Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/raQflx8bNCuTTpjGetMGX8p2y9k.roa
File: raQflx8bNCuTTpjGetMGX8p2y9k.roa (raw, json)
Hash identifier: fAt5bKR8lDZ/gPejG0ZiYK8sxPkLqD8ZH+f/zIF4UFM=
Subject key identifier: AD:A4:1F:97:1F:1B:34:2B:93:4E:98:C6:7A:D3:06:5F:CA:76:CB:D9
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193F90132C42B974F35F9A798BFC82705AF
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/raQflx8bNCuTTpjGetMGX8p2y9k.roa
Signing time: Tue 24 Dec 2024 14:10:25 +0000
ROA not before: Tue 24 Dec 2024 14:10:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 31.56.112.0/21 maxlen: 24
31.57.11.0/24 maxlen: 24
31.57.131.0/24 maxlen: 24
31.57.150.0/24 maxlen: 24
31.57.176.0/24 maxlen: 24
31.57.194.0/24 maxlen: 24
31.57.224.0/22 maxlen: 23
31.57.252.0/22 maxlen: 23
31.58.59.0/24 maxlen: 24
31.58.142.0/24 maxlen: 24
31.58.146.0/24 maxlen: 24
31.58.176.0/22 maxlen: 22
31.58.200.0/22 maxlen: 22
31.58.216.0/22 maxlen: 22
31.58.240.0/22 maxlen: 22
31.58.252.0/22 maxlen: 22
31.59.14.0/24 maxlen: 24
31.59.30.0/24 maxlen: 24
31.59.64.0/22 maxlen: 22
31.59.80.0/22 maxlen: 22
31.59.97.0/24 maxlen: 24
31.59.124.0/22 maxlen: 22
31.59.176.0/22 maxlen: 22
31.59.180.0/22 maxlen: 22
31.59.188.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 26 Dec 2024 09:46:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f9:01:32:c4:2b:97:4f:35:f9:a7:98:bf:c8:27:05:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 24 14:10:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ada41f971f1b342b934e98c67ad3065fca76cbd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c0:60:c7:0c:ab:68:2a:ef:88:f2:1a:9d:aa:
58:cd:14:ce:1e:43:e3:f9:44:56:6c:dd:80:c2:84:
91:b4:df:51:4c:ed:fd:01:bd:7f:ac:82:e0:f0:ee:
7b:90:e0:f7:85:48:18:06:a0:2b:31:60:f3:71:90:
93:51:cc:32:11:06:ba:ea:8c:b9:f3:90:c8:8e:6e:
ce:90:55:a9:43:84:65:af:2b:30:77:1d:9e:8c:69:
30:d0:c6:9a:df:c1:dd:8d:22:3d:e3:b6:88:05:c4:
d0:2c:b9:28:11:6a:c2:91:ab:31:bf:c0:01:4a:07:
3f:24:2b:50:10:b4:4b:10:f2:0c:b6:46:16:d5:2d:
2d:b0:9b:0a:65:36:72:81:a1:6f:d2:a1:2d:97:8f:
a4:cd:05:96:1a:32:4b:97:8e:b5:ca:53:06:9e:09:
3c:82:e3:45:4c:69:ba:6a:50:90:02:f1:9b:4b:72:
0a:85:0b:b0:36:66:eb:c9:4d:9f:17:c0:e6:f7:98:
26:1a:fd:68:e1:ea:26:23:b1:6d:25:c1:05:54:5d:
11:09:a4:19:7b:44:33:ee:d4:08:cf:7c:d0:81:0b:
73:f0:bc:b2:b1:a1:de:ad:ee:db:56:6e:c5:67:1e:
63:a0:41:35:7b:1b:c6:26:1d:a7:dc:a1:55:6c:05:
8a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:A4:1F:97:1F:1B:34:2B:93:4E:98:C6:7A:D3:06:5F:CA:76:CB:D9
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/raQflx8bNCuTTpjGetMGX8p2y9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.112.0/21
31.57.11.0/24
31.57.131.0/24
31.57.150.0/24
31.57.176.0/24
31.57.194.0/24
31.57.224.0/22
31.57.252.0/22
31.58.59.0/24
31.58.142.0/24
31.58.146.0/24
31.58.176.0/22
31.58.200.0/22
31.58.216.0/22
31.58.240.0/22
31.58.252.0/22
31.59.14.0/24
31.59.30.0/24
31.59.64.0/22
31.59.80.0/22
31.59.97.0/24
31.59.124.0/22
31.59.176.0/21
31.59.188.0/22
Signature Algorithm: sha256WithRSAEncryption
03:4e:a3:23:08:23:da:3b:81:ff:96:9b:13:26:d8:f9:44:ba:
0f:a0:49:8e:28:85:37:17:7b:e1:75:40:30:ba:ec:9e:87:1d:
96:bf:43:09:08:90:d0:9e:53:38:45:fc:ac:bc:16:48:6e:56:
c6:6e:ed:ad:73:2b:12:30:1a:b6:cd:5f:b8:72:fb:52:7e:70:
37:dc:0d:f5:61:d9:c9:41:0d:58:1a:b1:2c:2f:ae:a5:93:88:
1f:0c:5a:55:81:99:e6:6d:52:73:54:48:82:97:82:23:b5:bc:
f7:a2:66:46:6b:c4:16:00:02:f0:54:66:cc:e5:e1:12:98:9a:
91:ca:46:fb:b9:26:ef:41:d7:b9:1d:d4:f6:b4:f7:f7:0d:08:
80:9a:b0:ce:e5:ca:00:be:65:0b:61:7e:15:fb:aa:07:39:f0:
4f:ab:2a:1e:55:54:4d:fc:1a:e5:6f:b2:46:2e:ac:82:7a:f4:
6d:4e:33:e1:18:2a:84:49:f3:b6:1e:d7:db:98:05:93:5a:1c:
c7:fa:6e:66:a4:79:96:42:44:63:1e:82:d3:a3:75:92:7f:08:
a7:d7:db:20:69:56:f5:bb:af:be:69:72:17:a0:dd:3c:a4:73:
9c:5a:c7:ff:b7:e2:35:03:dc:e2:14:9d:26:69:26:5a:5b:50:
5b:14:65:7f
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZP5ATLEK5dPNfmnmL/IJwWvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjI0MTQxMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGE0MWY5NzFmMWIzNDJiOTM0ZTk4YzY3YWQzMDY1ZmNhNzZjYmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8BgxwyraCrviPIanapYzRTOHkPj
+URWbN2AwoSRtN9RTO39Ab1/rILg8O57kOD3hUgYBqArMWDzcZCTUcwyEQa66oy5
85DIjm7OkFWpQ4Rlryswdx2ejGkw0Maa38HdjSI947aIBcTQLLkoEWrCkasxv8AB
Sgc/JCtQELRLEPIMtkYW1S0tsJsKZTZygaFv0qEtl4+kzQWWGjJLl461ylMGngk8
guNFTGm6alCQAvGbS3IKhQuwNmbryU2fF8Dm95gmGv1o4eomI7FtJcEFVF0RCaQZ
e0Qz7tQIz3zQgQtz8LyysaHere7bVm7FZx5joEE1exvGJh2n3KFVbAWKQQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFK2kH5cfGzQrk06YxnrTBl/KdsvZMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvcmFRZmx4OGJOQ3VUVHBqR2V0TUdYOHAyeTlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAMf
OHADBAAfOQsDBAAfOYMDBAAfOZYDBAAfObADBAAfOcIDBAIfOeADBAIfOfwDBAAf
OjsDBAAfOo4DBAAfOpIDBAIfOrADBAIfOsgDBAIfOtgDBAIfOvADBAIfOvwDBAAf
Ow4DBAAfOx4DBAIfO0ADBAIfO1ADBAAfO2EDBAIfO3wDBAMfO7ADBAIfO7wwDQYJ
KoZIhvcNAQELBQADggEBAANOoyMII9o7gf+WmxMm2PlEug+gSY4ohTcXe+F1QDC6
7J6HHZa/QwkIkNCeUzhF/Ky8FkhuVsZu7a1zKxIwGrbNX7hy+1J+cDfcDfVh2clB
DVgasSwvrqWTiB8MWlWBmeZtUnNUSIKXgiO1vPeiZkZrxBYAAvBUZszl4RKYmpHK
Rvu5Ju9B17kd1Pa09/cNCICasM7lygC+ZQthfhX7qgc58E+rKh5VVE38GuVvskYu
rIJ69G1OM+EYKoRJ87Ye19uYBZNaHMf6bmakeZZCRGMegtOjdZJ/CKfX2yBpVvW7
r75pcheg3Tykc5xax/+34jUD3OIUnSZpJlpbUFsUZX8=
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:10 2025 by rpki-client