Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tt4lg35DUyTS3QBA3OwpbSry3Mk.roa
File: tt4lg35DUyTS3QBA3OwpbSry3Mk.roa (raw, json)
Hash identifier: EVux2g6D/wRg4CFmzIvac+Tz4/H20GVcO/pHLQSX0o4=
Subject key identifier: B6:DE:25:83:7E:43:53:24:D2:DD:00:40:DC:EC:29:6D:2A:F2:DC:C9
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019428237BEF111AD8AAFC79BB3C1C74760A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tt4lg35DUyTS3QBA3OwpbSry3Mk.roa
Signing time: Thu 02 Jan 2025 17:50:01 +0000
ROA not before: Thu 02 Jan 2025 17:50:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215224
IP address blocks: 31.56.1.0/24 maxlen: 24
31.57.144.0/24 maxlen: 24
31.57.231.0/24 maxlen: 24
31.59.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Jan 2025 06:44:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:7b:ef:11:1a:d8:aa:fc:79:bb:3c:1c:74:76:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:50:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6de25837e435324d2dd0040dcec296d2af2dcc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d5:bb:0f:55:c3:81:9e:b0:52:7d:79:cc:4c:
d3:1c:0f:8a:04:b9:1a:db:ba:66:84:4b:fe:1f:08:
12:19:ea:43:5c:67:c4:7f:bb:f8:3d:e5:18:84:fe:
07:9c:e0:78:c4:09:28:70:5a:92:20:48:5f:71:34:
78:3f:24:e3:8f:f4:3e:02:eb:b3:86:04:af:30:eb:
f7:bd:78:81:77:e2:bf:1e:ad:a9:c9:9f:34:32:c6:
f3:e4:30:02:72:ae:47:c5:48:a1:ea:db:03:43:06:
da:04:57:e5:e5:82:d8:54:b2:84:b7:b9:0d:b1:cc:
66:60:f0:30:ae:21:1d:5f:99:57:34:5d:f3:c3:f3:
ac:6b:bc:91:25:fd:f1:26:3c:b0:38:56:ca:60:67:
de:9d:ed:c5:62:1d:25:75:9c:76:0c:1f:8c:33:c5:
b2:63:44:fc:f2:d2:f3:56:7b:9e:c5:36:43:39:91:
a7:f7:c6:1b:bf:b8:04:7f:0a:66:78:e2:67:c3:06:
7c:b7:9b:37:04:be:fc:f3:8c:a5:d7:00:bc:47:af:
10:46:36:50:58:e0:f0:60:08:b4:90:19:fb:93:37:
23:93:7b:7c:43:a9:d6:18:68:0d:42:92:fd:f9:41:
ec:b6:b1:5d:b4:ec:2d:ee:0e:ca:26:b3:a8:53:fc:
e3:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:DE:25:83:7E:43:53:24:D2:DD:00:40:DC:EC:29:6D:2A:F2:DC:C9
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tt4lg35DUyTS3QBA3OwpbSry3Mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.1.0/24
31.57.144.0/24
31.57.231.0/24
31.59.108.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:51:52:22:44:fd:25:55:cb:c9:80:86:18:17:91:cd:f7:e6:
54:da:30:5e:87:15:6c:64:b7:e5:b4:21:f8:96:61:3c:c5:6a:
1e:3d:0f:05:cf:46:85:5f:9b:3e:21:d8:9a:12:b5:de:50:79:
a1:7f:b1:ec:0b:8c:e7:f8:58:fa:dc:60:fc:df:b7:b0:1c:9d:
9e:ec:c8:ab:d9:52:96:27:c9:7a:f0:f8:35:f9:51:f4:27:32:
5c:dd:af:65:17:8d:7a:43:d8:49:1c:73:79:cd:ac:97:4a:1c:
1b:15:a1:4b:7e:60:4d:50:3e:b9:49:15:fc:fa:6d:e4:bb:46:
90:c2:fc:f7:49:02:6b:35:32:63:2b:d5:57:d2:55:36:1c:da:
a7:23:fd:77:b5:f0:06:cb:15:4b:31:f9:0a:4d:48:b8:41:ff:
c4:28:21:66:e8:71:21:95:f0:15:7e:8e:e3:06:69:d7:7d:5c:
d4:27:45:7d:12:48:3a:ee:39:79:ab:c6:f6:c3:a0:b6:1d:f7:
98:9a:9b:be:d9:c6:2e:a1:db:f5:08:37:7c:5f:c6:33:bc:a4:
8f:fc:61:40:e8:88:09:f6:24:a2:40:f7:b5:2b:61:dc:ae:1c:
39:75:34:00:60:7d:de:76:2f:fe:ed:10:ba:7a:b8:43:af:9b:
0e:50:82:d7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQoI3vvERrYqvx5uzwcdHYKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc1MDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmRlMjU4MzdlNDM1MzI0ZDJkZDAwNDBkY2VjMjk2ZDJhZjJkY2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtW7D1XDgZ6wUn15zEzTHA+KBLka
27pmhEv+HwgSGepDXGfEf7v4PeUYhP4HnOB4xAkocFqSIEhfcTR4PyTjj/Q+Auuz
hgSvMOv3vXiBd+K/Hq2pyZ80Msbz5DACcq5HxUih6tsDQwbaBFfl5YLYVLKEt7kN
scxmYPAwriEdX5lXNF3zw/Osa7yRJf3xJjywOFbKYGfene3FYh0ldZx2DB+MM8Wy
Y0T88tLzVnuexTZDOZGn98Ybv7gEfwpmeOJnwwZ8t5s3BL7884yl1wC8R68QRjZQ
WODwYAi0kBn7kzcjk3t8Q6nWGGgNQpL9+UHstrFdtOwt7g7KJrOoU/zjSQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLbeJYN+Q1Mk0t0AQNzsKW0q8tzJMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdHQ0bGczNURVeVRTM1FCQTNPd3BiU3J5M01rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzgBAwQA
HzmQAwQAHznnAwQAHztsMA0GCSqGSIb3DQEBCwUAA4IBAQChUVIiRP0lVcvJgIYY
F5HN9+ZU2jBehxVsZLfltCH4lmE8xWoePQ8Fz0aFX5s+IdiaErXeUHmhf7HsC4zn
+Fj63GD837ewHJ2e7Mir2VKWJ8l68Pg1+VH0JzJc3a9lF416Q9hJHHN5zayXShwb
FaFLfmBNUD65SRX8+m3ku0aQwvz3SQJrNTJjK9VX0lU2HNqnI/13tfAGyxVLMfkK
TUi4Qf/EKCFm6HEhlfAVfo7jBmnXfVzUJ0V9Ekg67jl5q8b2w6C2HfeYmpu+2cYu
odv1CDd8X8YzvKSP/GFA6IgJ9iSiQPe1K2Hcrhw5dTQAYH3edi/+7RC6erhDr5sO
UILX
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:11 2025 by rpki-client