Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/giqQdWJ547yr3xahAQFR26w7PQY.roa
File: giqQdWJ547yr3xahAQFR26w7PQY.roa (raw, json)
Hash identifier: LsEaOA7ndhLEVmQ6MLYnJxycJ5U9iEaz8G+xIBKedig=
Subject key identifier: 82:2A:90:75:62:79:E3:BC:AB:DF:16:A1:01:01:51:DB:AC:3B:3D:06
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019428233D579A38AC2481A62F3F1C212609
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/giqQdWJ547yr3xahAQFR26w7PQY.roa
Signing time: Thu 02 Jan 2025 17:49:45 +0000
ROA not before: Thu 02 Jan 2025 17:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26737
IP address blocks: 31.56.42.0/24 maxlen: 24
31.56.43.0/24 maxlen: 24
31.56.87.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.58.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 10:10:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:3d:57:9a:38:ac:24:81:a6:2f:3f:1c:21:26:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=822a90756279e3bcabdf16a1010151dbac3b3d06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e5:59:58:fd:94:bd:3b:60:17:53:f4:ad:9f:
41:09:c5:88:49:7a:ce:d4:67:ef:bd:49:84:24:c4:
15:2b:77:34:60:2d:a5:e5:73:f6:06:7c:5a:50:b8:
71:10:5e:f1:d5:1e:62:68:ff:dd:17:2f:fb:c1:82:
c2:da:57:16:8b:df:00:1b:43:8f:08:93:8c:db:34:
e7:3a:e5:71:4f:73:ae:ad:ff:0f:b9:b8:2d:da:a7:
f5:99:de:0a:62:fa:3c:27:23:1a:a9:e8:39:57:73:
11:85:ca:37:89:41:d8:f6:28:da:76:16:c8:e3:d3:
3a:36:8f:6f:a6:65:52:c7:e7:67:cd:98:61:c8:92:
48:46:18:4b:a4:10:41:07:c0:37:26:ca:05:e9:c5:
f6:85:c8:ce:da:3f:45:3a:37:c7:ea:64:51:26:53:
3d:18:91:b2:45:9f:cb:27:9c:ae:69:54:70:1c:f7:
66:a2:51:d7:60:44:9c:ff:36:6a:b0:dc:f4:30:00:
b2:d7:2a:44:bb:67:e4:2d:ce:1e:ab:9a:87:33:47:
10:00:58:d3:1b:55:1d:ab:1a:46:87:e7:b7:57:ea:
d9:a2:a5:c0:e4:84:9c:51:c1:43:a2:71:60:b9:1c:
5c:3f:b5:77:1e:09:1a:5e:bb:b8:3b:f2:93:22:f4:
f5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:2A:90:75:62:79:E3:BC:AB:DF:16:A1:01:01:51:DB:AC:3B:3D:06
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/giqQdWJ547yr3xahAQFR26w7PQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.42.0/23
31.56.87.0/24
31.56.89.0/24
31.58.33.0/24
Signature Algorithm: sha256WithRSAEncryption
12:8b:73:b7:0a:62:57:1b:1f:bb:fa:c7:07:5a:2c:c5:07:cf:
75:6f:db:ab:e8:39:44:a1:97:cb:6c:ef:47:e2:39:e6:c2:d9:
ac:0a:24:64:cd:66:5c:d8:f0:89:24:7d:8b:2b:8e:9b:0e:b6:
c4:13:b2:66:8a:81:c6:fa:09:e8:54:30:13:12:bd:02:a2:36:
99:dd:2d:2a:9a:c6:1f:89:b2:35:7e:20:6f:c2:21:d4:45:6d:
58:a0:5d:ca:80:12:42:8c:91:63:07:01:73:c5:7b:e7:bc:39:
a5:4e:37:5f:be:f0:18:31:98:13:22:18:1a:12:32:40:b3:72:
5e:57:61:80:57:c0:1c:ca:63:91:23:07:45:da:fc:f7:f9:4e:
de:54:1e:dc:bd:87:c3:e8:73:dd:d2:ec:65:66:09:38:f4:5b:
e2:01:19:8b:e7:e6:48:e9:d0:93:71:ed:bc:a7:7b:c3:cb:4f:
4e:91:35:d9:62:86:33:50:3b:c9:91:e2:91:e5:65:34:01:35:
39:f5:a0:26:3c:1a:57:dd:49:c3:29:d6:f4:45:e9:a6:44:60:
75:01:1a:1c:0b:38:e7:e0:04:60:46:ae:3f:90:15:cf:b9:62:
df:8e:b7:61:83:1d:ed:d3:9d:58:f7:29:9d:d6:12:e4:7d:a6:
1b:b3:1a:8b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQoIz1XmjisJIGmLz8cISYJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjJhOTA3NTYyNzllM2JjYWJkZjE2YTEwMTAxNTFkYmFjM2IzZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeVZWP2UvTtgF1P0rZ9BCcWISXrO
1GfvvUmEJMQVK3c0YC2l5XP2BnxaULhxEF7x1R5iaP/dFy/7wYLC2lcWi98AG0OP
CJOM2zTnOuVxT3Ourf8Pubgt2qf1md4KYvo8JyMaqeg5V3MRhco3iUHY9ijadhbI
49M6No9vpmVSx+dnzZhhyJJIRhhLpBBBB8A3JsoF6cX2hcjO2j9FOjfH6mRRJlM9
GJGyRZ/LJ5yuaVRwHPdmolHXYESc/zZqsNz0MACy1ypEu2fkLc4eq5qHM0cQAFjT
G1UdqxpGh+e3V+rZoqXA5IScUcFDonFguRxcP7V3HgkaXru4O/KTIvT1AwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIIqkHVieeO8q98WoQEBUdusOz0GMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZ2lxUWRXSjU0N3lyM3hhaEFRRlIyNnc3UFFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBHzgqAwQA
HzhXAwQAHzhZAwQAHzohMA0GCSqGSIb3DQEBCwUAA4IBAQASi3O3CmJXGx+7+scH
WizFB891b9ur6DlEoZfLbO9H4jnmwtmsCiRkzWZc2PCJJH2LK46bDrbEE7JmioHG
+gnoVDATEr0CojaZ3S0qmsYfibI1fiBvwiHURW1YoF3KgBJCjJFjBwFzxXvnvDml
TjdfvvAYMZgTIhgaEjJAs3JeV2GAV8AcymORIwdF2vz3+U7eVB7cvYfD6HPd0uxl
Zgk49FviARmL5+ZI6dCTce28p3vDy09OkTXZYoYzUDvJkeKR5WU0ATU59aAmPBpX
3UnDKdb0RemmRGB1ARocCzjn4ARgRq4/kBXPuWLfjrdhgx3t051Y9ymd1hLkfaYb
sxqL
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:11 2025 by rpki-client