Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/YalU5w39t3VUmaJmQPrjbmjgcUg.roa
File: YalU5w39t3VUmaJmQPrjbmjgcUg.roa (raw, json)
Hash identifier: zw0X3HXQCdj9kPDcmb7c1en0UjKTJGKKjsdBMH3tAy4=
Subject key identifier: 61:A9:54:E7:0D:FD:B7:75:54:99:A2:66:40:FA:E3:6E:68:E0:71:48
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019329821280C9BD4FA7B7E4DA2CAFC7267E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/YalU5w39t3VUmaJmQPrjbmjgcUg.roa
Signing time: Thu 14 Nov 2024 07:10:10 +0000
ROA not before: Thu 14 Nov 2024 07:10:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
31.58.208.0/24 maxlen: 24
31.59.136.0/21 maxlen: 24
31.59.144.0/21 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/21 maxlen: 24
31.59.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 16 Nov 2024 21:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:29:82:12:80:c9:bd:4f:a7:b7:e4:da:2c:af:c7:26:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 14 07:10:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61a954e70dfdb7755499a26640fae36e68e07148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:fd:b8:a3:e9:a7:7a:4a:73:6d:49:ee:90:8e:
cc:82:28:b1:ac:81:fd:cc:f5:1f:2a:e8:40:e7:90:
4a:5a:d4:aa:91:22:2f:b9:b5:92:47:b6:79:b4:b5:
70:ea:62:14:6f:71:4d:fc:b9:41:ae:bc:64:d5:4c:
e6:7c:50:24:4d:0d:a7:3d:cc:fa:2e:a3:88:81:b4:
a5:ba:9a:d8:68:ff:c6:a7:75:81:2e:9d:b9:65:38:
44:c3:d6:cf:c6:7f:26:fa:4b:3d:02:c8:ac:45:ec:
4c:68:d6:da:f8:7b:a7:c8:2e:ac:7b:b2:1f:e1:3e:
6a:ab:6c:19:65:75:89:1c:8d:ab:af:76:50:66:df:
b1:8a:c4:a7:b3:36:9f:1f:12:74:41:d3:d1:3f:b7:
1c:1f:66:2d:17:4b:8a:e4:b7:b7:53:08:f0:89:00:
f2:01:3f:e1:d0:ad:77:80:20:6c:45:e6:7a:8e:69:
95:f2:34:f0:e8:d6:19:d8:05:cf:f8:ec:cb:ab:d9:
b7:1d:0b:ad:9e:17:12:e9:e6:c6:53:ce:f7:5b:4d:
6f:49:e3:2a:7e:3f:92:e6:e0:e5:79:22:26:98:11:
99:c1:1c:17:33:06:0a:97:61:9f:b2:14:b5:77:2d:
78:ae:dc:3b:48:ef:b4:c0:21:c2:41:04:c5:53:8b:
58:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A9:54:E7:0D:FD:B7:75:54:99:A2:66:40:FA:E3:6E:68:E0:71:48
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/YalU5w39t3VUmaJmQPrjbmjgcUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.142.0/23
31.56.148.0/22
31.58.208.0/24
31.59.136.0-31.59.175.255
Signature Algorithm: sha256WithRSAEncryption
87:fd:3d:93:46:e4:8f:83:59:6c:c2:2d:b6:db:4c:82:cc:d0:
5a:cb:3c:12:3d:54:2a:6d:16:b8:16:64:2d:15:0e:11:62:99:
85:5d:08:4f:d2:6b:4e:47:d5:fc:10:35:b5:d8:f0:f2:78:d3:
ee:54:00:35:34:14:45:e8:4a:0d:31:c9:5e:fc:3f:b1:42:77:
70:7c:09:01:6a:76:8a:1c:e4:5a:fb:35:0f:8c:9e:76:21:d1:
b9:f0:39:6b:77:a4:88:29:a8:94:1f:1b:d5:17:ac:de:28:f7:
86:2b:5b:1d:ef:e3:3e:8e:0c:01:81:79:16:ca:83:f8:67:f5:
c9:a3:a4:b3:62:1e:83:f9:4e:8b:91:d6:7d:4b:fa:60:40:9e:
63:3f:06:2e:95:b8:3c:42:ac:5c:01:56:db:3f:88:02:75:aa:
7a:55:53:f5:84:8c:04:d2:cf:19:f8:b0:19:68:a5:e1:6f:97:
8d:96:31:f2:97:99:31:ca:d9:ab:60:66:8e:c3:11:1e:1c:fc:
75:c4:ba:fc:00:bc:19:df:7f:47:e7:c7:a2:e3:3f:e6:57:1a:
18:21:2a:91:75:b3:ab:08:a3:83:37:15:5f:31:03:76:4e:5c:
49:b2:cd:27:f4:ae:c9:7e:9a:69:3e:65:4b:37:b6:65:d6:92:
78:ce:8c:e4
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZMpghKAyb1Pp7fk2iyvxyZ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTE0MDcxMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWE5NTRlNzBkZmRiNzc1NTQ5OWEyNjY0MGZhZTM2ZTY4ZTA3MTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0P24o+mnekpzbUnukI7MgiixrIH9
zPUfKuhA55BKWtSqkSIvubWSR7Z5tLVw6mIUb3FN/LlBrrxk1UzmfFAkTQ2nPcz6
LqOIgbSluprYaP/Gp3WBLp25ZThEw9bPxn8m+ks9AsisRexMaNba+HunyC6se7If
4T5qq2wZZXWJHI2rr3ZQZt+xisSnszafHxJ0QdPRP7ccH2YtF0uK5Le3UwjwiQDy
AT/h0K13gCBsReZ6jmmV8jTw6NYZ2AXP+OzLq9m3HQutnhcS6ebGU873W01vSeMq
fj+S5uDleSImmBGZwRwXMwYKl2GfshS1dy14rtw7SO+0wCHCQQTFU4tYswIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGGpVOcN/bd1VJmiZkD6425o4HFIMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvWWFsVTV3Mzl0M1ZVbWFKbVFQcmpibWpnY1VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQDHzgIAwQB
HziOAwQCHziUAwQAHzrQMAwDBAMfO4gDBAQfO6AwDQYJKoZIhvcNAQELBQADggEB
AIf9PZNG5I+DWWzCLbbbTILM0FrLPBI9VCptFrgWZC0VDhFimYVdCE/Sa05H1fwQ
NbXY8PJ40+5UADU0FEXoSg0xyV78P7FCd3B8CQFqdooc5Fr7NQ+MnnYh0bnwOWt3
pIgpqJQfG9UXrN4o94YrWx3v4z6ODAGBeRbKg/hn9cmjpLNiHoP5TouR1n1L+mBA
nmM/Bi6VuDxCrFwBVts/iAJ1qnpVU/WEjATSzxn4sBlopeFvl42WMfKXmTHK2atg
Zo7DER4c/HXEuvwAvBnff0fnx6LjP+ZXGhghKpF1s6sIo4M3FV8xA3ZOXEmyzSf0
rsl+mmk+ZUs3tmXWknjOjOQ=
Generated at Sat Nov 16 23:33:16 2024 by rpki-client on console-ams.rpki-client.org