Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/cGpBhSxqQJIX-Q0zG5EYl5z_3LU.roa
File: cGpBhSxqQJIX-Q0zG5EYl5z_3LU.roa (raw, json)
Hash identifier: VVa4u1Qmua8SNPZxqzFghPZfTXGPWJVlTXNtf6Yo/sc=
Subject key identifier: 70:6A:41:85:2C:6A:40:92:17:F9:0D:33:1B:91:18:97:9C:FF:DC:B5
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01944251B3617F675F28C975095607C634B6
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/cGpBhSxqQJIX-Q0zG5EYl5z_3LU.roa
Signing time: Tue 07 Jan 2025 19:50:38 +0000
ROA not before: Tue 07 Jan 2025 19:50:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215026
IP address blocks: 31.57.159.0/24 maxlen: 24
31.57.201.0/24 maxlen: 24
31.57.207.0/24 maxlen: 24
31.57.220.0/24 maxlen: 24
31.59.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 11:46:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:42:51:b3:61:7f:67:5f:28:c9:75:09:56:07:c6:34:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 7 19:50:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=706a41852c6a409217f90d331b9118979cffdcb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9f:25:0f:05:64:e8:2b:d2:1b:1e:61:20:e1:
17:e6:e1:e6:0e:73:f8:68:78:50:2c:2f:6a:b4:9f:
0d:a4:e8:87:af:2a:88:07:0f:ec:8e:38:32:56:f0:
9e:e8:b4:62:5d:95:03:51:0e:97:1d:4e:09:b8:3e:
13:65:a2:f5:71:18:a2:6d:af:81:93:cf:0c:35:f8:
ca:3a:08:7e:b5:ef:0d:34:4e:35:d8:2a:7b:2c:de:
18:db:7f:5a:b7:97:11:75:77:63:0d:30:31:75:b8:
2d:7a:6b:97:e2:01:3b:2f:86:1d:4a:87:6a:eb:eb:
99:21:d9:19:c4:29:ee:fb:45:29:15:97:65:e1:dc:
fc:96:3a:11:54:e0:dd:3a:64:4e:57:9a:fc:e7:f1:
45:d7:be:1b:9f:e6:41:f1:c7:27:fc:20:e0:be:a5:
5f:6e:11:b1:94:10:21:d0:df:dd:5d:d7:e9:3a:a2:
81:f7:17:3d:14:d2:69:69:d4:e4:7e:a1:d7:17:52:
59:3d:f8:d9:83:12:51:de:e2:37:78:6e:46:75:32:
da:ec:a1:61:51:a9:6e:93:d7:ab:b1:68:ee:3b:87:
dc:87:ad:0d:f0:46:68:95:2d:6d:18:a1:0c:af:f4:
c4:99:ee:9c:66:b7:fb:c3:44:f0:8e:ed:5b:25:2b:
87:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:6A:41:85:2C:6A:40:92:17:F9:0D:33:1B:91:18:97:9C:FF:DC:B5
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/cGpBhSxqQJIX-Q0zG5EYl5z_3LU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.159.0/24
31.57.201.0/24
31.57.207.0/24
31.57.220.0/24
31.59.98.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:5c:d1:6b:57:e5:92:ed:8b:e4:fc:90:d7:d3:98:0a:cd:b4:
45:78:26:ce:18:ae:4b:32:d5:85:ff:bb:75:64:85:13:b9:3d:
23:f3:ac:74:c0:61:80:6f:6d:df:2f:73:79:3d:39:8c:c7:c4:
bf:11:d6:9b:af:ba:0a:23:76:ee:21:1a:5e:eb:94:7d:e2:b1:
34:10:97:d0:65:1c:4b:69:fa:5a:d8:96:c8:27:ce:17:84:02:
6c:1f:6c:0a:46:71:83:68:16:91:6b:94:10:b8:c1:4c:63:66:
a7:52:ed:74:82:03:65:d8:90:0f:cb:9a:3d:ad:8c:bb:a2:e5:
cf:ab:98:57:10:58:aa:34:62:c3:f9:dd:83:31:1b:55:01:b9:
72:f8:cd:01:15:a3:80:a8:48:88:36:92:6b:fd:98:26:83:da:
76:22:87:42:b5:b6:d7:e8:1b:44:0e:a8:6f:50:bb:03:ff:c2:
80:77:db:7c:ac:84:b7:97:4d:34:9b:38:c7:d2:d9:9f:e4:01:
97:52:ab:91:a1:1e:20:03:25:7b:7e:f3:a1:7f:54:00:da:bb:
d5:80:68:fb:fb:50:f3:47:cf:4d:2f:e6:13:32:43:f4:3e:db:
4e:1d:74:32:8e:de:86:b9:b7:cc:f0:3c:89:a7:62:93:66:2f:
fe:74:84:0f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZRCUbNhf2dfKMl1CVYHxjS2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTA3MTk1MDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDZhNDE4NTJjNmE0MDkyMTdmOTBkMzMxYjkxMTg5NzljZmZkY2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJ8lDwVk6CvSGx5hIOEX5uHmDnP4
aHhQLC9qtJ8NpOiHryqIBw/sjjgyVvCe6LRiXZUDUQ6XHU4JuD4TZaL1cRiiba+B
k88MNfjKOgh+te8NNE412Cp7LN4Y239at5cRdXdjDTAxdbgtemuX4gE7L4YdSodq
6+uZIdkZxCnu+0UpFZdl4dz8ljoRVODdOmROV5r85/FF174bn+ZB8ccn/CDgvqVf
bhGxlBAh0N/dXdfpOqKB9xc9FNJpadTkfqHXF1JZPfjZgxJR3uI3eG5GdTLa7KFh
Ualuk9ersWjuO4fch60N8EZolS1tGKEMr/TEme6cZrf7w0Twju1bJSuH9wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHBqQYUsakCSF/kNMxuRGJec/9y1MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvY0dwQmhTeHFRSklYLVEwekc1RVlsNXpfM0xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHzmfAwQA
HznJAwQAHznPAwQAHzncAwQAHztiMA0GCSqGSIb3DQEBCwUAA4IBAQBcXNFrV+WS
7Yvk/JDX05gKzbRFeCbOGK5LMtWF/7t1ZIUTuT0j86x0wGGAb23fL3N5PTmMx8S/
Edabr7oKI3buIRpe65R94rE0EJfQZRxLafpa2JbIJ84XhAJsH2wKRnGDaBaRa5QQ
uMFMY2anUu10ggNl2JAPy5o9rYy7ouXPq5hXEFiqNGLD+d2DMRtVAbly+M0BFaOA
qEiINpJr/Zgmg9p2IodCtbbX6BtEDqhvULsD/8KAd9t8rIS3l000mzjH0tmf5AGX
UquRoR4gAyV7fvOhf1QA2rvVgGj7+1DzR89NL+YTMkP0PttOHXQyjt6GubfM8DyJ
p2KTZi/+dIQP
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:08:47 2025 by rpki-client