Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bFnWhlOpUkLaWN0sfcVmXgO7EII.roa
File: bFnWhlOpUkLaWN0sfcVmXgO7EII.roa (raw, json)
Hash identifier: hbZ66vtmvDGTq8BMvVHD/GiMInPi3a8RkvBh7r2bbOQ=
Subject key identifier: 6C:59:D6:86:53:A9:52:42:DA:58:DD:2C:7D:C5:66:5E:03:BB:10:82
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01914D1445A040E20571BAC0011AA50D0080
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bFnWhlOpUkLaWN0sfcVmXgO7EII.roa
Signing time: Tue 13 Aug 2024 18:50:59 +0000
ROA not before: Tue 13 Aug 2024 18:50:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 31.56.1.0/24 maxlen: 24
31.56.2.0/24 maxlen: 24
31.56.23.0/24 maxlen: 24
31.56.25.0/24 maxlen: 24
31.56.27.0/24 maxlen: 24
31.56.28.0/22 maxlen: 24
31.56.32.0/24 maxlen: 24
31.56.34.0/24 maxlen: 24
31.56.36.0/24 maxlen: 24
31.56.38.0/24 maxlen: 24
31.56.40.0/24 maxlen: 24
31.56.80.0/22 maxlen: 22
31.56.92.0/22 maxlen: 22
31.56.96.0/22 maxlen: 22
31.56.100.0/22 maxlen: 22
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 14 Aug 2024 14:14:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4d:14:45:a0:40:e2:05:71:ba:c0:01:1a:a5:0d:00:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Aug 13 18:50:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c59d68653a95242da58dd2c7dc5665e03bb1082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ce:c0:ab:8e:e3:ab:5d:67:a8:4b:0d:9d:49:
33:73:29:32:74:4b:2b:0d:b2:64:8b:5b:38:41:ac:
75:4b:1f:07:7a:88:8e:5d:f1:76:ba:ac:dc:9f:f5:
03:11:44:73:69:4e:3f:5f:a4:23:09:5c:4e:42:d7:
eb:b3:00:a7:fd:a1:cd:02:00:bb:7c:e2:89:75:18:
ec:20:3d:ba:72:15:d9:29:9f:33:1a:29:04:19:43:
92:72:f9:92:3b:d2:33:14:24:07:15:bb:c9:91:43:
e8:89:73:fb:cd:cb:3b:f2:4f:6d:d4:f4:5b:89:9e:
32:96:13:eb:17:43:9e:b2:5d:41:b9:15:65:9f:f3:
d8:a4:8f:13:42:a9:5a:03:ad:ce:93:17:6e:8b:8c:
ac:e2:b4:19:88:07:07:3c:cb:d1:f0:4d:6f:4f:bd:
ba:44:fc:75:e1:3f:13:84:fc:7f:41:84:75:d3:a5:
90:8a:96:ea:d2:2c:c8:c6:12:09:80:eb:5f:a2:25:
2f:cc:36:17:a7:d0:ce:ec:db:24:8f:40:89:27:58:
dc:4a:26:e9:5a:ae:79:12:fd:19:c2:39:a1:c4:f8:
6a:ac:6a:45:63:a1:b0:50:ed:3c:a6:b6:fb:72:99:
9c:aa:e7:67:94:40:49:97:bf:d3:8b:42:4a:b8:c9:
be:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:59:D6:86:53:A9:52:42:DA:58:DD:2C:7D:C5:66:5E:03:BB:10:82
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bFnWhlOpUkLaWN0sfcVmXgO7EII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.1.0-31.56.2.255
31.56.23.0/24
31.56.25.0/24
31.56.27.0-31.56.32.255
31.56.34.0/24
31.56.36.0/24
31.56.38.0/24
31.56.40.0/24
31.56.80.0/22
31.56.92.0-31.56.111.255
Signature Algorithm: sha256WithRSAEncryption
28:03:fd:dc:4e:74:fb:46:9a:27:45:f7:41:de:44:5a:e8:41:
ff:9d:2e:79:12:9e:ab:9c:44:3d:fd:1c:34:8a:fe:5c:7f:c5:
e7:90:eb:26:aa:b1:22:13:39:1e:8a:e7:3b:57:18:fe:4a:37:
b3:d0:af:9b:10:f2:62:51:bf:28:de:16:26:d2:72:7c:7f:8c:
a6:2f:ff:73:06:bf:cb:1b:43:1f:57:5c:bb:f3:93:b6:45:f1:
aa:b7:2d:35:3c:82:74:22:87:5a:16:52:13:ad:61:8d:9e:32:
6f:3c:4f:c7:c1:b1:50:17:eb:e8:78:81:0d:eb:18:c1:e5:f2:
fa:57:df:30:c2:2d:e0:55:4b:80:77:ad:81:a8:48:ff:fe:f0:
56:29:f6:f4:cd:90:b9:fa:1e:26:35:7e:0c:59:43:81:fc:bc:
7e:a8:54:83:ac:86:06:dd:19:29:ce:9d:18:9e:74:46:ce:5f:
df:aa:29:98:4c:18:af:50:73:5a:0a:5a:a4:63:c4:4b:4a:74:
3c:ba:fb:e7:4a:5f:58:66:32:ef:7a:b2:01:86:1d:58:96:a4:
30:8e:40:f2:30:35:f3:09:24:da:07:d6:ea:91:3c:d4:6c:33:
be:e2:8c:f6:f1:7f:68:31:d1:a2:0a:6d:6c:01:1e:a6:2d:d1:
90:1a:dc:1f
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZFNFEWgQOIFcbrAARqlDQCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQwODEzMTg1MDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzU5ZDY4NjUzYTk1MjQyZGE1OGRkMmM3ZGM1NjY1ZTAzYmIxMDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0M7Aq47jq11nqEsNnUkzcykydEsr
DbJki1s4Qax1Sx8HeoiOXfF2uqzcn/UDEURzaU4/X6QjCVxOQtfrswCn/aHNAgC7
fOKJdRjsID26chXZKZ8zGikEGUOScvmSO9IzFCQHFbvJkUPoiXP7zcs78k9t1PRb
iZ4ylhPrF0Oesl1BuRVln/PYpI8TQqlaA63Okxdui4ys4rQZiAcHPMvR8E1vT726
RPx14T8ThPx/QYR106WQipbq0izIxhIJgOtfoiUvzDYXp9DO7Nskj0CJJ1jcSibp
Wq55Ev0ZwjmhxPhqrGpFY6GwUO08prb7cpmcqudnlEBJl7/Ti0JKuMm+qQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFGxZ1oZTqVJC2ljdLH3FZl4DuxCCMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvYkZuV2hsT3BVa0xhV04wc2ZjVm1YZ083RUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUMAwDBAAfOAED
BAAfOAIDBAAfOBcDBAAfOBkwDAMEAB84GwMEAB84IAMEAB84IgMEAB84JAMEAB84
JgMEAB84KAMEAh84UDAMAwQCHzhcAwQEHzhgMA0GCSqGSIb3DQEBCwUAA4IBAQAo
A/3cTnT7RponRfdB3kRa6EH/nS55Ep6rnEQ9/Rw0iv5cf8XnkOsmqrEiEzkeiuc7
Vxj+Sjez0K+bEPJiUb8o3hYm0nJ8f4ymL/9zBr/LG0MfV1y785O2RfGqty01PIJ0
IodaFlITrWGNnjJvPE/HwbFQF+voeIEN6xjB5fL6V98wwi3gVUuAd62BqEj//vBW
Kfb0zZC5+h4mNX4MWUOB/Lx+qFSDrIYG3Rkpzp0YnnRGzl/fqimYTBivUHNaClqk
Y8RLSnQ8uvvnSl9YZjLverIBhh1YlqQwjkDyMDXzCSTaB9bqkTzUbDO+4oz28X9o
MdGiCm1sAR6mLdGQGtwf
-----END CERTIFICATE-----
Generated at Wed Aug 14 19:04:16 2024 by rpki-client on console-ams.rpki-client.org