Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hhFZ0ri7Uwwelg5VRJRkmK2z0uA.roa
File: hhFZ0ri7Uwwelg5VRJRkmK2z0uA.roa (raw, json)
Hash identifier: c6c1y5V3A8OfdzilCzHRcWYvvLTwueQZYYnUMSwyy00=
Subject key identifier: 86:11:59:D2:B8:BB:53:0C:1E:96:0E:55:44:94:64:98:AD:B3:D2:E0
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194282331DC5EE2F0C959531501670FBF86
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hhFZ0ri7Uwwelg5VRJRkmK2z0uA.roa
Signing time: Thu 02 Jan 2025 17:49:42 +0000
ROA not before: Thu 02 Jan 2025 17:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 31.58.129.0/24 maxlen: 24
31.58.138.0/23 maxlen: 24
31.58.150.0/24 maxlen: 24
31.58.154.0/24 maxlen: 24
31.58.165.0/24 maxlen: 24
31.59.115.0/24 maxlen: 24
31.59.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 11:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:31:dc:5e:e2:f0:c9:59:53:15:01:67:0f:bf:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=861159d2b8bb530c1e960e5544946498adb3d2e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:61:27:47:cf:82:ad:dc:38:42:1f:38:05:ef:
dd:7e:61:3b:fa:d9:44:b4:b2:e2:ab:bf:13:14:bf:
13:e1:5d:f6:70:1d:fd:7b:e3:e1:fa:de:de:d3:8b:
04:9d:3e:0e:9d:0f:b5:09:ec:f3:18:86:c6:3b:ff:
a9:c4:4b:30:0d:ae:5f:6b:a4:f3:43:54:7f:d4:de:
11:c9:11:38:e3:31:44:14:a0:fa:57:ed:2c:21:c9:
c8:d1:01:b6:a4:90:f2:82:0a:0b:7e:18:c0:e7:d6:
02:74:83:5b:27:d3:24:13:c3:d9:25:17:df:2b:96:
99:ac:c4:e6:98:74:a7:17:72:90:20:5a:a2:91:58:
d3:72:e1:31:ef:2e:b1:2e:5f:4c:d8:98:e1:8c:38:
8c:90:e0:83:0f:7f:7c:55:fa:00:97:27:0f:e4:26:
b6:9f:14:39:f7:41:20:87:6c:85:34:0a:fd:1c:8e:
78:5e:d9:c0:71:40:c4:a7:f4:71:f2:fb:72:75:8a:
62:5b:36:db:c8:7a:2f:32:2f:f7:73:0a:ed:ac:b6:
cb:f7:d7:44:44:22:55:69:f2:43:fb:4a:ca:d9:54:
a3:b0:c1:45:1c:a2:a9:3f:93:59:c4:5b:15:c2:dd:
8b:55:50:7b:e8:25:26:03:bd:d5:85:75:1b:4f:69:
1b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:11:59:D2:B8:BB:53:0C:1E:96:0E:55:44:94:64:98:AD:B3:D2:E0
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hhFZ0ri7Uwwelg5VRJRkmK2z0uA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.129.0/24
31.58.138.0/23
31.58.150.0/24
31.58.154.0/24
31.58.165.0/24
31.59.115.0/24
31.59.187.0/24
Signature Algorithm: sha256WithRSAEncryption
02:09:29:7d:cd:13:fc:f5:f5:4e:ba:05:98:1c:3a:90:b2:6a:
53:85:33:6a:ac:c8:f4:f1:5e:76:58:15:96:ba:1f:d8:9d:e2:
bb:7d:a2:66:b4:93:79:1a:f6:4b:54:de:38:51:6d:f6:2f:73:
06:ee:63:69:40:db:9a:14:74:6a:90:7e:f6:6c:78:82:ca:d5:
1c:43:94:8c:d6:9f:3f:b6:ff:cc:00:12:e0:79:83:e9:fc:1f:
5d:eb:0f:70:7e:e8:43:bf:f0:ef:62:e0:a7:b0:ff:c3:6c:e8:
ab:19:1a:43:89:42:b1:22:f3:9b:21:59:de:30:74:3c:8a:b2:
52:38:cf:ff:04:a2:56:bc:7e:9f:55:e8:e3:51:d5:01:2e:7b:
7f:74:50:fd:28:07:54:ce:d9:7d:51:05:39:82:b4:c6:9f:5d:
57:cc:30:db:a3:1e:14:28:5b:7c:ec:f4:80:51:79:9a:7d:c6:
2f:cb:8c:e1:c2:d3:76:a8:06:9f:9e:4e:f2:26:15:43:70:83:
12:cf:30:ea:69:de:dc:e6:1d:fb:00:ae:8a:d7:be:5c:63:41:
74:26:d1:0f:50:1c:bc:03:51:9f:21:00:c0:14:b2:fe:6b:5a:
55:ca:ef:cf:01:94:a2:0c:6f:78:56:0c:73:90:61:31:91:ad:
b6:4f:ee:bb
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQoIzHcXuLwyVlTFQFnD7+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjExNTlkMmI4YmI1MzBjMWU5NjBlNTU0NDk0NjQ5OGFkYjNkMmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mEnR8+Crdw4Qh84Be/dfmE7+tlE
tLLiq78TFL8T4V32cB39e+Ph+t7e04sEnT4OnQ+1CezzGIbGO/+pxEswDa5fa6Tz
Q1R/1N4RyRE44zFEFKD6V+0sIcnI0QG2pJDyggoLfhjA59YCdINbJ9MkE8PZJRff
K5aZrMTmmHSnF3KQIFqikVjTcuEx7y6xLl9M2JjhjDiMkOCDD398VfoAlycP5Ca2
nxQ590Egh2yFNAr9HI54XtnAcUDEp/Rx8vtydYpiWzbbyHovMi/3cwrtrLbL99dE
RCJVafJD+0rK2VSjsMFFHKKpP5NZxFsVwt2LVVB76CUmA73VhXUbT2kbtQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIYRWdK4u1MMHpYOVUSUZJits9LgMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvaGhGWjByaTdVd3dlbGc1VlJKUmttSzJ6MHVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAHzqBAwQB
HzqKAwQAHzqWAwQAHzqaAwQAHzqlAwQAHztzAwQAHzu7MA0GCSqGSIb3DQEBCwUA
A4IBAQACCSl9zRP89fVOugWYHDqQsmpThTNqrMj08V52WBWWuh/YneK7faJmtJN5
GvZLVN44UW32L3MG7mNpQNuaFHRqkH72bHiCytUcQ5SM1p8/tv/MABLgeYPp/B9d
6w9wfuhDv/DvYuCnsP/DbOirGRpDiUKxIvObIVneMHQ8irJSOM//BKJWvH6fVejj
UdUBLnt/dFD9KAdUztl9UQU5grTGn11XzDDbox4UKFt87PSAUXmafcYvy4zhwtN2
qAafnk7yJhVDcIMSzzDqad7c5h37AK6K175cY0F0JtEPUBy8A1GfIQDAFLL+a1pV
yu/PAZSiDG94VgxzkGExka22T+67
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:48:51 2025 by rpki-client