Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hiOpWRWBLTG5_kw5g66meXCx508.roa
File: hiOpWRWBLTG5_kw5g66meXCx508.roa (raw, json)
Hash identifier: BbRV93n1xL6yNZfAeQsNzm0n9xg2vHtczM8LBmDnpWQ=
Subject key identifier: 86:23:A9:59:15:81:2D:31:B9:FE:4C:39:83:AE:A6:79:70:B1:E7:4F
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0191EEE238DD3E673245FC7D8EBA63B67818
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hiOpWRWBLTG5_kw5g66meXCx508.roa
Signing time: Sat 14 Sep 2024 04:54:48 +0000
ROA not before: Sat 14 Sep 2024 04:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.39.0/24 maxlen: 24
31.56.45.0/24 maxlen: 24
31.56.59.0/24 maxlen: 24
31.56.63.0/24 maxlen: 24
31.56.67.0/24 maxlen: 24
31.56.69.0/24 maxlen: 24
31.56.72.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.112.0/21 maxlen: 24
31.56.126.0/24 maxlen: 24
31.56.147.0/24 maxlen: 24
31.57.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Sep 2024 06:21:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ee:e2:38:dd:3e:67:32:45:fc:7d:8e:ba:63:b6:78:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Sep 14 04:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8623a95915812d31b9fe4c3983aea67970b1e74f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:49:79:9f:72:68:f4:5f:cc:f5:73:e8:01:7a:
b2:47:e1:72:5a:91:a3:ef:40:3d:e2:6b:45:66:d7:
25:64:41:59:85:d5:d8:af:7e:54:f2:6a:ca:69:03:
a1:a0:d8:28:5a:af:d5:a7:a6:bc:24:06:ef:df:ae:
6d:13:ad:c3:05:1a:96:2f:69:f8:73:22:3d:16:c1:
61:07:e3:c9:20:2e:02:43:36:ef:c1:06:82:69:a5:
d6:64:29:7c:e9:4c:96:3f:15:df:13:49:9a:e5:28:
2e:0a:44:cb:93:d7:04:17:12:0c:9a:e0:e3:a0:2a:
4d:9b:e3:60:e9:fc:87:99:1b:c3:05:9c:38:d4:55:
a5:a3:f7:95:9f:cf:e1:ce:36:ec:9e:f3:cc:08:89:
66:3a:97:03:1d:15:4f:88:8d:ee:13:6f:5b:1a:53:
ff:55:d1:83:96:22:70:f3:88:47:aa:3a:af:b9:1f:
22:18:e3:18:63:4f:49:40:51:49:ab:67:96:89:ab:
81:fc:f8:e1:93:ea:03:a7:29:ce:e6:f7:5e:01:71:
f0:f7:8f:3b:b1:aa:68:d1:89:36:ec:ad:96:80:8b:
3c:90:f8:7f:09:09:58:2b:97:b5:6a:b2:e1:81:43:
09:fc:73:41:99:89:3b:c3:08:94:d2:c6:ca:fb:52:
fd:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:23:A9:59:15:81:2D:31:B9:FE:4C:39:83:AE:A6:79:70:B1:E7:4F
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hiOpWRWBLTG5_kw5g66meXCx508.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.39.0/24
31.56.45.0/24
31.56.59.0/24
31.56.63.0/24
31.56.67.0/24
31.56.69.0/24
31.56.72.0/24
31.56.89.0/24
31.56.112.0/21
31.56.126.0/24
31.56.147.0/24
31.57.150.0/24
Signature Algorithm: sha256WithRSAEncryption
36:ad:f9:e6:ca:5a:37:5b:e4:94:8b:8d:14:89:21:38:0e:a1:
ac:f3:3d:d5:b8:0a:e7:05:39:3c:e4:4f:91:c4:50:c3:94:41:
79:85:7f:df:01:cc:1c:18:eb:21:db:48:62:26:84:79:08:b4:
b3:eb:be:5a:fc:f7:be:8e:78:12:21:3b:e6:43:09:71:1d:37:
1f:aa:22:06:de:a8:7d:27:d3:aa:ea:ef:73:98:1b:7b:f9:60:
ce:c1:2a:bb:0f:64:43:06:26:dc:d0:4a:d9:91:71:6b:b2:93:
15:1c:1e:21:d8:52:80:35:76:6a:a5:ab:1f:70:4a:56:93:db:
12:26:47:c6:cd:78:6b:e0:f8:0b:4e:2d:4f:5a:68:28:99:41:
01:78:e7:25:16:f7:1c:69:37:1f:c2:a6:32:16:12:0c:76:7d:
bf:64:1b:14:b2:62:41:cd:38:17:df:8b:05:3f:0c:ad:24:cc:
2a:62:27:3b:36:97:4f:70:67:55:c1:a4:6d:50:94:cb:52:4d:
89:90:5c:07:7e:cf:08:14:c8:c4:32:75:bd:c2:b7:6c:a0:cc:
5b:a6:dd:b2:4a:b4:78:a8:42:06:7b:2c:08:f3:4d:9c:92:89:
be:4b:b7:71:36:6d:3d:bc:39:e0:2c:0d:52:07:40:d7:af:60:
93:f5:ae:fb
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZHu4jjdPmcyRfx9jrpjtngYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQwOTE0MDQ1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjIzYTk1OTE1ODEyZDMxYjlmZTRjMzk4M2FlYTY3OTcwYjFlNzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Ul5n3Jo9F/M9XPoAXqyR+FyWpGj
70A94mtFZtclZEFZhdXYr35U8mrKaQOhoNgoWq/Vp6a8JAbv365tE63DBRqWL2n4
cyI9FsFhB+PJIC4CQzbvwQaCaaXWZCl86UyWPxXfE0ma5SguCkTLk9cEFxIMmuDj
oCpNm+Ng6fyHmRvDBZw41FWlo/eVn8/hzjbsnvPMCIlmOpcDHRVPiI3uE29bGlP/
VdGDliJw84hHqjqvuR8iGOMYY09JQFFJq2eWiauB/Pjhk+oDpynO5vdeAXHw9487
sapo0Yk27K2WgIs8kPh/CQlYK5e1arLhgUMJ/HNBmYk7wwiU0sbK+1L9OwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFIYjqVkVgS0xuf5MOYOupnlwsedPMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvaGlPcFdSV0JMVEc1X2t3NWc2Nm1lWEN4NTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQBHzgEAwQA
HzgnAwQAHzgtAwQAHzg7AwQAHzg/AwQAHzhDAwQAHzhFAwQAHzhIAwQAHzhZAwQD
HzhwAwQAHzh+AwQAHziTAwQAHzmWMA0GCSqGSIb3DQEBCwUAA4IBAQA2rfnmylo3
W+SUi40UiSE4DqGs8z3VuArnBTk85E+RxFDDlEF5hX/fAcwcGOsh20hiJoR5CLSz
675a/Pe+jngSITvmQwlxHTcfqiIG3qh9J9Oq6u9zmBt7+WDOwSq7D2RDBibc0ErZ
kXFrspMVHB4h2FKANXZqpasfcEpWk9sSJkfGzXhr4PgLTi1PWmgomUEBeOclFvcc
aTcfwqYyFhIMdn2/ZBsUsmJBzTgX34sFPwytJMwqYic7NpdPcGdVwaRtUJTLUk2J
kFwHfs8IFMjEMnW9wrdsoMxbpt2ySrR4qEIGeywI802ckom+S7dxNm09vDngLA1S
B0DXr2CT9a77
-----END CERTIFICATE-----
Generated at Wed Sep 18 07:44:11 2024 by rpki-client on console-fra.rpki-client.org