Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/kIqDD4ZvvbvRHW8PeeiM3smSMQY.roa
File: kIqDD4ZvvbvRHW8PeeiM3smSMQY.roa (raw, json)
Hash identifier: /fo4/y0/ogroxxT9pXjWTuUq47MoP7J3A/m0912YhWU=
Subject key identifier: 90:8A:83:0F:86:6F:BD:BB:D1:1D:6F:0F:79:E8:8C:DE:C9:92:31:06
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01925124801BE945779C121E6DEB47D109DA
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/kIqDD4ZvvbvRHW8PeeiM3smSMQY.roa
Signing time: Thu 03 Oct 2024 06:49:59 +0000
ROA not before: Thu 03 Oct 2024 06:49:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 31.56.33.0/24 maxlen: 24
31.56.64.0/24 maxlen: 24
31.56.160.0/21 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.184.0/23 maxlen: 24
31.57.186.0/23 maxlen: 24
31.57.202.0/24 maxlen: 24
31.57.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 13 Oct 2024 12:41:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:24:80:1b:e9:45:77:9c:12:1e:6d:eb:47:d1:09:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 3 06:49:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=908a830f866fbdbbd11d6f0f79e88cdec9923106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:cb:43:f5:44:dc:de:00:45:ad:65:07:3a:f6:
6f:a7:e0:e2:dc:f1:ed:96:4c:66:78:ef:92:8f:c3:
7c:7a:81:e0:87:ba:94:fb:70:22:23:64:b3:6b:ef:
a3:a3:18:4d:39:62:37:04:18:1f:17:d0:92:ce:53:
2b:6a:c6:f9:55:87:a8:86:7b:16:ea:d0:36:4f:a4:
b0:af:50:6d:e0:ab:9a:79:b9:59:2d:9a:48:8b:c1:
71:69:32:7e:73:af:a7:a9:d3:58:3a:e2:3b:b8:dd:
d2:3a:32:18:dc:f5:ae:cf:64:bb:ed:04:22:fc:c7:
37:1d:b9:14:f4:45:cc:e9:55:ad:bb:3a:ee:4b:d3:
ee:a1:0a:58:74:8d:37:7b:e6:88:51:b8:42:d0:23:
e4:e6:0f:6e:91:36:43:e8:e5:d0:09:bf:d2:75:fb:
07:88:fb:15:7a:e2:c6:1f:4a:0f:10:92:e2:8b:b1:
70:02:f8:db:20:e8:d6:58:81:16:2c:f3:20:b9:60:
b2:03:c4:4e:fa:a0:52:ac:db:70:e2:cd:e5:0e:2d:
b6:58:00:63:26:6b:50:b9:f5:42:2e:7a:5d:cb:71:
61:ce:ed:53:0b:0e:d0:b9:89:de:8a:9e:e1:e4:58:
28:01:29:f2:80:4b:a2:0f:c0:5e:0d:0b:f9:21:15:
c5:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:8A:83:0F:86:6F:BD:BB:D1:1D:6F:0F:79:E8:8C:DE:C9:92:31:06
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/kIqDD4ZvvbvRHW8PeeiM3smSMQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.33.0/24
31.56.64.0/24
31.56.160.0/21
31.57.176.0-31.57.187.255
31.57.202.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:a7:6a:17:98:d9:5c:26:ca:dd:3d:5e:58:63:18:4b:9a:e1:
ba:cf:f7:9f:df:ea:6c:4c:03:3b:6d:8f:92:77:3c:a4:1a:8a:
6f:70:c5:88:81:97:f2:94:26:28:50:60:6a:e6:f7:85:c5:4d:
55:01:22:bb:32:f1:ae:3a:41:9b:5a:6e:53:64:99:a9:22:8a:
11:65:e4:ff:3a:78:c5:35:a2:97:47:d9:5b:42:2b:40:d2:b3:
c9:4c:2a:7c:5d:9e:ef:c3:a6:45:ba:15:23:54:56:e7:f2:1d:
81:f4:53:8f:d7:b5:c1:18:31:72:4a:8a:25:6a:a4:42:f0:36:
a6:13:cf:41:ab:36:0d:12:98:07:9e:02:09:75:3c:22:89:5a:
fc:d5:c8:20:b9:84:79:0c:91:c2:1f:fe:30:62:38:26:9b:08:
f1:23:16:79:7d:63:2a:67:f7:90:68:ad:86:17:40:6a:4a:cd:
5a:66:51:50:f4:bb:af:fe:20:ad:66:2f:7c:64:85:9a:4e:a0:
39:ba:8b:3d:1e:b6:8b:04:c3:dc:74:0a:24:46:ac:24:63:37:
58:f5:f1:58:53:28:3e:13:be:92:25:fd:15:1c:c8:1a:79:e7:
03:bf:51:89:29:2d:2b:1d:52:2a:2e:b5:54:d6:0c:5f:9b:d1:
d1:1c:36:f6
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZJRJIAb6UV3nBIebetH0QnaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDAzMDY0OTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDhhODMwZjg2NmZiZGJiZDExZDZmMGY3OWU4OGNkZWM5OTIzMTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlstD9UTc3gBFrWUHOvZvp+Di3PHt
lkxmeO+Sj8N8eoHgh7qU+3AiI2Sza++joxhNOWI3BBgfF9CSzlMrasb5VYeohnsW
6tA2T6Swr1Bt4KuaeblZLZpIi8FxaTJ+c6+nqdNYOuI7uN3SOjIY3PWuz2S77QQi
/Mc3HbkU9EXM6VWtuzruS9PuoQpYdI03e+aIUbhC0CPk5g9ukTZD6OXQCb/SdfsH
iPsVeuLGH0oPEJLii7FwAvjbIOjWWIEWLPMguWCyA8RO+qBSrNtw4s3lDi22WABj
JmtQufVCLnpdy3Fhzu1TCw7QuYneip7h5FgoASnygEuiD8BeDQv5IRXFWQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJCKgw+Gb7270R1vD3nojN7JkjEGMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEva0lxREQ0WnZ2YnZSSFc4UGVlaU0zc21TTVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAHzghAwQA
HzhAAwQDHzigMAwDBAQfObADBAIfObgDBAEfOcowDQYJKoZIhvcNAQELBQADggEB
AIqnaheY2Vwmyt09XlhjGEua4brP95/f6mxMAzttj5J3PKQaim9wxYiBl/KUJihQ
YGrm94XFTVUBIrsy8a46QZtablNkmakiihFl5P86eMU1opdH2VtCK0DSs8lMKnxd
nu/DpkW6FSNUVufyHYH0U4/XtcEYMXJKiiVqpELwNqYTz0GrNg0SmAeeAgl1PCKJ
WvzVyCC5hHkMkcIf/jBiOCabCPEjFnl9Yypn95BorYYXQGpKzVpmUVD0u6/+IK1m
L3xkhZpOoDm6iz0etosEw9x0CiRGrCRjN1j18VhTKD4TvpIl/RUcyBp55wO/UYkp
LSsdUioutVTWDF+b0dEcNvY=
-----END CERTIFICATE-----
Generated at Sun Oct 13 16:59:12 2024 by rpki-client on console-fra.rpki-client.org