Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pOVpBHpcJn4KRYU7Sz-etiDQAOI.roa
File: pOVpBHpcJn4KRYU7Sz-etiDQAOI.roa (raw, json)
Hash identifier: qv/Hzl97VDVm2KLTYYLBVlLXYltmoTugNdP1P5tGyqI=
Subject key identifier: A4:E5:69:04:7A:5C:26:7E:0A:45:85:3B:4B:3F:9E:B6:20:D0:00:E2
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01937E3BD3BB03031A35996057AC238BFD12
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pOVpBHpcJn4KRYU7Sz-etiDQAOI.roa
Signing time: Sat 30 Nov 2024 18:01:10 +0000
ROA not before: Sat 30 Nov 2024 18:01:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48678
IP address blocks: 31.56.60.0/24 maxlen: 24
31.57.135.0/24 maxlen: 24
217.60.64.0/18 maxlen: 24
Validation: Failed, certificate revoked on Sat 14 Dec 2024 15:55:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:7e:3b:d3:bb:03:03:1a:35:99:60:57:ac:23:8b:fd:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 30 18:01:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4e569047a5c267e0a45853b4b3f9eb620d000e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:75:9f:a2:9e:7a:c2:b0:36:de:68:5d:6c:64:
31:4c:df:21:d1:7e:0a:93:a8:fc:1d:90:0d:ef:67:
dd:cf:77:0e:7d:1c:67:2e:26:fc:26:60:79:30:2d:
c9:9f:b5:f8:96:95:09:16:fe:4e:87:b6:f7:31:45:
ab:ca:62:61:a4:08:e9:04:72:6d:ac:a5:c4:2d:38:
67:b1:b2:a8:b2:26:c6:c5:cc:bc:8d:84:f0:1c:25:
21:7c:f9:4f:0d:88:35:a0:59:a4:6a:55:b5:fe:dc:
c4:b0:d4:29:4d:56:e6:1d:a1:c6:52:2f:50:15:ea:
e4:bf:9e:77:c0:6d:1f:b0:23:11:50:17:27:f7:fc:
87:62:b5:b8:36:03:f6:28:54:5b:fc:47:f4:ef:12:
be:b4:54:36:0e:56:53:18:50:d3:af:5d:6e:8e:d9:
10:f4:10:88:b3:86:8a:cd:07:0e:94:49:d4:af:5a:
64:8b:f2:2d:09:b5:c0:26:2f:dd:6a:7f:0d:98:f0:
75:a0:97:c5:22:f9:88:22:5b:ab:b1:e4:68:f7:d0:
29:1b:91:b8:6a:be:c3:a6:73:a1:48:67:51:74:4d:
63:b7:ac:13:b2:c6:73:52:71:ab:5b:5d:49:09:74:
b7:6f:ec:7d:d6:f5:40:3e:30:7c:d5:9a:73:22:ed:
13:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:E5:69:04:7A:5C:26:7E:0A:45:85:3B:4B:3F:9E:B6:20:D0:00:E2
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pOVpBHpcJn4KRYU7Sz-etiDQAOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.60.0/24
31.57.135.0/24
217.60.64.0/18
Signature Algorithm: sha256WithRSAEncryption
8a:ff:cf:32:6c:5d:24:ae:5c:63:19:48:20:b1:7a:e9:5c:07:
53:b0:20:ad:93:0a:46:bc:f0:26:54:a8:45:15:f2:97:76:a5:
55:43:ae:b0:f0:0b:a0:54:8f:51:1c:49:9e:e6:5e:be:05:90:
29:58:f6:ae:13:b2:d4:ee:85:7d:ae:fe:1e:63:88:3f:43:1e:
e5:8e:90:5d:e9:b9:c3:cd:fc:db:d8:94:b4:fc:d0:e9:52:4b:
ca:31:e5:df:18:50:e7:4e:f2:2c:b8:60:a2:03:f5:39:6c:b1:
8e:b5:8e:e8:40:70:c3:53:36:33:bf:b1:28:db:78:6e:74:c9:
42:7f:65:75:24:86:57:84:d5:27:d0:6f:c8:1e:96:f9:c7:2d:
f2:8d:62:19:81:5a:d1:70:6e:66:6d:37:65:9d:4b:fa:7a:ce:
d5:98:9e:31:eb:fe:f9:c9:02:dd:84:a0:da:b2:a9:a1:fe:f6:
e4:de:c3:4a:81:97:a1:55:b7:78:d9:e2:9c:fc:7b:54:78:e4:
7c:73:43:08:79:e5:30:aa:6f:11:f7:45:4d:ac:03:47:ca:ce:
4b:27:28:22:aa:f7:2e:e6:2c:8b:59:0b:cf:d5:22:b4:b0:8a:
71:1a:2b:f5:77:95:57:a9:a5:69:e0:43:b5:62:3c:21:1e:01:
31:a3:aa:d8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZN+O9O7AwMaNZlgV6wji/0SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTMwMTgwMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGU1NjkwNDdhNWMyNjdlMGE0NTg1M2I0YjNmOWViNjIwZDAwMGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3Wfop56wrA23mhdbGQxTN8h0X4K
k6j8HZAN72fdz3cOfRxnLib8JmB5MC3Jn7X4lpUJFv5Oh7b3MUWrymJhpAjpBHJt
rKXELThnsbKosibGxcy8jYTwHCUhfPlPDYg1oFmkalW1/tzEsNQpTVbmHaHGUi9Q
Ferkv553wG0fsCMRUBcn9/yHYrW4NgP2KFRb/Ef07xK+tFQ2DlZTGFDTr11ujtkQ
9BCIs4aKzQcOlEnUr1pki/ItCbXAJi/dan8NmPB1oJfFIvmIIlurseRo99ApG5G4
ar7DpnOhSGdRdE1jt6wTssZzUnGrW11JCXS3b+x91vVAPjB81ZpzIu0TAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKTlaQR6XCZ+CkWFO0s/nrYg0ADiMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvcE9WcEJIcGNKbjRLUllVN1N6LWV0aURRQU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHzg8AwQA
HzmHAwQG2TxAMA0GCSqGSIb3DQEBCwUAA4IBAQCK/88ybF0krlxjGUggsXrpXAdT
sCCtkwpGvPAmVKhFFfKXdqVVQ66w8AugVI9RHEme5l6+BZApWPauE7LU7oV9rv4e
Y4g/Qx7ljpBd6bnDzfzb2JS0/NDpUkvKMeXfGFDnTvIsuGCiA/U5bLGOtY7oQHDD
UzYzv7Eo23hudMlCf2V1JIZXhNUn0G/IHpb5xy3yjWIZgVrRcG5mbTdlnUv6es7V
mJ4x6/75yQLdhKDasqmh/vbk3sNKgZehVbd42eKc/HtUeOR8c0MIeeUwqm8R90VN
rANHys5LJygiqvcu5iyLWQvP1SK0sIpxGiv1d5VXqaVp4EO1YjwhHgExo6rY
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:45:40 2025 by rpki-client