Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/YGrZHlGXoYqBQXgJwqOTzf3f7TA.roa
File: YGrZHlGXoYqBQXgJwqOTzf3f7TA.roa (raw, json)
Hash identifier: b0NQoxbXAKvMTqLNvDcyePGUzoicIOX1w2bs4bpO5xo=
Subject key identifier: 60:6A:D9:1E:51:97:A1:8A:81:41:78:09:C2:A3:93:CD:FD:DF:ED:30
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0192D440EBAFEB9BB858CC93625F6309C4C8
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/YGrZHlGXoYqBQXgJwqOTzf3f7TA.roa
Signing time: Mon 28 Oct 2024 17:51:17 +0000
ROA not before: Mon 28 Oct 2024 17:51:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396356
IP address blocks: 31.56.139.0/24 maxlen: 24
31.57.90.0/24 maxlen: 24
31.58.72.0/22 maxlen: 24
31.58.108.0/22 maxlen: 24
31.58.124.0/22 maxlen: 24
31.59.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d4:40:eb:af:eb:9b:b8:58:cc:93:62:5f:63:09:c4:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 28 17:51:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=606ad91e5197a18a81417809c2a393cdfddfed30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:13:d1:c0:80:5c:2c:69:2b:33:c4:a5:83:99:
de:cc:97:f3:51:03:ec:e9:13:55:25:54:49:34:43:
a3:0b:c3:e9:2b:55:33:3c:0e:de:50:b6:15:48:87:
de:94:f8:ec:79:ba:c8:da:70:97:e0:e5:45:44:83:
a0:3d:3c:44:42:75:35:a6:78:2e:e4:bf:c2:07:b5:
8d:88:5b:59:2f:a7:a9:37:73:fd:49:50:2b:49:61:
15:c3:75:01:25:7e:55:7d:17:51:7a:12:89:df:3f:
52:af:47:ed:80:b3:bc:2f:f8:fd:15:39:40:73:ae:
de:67:4e:cd:6c:f5:fa:5a:e4:78:83:3e:51:d8:22:
bc:29:9e:4c:31:4c:a8:a0:cf:2a:7c:51:65:a5:b8:
62:ae:31:35:90:87:29:57:36:f3:ad:eb:4b:c9:62:
f4:fc:b6:85:1f:90:41:e7:10:c0:85:52:0f:df:12:
c0:d2:17:03:1e:61:95:76:80:6d:84:17:84:a6:f9:
c9:e7:48:0a:0d:4e:22:57:cc:23:26:b9:13:a2:b3:
74:1e:2d:a5:5c:85:f9:2a:92:9e:1d:9e:2d:b5:36:
71:80:54:4a:94:b6:c3:d2:78:e3:4b:60:ce:bf:ac:
40:fe:22:d3:0c:88:fa:5c:ed:9f:13:bd:98:a9:27:
90:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:6A:D9:1E:51:97:A1:8A:81:41:78:09:C2:A3:93:CD:FD:DF:ED:30
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/YGrZHlGXoYqBQXgJwqOTzf3f7TA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.139.0/24
31.57.90.0/24
31.58.72.0/22
31.58.108.0/22
31.58.124.0/22
31.59.11.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:b8:70:b1:f6:3c:57:5a:7d:f7:83:b9:a8:ac:03:31:25:ff:
cc:f3:20:bd:c7:6f:a5:58:4f:b6:e2:37:d0:f0:fb:a5:df:11:
67:9a:51:2c:e2:29:d8:be:5c:79:40:4d:d8:db:e7:02:c9:85:
ef:88:3f:b3:a4:21:fd:b5:20:52:71:e1:3e:47:9b:46:12:13:
bd:38:d0:b2:c1:34:dc:da:8e:ef:7a:53:f8:63:76:41:ed:ee:
dc:cb:03:5c:90:47:ab:8b:78:8a:b4:c4:bc:74:09:ff:4b:84:
a7:a9:ca:fd:d5:71:47:20:e5:54:00:12:e9:cb:24:ed:f3:ae:
e7:c2:6b:4f:2e:a1:eb:3d:74:80:ab:ca:0f:e7:df:96:ad:25:
1e:84:3b:ff:13:a9:6b:c7:40:50:b8:14:60:9e:44:49:6a:b5:
c5:76:bd:1e:d9:3b:1e:3b:15:de:25:aa:a5:e1:2c:56:1a:8c:
4c:de:3d:45:bb:91:40:43:07:38:96:0c:b1:e1:8a:da:4e:e9:
02:50:99:54:4a:fe:13:c2:88:e6:d1:c4:21:8b:88:ae:99:a6:
01:8b:c2:53:09:b7:d6:94:4d:d8:b4:7e:7b:e8:19:ba:5f:26:
8c:bd:09:3f:a7:a7:f5:c2:b4:27:7f:cb:37:53:56:bc:6e:65:
b8:bd:6a:09
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZLUQOuv65u4WMyTYl9jCcTIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDI4MTc1MTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDZhZDkxZTUxOTdhMThhODE0MTc4MDljMmEzOTNjZGZkZGZlZDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxPRwIBcLGkrM8Slg5nezJfzUQPs
6RNVJVRJNEOjC8PpK1UzPA7eULYVSIfelPjsebrI2nCX4OVFRIOgPTxEQnU1pngu
5L/CB7WNiFtZL6epN3P9SVArSWEVw3UBJX5VfRdRehKJ3z9Sr0ftgLO8L/j9FTlA
c67eZ07NbPX6WuR4gz5R2CK8KZ5MMUyooM8qfFFlpbhirjE1kIcpVzbzretLyWL0
/LaFH5BB5xDAhVIP3xLA0hcDHmGVdoBthBeEpvnJ50gKDU4iV8wjJrkTorN0Hi2l
XIX5KpKeHZ4ttTZxgFRKlLbD0njjS2DOv6xA/iLTDIj6XO2fE72YqSeQpQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGBq2R5Rl6GKgUF4CcKjk8393+0wMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvWUdyWkhsR1hvWXFCUVhnSndxT1R6ZjNmN1RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAHziLAwQA
HzlaAwQCHzpIAwQCHzpsAwQCHzp8AwQAHzsLMA0GCSqGSIb3DQEBCwUAA4IBAQCx
uHCx9jxXWn33g7morAMxJf/M8yC9x2+lWE+24jfQ8Pul3xFnmlEs4inYvlx5QE3Y
2+cCyYXviD+zpCH9tSBSceE+R5tGEhO9ONCywTTc2o7velP4Y3ZB7e7cywNckEer
i3iKtMS8dAn/S4Snqcr91XFHIOVUABLpyyTt867nwmtPLqHrPXSAq8oP59+WrSUe
hDv/E6lrx0BQuBRgnkRJarXFdr0e2TseOxXeJaql4SxWGoxM3j1Fu5FAQwc4lgyx
4YraTukCUJlUSv4Twojm0cQhi4iumaYBi8JTCbfWlE3YtH576Bm6XyaMvQk/p6f1
wrQnf8s3U1a8bmW4vWoJ
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:04:16 2025 by rpki-client