Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/xoVjhoFRImev1H2lWvBD6YQBH6Q.roa
File: xoVjhoFRImev1H2lWvBD6YQBH6Q.roa (raw, json)
Hash identifier: VnbGpkFupkHjHdjR4a68GBODAmJYXi1MAr27jtoSLQg=
Subject key identifier: C6:85:63:86:81:51:22:67:AF:D4:7D:A5:5A:F0:43:E9:84:01:1F:A4
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019376BFA14857A944BC506EE60A8166DA1C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/xoVjhoFRImev1H2lWvBD6YQBH6Q.roa
Signing time: Fri 29 Nov 2024 07:08:10 +0000
ROA not before: Fri 29 Nov 2024 07:08:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 31.56.146.0/24 maxlen: 24
31.58.229.0/24 maxlen: 24
31.59.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:76:bf:a1:48:57:a9:44:bc:50:6e:e6:0a:81:66:da:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 29 07:08:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c685638681512267afd47da55af043e984011fa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ed:6c:5e:5a:15:93:b3:a4:d4:a2:ee:7f:d5:
0e:af:11:4a:de:ef:2f:2b:e1:32:70:5b:1b:b0:c9:
1c:e4:84:b8:51:11:36:67:b8:0e:5a:97:89:5e:49:
9d:a5:0e:3a:3d:08:ad:8c:af:35:cd:ac:5e:27:b0:
7c:4e:83:83:e6:fa:cf:81:0f:f3:71:f1:a0:d8:71:
fd:ea:fc:61:b5:13:c1:6f:be:80:5a:ec:54:5e:6e:
fe:41:72:ac:8a:39:71:7e:10:47:98:9c:8b:bb:65:
d4:f6:9c:72:cd:3b:66:5b:47:1a:ff:2a:53:cc:a0:
30:64:53:99:cc:51:a3:e4:37:c1:86:b3:09:7f:8d:
fe:0a:2a:dd:41:a8:18:eb:c9:1a:91:7c:b5:fe:33:
30:2e:9a:5a:f2:95:ec:1e:57:8e:df:ab:b3:21:9f:
3e:71:68:c5:48:c9:96:fc:3a:4c:d6:1e:65:15:57:
30:87:bc:4e:46:ff:4e:62:b8:15:53:ab:7a:d4:b0:
1a:21:d3:f5:e0:99:a5:9d:b6:df:19:92:6d:81:45:
2e:02:a1:dd:d0:5a:db:e6:c9:fb:a6:92:83:19:c8:
17:bf:56:ef:62:92:4b:ec:d3:77:86:7a:23:4d:16:
e3:3e:15:b8:b4:d2:9d:df:e3:5f:35:ad:c2:47:1b:
32:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:85:63:86:81:51:22:67:AF:D4:7D:A5:5A:F0:43:E9:84:01:1F:A4
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/xoVjhoFRImev1H2lWvBD6YQBH6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.146.0/24
31.58.229.0/24
31.59.35.0/24
Signature Algorithm: sha256WithRSAEncryption
15:89:56:bf:a2:a5:f5:00:7d:51:28:7a:91:33:ef:60:13:91:
c4:ce:df:7b:32:bb:1a:e0:2c:38:70:d2:ea:8f:9f:f1:ff:69:
81:39:ad:c8:5d:58:ac:80:22:22:b4:89:09:93:86:e5:13:ae:
07:c0:b3:02:86:30:8a:4f:44:2e:17:60:e3:27:5a:f4:e1:e5:
1b:3b:3d:47:28:c0:55:3e:4e:02:a7:aa:15:29:1d:32:9c:48:
25:29:f6:9b:19:cc:fc:71:c0:23:ef:4b:af:65:96:80:2e:d4:
64:7d:47:9d:9e:bf:8d:97:61:92:89:23:dc:dc:0d:23:4a:07:
29:3d:aa:67:c7:b2:e1:0e:fb:00:e7:5d:79:ca:c2:e5:56:1e:
71:1b:c1:92:17:71:76:87:c8:97:10:28:c9:11:7b:1a:0a:b4:
f3:68:2c:ff:77:0a:12:a2:71:3a:22:3a:f3:4c:b8:3f:ad:23:
3a:de:92:25:f9:26:5e:d5:88:92:51:3f:5c:0f:e1:83:e2:7c:
03:a0:33:10:fd:b6:a2:86:ab:bf:03:3e:bd:5a:0d:ca:cd:69:
10:76:76:98:8b:20:04:25:ce:89:de:f3:ec:23:23:b4:65:09:
6a:b4:cb:91:83:6b:61:f6:80:14:eb:b8:68:5d:a2:c0:77:b4:
54:b3:a2:38
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZN2v6FIV6lEvFBu5gqBZtocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTI5MDcwODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjg1NjM4NjgxNTEyMjY3YWZkNDdkYTU1YWYwNDNlOTg0MDExZmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtO1sXloVk7Ok1KLuf9UOrxFK3u8v
K+EycFsbsMkc5IS4URE2Z7gOWpeJXkmdpQ46PQitjK81zaxeJ7B8ToOD5vrPgQ/z
cfGg2HH96vxhtRPBb76AWuxUXm7+QXKsijlxfhBHmJyLu2XU9pxyzTtmW0ca/ypT
zKAwZFOZzFGj5DfBhrMJf43+CirdQagY68kakXy1/jMwLppa8pXsHleO36uzIZ8+
cWjFSMmW/DpM1h5lFVcwh7xORv9OYrgVU6t61LAaIdP14JmlnbbfGZJtgUUuAqHd
0Frb5sn7ppKDGcgXv1bvYpJL7NN3hnojTRbjPhW4tNKd3+NfNa3CRxsyfwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMaFY4aBUSJnr9R9pVrwQ+mEAR+kMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEveG9WamhvRlJJbWV2MUgybFd2QkQ2WVFCSDZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHziSAwQA
HzrlAwQAHzsjMA0GCSqGSIb3DQEBCwUAA4IBAQAViVa/oqX1AH1RKHqRM+9gE5HE
zt97Mrsa4Cw4cNLqj5/x/2mBOa3IXVisgCIitIkJk4blE64HwLMChjCKT0QuF2Dj
J1r04eUbOz1HKMBVPk4Cp6oVKR0ynEglKfabGcz8ccAj70uvZZaALtRkfUednr+N
l2GSiSPc3A0jSgcpPapnx7LhDvsA5115ysLlVh5xG8GSF3F2h8iXECjJEXsaCrTz
aCz/dwoSonE6IjrzTLg/rSM63pIl+SZe1YiSUT9cD+GD4nwDoDMQ/baihqu/Az69
Wg3KzWkQdnaYiyAEJc6J3vPsIyO0ZQlqtMuRg2th9oAU67hoXaLAd7RUs6I4
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:48:39 2025 by rpki-client