Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/up509n3GsB3iPmn-G5l9KD6TH_g.roa
File: up509n3GsB3iPmn-G5l9KD6TH_g.roa (raw, json)
Hash identifier: NRSB9KbrLYSRzuc1lBLfkkO4d2fsXtjKsAdUaw4sN84=
Subject key identifier: BA:9E:74:F6:7D:C6:B0:1D:E2:3E:69:FE:1B:99:7D:28:3E:93:1F:F8
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01937E3E92D4A88BAC69BB4F671E5FA4D026
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/up509n3GsB3iPmn-G5l9KD6TH_g.roa
Signing time: Sat 30 Nov 2024 18:04:10 +0000
ROA not before: Sat 30 Nov 2024 18:04:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 31.56.52.0/22 maxlen: 22
31.57.196.0/24 maxlen: 24
31.57.197.0/24 maxlen: 24
31.57.199.0/24 maxlen: 24
31.57.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:7e:3e:92:d4:a8:8b:ac:69:bb:4f:67:1e:5f:a4:d0:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 30 18:04:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba9e74f67dc6b01de23e69fe1b997d283e931ff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:72:a2:76:cf:11:54:69:aa:24:72:29:13:20:
46:4e:79:38:f8:87:67:13:a4:69:1e:b4:83:09:e1:
8f:8a:47:5d:4e:71:dd:0f:f6:a9:27:30:19:99:1b:
9d:64:2f:80:9e:e6:2d:03:09:09:18:8c:28:35:45:
b5:cc:50:55:e8:c7:3c:18:af:46:3c:ad:d6:c6:d7:
8a:86:86:82:08:df:c8:1a:68:9b:3b:c4:53:97:80:
ab:6a:05:b8:13:10:6d:39:ae:62:49:ac:7c:28:c9:
03:f1:8b:ad:11:e1:9b:d6:fe:c0:e7:c4:61:c5:7b:
98:37:4c:9d:a4:9d:4f:58:3e:62:58:ef:ea:35:bc:
af:b3:98:18:c3:ff:3c:36:71:e3:16:e2:ed:6c:86:
74:70:13:d8:b9:e4:2d:80:ce:a8:81:8c:7b:96:8e:
eb:25:8b:49:aa:e8:c8:c0:a7:da:aa:f3:35:38:f8:
d7:1c:39:49:c7:c8:f6:1f:2c:6f:53:49:71:dc:c1:
c4:f7:b5:32:49:c5:c3:42:89:82:7d:9e:fe:f3:8a:
75:04:ae:c4:98:c1:6b:1c:3e:14:0b:27:3b:01:1b:
a5:24:64:ea:bf:e0:27:4c:a1:ee:7b:37:0a:66:e2:
1b:b1:e8:3c:66:60:67:c2:41:d0:da:cb:65:83:0e:
b5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:9E:74:F6:7D:C6:B0:1D:E2:3E:69:FE:1B:99:7D:28:3E:93:1F:F8
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/up509n3GsB3iPmn-G5l9KD6TH_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.52.0/22
31.57.196.0/23
31.57.199.0/24
31.57.238.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:18:71:eb:c2:56:38:d6:2e:ab:c6:81:2f:78:47:9a:eb:ca:
69:0f:2a:df:d5:dc:aa:69:93:e2:28:64:07:4e:25:ef:66:81:
95:e4:80:41:fe:88:45:e2:e3:23:e0:95:07:9c:e9:b3:ab:11:
38:6a:28:c4:c5:ef:bb:e8:f5:19:49:dc:01:fd:1d:d6:91:c2:
6b:39:4d:23:66:56:4d:b7:ec:25:7a:bd:ca:3b:4d:d3:85:db:
ae:8a:89:6f:87:b2:a1:35:2a:3f:c6:13:79:89:d7:54:23:65:
cf:92:0c:5b:e1:a8:fa:99:59:7d:c5:12:b2:b3:79:8b:c6:1d:
3a:20:d9:83:4e:a9:66:72:69:c4:46:60:8a:4c:94:df:28:ed:
2f:8f:b1:34:62:39:17:2c:a4:fe:c4:6d:27:b1:29:34:2c:65:
d4:9e:d3:91:da:3c:7b:e1:91:58:cb:93:8b:b6:70:d4:6c:af:
af:fe:b5:bf:fa:de:7f:be:ae:01:82:75:d7:be:18:03:fd:f7:
85:2e:3b:ca:e2:92:9b:d3:ff:83:ed:2e:37:81:5f:44:af:e5:
f0:0d:f4:80:e7:b2:70:68:66:02:63:57:87:64:5c:b8:4d:83:
7a:c3:00:9a:10:22:8d:8b:44:d7:6d:b4:5f:7f:56:df:2f:db:
93:9f:22:0c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZN+PpLUqIusabtPZx5fpNAmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTMwMTgwNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTllNzRmNjdkYzZiMDFkZTIzZTY5ZmUxYjk5N2QyODNlOTMxZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinKids8RVGmqJHIpEyBGTnk4+Idn
E6RpHrSDCeGPikddTnHdD/apJzAZmRudZC+AnuYtAwkJGIwoNUW1zFBV6Mc8GK9G
PK3WxteKhoaCCN/IGmibO8RTl4CragW4ExBtOa5iSax8KMkD8YutEeGb1v7A58Rh
xXuYN0ydpJ1PWD5iWO/qNbyvs5gYw/88NnHjFuLtbIZ0cBPYueQtgM6ogYx7lo7r
JYtJqujIwKfaqvM1OPjXHDlJx8j2HyxvU0lx3MHE97UyScXDQomCfZ7+84p1BK7E
mMFrHD4UCyc7ARulJGTqv+AnTKHuezcKZuIbseg8ZmBnwkHQ2stlgw61vwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLqedPZ9xrAd4j5p/huZfSg+kx/4MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdXA1MDluM0dzQjNpUG1uLUc1bDlLRDZUSF9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCHzg0AwQB
HznEAwQAHznHAwQAHznuMA0GCSqGSIb3DQEBCwUAA4IBAQCxGHHrwlY41i6rxoEv
eEea68ppDyrf1dyqaZPiKGQHTiXvZoGV5IBB/ohF4uMj4JUHnOmzqxE4aijExe+7
6PUZSdwB/R3WkcJrOU0jZlZNt+wler3KO03Thduuiolvh7KhNSo/xhN5iddUI2XP
kgxb4aj6mVl9xRKys3mLxh06INmDTqlmcmnERmCKTJTfKO0vj7E0YjkXLKT+xG0n
sSk0LGXUntOR2jx74ZFYy5OLtnDUbK+v/rW/+t5/vq4BgnXXvhgD/feFLjvK4pKb
0/+D7S43gV9Er+XwDfSA57JwaGYCY1eHZFy4TYN6wwCaECKNi0TXbbRff1bfL9uT
nyIM
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:08 2025 by rpki-client