Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/oZNtOMILioBFHG85T3gM9vv2CR8.roa
File: oZNtOMILioBFHG85T3gM9vv2CR8.roa (raw, json)
Hash identifier: o0UHGwcgbpy/hpZkYafM+ikHcilN4DIoNtFahTdWg3w=
Subject key identifier: A1:93:6D:38:C2:0B:8A:80:45:1C:6F:39:4F:78:0C:F6:FB:F6:09:1F
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019428A0437E1A2C14FFBD46EB54050125B5
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/oZNtOMILioBFHG85T3gM9vv2CR8.roa
Signing time: Thu 02 Jan 2025 20:06:19 +0000
ROA not before: Thu 02 Jan 2025 20:06:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205463
IP address blocks: 31.58.211.0/24 maxlen: 24
31.58.238.0/24 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.245.0/24 maxlen: 24
31.58.246.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Jan 2025 13:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:a0:43:7e:1a:2c:14:ff:bd:46:eb:54:05:01:25:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 20:06:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1936d38c20b8a80451c6f394f780cf6fbf6091f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ac:79:80:8f:f8:df:0c:e5:4e:de:2e:a8:98:
e2:45:ef:e0:87:bf:e3:74:73:11:07:da:02:b3:d6:
96:3b:05:b1:13:6f:29:d8:32:e7:79:93:63:d4:5f:
87:fe:a3:d7:46:f4:39:e3:d3:95:a4:19:e3:54:fe:
0c:56:68:b2:8d:1f:91:61:3d:ca:de:43:55:d7:02:
af:2f:9a:fb:e3:b7:4a:74:f5:25:0c:0d:5e:13:5f:
2d:e6:cd:bd:52:2a:49:ac:96:1e:53:5e:37:45:6c:
0e:ab:60:a1:46:b6:ee:2e:a8:06:74:d8:d6:f9:bb:
c7:ec:43:59:fb:30:22:1c:13:ea:e5:25:12:41:5e:
77:be:e5:6f:73:b7:75:8d:d0:5c:3f:22:b7:b4:d2:
ec:6d:29:22:2e:a1:ad:e5:e7:2f:c2:fd:45:18:9d:
37:83:a2:b4:ac:43:24:b3:ca:3f:83:4c:97:de:fd:
7a:e0:b9:58:59:ee:2f:38:64:4e:ab:d9:82:73:7f:
e5:e9:64:0a:2d:7a:8f:cb:e2:7a:1a:c5:75:98:23:
a7:26:77:97:c5:d7:6f:48:cd:ed:0a:d6:60:60:9c:
37:5c:95:df:07:07:93:95:95:ae:6b:3c:8d:57:1f:
1a:3e:00:93:22:89:47:a9:1f:9f:55:44:b6:e5:d7:
fa:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:93:6D:38:C2:0B:8A:80:45:1C:6F:39:4F:78:0C:F6:FB:F6:09:1F
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/oZNtOMILioBFHG85T3gM9vv2CR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.211.0/24
31.58.238.0/24
31.58.244.0/22
31.58.249.0-31.58.251.255
Signature Algorithm: sha256WithRSAEncryption
72:da:1b:73:3a:8e:a9:17:01:44:1b:ce:bd:24:2c:11:1e:dc:
93:a0:cd:16:fe:44:47:91:98:5f:cb:a3:e3:ba:f2:3e:9f:2c:
61:d0:60:12:84:f2:3c:b3:33:4e:a8:c8:c9:31:1a:f2:68:9e:
aa:37:98:00:be:95:d5:2b:62:d0:05:a1:ea:bc:bf:9e:03:93:
3b:bc:5e:89:19:49:4f:a2:e9:9c:72:3f:0c:56:92:80:09:62:
ca:66:da:a5:f6:76:51:2f:d5:e0:30:0c:a8:8a:71:cf:d7:d2:
9b:f5:74:2a:5a:88:99:f6:de:b8:f0:a1:5e:ec:59:08:59:5c:
81:0b:25:d5:5d:60:5e:69:1c:2a:c2:2c:c0:52:17:cc:2d:da:
10:51:90:34:8e:ee:97:6f:5a:ab:74:06:34:1b:de:a5:7c:56:
6e:06:5a:17:8f:91:d0:32:0f:74:f2:34:94:78:ea:a0:46:5d:
e0:83:91:d3:89:30:1e:c3:9b:43:97:c3:f1:37:59:db:e5:25:
27:ec:bc:b0:3c:d0:c2:54:1d:aa:c6:03:93:af:44:cf:33:bc:
0b:e8:30:fc:ab:60:4e:5a:e6:53:1e:a7:c9:0a:7b:15:78:35:
41:45:f9:3f:10:49:88:a4:22:50:83:d4:5a:44:b8:30:bb:81:
12:fb:8b:5f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQooEN+GiwU/71G61QFASW1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMjAwNjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTkzNmQzOGMyMGI4YTgwNDUxYzZmMzk0Zjc4MGNmNmZiZjYwOTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKx5gI/43wzlTt4uqJjiRe/gh7/j
dHMRB9oCs9aWOwWxE28p2DLneZNj1F+H/qPXRvQ549OVpBnjVP4MVmiyjR+RYT3K
3kNV1wKvL5r747dKdPUlDA1eE18t5s29UipJrJYeU143RWwOq2ChRrbuLqgGdNjW
+bvH7ENZ+zAiHBPq5SUSQV53vuVvc7d1jdBcPyK3tNLsbSkiLqGt5ecvwv1FGJ03
g6K0rEMks8o/g0yX3v164LlYWe4vOGROq9mCc3/l6WQKLXqPy+J6GsV1mCOnJneX
xddvSM3tCtZgYJw3XJXfBweTlZWuazyNVx8aPgCTIolHqR+fVUS25df6wQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKGTbTjCC4qARRxvOU94DPb79gkfMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvb1pOdE9NSUxpb0JGSEc4NVQzZ005dnYyQ1I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAHzrTAwQA
HzruAwQCHzr0MAwDBAAfOvkDBAIfOvgwDQYJKoZIhvcNAQELBQADggEBAHLaG3M6
jqkXAUQbzr0kLBEe3JOgzRb+REeRmF/Lo+O68j6fLGHQYBKE8jyzM06oyMkxGvJo
nqo3mAC+ldUrYtAFoeq8v54Dkzu8XokZSU+i6ZxyPwxWkoAJYspm2qX2dlEv1eAw
DKiKcc/X0pv1dCpaiJn23rjwoV7sWQhZXIELJdVdYF5pHCrCLMBSF8wt2hBRkDSO
7pdvWqt0BjQb3qV8Vm4GWhePkdAyD3TyNJR46qBGXeCDkdOJMB7Dm0OXw/E3Wdvl
JSfsvLA80MJUHarGA5OvRM8zvAvoMPyrYE5a5lMep8kKexV4NUFF+T8QSYikIlCD
1FpEuDC7gRL7i18=
-----END CERTIFICATE-----
Generated at Wed Feb 5 13:58:23 2025 by rpki-client