Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/j_Rrji78hOMRABZmyQc-4LjI4E0.roa
File: j_Rrji78hOMRABZmyQc-4LjI4E0.roa (raw, json)
Hash identifier: UPfSRzWYEcuZM6u5gMGFbLSPLgtShcAfZLeKYwMy3z8=
Subject key identifier: 8F:F4:6B:8E:2E:FC:84:E3:11:00:16:66:C9:07:3E:E0:B8:C8:E0:4D
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193FA217E1A7C9345909682792DD879AEEA
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/j_Rrji78hOMRABZmyQc-4LjI4E0.roa
Signing time: Tue 24 Dec 2024 19:25:19 +0000
ROA not before: Tue 24 Dec 2024 19:25:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214209
IP address blocks: 31.56.156.0/24 maxlen: 24
31.57.65.0/24 maxlen: 24
31.59.112.0/24 maxlen: 24
31.59.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fa:21:7e:1a:7c:93:45:90:96:82:79:2d:d8:79:ae:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 24 19:25:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ff46b8e2efc84e311001666c9073ee0b8c8e04d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:cf:3a:ec:73:16:02:81:27:85:6b:17:b6:22:
c6:f4:33:1d:6b:78:c3:24:0a:a0:17:5d:a0:59:84:
33:c3:a1:13:66:3f:55:75:32:f5:c8:a8:0a:15:78:
39:96:1d:c1:2e:96:dd:9f:5c:bd:f4:55:d2:2d:f2:
49:95:66:94:92:2b:9b:af:e6:4a:3f:17:d9:c3:e4:
ee:8f:1b:fc:eb:8d:d5:69:f9:af:27:aa:75:92:48:
f9:3a:9a:40:8a:fa:71:90:02:57:2c:ef:c6:bc:8e:
15:b2:13:66:25:a6:77:7e:0d:66:bd:42:e2:b3:e5:
66:3c:24:bb:64:8a:ec:aa:8b:f5:1c:f3:59:c7:15:
e7:92:a2:76:24:87:60:21:b0:cc:79:28:d4:48:d5:
3f:20:a3:24:d2:77:e1:ee:9c:04:6e:74:ff:bc:8f:
32:a4:43:9e:34:f3:b2:ea:c6:47:d6:7b:fa:43:6d:
ff:5b:40:be:da:8d:a9:45:df:37:d3:f4:26:53:c7:
d4:84:df:19:ed:35:e4:d5:3e:45:8d:08:2a:dc:d2:
c4:fc:fb:0e:d7:9f:a6:18:ef:d2:7b:24:4a:58:ad:
91:a9:83:4e:7b:a4:44:81:40:c8:b0:b1:b3:71:3c:
5b:b0:81:35:95:40:0a:08:5f:2c:55:f6:38:b9:81:
31:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:F4:6B:8E:2E:FC:84:E3:11:00:16:66:C9:07:3E:E0:B8:C8:E0:4D
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/j_Rrji78hOMRABZmyQc-4LjI4E0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.156.0/24
31.57.65.0/24
31.59.112.0/23
Signature Algorithm: sha256WithRSAEncryption
78:96:72:07:96:3f:eb:ec:ba:96:6e:a6:ca:20:f6:28:a6:e5:
9e:cc:24:a1:21:13:6f:af:77:03:1e:a8:59:20:6e:51:94:5c:
44:0d:81:03:95:7d:cb:2a:2d:96:13:26:b4:41:96:f3:32:cf:
7d:06:17:21:ce:20:33:51:79:16:cf:14:c1:ee:18:fd:2b:01:
0e:26:45:d0:be:85:78:89:c5:6f:0f:37:5c:3f:6a:6b:53:51:
f5:c1:cd:6b:87:1a:d8:c2:e5:60:52:89:c4:da:f0:3c:41:39:
33:e4:fb:c3:56:02:2a:77:17:7d:0c:39:49:0c:8e:11:51:ee:
29:98:4f:0a:f4:67:4f:73:34:ca:e6:76:af:e3:29:c1:2c:7c:
3d:88:96:bb:ac:76:82:49:c1:89:72:e6:93:43:8b:22:b2:0c:
e4:ea:c2:d4:5f:e7:3d:f8:de:de:d8:d0:10:47:83:ce:a0:22:
1a:19:1a:aa:c7:55:89:c1:4c:f1:78:8a:a8:e4:5f:52:a5:0e:
25:55:2e:29:b1:8c:2a:87:f0:46:5e:f8:08:d7:94:6b:fe:10:
69:b2:dd:28:a5:72:4b:e4:68:89:ea:a8:cd:b0:f6:ed:7f:87:
61:9a:38:a7:b5:ca:39:29:91:74:f8:52:3e:e5:19:57:c2:93:
5c:0b:e5:d3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZP6IX4afJNFkJaCeS3Yea7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjI0MTkyNTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmY0NmI4ZTJlZmM4NGUzMTEwMDE2NjZjOTA3M2VlMGI4YzhlMDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzM867HMWAoEnhWsXtiLG9DMda3jD
JAqgF12gWYQzw6ETZj9VdTL1yKgKFXg5lh3BLpbdn1y99FXSLfJJlWaUkiubr+ZK
PxfZw+Tujxv8643VafmvJ6p1kkj5OppAivpxkAJXLO/GvI4VshNmJaZ3fg1mvULi
s+VmPCS7ZIrsqov1HPNZxxXnkqJ2JIdgIbDMeSjUSNU/IKMk0nfh7pwEbnT/vI8y
pEOeNPOy6sZH1nv6Q23/W0C+2o2pRd830/QmU8fUhN8Z7TXk1T5FjQgq3NLE/PsO
15+mGO/SeyRKWK2RqYNOe6REgUDIsLGzcTxbsIE1lUAKCF8sVfY4uYExyQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI/0a44u/ITjEQAWZskHPuC4yOBNMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEval9ScmppNzhoT01SQUJabXlRYy00TGpJNEUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHzicAwQA
HzlBAwQBHztwMA0GCSqGSIb3DQEBCwUAA4IBAQB4lnIHlj/r7LqWbqbKIPYopuWe
zCShIRNvr3cDHqhZIG5RlFxEDYEDlX3LKi2WEya0QZbzMs99BhchziAzUXkWzxTB
7hj9KwEOJkXQvoV4icVvDzdcP2prU1H1wc1rhxrYwuVgUonE2vA8QTkz5PvDVgIq
dxd9DDlJDI4RUe4pmE8K9GdPczTK5nav4ynBLHw9iJa7rHaCScGJcuaTQ4sisgzk
6sLUX+c9+N7e2NAQR4POoCIaGRqqx1WJwUzxeIqo5F9SpQ4lVS4psYwqh/BGXvgI
15Rr/hBpst0opXJL5GiJ6qjNsPbtf4dhmjintco5KZF0+FI+5RlXwpNcC+XT
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:09 2025 by rpki-client