Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/iIRUzwWF54hV6kOfg1R0DivUOLM.roa
File: iIRUzwWF54hV6kOfg1R0DivUOLM.roa (raw, json)
Hash identifier: YKIrsreRhGGbZBKqdWjwEORetwJ7rh110AkQY+BYZyg=
Subject key identifier: 88:84:54:CF:05:85:E7:88:55:EA:43:9F:83:54:74:0E:2B:D4:38:B3
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193A0A3B18A9B4CA7A78A546C8A0C7DCCB2
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/iIRUzwWF54hV6kOfg1R0DivUOLM.roa
Signing time: Sat 07 Dec 2024 10:21:42 +0000
ROA not before: Sat 07 Dec 2024 10:21:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215026
IP address blocks: 31.57.159.0/24 maxlen: 24
31.59.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Dec 2024 07:41:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a0:a3:b1:8a:9b:4c:a7:a7:8a:54:6c:8a:0c:7d:cc:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 7 10:21:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=888454cf0585e78855ea439f8354740e2bd438b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:37:77:14:b7:15:bf:51:d9:96:fe:b7:1f:8d:
75:b3:0a:3a:5a:b7:34:14:b4:a5:60:3f:c8:6a:95:
9c:4e:24:82:29:a1:13:3d:f6:10:6e:13:a8:55:d5:
0c:e1:d0:e2:0c:e0:b6:56:13:a7:0f:d8:67:40:af:
00:80:67:f5:c7:13:58:7f:99:e6:70:9c:30:ce:36:
f9:c6:74:73:a5:6f:1b:0e:13:9d:9c:4b:35:fe:d4:
7d:6a:90:2c:de:3f:ea:1f:c1:67:f2:8a:51:7d:8e:
c2:54:0e:38:ae:eb:e3:27:37:f2:ca:b9:61:90:c5:
24:26:5c:5a:34:0d:bf:d1:15:58:80:f6:da:84:62:
f1:37:70:2a:06:e1:b2:02:55:a7:02:ff:cd:af:79:
b8:e1:89:d6:1c:50:77:9a:74:b8:40:a6:e8:54:9f:
a1:7e:3d:c1:00:d9:96:f8:e5:1a:65:a3:83:33:11:
3b:3a:92:55:a3:90:a7:bd:98:77:4b:95:aa:f9:46:
dc:ed:d3:16:74:26:f7:84:16:33:74:97:56:a4:f8:
c6:b8:ba:53:8b:ee:fc:6e:93:da:2e:95:6d:ed:0b:
82:ff:16:61:10:9a:ed:ff:e1:12:33:c5:22:07:1d:
02:5b:1b:73:20:fd:b8:66:0f:d5:d7:d6:d3:f2:eb:
bd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:84:54:CF:05:85:E7:88:55:EA:43:9F:83:54:74:0E:2B:D4:38:B3
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/iIRUzwWF54hV6kOfg1R0DivUOLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.159.0/24
31.59.98.0/24
Signature Algorithm: sha256WithRSAEncryption
60:71:0f:81:46:8c:bb:14:af:83:f5:a1:64:26:cc:f8:f7:ea:
40:5f:8a:eb:1d:8e:95:b5:9d:8c:ac:b0:05:b2:ac:f1:01:6d:
b5:b1:7f:e2:5c:56:fe:83:9f:b8:f4:c1:41:61:55:55:29:ce:
90:85:30:4e:19:58:c3:ef:05:dc:90:e6:19:5c:05:fe:c1:c2:
b7:f2:e2:af:76:af:44:26:fa:3d:b7:18:26:76:2e:53:55:ae:
58:f7:ff:5b:f2:05:52:94:ca:36:18:9e:f7:95:f7:11:51:05:
7a:2a:9e:2f:c4:cc:cb:33:35:3c:54:95:bd:02:a7:b8:5d:86:
af:05:13:25:88:f6:da:0f:08:2d:55:a9:bb:e2:52:f1:47:82:
64:14:59:1b:19:a6:ba:c7:c3:de:ef:79:53:13:19:e6:40:f7:
1e:f5:ee:e3:11:74:77:6f:08:68:e7:df:dd:9f:3d:70:54:d9:
9d:84:86:26:50:ba:bb:e4:68:47:e8:a6:36:f3:31:84:bf:2f:
7e:a8:d7:a2:46:5c:d8:de:d6:e4:e4:8b:96:b1:5b:c7:29:1b:
56:26:a3:8e:0b:9f:0b:85:c8:9a:e6:d6:b7:6e:f9:d8:30:fa:
ca:6a:e1:d3:7d:40:39:37:65:08:61:a3:b1:4b:c9:29:b4:70:
fb:4f:19:1d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOgo7GKm0ynp4pUbIoMfcyyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjA3MTAyMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODg0NTRjZjA1ODVlNzg4NTVlYTQzOWY4MzU0NzQwZTJiZDQzOGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjd3FLcVv1HZlv63H411swo6Wrc0
FLSlYD/IapWcTiSCKaETPfYQbhOoVdUM4dDiDOC2VhOnD9hnQK8AgGf1xxNYf5nm
cJwwzjb5xnRzpW8bDhOdnEs1/tR9apAs3j/qH8Fn8opRfY7CVA44ruvjJzfyyrlh
kMUkJlxaNA2/0RVYgPbahGLxN3AqBuGyAlWnAv/Nr3m44YnWHFB3mnS4QKboVJ+h
fj3BANmW+OUaZaODMxE7OpJVo5CnvZh3S5Wq+Ubc7dMWdCb3hBYzdJdWpPjGuLpT
i+78bpPaLpVt7QuC/xZhEJrt/+ESM8UiBx0CWxtzIP24Zg/V19bT8uu92QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIiEVM8FheeIVepDn4NUdA4r1DizMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvaUlSVXp3V0Y1NGhWNmtPZmcxUjBEaXZVT0xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHzmfAwQA
HztiMA0GCSqGSIb3DQEBCwUAA4IBAQBgcQ+BRoy7FK+D9aFkJsz49+pAX4rrHY6V
tZ2MrLAFsqzxAW21sX/iXFb+g5+49MFBYVVVKc6QhTBOGVjD7wXckOYZXAX+wcK3
8uKvdq9EJvo9txgmdi5TVa5Y9/9b8gVSlMo2GJ73lfcRUQV6Kp4vxMzLMzU8VJW9
Aqe4XYavBRMliPbaDwgtVam74lLxR4JkFFkbGaa6x8Pe73lTExnmQPce9e7jEXR3
bwho59/dnz1wVNmdhIYmULq75GhH6KY28zGEvy9+qNeiRlzY3tbk5IuWsVvHKRtW
JqOOC58Lhcia5ta3bvnYMPrKauHTfUA5N2UIYaOxS8kptHD7Txkd
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:48:50 2025 by rpki-client