Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zaqv4q2j85XGLUK_87TL5oSK0_w.roa
File: zaqv4q2j85XGLUK_87TL5oSK0_w.roa (raw, json)
Hash identifier: roxefZzsxjG9dKQsOhgHjxcwDBmlbvV/J/sPZ09kmbw=
Subject key identifier: CD:AA:AF:E2:AD:A3:F3:95:C6:2D:42:BF:F3:B4:CB:E6:84:8A:D3:FC
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01930A78FEE166BCBF6F96D8B184A93FCB55
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zaqv4q2j85XGLUK_87TL5oSK0_w.roa
Signing time: Fri 08 Nov 2024 06:32:01 +0000
ROA not before: Fri 08 Nov 2024 06:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
31.58.208.0/24 maxlen: 24
31.59.136.0/21 maxlen: 24
31.59.144.0/21 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/21 maxlen: 24
31.59.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Nov 2024 07:25:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0a:78:fe:e1:66:bc:bf:6f:96:d8:b1:84:a9:3f:cb:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 8 06:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cdaaafe2ada3f395c62d42bff3b4cbe6848ad3fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0b:68:54:a9:c8:e4:ea:67:58:e3:9e:ef:48:
43:ad:a3:e4:30:e3:d7:ff:88:db:56:ac:1e:bd:5f:
f2:96:47:6b:4a:19:25:d3:1f:99:f1:61:15:d2:63:
c9:20:67:92:fa:cb:6a:16:c9:35:2a:9c:c9:a5:bf:
3f:56:4f:b1:1e:f6:b6:ef:e6:f0:ee:76:4e:1b:17:
9e:49:a2:b5:d3:8a:29:55:c0:ef:f6:e8:60:7a:ca:
e1:b0:6b:b7:c0:f3:b5:67:26:09:2a:19:2c:e2:f3:
a9:d1:04:27:e7:77:5a:13:50:2e:6d:29:f0:30:18:
08:8f:1e:a8:a7:bb:a8:01:b8:57:36:94:a9:62:cf:
c5:81:34:37:9c:80:58:fa:73:68:d0:b7:99:da:0d:
ee:76:cc:f5:f4:20:dd:9b:76:fe:c3:46:9a:4b:0a:
ca:f7:e6:01:11:a7:1a:6c:a1:91:71:a8:db:c8:9b:
a9:de:41:0c:3e:eb:fc:7a:31:ae:92:1b:af:a2:7e:
8a:8e:98:cc:5e:58:82:01:75:9b:22:fe:1e:7a:ae:
79:47:4d:f2:0d:d5:20:36:e1:c8:75:81:cf:36:2a:
1a:74:5b:32:56:cd:51:a8:db:34:fa:7f:20:b5:92:
57:40:08:8f:6a:b6:9e:f3:d5:bd:90:07:1e:6c:83:
93:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:AA:AF:E2:AD:A3:F3:95:C6:2D:42:BF:F3:B4:CB:E6:84:8A:D3:FC
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zaqv4q2j85XGLUK_87TL5oSK0_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.142.0/23
31.56.148.0/22
31.58.208.0/24
31.59.136.0-31.59.175.255
Signature Algorithm: sha256WithRSAEncryption
0f:08:cb:40:0e:d1:63:4e:a7:bb:f2:cf:b9:54:a0:d8:a9:8e:
62:b9:16:b7:cb:48:27:ad:83:63:47:ec:b4:56:f9:14:2e:4c:
72:85:8c:5f:00:6b:6c:3a:af:bb:6d:a7:90:68:c9:01:fd:11:
3f:fe:e6:d1:14:e2:4d:5c:e6:c3:8b:f6:40:77:ef:69:3c:5d:
2a:15:74:92:93:e9:a5:b9:b0:ef:f8:8f:92:71:4d:0b:b7:5f:
52:3a:7b:ad:d5:5c:49:7a:3c:31:63:c6:ff:b5:a6:fe:05:a3:
45:b7:37:9a:22:92:61:85:3b:5a:b4:fb:82:18:f7:d0:10:5b:
3b:06:57:c3:44:07:74:56:61:5c:22:4c:bd:be:5c:b7:e0:e5:
49:97:d6:51:4b:02:c3:a2:7d:d1:0f:6a:0b:94:f2:2f:88:4f:
5c:c1:ae:b0:9a:a4:51:51:bd:28:5f:89:00:99:e6:a4:16:05:
f2:f0:d2:61:15:8d:8e:60:29:5a:c7:49:d7:ae:e4:4b:5e:93:
d5:48:64:d9:e4:83:80:e8:4d:2f:fd:1d:9e:3f:ac:36:33:86:
c5:21:3f:6e:2b:b7:92:78:f9:d7:cc:5b:90:3b:12:5e:4c:af:
b7:57:9e:41:89:7a:73:9a:45:7c:3c:e9:58:97:9f:cf:ad:a9:
9a:4b:d5:51
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZMKeP7hZry/b5bYsYSpP8tVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTA4MDYzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGFhYWZlMmFkYTNmMzk1YzYyZDQyYmZmM2I0Y2JlNjg0OGFkM2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gtoVKnI5OpnWOOe70hDraPkMOPX
/4jbVqwevV/ylkdrShkl0x+Z8WEV0mPJIGeS+stqFsk1KpzJpb8/Vk+xHva27+bw
7nZOGxeeSaK104opVcDv9uhgesrhsGu3wPO1ZyYJKhks4vOp0QQn53daE1AubSnw
MBgIjx6op7uoAbhXNpSpYs/FgTQ3nIBY+nNo0LeZ2g3udsz19CDdm3b+w0aaSwrK
9+YBEacabKGRcajbyJup3kEMPuv8ejGukhuvon6KjpjMXliCAXWbIv4eeq55R03y
DdUgNuHIdYHPNioadFsyVs1RqNs0+n8gtZJXQAiParae89W9kAcebIOTqQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFM2qr+Kto/OVxi1Cv/O0y+aEitP8MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvemFxdjRxMmo4NVhHTFVLXzg3VEw1b1NLMF93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQDHzgIAwQB
HziOAwQCHziUAwQAHzrQMAwDBAMfO4gDBAQfO6AwDQYJKoZIhvcNAQELBQADggEB
AA8Iy0AO0WNOp7vyz7lUoNipjmK5FrfLSCetg2NH7LRW+RQuTHKFjF8Aa2w6r7tt
p5BoyQH9ET/+5tEU4k1c5sOL9kB372k8XSoVdJKT6aW5sO/4j5JxTQu3X1I6e63V
XEl6PDFjxv+1pv4Fo0W3N5oikmGFO1q0+4IY99AQWzsGV8NEB3RWYVwiTL2+XLfg
5UmX1lFLAsOifdEPaguU8i+IT1zBrrCapFFRvShfiQCZ5qQWBfLw0mEVjY5gKVrH
Sdeu5Etek9VIZNnkg4DoTS/9HZ4/rDYzhsUhP24rt5J4+dfMW5A7El5Mr7dXnkGJ
enOaRXw86ViXn8+tqZpL1VE=
-----END CERTIFICATE-----
Generated at Wed Nov 13 08:41:09 2024 by rpki-client on console-fra.rpki-client.org