Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/yk-YEAT3WijayJr655A1SZgVPpw.roa
File: yk-YEAT3WijayJr655A1SZgVPpw.roa (raw, json)
Hash identifier: 4MDOcxVEaJczdv/lunjzFtHhf2klwJAO2cESXGoNUws=
Subject key identifier: CA:4F:98:10:04:F7:5A:28:DA:C8:9A:FA:E7:90:35:49:98:15:3E:9C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019428236268729BAEFA403AF7DB593C740E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/yk-YEAT3WijayJr655A1SZgVPpw.roa
Signing time: Thu 02 Jan 2025 17:49:55 +0000
ROA not before: Thu 02 Jan 2025 17:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205463
IP address blocks: 31.58.211.0/24 maxlen: 24
31.58.238.0/24 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.245.0/24 maxlen: 24
31.58.246.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 20:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:62:68:72:9b:ae:fa:40:3a:f7:db:59:3c:74:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca4f981004f75a28dac89afae790354998153e9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:dd:45:4a:da:6a:1e:40:1b:1c:28:5f:55:eb:
b9:7d:72:19:00:6d:85:cf:d5:01:ba:09:67:77:72:
54:2d:4a:74:53:1c:ad:8a:b4:52:8f:00:f9:8d:31:
69:3e:b9:b2:fc:36:ef:49:8a:7d:04:72:91:74:69:
7b:db:38:cf:a8:b5:11:ef:46:b3:fa:d3:d5:bd:de:
0f:a2:e8:4f:69:89:7b:92:fd:6d:e0:d4:a5:6f:97:
ab:a3:6d:84:d2:c4:63:af:aa:74:a9:e4:32:a0:71:
f2:ee:9c:13:33:17:88:22:e7:76:86:b9:f7:0f:9c:
cd:df:17:03:98:01:d7:6c:06:86:52:36:8b:b1:87:
81:3d:c7:8e:7c:96:96:5b:dc:84:d0:5f:d6:0b:c3:
8f:97:7b:7b:63:0d:f3:a4:7e:d6:36:69:c1:3f:d7:
a0:bc:62:a0:86:52:24:e8:c8:c3:4c:8a:47:61:ca:
e4:80:d9:02:d2:9c:54:d2:e1:7a:cc:89:51:89:65:
3e:ab:bc:1a:f6:67:78:5d:7a:86:a6:35:3e:b4:93:
70:42:ec:2c:4e:5b:88:d9:e8:2b:5f:52:5d:2c:f5:
2f:b3:5b:43:d8:2e:82:d7:8c:e4:ff:4a:85:7b:46:
ac:83:6e:d1:d3:64:20:b8:d1:2a:66:80:a5:9c:d1:
87:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:4F:98:10:04:F7:5A:28:DA:C8:9A:FA:E7:90:35:49:98:15:3E:9C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/yk-YEAT3WijayJr655A1SZgVPpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.211.0/24
31.58.238.0/24
31.58.244.0/22
31.58.249.0/24
31.58.251.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:4f:40:8a:86:b8:b8:75:a1:b2:9b:df:bb:d9:b2:24:3e:f3:
ec:e0:74:6e:e8:83:32:db:7b:32:d1:4f:b5:9e:6a:53:61:66:
6b:43:2f:01:a6:74:ac:75:63:44:c3:a0:31:f1:98:c5:68:e1:
8a:ba:87:cc:31:c6:33:f0:8c:b8:5b:0f:5d:1e:0a:11:f8:1a:
55:c5:0d:6a:a2:53:ce:97:d7:7a:94:5c:8c:ad:b1:57:06:19:
d3:1e:84:7a:24:4f:5b:9c:1c:ab:a0:4b:54:ad:f3:a0:a9:38:
20:6c:29:be:9f:c9:ab:93:1c:a3:99:d8:ba:39:7a:1d:89:ea:
4b:7f:6d:7d:f5:ae:1e:84:8a:48:cd:ff:5e:a8:ad:77:55:f0:
76:af:37:25:c0:d1:e1:a7:f1:6e:82:24:d7:5e:9b:73:cc:fb:
09:fc:37:c9:95:d7:fe:00:be:34:26:e8:1a:9a:2f:24:60:c7:
ce:27:72:38:77:68:5d:5a:3f:a7:15:3b:e6:b2:1e:fc:bf:ee:
59:e5:1f:6e:af:24:68:96:da:15:f0:a6:5d:9f:14:09:31:38:
c1:50:da:cb:16:f5:6a:04:f7:36:ee:c3:27:8d:4f:94:cc:a7:
52:92:8c:63:12:9b:0e:4c:6f:04:9e:e1:b0:74:34:e3:c2:d9:
41:b7:79:7f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQoI2Jocpuu+kA699tZPHQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTRmOTgxMDA0Zjc1YTI4ZGFjODlhZmFlNzkwMzU0OTk4MTUzZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxt1FStpqHkAbHChfVeu5fXIZAG2F
z9UBuglnd3JULUp0UxytirRSjwD5jTFpPrmy/DbvSYp9BHKRdGl72zjPqLUR70az
+tPVvd4PouhPaYl7kv1t4NSlb5ero22E0sRjr6p0qeQyoHHy7pwTMxeIIud2hrn3
D5zN3xcDmAHXbAaGUjaLsYeBPceOfJaWW9yE0F/WC8OPl3t7Yw3zpH7WNmnBP9eg
vGKghlIk6MjDTIpHYcrkgNkC0pxU0uF6zIlRiWU+q7wa9md4XXqGpjU+tJNwQuws
TluI2egrX1JdLPUvs1tD2C6C14zk/0qFe0asg27R02QguNEqZoClnNGHzQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMpPmBAE91oo2sia+ueQNUmYFT6cMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEveWstWUVBVDNXaWpheUpyNjU1QTFTWmdWUHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHzrTAwQA
HzruAwQCHzr0AwQAHzr5AwQAHzr7MA0GCSqGSIb3DQEBCwUAA4IBAQA9T0CKhri4
daGym9+72bIkPvPs4HRu6IMy23sy0U+1nmpTYWZrQy8BpnSsdWNEw6Ax8ZjFaOGK
uofMMcYz8Iy4Ww9dHgoR+BpVxQ1qolPOl9d6lFyMrbFXBhnTHoR6JE9bnByroEtU
rfOgqTggbCm+n8mrkxyjmdi6OXodiepLf2199a4ehIpIzf9eqK13VfB2rzclwNHh
p/FugiTXXptzzPsJ/DfJldf+AL40Jugami8kYMfOJ3I4d2hdWj+nFTvmsh78v+5Z
5R9uryRoltoV8KZdnxQJMTjBUNrLFvVqBPc27sMnjU+UzKdSkoxjEpsOTG8EnuGw
dDTjwtlBt3l/
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:45:42 2025 by rpki-client