Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Z_8J6qJuffzj9QqOzJiUlv5QjWA.roa
File: Z_8J6qJuffzj9QqOzJiUlv5QjWA.roa (raw, json)
Hash identifier: gooaSaLF6uVYlUo7U8TvRzb7nOWarNLbqtPKItIOgn8=
Subject key identifier: 67:FF:09:EA:A2:6E:7D:FC:E3:F5:0A:8E:CC:98:94:96:FE:50:8D:60
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019398C4204F78FE93347BA36F1E3A6739A3
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Z_8J6qJuffzj9QqOzJiUlv5QjWA.roa
Signing time: Thu 05 Dec 2024 21:40:10 +0000
ROA not before: Thu 05 Dec 2024 21:40:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 31.58.129.0/24 maxlen: 24
31.58.138.0/23 maxlen: 24
31.58.150.0/24 maxlen: 24
31.58.154.0/24 maxlen: 24
31.58.165.0/24 maxlen: 24
31.59.115.0/24 maxlen: 24
31.59.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:98:c4:20:4f:78:fe:93:34:7b:a3:6f:1e:3a:67:39:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 5 21:40:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67ff09eaa26e7dfce3f50a8ecc989496fe508d60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:62:0a:53:ca:e1:52:4a:75:59:e1:0c:c4:8d:
fc:a9:de:c6:d0:9a:73:35:cc:26:81:dd:bf:4e:75:
02:94:08:f4:4f:eb:ca:a8:bf:a9:de:89:8e:f6:1c:
89:90:17:8d:6c:79:04:3c:b2:6d:26:56:ef:34:97:
b9:0a:d5:65:19:87:d8:de:b7:26:45:76:91:c3:2e:
b4:7e:75:ab:4d:f1:ac:27:64:6e:94:57:6e:24:c1:
a9:32:e6:92:65:b0:30:e1:a3:d3:4a:60:9e:3a:e5:
5c:c9:3e:3b:46:9e:b4:ee:9d:22:59:f1:ec:5b:b7:
d0:80:13:bc:85:0a:63:7c:f7:d4:9a:38:88:54:d8:
48:fd:82:5e:79:0f:3e:ec:db:a0:0c:53:9c:87:1d:
7f:e9:8b:9d:c4:96:b6:05:75:f5:24:32:21:9e:fb:
d7:82:b2:65:f8:80:71:eb:eb:c9:9f:15:85:be:0b:
9c:65:28:40:ec:66:5c:dd:04:4f:83:2a:38:fb:d4:
7d:7c:9b:f9:4c:b6:96:de:56:6b:ab:d9:5a:2b:53:
a2:8d:57:d6:14:e3:11:59:71:b7:99:5e:3c:aa:ad:
5c:89:36:81:00:89:76:5b:68:d3:8f:0b:f1:de:39:
03:f9:e2:4a:d8:5d:0b:97:9f:0c:bb:7d:d5:17:c4:
e7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:FF:09:EA:A2:6E:7D:FC:E3:F5:0A:8E:CC:98:94:96:FE:50:8D:60
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Z_8J6qJuffzj9QqOzJiUlv5QjWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.129.0/24
31.58.138.0/23
31.58.150.0/24
31.58.154.0/24
31.58.165.0/24
31.59.115.0/24
31.59.187.0/24
Signature Algorithm: sha256WithRSAEncryption
55:c6:fd:75:89:c2:92:52:e5:89:f6:07:fc:17:fa:c6:75:87:
07:29:d8:29:ca:3a:65:69:c1:71:8c:f3:f8:02:d6:2f:aa:37:
b6:54:f9:b8:d0:e8:e2:52:f0:d4:1f:0f:17:d3:1f:45:34:f4:
07:bf:35:f7:db:39:b2:ea:5c:6e:35:aa:9a:50:71:64:4d:ba:
19:7d:00:cb:d1:b2:22:39:f8:ff:4f:50:e1:6a:ec:e2:6b:ec:
c7:4f:d7:af:aa:ba:3d:84:3e:ad:19:22:54:f1:75:3d:41:b2:
11:dc:bb:c2:6d:2a:a1:96:b9:c2:b8:08:ae:4a:88:83:30:3c:
b6:d5:47:90:c4:9d:84:e4:bf:20:19:c0:f0:90:a7:33:d3:ba:
d8:09:db:35:6e:a7:89:9d:c4:2a:64:81:9b:74:f0:ed:9c:c2:
4b:8f:77:bd:80:c0:c8:9f:a5:f0:76:84:4d:b2:26:07:96:76:
a1:ad:20:fc:5a:08:78:fb:d5:e9:93:12:33:cb:02:7f:ec:90:
1e:4a:94:63:80:db:49:98:11:34:45:70:8c:2f:79:98:06:f5:
09:b7:e7:07:60:53:17:c9:cf:b9:9f:39:a4:8f:10:a7:c6:91:
e1:df:51:02:b8:d8:1f:9f:47:8a:5b:73:66:8f:ae:06:92:e3:
02:54:19:e5
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZOYxCBPeP6TNHujbx46ZzmjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjA1MjE0MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2ZmMDllYWEyNmU3ZGZjZTNmNTBhOGVjYzk4OTQ5NmZlNTA4ZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA92IKU8rhUkp1WeEMxI38qd7G0Jpz
Ncwmgd2/TnUClAj0T+vKqL+p3omO9hyJkBeNbHkEPLJtJlbvNJe5CtVlGYfY3rcm
RXaRwy60fnWrTfGsJ2RulFduJMGpMuaSZbAw4aPTSmCeOuVcyT47Rp607p0iWfHs
W7fQgBO8hQpjfPfUmjiIVNhI/YJeeQ8+7NugDFOchx1/6YudxJa2BXX1JDIhnvvX
grJl+IBx6+vJnxWFvgucZShA7GZc3QRPgyo4+9R9fJv5TLaW3lZrq9laK1OijVfW
FOMRWXG3mV48qq1ciTaBAIl2W2jTjwvx3jkD+eJK2F0Ll58Mu33VF8TnwQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGf/Ceqibn384/UKjsyYlJb+UI1gMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvWl84SjZxSnVmZnpqOVFxT3pKaVVsdjVRaldBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAHzqBAwQB
HzqKAwQAHzqWAwQAHzqaAwQAHzqlAwQAHztzAwQAHzu7MA0GCSqGSIb3DQEBCwUA
A4IBAQBVxv11icKSUuWJ9gf8F/rGdYcHKdgpyjplacFxjPP4AtYvqje2VPm40Oji
UvDUHw8X0x9FNPQHvzX32zmy6lxuNaqaUHFkTboZfQDL0bIiOfj/T1Dhauzia+zH
T9evqro9hD6tGSJU8XU9QbIR3LvCbSqhlrnCuAiuSoiDMDy21UeQxJ2E5L8gGcDw
kKcz07rYCds1bqeJncQqZIGbdPDtnMJLj3e9gMDIn6XwdoRNsiYHlnahrSD8Wgh4
+9XpkxIzywJ/7JAeSpRjgNtJmBE0RXCML3mYBvUJt+cHYFMXyc+5nzmkjxCnxpHh
31ECuNgfn0eKW3Nmj64GkuMCVBnl
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:48:40 2025 by rpki-client