Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/cvgGIvfCljyh9uzE65BYoicdvYc.roa
File: cvgGIvfCljyh9uzE65BYoicdvYc.roa (raw, json)
Hash identifier: AuZznslW5t2inAWKf4kFcFdAQhzCuveN3A2sQkQN9sU=
Subject key identifier: 72:F8:06:22:F7:C2:96:3C:A1:F6:EC:C4:EB:90:58:A2:27:1D:BD:87
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019251247F31257CBC765BE80EFD241BEEF4
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/cvgGIvfCljyh9uzE65BYoicdvYc.roa
Signing time: Thu 03 Oct 2024 06:49:59 +0000
ROA not before: Thu 03 Oct 2024 06:49:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5650
IP address blocks: 31.57.192.0/22 maxlen: 24
31.57.202.0/24 maxlen: 24
31.57.203.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.240.0/22 maxlen: 24
31.57.244.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 06:46:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:24:7f:31:25:7c:bc:76:5b:e8:0e:fd:24:1b:ee:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 3 06:49:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72f80622f7c2963ca1f6ecc4eb9058a2271dbd87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:af:e9:01:40:fd:fb:11:ec:f8:75:9b:50:be:
9e:72:fc:db:18:de:cd:5f:45:2b:48:18:5c:4c:03:
72:68:9d:33:9b:fa:17:4f:3c:33:7f:54:24:80:26:
06:e0:aa:29:3b:27:6c:86:8d:f6:b4:45:1f:c0:b6:
8c:1f:fd:4a:3a:83:c2:3b:ed:24:65:ff:78:87:67:
8d:95:28:28:af:6f:ef:5e:1b:3d:7c:66:49:cd:d4:
f6:c8:54:07:f5:46:cc:af:79:be:6c:c5:15:49:24:
61:44:45:07:ba:3d:3b:51:1c:8d:14:36:36:3c:cf:
01:b4:e5:76:a0:fd:aa:c0:b6:fd:c1:a2:bc:13:1d:
b2:5d:c5:59:46:22:da:91:37:c2:03:8a:ff:ba:a5:
5d:7a:2d:92:86:2f:4f:f2:84:00:3a:f0:8d:fc:c6:
86:72:de:58:fa:a7:cb:99:f0:bc:91:c7:a7:f3:5d:
f2:89:d9:2e:85:69:84:12:88:df:d3:af:f5:e6:a9:
41:df:13:90:9f:25:d5:68:ae:0f:52:0e:d8:d9:68:
54:18:00:02:d5:34:8e:21:07:1d:cf:e3:51:8d:d9:
da:f7:85:82:e5:81:07:94:5a:36:5d:23:0a:c7:2f:
ca:f2:14:0f:63:57:f4:2f:cf:99:1c:4c:b8:df:96:
2f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F8:06:22:F7:C2:96:3C:A1:F6:EC:C4:EB:90:58:A2:27:1D:BD:87
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/cvgGIvfCljyh9uzE65BYoicdvYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.192.0/22
31.57.202.0/23
31.57.224.0/22
31.57.232.0/22
31.57.240.0/21
31.57.252.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:ca:8b:2f:77:ce:cc:5e:01:66:95:4f:6a:ec:fb:b0:2b:a2:
cf:f1:c8:17:b7:7c:22:8a:3c:11:05:c8:5b:d9:cf:56:d3:97:
6f:10:da:58:88:c1:09:7a:32:f7:86:ab:b2:22:57:b6:45:f9:
7b:ad:b3:bf:fe:07:e4:33:cf:fc:f9:0b:e5:11:f2:19:3a:63:
5d:cf:52:39:57:a3:2b:7f:5d:ee:6d:1a:8a:fb:b9:98:ce:34:
87:18:7d:fb:2e:e5:1c:ae:45:e8:11:9d:04:b5:7b:38:a0:1d:
ae:fb:2f:7a:e6:9e:51:a2:cf:04:c3:ac:39:09:e1:75:97:57:
75:29:f0:76:16:35:22:28:11:c0:d9:ca:21:24:b1:97:6d:71:
1a:2b:9b:1d:ce:e0:92:6d:fa:8b:7a:02:1e:41:bc:d6:63:74:
a1:58:73:05:27:db:9a:17:a8:c9:e1:6f:c2:d1:f4:c3:17:08:
75:e2:c3:10:94:f2:ec:82:56:7a:49:63:49:c8:70:7c:54:60:
b6:e6:c4:9f:88:5f:37:cb:5e:ce:41:7b:98:1b:d9:ad:75:cf:
30:0a:91:6d:dc:43:8e:e0:9a:40:72:89:26:8d:b6:b1:6a:4c:
2e:30:68:67:72:72:75:84:71:19:38:04:e3:d2:3c:3c:c0:3e:
48:2c:a1:9a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZJRJH8xJXy8dlvoDv0kG+70MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDAzMDY0OTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmY4MDYyMmY3YzI5NjNjYTFmNmVjYzRlYjkwNThhMjI3MWRiZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAma/pAUD9+xHs+HWbUL6ecvzbGN7N
X0UrSBhcTANyaJ0zm/oXTzwzf1QkgCYG4KopOydsho32tEUfwLaMH/1KOoPCO+0k
Zf94h2eNlSgor2/vXhs9fGZJzdT2yFQH9UbMr3m+bMUVSSRhREUHuj07URyNFDY2
PM8BtOV2oP2qwLb9waK8Ex2yXcVZRiLakTfCA4r/uqVdei2Shi9P8oQAOvCN/MaG
ct5Y+qfLmfC8kcen813yidkuhWmEEojf06/15qlB3xOQnyXVaK4PUg7Y2WhUGAAC
1TSOIQcdz+NRjdna94WC5YEHlFo2XSMKxy/K8hQPY1f0L8+ZHEy435YvMQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHL4BiL3wpY8ofbsxOuQWKInHb2HMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvY3ZnR0l2ZkNsanloOXV6RTY1QllvaWNkdlljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCHznAAwQB
HznKAwQCHzngAwQCHznoAwQDHznwAwQCHzn8MA0GCSqGSIb3DQEBCwUAA4IBAQBc
yosvd87MXgFmlU9q7PuwK6LP8cgXt3wiijwRBchb2c9W05dvENpYiMEJejL3hquy
Ile2Rfl7rbO//gfkM8/8+QvlEfIZOmNdz1I5V6Mrf13ubRqK+7mYzjSHGH37LuUc
rkXoEZ0EtXs4oB2u+y965p5Ros8Ew6w5CeF1l1d1KfB2FjUiKBHA2cohJLGXbXEa
K5sdzuCSbfqLegIeQbzWY3ShWHMFJ9uaF6jJ4W/C0fTDFwh14sMQlPLsglZ6SWNJ
yHB8VGC25sSfiF83y17OQXuYG9mtdc8wCpFt3EOO4JpAcokmjbaxakwuMGhncnJ1
hHEZOATj0jw8wD5ILKGa
-----END CERTIFICATE-----
Generated at Fri Nov 1 07:30:31 2024 by rpki-client on console-fra.rpki-client.org