a0:ab:d4:b3:5f:b8:2b:
9f:ad:7d:25:78:e9:86:1a:0e:a5:e9:5b:ea:b7:ce:
03:3b:65:a2:dd:41:d7:37:8f:71:d4:3c:29:1f:e5:
a6:a2:11:88:b9:43:4c:a4:f5:9d:19:78:67:17:5f:
d3:f0:ea:e0:ad:a2:76:e5:5b:e1:c4:b2:67:04:05:
96:98:16:66:fd:50:47:2e:d6:6e:07:b7:eb:aa:15:
b0:e5:ad:a9:6a:d3:f6:13:f0:eb:5e:09:fc:cd:49:
8f:be:95:74:31:cd:cc:9e:33:6f:e2:57:07:d6:0b:
07:fe:82:e6:22:ea:be:ff:40:d3:f9:e5:d9:4a:40:
b4:6c:af:43:df:21:c0:3f:a3:eb:fc:fa:0d:db:67:
a9:b7:85:60:fe:4b:80:80:6a:69:4f:02:42:59:8f:
b5:9d:cd:14:c0:3a:21:4c:d3:bd:d6:53:61:83:1d:
d5:8b:16:6c:60:02:fa:b2:7b:f3:0d:1f:71:51:fa:
64:8e:94:cd:03:00:d1:b3:40:d2:3a:04:cd:67:f3:
a4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:3E:5A:22:5E:81:09:B6:C7:B7:3F:AE:B7:F4:10:33:C7:14:E4:B9
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/YD5aIl6BCbbHtz-ut_QQM8cU5Lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.142.0/23
31.56.148.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:ca:aa:7a:fb:42:16:fe:d2:d3:47:b7:cb:04:99:f7:2e:38:
aa:74:71:66:eb:7d:d0:64:33:ec:eb:ab:d8:de:53:e1:1a:3f:
22:2a:ae:76:e3:74:3f:86:1e:e2:0d:39:97:d4:4e:2c:79:9e:
02:d9:6d:8f:de:3f:c8:e8:ed:81:2e:d6:84:a4:42:77:8d:ab:
ed:49:71:a9:9f:af:85:70:fb:ef:39:70:ad:d7:24:08:aa:7f:
ef:df:8f:67:ef:7a:1f:38:f0:4a:17:f4:d1:1e:2c:ae:d5:63:
c8:0f:24:b7:28:c5:4b:47:50:82:99:21:82:7f:39:f8:95:33:
97:98:39:77:05:d9:35:bf:3e:ec:46:94:8e:a1:42:84:ea:db:
a1:a0:28:5e:fc:21:55:20:48:e6:fb:1e:88:c3:b0:e5:fa:e5:
41:a7:48:ba:03:06:92:60:8c:48:84:4d:0c:e2:11:fe:39:22:
0f:13:ae:aa:05:77:cf:ed:47:dd:65:f0:a9:71:18:b8:bf:99:
9c:d2:5b:dc:29:34:ac:fd:e5:4f:d1:7d:ab:c3:6e:98:da:e4:
4a:13:2d:ba:92:55:4b:bd:dc:05:48:bc:86:7b:30:17:7a:9d:
54:02:3d:99:18:88:0a:e8:f7:e9:89:37:fa:dd:52:5b:19:1f:
7e:92:74:9d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZG+wn6a8LGuqTa9/tZ/841VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQwOTA0MjAzODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDNlNWEyMjVlODEwOWI2YzdiNzNmYWViN2Y0MTAzM2M3MTRlNGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEJ1oscKLSlQzU2TgBolYMJpcNL6
7PWLpeihVu3RfoVDqA5hVryFxfnHN43lTpSiwg3bj6Cr1LNfuCufrX0leOmGGg6l
6Vvqt84DO2Wi3UHXN49x1DwpH+WmohGIuUNMpPWdGXhnF1/T8OrgraJ25VvhxLJn
BAWWmBZm/VBHLtZuB7frqhWw5a2patP2E/DrXgn8zUmPvpV0Mc3MnjNv4lcH1gsH
/oLmIuq+/0DT+eXZSkC0bK9D3yHAP6Pr/PoN22ept4Vg/kuAgGppTwJCWY+1nc0U
wDohTNO91lNhgx3VixZsYAL6snvzDR9xUfpkjpTNAwDRs0DSOgTNZ/OkcwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGA+WiJegQm2x7c/rrf0EDPHFOS5MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvWUQ1YUlsNkJDYmJIdHotdXRfUVFNOGNVNUxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDHzgIAwQB
HziOAwQCHziUMA0GCSqGSIb3DQEBCwUAA4IBAQBqyqp6+0IW/tLTR7fLBJn3Ljiq
dHFm633QZDPs66vY3lPhGj8iKq5243Q/hh7iDTmX1E4seZ4C2W2P3j/I6O2BLtaE
pEJ3javtSXGpn6+FcPvvOXCt1yQIqn/v349n73ofOPBKF/TRHiyu1WPIDyS3KMVL
R1CCmSGCfzn4lTOXmDl3Bdk1vz7sRpSOoUKE6tuhoChe/CFVIEjm+x6Iw7Dl+uVB
p0i6AwaSYIxIhE0M4hH+OSIPE66qBXfP7UfdZfCpcRi4v5mc0lvcKTSs/eVP0X2r
w26Y2uRKEy26klVLvdwFSLyGezAXep1UAj2ZGIgK6PfpiTf63VJbGR9+knSd
-----END CERTIFICATE-----
Generated at Sat Oct 5 09:59:51 2024 by rpki-client on console-ams.rpki-client.org