Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hQA1yfv1oamOjtbKzxXiQ45D94s.roa
File: hQA1yfv1oamOjtbKzxXiQ45D94s.roa (raw, json)
Hash identifier: 8NDXFmwIfbTOnuwk37WxPxaXmgGCbj137iHRW3CGnHc=
Subject key identifier: 85:00:35:C9:FB:F5:A1:A9:8E:8E:D6:CA:CF:15:E2:43:8E:43:F7:8B
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0192E15FDF5CE831EAE8C961AB7C6D2A7131
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hQA1yfv1oamOjtbKzxXiQ45D94s.roa
Signing time: Thu 31 Oct 2024 07:00:09 +0000
ROA not before: Thu 31 Oct 2024 07:00:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.39.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.66.0/24 maxlen: 24
31.56.85.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.112.0/21 maxlen: 24
31.56.120.0/22 maxlen: 24
31.57.0.0/24 maxlen: 24
31.57.1.0/24 maxlen: 24
31.57.2.0/24 maxlen: 24
31.57.3.0/24 maxlen: 24
31.57.4.0/24 maxlen: 24
31.57.5.0/24 maxlen: 24
31.57.6.0/24 maxlen: 24
31.57.7.0/24 maxlen: 24
31.57.8.0/24 maxlen: 24
31.57.9.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.176.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 06:46:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e1:5f:df:5c:e8:31:ea:e8:c9:61:ab:7c:6d:2a:71:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 31 07:00:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=850035c9fbf5a1a98e8ed6cacf15e2438e43f78b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:45:ab:a7:b0:96:28:58:f1:ba:c0:b8:5e:a0:
43:06:24:db:63:0c:61:49:ee:ec:cd:a7:0d:37:e8:
be:f0:57:5b:4c:4d:f6:cc:21:f4:43:5f:9c:12:8b:
42:57:34:25:f7:1b:59:de:2e:1e:0f:67:11:aa:0c:
f0:7b:b3:d7:83:f8:58:f3:fd:84:fc:75:7e:74:9b:
5e:58:7e:d7:62:f9:12:41:40:23:61:ef:3f:d4:fa:
4b:85:d7:67:4e:f9:f7:ed:d7:97:37:75:ad:40:f5:
70:bc:b1:46:bb:6f:3e:22:98:48:e4:a6:2c:d3:ba:
81:58:e9:96:e4:27:45:5c:ec:a3:45:93:46:26:11:
92:3b:8a:8d:2f:8a:93:5b:84:e0:b0:fb:d8:6a:56:
e6:db:01:29:d3:e3:f7:57:d6:3e:13:bb:30:f8:8f:
5d:99:f1:8f:42:4d:23:fb:cb:8e:7c:12:2d:c8:dd:
0f:80:5e:a9:e2:0d:62:ea:5b:5f:3b:fb:c8:91:6d:
69:1c:37:85:1d:13:88:cd:04:9b:28:0f:27:52:32:
e8:d5:b0:83:c8:b2:d5:15:05:51:f0:c2:59:86:cd:
a3:1d:e9:8b:1f:7a:59:8b:d3:59:de:2e:35:fe:ca:
16:b6:5a:bb:6d:b1:d7:d2:d7:30:df:65:5d:19:4b:
df:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:00:35:C9:FB:F5:A1:A9:8E:8E:D6:CA:CF:15:E2:43:8E:43:F7:8B
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hQA1yfv1oamOjtbKzxXiQ45D94s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.39.0/24
31.56.42.0/23
31.56.66.0/24
31.56.85.0/24
31.56.89.0/24
31.56.112.0-31.56.123.255
31.57.0.0-31.57.9.255
31.57.132.0/23
31.57.176.0/21
Signature Algorithm: sha256WithRSAEncryption
b2:3b:44:3c:ce:5e:4a:d9:62:65:57:a0:b9:65:ef:59:bd:00:
75:90:4e:16:58:d0:be:3b:27:b3:b9:4a:74:1b:20:2c:52:a7:
ee:e5:ae:0a:d1:05:11:db:e8:1b:49:c2:93:3d:25:83:59:11:
5d:ff:5c:fb:dc:95:c4:a2:e3:dd:db:e4:a5:3c:aa:ea:45:c9:
64:dc:25:64:80:5f:af:b8:ea:7b:35:67:3e:c1:70:a7:10:a2:
51:0a:42:87:b9:03:05:b8:fb:b6:cc:1b:5b:55:18:cf:13:dd:
3a:dd:43:46:9e:0b:34:e7:a0:33:99:ef:ac:33:23:3a:03:3b:
51:87:95:39:d8:d6:9c:25:4e:e6:3b:78:88:47:64:1c:5c:37:
16:43:e9:72:37:81:0f:2e:e7:8b:fc:61:ae:43:fa:4e:ef:b4:
98:fb:98:d3:48:49:46:b9:95:0e:85:9a:0c:68:7d:45:77:71:
8e:e6:c6:71:21:66:79:d0:27:52:29:03:a6:17:dc:d0:70:72:
8e:ae:04:bc:9a:a1:52:f9:55:ce:eb:63:6a:9f:fa:c1:45:ca:
9a:44:e0:f6:30:fe:13:b6:bb:32:dd:9e:83:16:7f:79:15:d3:
a8:d7:fd:c0:d6:7a:f4:f3:1a:b2:bb:49:54:a6:b6:53:c4:6a:
d0:3c:36:6f
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZLhX99c6DHq6Mlhq3xtKnExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDMxMDcwMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTAwMzVjOWZiZjVhMWE5OGU4ZWQ2Y2FjZjE1ZTI0MzhlNDNmNzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEWrp7CWKFjxusC4XqBDBiTbYwxh
Se7szacNN+i+8FdbTE32zCH0Q1+cEotCVzQl9xtZ3i4eD2cRqgzwe7PXg/hY8/2E
/HV+dJteWH7XYvkSQUAjYe8/1PpLhddnTvn37deXN3WtQPVwvLFGu28+IphI5KYs
07qBWOmW5CdFXOyjRZNGJhGSO4qNL4qTW4TgsPvYalbm2wEp0+P3V9Y+E7sw+I9d
mfGPQk0j+8uOfBItyN0PgF6p4g1i6ltfO/vIkW1pHDeFHROIzQSbKA8nUjLo1bCD
yLLVFQVR8MJZhs2jHemLH3pZi9NZ3i41/soWtlq7bbHX0tcw32VdGUvfTQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFIUANcn79aGpjo7Wys8V4kOOQ/eLMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvaFFBMXlmdjFvYW1PanRiS3p4WGlRNDVEOTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBRBAIAATBLAwQBHzgEAwQA
HzgnAwQBHzgqAwQAHzhCAwQAHzhVAwQAHzhZMAwDBAQfOHADBAIfOHgwCwMDAB85
AwQBHzkIAwQBHzmEAwQDHzmwMA0GCSqGSIb3DQEBCwUAA4IBAQCyO0Q8zl5K2WJl
V6C5Ze9ZvQB1kE4WWNC+OyezuUp0GyAsUqfu5a4K0QUR2+gbScKTPSWDWRFd/1z7
3JXEouPd2+SlPKrqRclk3CVkgF+vuOp7NWc+wXCnEKJRCkKHuQMFuPu2zBtbVRjP
E9063UNGngs056Azme+sMyM6AztRh5U52NacJU7mO3iIR2QcXDcWQ+lyN4EPLueL
/GGuQ/pO77SY+5jTSElGuZUOhZoMaH1Fd3GO5sZxIWZ50CdSKQOmF9zQcHKOrgS8
mqFS+VXO62Nqn/rBRcqaROD2MP4Ttrsy3Z6DFn95FdOo1/3A1nr08xqyu0lUprZT
xGrQPDZv
-----END CERTIFICATE-----
Generated at Fri Nov 1 08:52:59 2024 by rpki-client on console-ams.rpki-client.org