Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pABu9hH4Q73K8g4TXtKNHN-y_fk.roa
File: pABu9hH4Q73K8g4TXtKNHN-y_fk.roa (raw, json)
Hash identifier: 0JxBu9sBGWFFrlr5W01FwcJOWz6ln80sQSTQjheD6SY=
Subject key identifier: A4:00:6E:F6:11:F8:43:BD:CA:F2:0E:13:5E:D2:8D:1C:DF:B2:FD:F9
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0192A3B3B8EE100BACB14FD1C7AF3BCE12F4
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pABu9hH4Q73K8g4TXtKNHN-y_fk.roa
Signing time: Sat 19 Oct 2024 07:35:17 +0000
ROA not before: Sat 19 Oct 2024 07:35:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 31.57.11.0/24 maxlen: 24
31.57.131.0/24 maxlen: 24
31.57.150.0/24 maxlen: 24
31.57.153.0/24 maxlen: 24
31.57.176.0/24 maxlen: 24
31.57.178.0/24 maxlen: 24
31.57.179.0/24 maxlen: 24
31.57.181.0/24 maxlen: 24
31.57.182.0/24 maxlen: 24
31.57.183.0/24 maxlen: 24
31.58.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 06:47:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a3:b3:b8:ee:10:0b:ac:b1:4f:d1:c7:af:3b:ce:12:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 19 07:35:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4006ef611f843bdcaf20e135ed28d1cdfb2fdf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:03:cf:37:9f:8e:b5:f6:4c:d9:8e:5d:3e:d8:
71:64:d0:6f:62:d2:ec:d4:06:42:1e:06:f7:9e:43:
0f:22:b1:15:1b:74:61:b0:0e:76:84:03:f4:fd:95:
b5:9c:b1:2b:85:ad:cb:b7:3e:82:97:64:6e:96:04:
6f:c6:ca:00:08:5c:d7:fd:7a:13:6e:32:88:d9:af:
bc:e1:c5:94:ff:67:3b:09:bc:1b:04:a8:ed:df:37:
a4:33:9c:78:1e:08:6c:f4:1e:99:70:49:af:29:b1:
2f:26:71:64:09:cf:a6:12:a0:e9:eb:e7:7a:e4:7a:
78:14:f6:71:54:34:7b:c0:6f:af:0d:56:33:fb:b4:
c4:b2:f5:d2:9e:08:42:5d:66:56:18:8c:32:02:fd:
87:8e:df:af:31:62:4e:c9:59:2a:3c:00:10:52:34:
69:a1:5d:1e:d2:01:5a:61:52:de:4c:80:0b:47:92:
a8:01:3a:7f:e9:7f:fb:20:41:08:0a:e9:62:b3:be:
20:22:de:ac:4c:9b:98:be:0a:00:3f:cc:83:70:23:
b6:be:fe:27:de:41:61:c5:98:c6:61:ff:e9:04:ef:
2e:ba:7d:7f:03:39:f9:e2:32:44:c1:4c:2b:ee:46:
48:b8:8d:49:b0:de:da:ff:cb:bf:31:41:ec:18:c4:
f5:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:00:6E:F6:11:F8:43:BD:CA:F2:0E:13:5E:D2:8D:1C:DF:B2:FD:F9
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pABu9hH4Q73K8g4TXtKNHN-y_fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.11.0/24
31.57.131.0/24
31.57.150.0/24
31.57.153.0/24
31.57.176.0/24
31.57.178.0/23
31.57.181.0-31.57.183.255
31.58.59.0/24
Signature Algorithm: sha256WithRSAEncryption
51:fb:07:0a:e4:04:ca:ef:f2:ec:4e:fe:4c:19:84:40:13:14:
d2:64:a8:c8:d7:7c:1b:1a:9c:f8:28:b8:d2:94:27:0f:42:1d:
6f:33:8d:17:ac:a7:4f:75:2a:26:af:bc:87:f6:8f:52:b7:a7:
e9:cb:47:45:dd:e1:90:65:96:84:ce:e7:aa:3a:dc:f3:2e:d0:
70:0c:5a:4d:53:8f:a2:27:46:21:3e:1b:4c:74:4c:14:87:0f:
9d:dd:63:a4:e6:a8:99:b6:7a:8b:ca:33:66:65:b7:fa:c8:ba:
5b:01:e1:6f:e1:a0:75:5f:c5:fa:df:19:e1:bb:22:be:bd:da:
8a:9f:f8:6c:b4:66:65:e4:7d:f1:4f:cb:d5:52:15:fd:27:dd:
07:a9:52:d3:e8:05:62:67:f6:d1:ec:2a:1f:ca:e4:af:69:f5:
bd:59:6c:df:32:ed:a8:ed:89:47:18:7e:21:86:7f:cd:08:86:
76:9e:99:38:be:04:17:88:48:98:4d:2e:50:e1:34:c1:b4:57:
4c:39:6e:1a:5c:cb:63:55:31:b9:bb:f6:80:aa:2e:0c:47:e1:
51:8e:5e:e9:08:93:fe:9d:41:d9:83:53:58:5c:07:ea:12:5f:
cd:5e:b7:e2:f2:4b:1e:47:c5:d8:cd:09:35:28:99:a0:24:5b:
c6:b6:e1:d5
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZKjs7juEAussU/Rx687zhL0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDE5MDczNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDAwNmVmNjExZjg0M2JkY2FmMjBlMTM1ZWQyOGQxY2RmYjJmZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwPPN5+OtfZM2Y5dPthxZNBvYtLs
1AZCHgb3nkMPIrEVG3RhsA52hAP0/ZW1nLErha3Ltz6Cl2RulgRvxsoACFzX/XoT
bjKI2a+84cWU/2c7CbwbBKjt3zekM5x4Hghs9B6ZcEmvKbEvJnFkCc+mEqDp6+d6
5Hp4FPZxVDR7wG+vDVYz+7TEsvXSnghCXWZWGIwyAv2Hjt+vMWJOyVkqPAAQUjRp
oV0e0gFaYVLeTIALR5KoATp/6X/7IEEICulis74gIt6sTJuYvgoAP8yDcCO2vv4n
3kFhxZjGYf/pBO8uun1/Azn54jJEwUwr7kZIuI1JsN7a/8u/MUHsGMT1VQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFKQAbvYR+EO9yvIOE17SjRzfsv35MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvcEFCdTloSDRRNzNLOGc0VFh0S05ITi15X2ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAHzkLAwQA
HzmDAwQAHzmWAwQAHzmZAwQAHzmwAwQBHzmyMAwDBAAfObUDBAMfObADBAAfOjsw
DQYJKoZIhvcNAQELBQADggEBAFH7BwrkBMrv8uxO/kwZhEATFNJkqMjXfBsanPgo
uNKUJw9CHW8zjResp091KiavvIf2j1K3p+nLR0Xd4ZBlloTO56o63PMu0HAMWk1T
j6InRiE+G0x0TBSHD53dY6TmqJm2eovKM2Zlt/rIulsB4W/hoHVfxfrfGeG7Ir69
2oqf+Gy0ZmXkffFPy9VSFf0n3QepUtPoBWJn9tHsKh/K5K9p9b1ZbN8y7ajtiUcY
fiGGf80IhnaemTi+BBeISJhNLlDhNMG0V0w5bhpcy2NVMbm79oCqLgxH4VGOXukI
k/6dQdmDU1hcB+oSX81et+LySx5HxdjNCTUomaAkW8a24dU=
-----END CERTIFICATE-----
Generated at Mon Oct 21 08:35:26 2024 by rpki-client on console-ams.rpki-client.org