Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bwXBEGEAqR0Gxxf_lCFGg0aRhAA.roa
File: bwXBEGEAqR0Gxxf_lCFGg0aRhAA.roa (raw, json)
Hash identifier: fSoMcrmsiBm7ns5KtArpF0uXhiYtf9y0SYDBdt/a0CQ=
Subject key identifier: 6F:05:C1:10:61:00:A9:1D:06:C7:17:FF:94:21:46:83:46:91:84:00
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0192A3B00EC873EF6AA0F3B176743CA2251A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bwXBEGEAqR0Gxxf_lCFGg0aRhAA.roa
Signing time: Sat 19 Oct 2024 07:31:17 +0000
ROA not before: Sat 19 Oct 2024 07:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 31.56.86.0/24 maxlen: 24
31.57.162.0/23 maxlen: 23
31.57.164.0/23 maxlen: 23
31.57.180.0/24 maxlen: 24
31.58.41.0/24 maxlen: 24
31.58.42.0/24 maxlen: 24
31.58.48.0/24 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.56.0/23 maxlen: 24
31.58.64.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Oct 2024 07:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a3:b0:0e:c8:73:ef:6a:a0:f3:b1:76:74:3c:a2:25:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 19 07:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f05c1106100a91d06c717ff9421468346918400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7b:01:9b:48:96:88:e8:6d:28:36:05:bd:e0:
0c:dd:94:4d:9a:53:cf:75:5c:f0:24:d7:a7:43:72:
98:f0:0c:52:39:31:29:86:ae:be:73:8a:a3:b7:5b:
ef:b3:ad:ee:50:48:f8:72:84:1a:f7:0a:7c:9a:25:
6f:11:41:8f:8f:a9:7e:a4:91:4d:6f:fa:bb:fa:41:
59:b6:8c:c0:c9:67:48:8a:ab:e5:f3:50:fc:a1:1e:
3b:69:c7:cc:cf:76:65:d1:b3:53:db:59:7f:d8:e1:
88:02:0c:e3:dd:b5:e8:3c:d2:23:76:a5:7e:67:65:
b8:95:b4:3e:7b:d1:55:73:9b:0b:27:bf:6c:fa:a2:
f4:58:ad:83:6e:07:23:4c:d3:12:60:d9:97:2b:64:
78:cd:e7:c9:bc:d2:f5:e8:b4:ac:0b:84:bc:c2:20:
90:81:04:50:05:55:0b:2f:db:f0:a0:30:17:44:4d:
84:da:c6:e0:41:a3:17:2d:e0:5b:26:d9:9b:59:3b:
97:f6:b3:b7:a9:07:89:72:9a:84:54:3f:f9:6a:e6:
e4:9e:c2:46:d9:d7:d3:e4:af:78:47:2b:59:4d:c8:
e0:f4:76:23:9f:86:2f:e6:95:fa:08:b3:bd:3b:35:
64:b9:f8:e1:4f:c8:71:8c:10:a5:4a:70:db:53:11:
a5:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:05:C1:10:61:00:A9:1D:06:C7:17:FF:94:21:46:83:46:91:84:00
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bwXBEGEAqR0Gxxf_lCFGg0aRhAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.86.0/24
31.57.162.0-31.57.165.255
31.57.180.0/24
31.58.41.0-31.58.42.255
31.58.48.0/24
31.58.50.0/23
31.58.56.0/23
31.58.64.0/23
Signature Algorithm: sha256WithRSAEncryption
67:e8:db:32:0c:a4:25:df:3d:97:ad:7d:ff:5f:96:4e:4d:fe:
20:9d:e0:31:97:82:e2:95:bc:4f:b7:3c:10:1d:2d:e2:dd:8e:
c3:61:89:89:5d:47:4f:58:48:4c:5a:24:c3:3e:7f:ab:ff:c6:
44:e1:8e:78:a7:ba:6b:8d:e5:06:e4:55:8f:fb:b9:83:82:50:
1e:1e:a1:c0:50:53:a3:3a:cc:19:7a:44:07:e8:f7:da:e9:c6:
cc:26:65:4b:ad:3d:54:ee:0a:e2:14:5e:73:34:e8:8a:d4:8e:
9c:98:db:60:f9:df:06:86:50:bf:bb:da:8a:5b:df:8a:2c:69:
ad:e6:90:d3:de:8f:c5:cc:6d:8f:bf:0a:03:b9:ad:2e:32:7f:
cc:aa:df:fe:86:23:7a:a5:5d:42:4c:26:fd:91:c1:03:64:3d:
9b:8f:66:9c:4d:03:f9:20:3a:3f:d5:82:85:05:1a:fe:0a:99:
83:49:f2:43:67:e1:22:35:85:9f:e6:79:83:cb:24:da:92:59:
de:f0:cd:f6:a2:35:56:0c:96:9d:4b:28:a1:78:8c:da:7d:6b:
68:0a:23:ae:14:4d:0b:4f:04:d5:30:cf:c1:2b:b1:d3:a2:82:
c8:ab:54:55:d3:d6:5c:13:22:b0:c1:77:32:fc:6d:0d:c6:0e:
0b:6b:27:4f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZKjsA7Ic+9qoPOxdnQ8oiUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDE5MDczMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjA1YzExMDYxMDBhOTFkMDZjNzE3ZmY5NDIxNDY4MzQ2OTE4NDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3sBm0iWiOhtKDYFveAM3ZRNmlPP
dVzwJNenQ3KY8AxSOTEphq6+c4qjt1vvs63uUEj4coQa9wp8miVvEUGPj6l+pJFN
b/q7+kFZtozAyWdIiqvl81D8oR47acfMz3Zl0bNT21l/2OGIAgzj3bXoPNIjdqV+
Z2W4lbQ+e9FVc5sLJ79s+qL0WK2DbgcjTNMSYNmXK2R4zefJvNL16LSsC4S8wiCQ
gQRQBVULL9vwoDAXRE2E2sbgQaMXLeBbJtmbWTuX9rO3qQeJcpqEVD/5aubknsJG
2dfT5K94RytZTcjg9HYjn4Yv5pX6CLO9OzVkufjhT8hxjBClSnDbUxGldQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFG8FwRBhAKkdBscX/5QhRoNGkYQAMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvYndYQkVHRUFxUjBHeHhmX2xDRkdnMGFSaEFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQAHzhWMAwD
BAEfOaIDBAEfOaQDBAAfObQwDAMEAB86KQMEAB86KgMEAB86MAMEAR86MgMEAR86
OAMEAR86QDANBgkqhkiG9w0BAQsFAAOCAQEAZ+jbMgykJd89l619/1+WTk3+IJ3g
MZeC4pW8T7c8EB0t4t2Ow2GJiV1HT1hITFokwz5/q//GROGOeKe6a43lBuRVj/u5
g4JQHh6hwFBTozrMGXpEB+j32unGzCZlS609VO4K4hReczToitSOnJjbYPnfBoZQ
v7vailvfiixpreaQ096Pxcxtj78KA7mtLjJ/zKrf/oYjeqVdQkwm/ZHBA2Q9m49m
nE0D+SA6P9WChQUa/gqZg0nyQ2fhIjWFn+Z5g8sk2pJZ3vDN9qI1VgyWnUsooXiM
2n1raAojrhRNC08E1TDPwSux06KCyKtUVdPWXBMisMF3MvxtDcYOC2snTw==
-----END CERTIFICATE-----
Generated at Thu Oct 31 09:32:27 2024 by rpki-client on console-fra.rpki-client.org