Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/vqn4gKvtKYkboV3m8SwCiJLbm88.roa
File: vqn4gKvtKYkboV3m8SwCiJLbm88.roa (raw, json)
Hash identifier: hoAPwpKXxuxQudwgMi0uUCiIczMRmYTF4ZslKGTEjs0=
Subject key identifier: BE:A9:F8:80:AB:ED:29:89:1B:A1:5D:E6:F1:2C:02:88:92:DB:9B:CF
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0192A52103A210E29E80EEC168E2DC7F43BB
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/vqn4gKvtKYkboV3m8SwCiJLbm88.roa
Signing time: Sat 19 Oct 2024 14:14:17 +0000
ROA not before: Sat 19 Oct 2024 14:14:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 31.56.154.0/24 maxlen: 24
31.56.158.0/24 maxlen: 24
31.56.159.0/24 maxlen: 24
31.56.168.0/24 maxlen: 24
31.56.169.0/24 maxlen: 24
31.56.170.0/24 maxlen: 24
31.56.171.0/24 maxlen: 24
31.56.174.0/24 maxlen: 24
31.56.175.0/24 maxlen: 24
31.57.16.0/22 maxlen: 24
31.57.20.0/22 maxlen: 24
31.57.24.0/22 maxlen: 24
31.57.28.0/22 maxlen: 24
31.57.48.0/22 maxlen: 24
31.57.52.0/22 maxlen: 24
31.57.56.0/22 maxlen: 24
31.57.60.0/22 maxlen: 24
31.57.92.0/22 maxlen: 24
31.57.96.0/22 maxlen: 24
31.57.120.0/22 maxlen: 24
31.57.124.0/22 maxlen: 24
217.60.0.0/18 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Oct 2024 15:51:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a5:21:03:a2:10:e2:9e:80:ee:c1:68:e2:dc:7f:43:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 19 14:14:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bea9f880abed29891ba15de6f12c028892db9bcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:af:4b:e6:14:6a:ee:f7:ea:c2:28:65:65:3e:
37:45:9b:87:40:d0:9c:27:de:75:39:e5:b7:77:24:
85:27:25:ec:6d:b3:c0:d1:bb:52:e7:db:b1:27:2e:
42:ba:01:cc:3b:84:d2:83:54:ca:14:d1:14:79:e6:
9a:83:06:b7:e4:45:18:8d:05:83:4d:09:4c:b4:fb:
4a:fc:c2:6d:d3:e3:c0:f1:18:5a:c7:ec:80:2b:08:
e0:b8:cd:0e:53:d0:6b:72:7f:0c:0d:00:0a:98:e7:
ba:9e:19:a4:27:ef:f5:3e:4d:ef:31:a8:90:9d:67:
9a:ff:11:5c:33:a2:29:94:3f:7e:75:54:b0:1c:62:
77:ba:e2:30:a3:0c:6b:23:d3:45:00:a8:d3:e8:cc:
35:31:30:a5:48:d6:92:d4:75:7b:c1:e3:82:d2:38:
a9:3b:6c:f1:01:b3:27:d2:b3:84:84:68:c1:39:53:
19:2d:e6:5d:dc:1d:0f:42:65:1b:7e:b2:b1:70:ff:
e0:21:cc:ad:c1:83:d4:8d:0a:9f:bf:5a:64:d4:55:
0e:e6:1b:09:a6:ce:f1:a5:89:be:c2:bb:74:90:04:
63:37:c8:51:27:0e:dc:88:69:d2:e0:54:90:b3:54:
9b:bb:36:bb:fd:0e:fd:a4:08:a6:0a:79:fd:2a:f2:
c5:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:A9:F8:80:AB:ED:29:89:1B:A1:5D:E6:F1:2C:02:88:92:DB:9B:CF
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/vqn4gKvtKYkboV3m8SwCiJLbm88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.154.0/24
31.56.158.0/23
31.56.168.0/22
31.56.174.0/23
31.57.16.0/20
31.57.48.0/20
31.57.92.0-31.57.99.255
31.57.120.0/21
217.60.0.0/18
Signature Algorithm: sha256WithRSAEncryption
b8:13:c5:bc:25:cc:24:a8:51:ec:36:f2:ea:ab:af:21:55:f0:
8a:25:66:55:82:94:56:4b:4e:95:bf:93:1e:e2:15:fd:9a:10:
3b:b6:0a:08:0a:15:38:02:4a:12:9e:61:b5:d7:47:b3:31:bc:
e1:ac:82:64:f9:08:c2:c8:9f:c1:69:5b:11:b7:d9:7c:ce:74:
9a:9e:8a:e8:ea:7a:08:20:6c:d9:b5:ef:93:bf:36:dd:ba:13:
f3:20:eb:53:5d:19:0d:5b:71:dd:28:b3:cd:98:e3:ae:45:d5:
27:35:fb:fe:2d:f4:fd:2f:12:94:8b:d6:6d:4a:eb:ff:2f:da:
ed:9c:89:38:eb:6b:4b:cd:29:c5:e1:b8:e0:2c:38:11:70:b5:
dc:e1:8f:f1:c7:e3:9c:63:e5:38:a0:82:35:6d:fd:2a:fa:66:
eb:b2:ad:98:e2:75:f0:0f:cf:36:a6:5f:e8:18:e8:2a:f7:53:
c3:c2:54:a8:1b:02:18:9b:ce:db:e6:db:a3:01:9e:46:e2:59:
09:e8:1d:e0:c3:9e:22:e8:c2:50:ee:00:55:7f:82:4c:12:49:
60:b2:2c:7e:42:f2:ab:84:87:bf:77:68:1a:e6:55:69:e1:ac:
a4:c3:cb:80:46:d0:32:d2:b8:73:05:66:06:df:ed:d6:8f:66:
ac:5d:ad:67
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZKlIQOiEOKegO7BaOLcf0O7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDE5MTQxNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWE5Zjg4MGFiZWQyOTg5MWJhMTVkZTZmMTJjMDI4ODkyZGI5YmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr69L5hRq7vfqwihlZT43RZuHQNCc
J951OeW3dySFJyXsbbPA0btS59uxJy5CugHMO4TSg1TKFNEUeeaagwa35EUYjQWD
TQlMtPtK/MJt0+PA8Rhax+yAKwjguM0OU9Brcn8MDQAKmOe6nhmkJ+/1Pk3vMaiQ
nWea/xFcM6IplD9+dVSwHGJ3uuIwowxrI9NFAKjT6Mw1MTClSNaS1HV7weOC0jip
O2zxAbMn0rOEhGjBOVMZLeZd3B0PQmUbfrKxcP/gIcytwYPUjQqfv1pk1FUO5hsJ
ps7xpYm+wrt0kARjN8hRJw7ciGnS4FSQs1Sbuza7/Q79pAimCnn9KvLFqwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFL6p+ICr7SmJG6Fd5vEsAoiS25vPMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdnFuNGdLdnRLWWtib1YzbThTd0NpSkxibTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAHziaAwQB
HzieAwQCHzioAwQBHziuAwQEHzkQAwQEHzkwMAwDBAIfOVwDBAIfOWADBAMfOXgD
BAbZPAAwDQYJKoZIhvcNAQELBQADggEBALgTxbwlzCSoUew28uqrryFV8IolZlWC
lFZLTpW/kx7iFf2aEDu2CggKFTgCShKeYbXXR7MxvOGsgmT5CMLIn8FpWxG32XzO
dJqeiujqegggbNm175O/Nt26E/Mg61NdGQ1bcd0os82Y465F1Sc1+/4t9P0vEpSL
1m1K6/8v2u2ciTjra0vNKcXhuOAsOBFwtdzhj/HH45xj5TiggjVt/Sr6ZuuyrZji
dfAPzzamX+gY6Cr3U8PCVKgbAhibztvm26MBnkbiWQnoHeDDniLowlDuAFV/gkwS
SWCyLH5C8quEh793aBrmVWnhrKTDy4BG0DLSuHMFZgbf7daPZqxdrWc=
-----END CERTIFICATE-----
Generated at Thu Oct 31 19:17:34 2024 by rpki-client on console-ams.rpki-client.org