Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-a-6fhleSRLKgkECi59rq5xVWdo.roa
File: 1-a-6fhleSRLKgkECi59rq5xVWdo.roa (raw, json)
Hash identifier: Q4TzT7DHCugbCRNE1n430KyS/LwzhTSDyaTufLKSUhQ=
Subject key identifier: F9:AF:BA:7E:19:5E:49:12:CA:82:41:02:8B:9F:6B:AB:9C:55:59:DA
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01944A266B4DDFDDDEB49715956BA7E719AA
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-a-6fhleSRLKgkECi59rq5xVWdo.roa
Signing time: Thu 09 Jan 2025 08:20:19 +0000
ROA not before: Thu 09 Jan 2025 08:20:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 31.56.62.0/24 maxlen: 24
31.57.132.0/24 maxlen: 24
31.57.222.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Jan 2025 16:58:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4a:26:6b:4d:df:dd:de:b4:97:15:95:6b:a7:e7:19:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 9 08:20:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9afba7e195e4912ca8241028b9f6bab9c5559da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:43:d7:ef:0c:8c:0c:fb:e2:72:2c:e9:fa:cb:
c3:7c:28:08:d4:65:0f:dc:59:ac:ef:ca:56:0c:f2:
7c:15:fb:be:27:e1:c4:52:b2:b7:ae:41:75:33:59:
34:3f:81:be:14:c3:26:7e:a6:5e:60:34:10:06:19:
0d:ae:b3:28:2c:30:7b:46:15:47:2e:1a:de:e7:81:
de:6d:1f:01:53:ea:53:0e:25:32:c4:a2:d5:a3:25:
8e:7a:48:a9:09:ba:6e:3f:aa:e7:8a:f7:ec:98:80:
44:8a:cb:64:73:f9:43:f3:02:7b:d5:c0:97:a4:fd:
fa:12:6a:2f:fa:00:d5:5f:b3:b6:51:f4:31:37:3d:
2e:99:5f:bc:9c:51:12:93:af:e5:a0:6a:75:5d:8e:
cd:2f:b6:9d:94:01:6e:74:4e:fa:25:f9:a4:37:4c:
82:c0:20:01:8e:cc:65:5c:89:db:17:2b:b5:62:03:
59:bf:15:8a:21:36:8e:96:3f:d7:a6:c1:bc:8d:d3:
1b:f2:12:83:c4:ff:ec:4e:d1:1b:fc:4d:69:6c:95:
d4:b2:9b:d7:44:60:7d:eb:41:48:7a:22:45:8a:40:
e1:a0:78:93:6d:ed:bf:a7:32:9b:68:97:f8:c0:fb:
21:f0:78:98:fa:b0:cd:a7:51:6a:53:d7:6c:d0:c5:
98:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:AF:BA:7E:19:5E:49:12:CA:82:41:02:8B:9F:6B:AB:9C:55:59:DA
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-a-6fhleSRLKgkECi59rq5xVWdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.62.0/24
31.57.132.0/24
31.57.222.0/23
Signature Algorithm: sha256WithRSAEncryption
50:bf:e0:d4:07:95:09:d3:50:d8:41:d8:f5:3a:91:97:59:4c:
b7:d5:fc:ed:ac:83:da:93:d9:67:e2:49:cf:fd:18:3d:79:f1:
26:89:55:96:22:a0:55:d8:9f:7d:56:b9:53:94:51:58:63:26:
ff:45:75:12:52:26:fd:2f:0f:44:cd:b5:0a:60:0c:30:9a:15:
5d:2f:20:e1:f8:55:49:81:8a:db:20:5e:fc:3e:f9:1c:25:99:
85:ff:f7:07:57:99:95:d9:90:0c:93:43:cb:a9:31:3e:09:a1:
ea:fe:64:1a:4f:bb:15:15:e1:15:72:d3:63:2f:5b:95:14:0a:
c9:d2:65:eb:0c:fd:87:d9:65:5d:ab:12:10:b4:f1:6a:aa:f9:
89:0f:86:69:8a:73:cc:e8:06:bd:10:24:26:1a:04:df:43:11:
57:38:90:cf:be:e0:86:2e:02:df:8a:25:59:42:7b:9c:e7:e3:
ad:7a:3d:46:30:40:92:d0:b5:32:c4:9d:ab:33:b9:90:bb:19:
0d:bc:28:d8:a3:1e:36:46:df:d9:53:e2:4a:bb:82:2c:4d:d0:
1d:63:04:f1:0d:5c:44:e4:8f:76:23:3c:a2:c0:63:57:c2:bd:
fe:af:61:fc:13:1d:5d:ff:49:0c:75:78:c3:4d:1e:c7:86:10:
ae:0a:99:1c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZRKJmtN393etJcVlWun5xmqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTA5MDgyMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWFmYmE3ZTE5NWU0OTEyY2E4MjQxMDI4YjlmNmJhYjljNTU1OWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUPX7wyMDPvicizp+svDfCgI1GUP
3Fms78pWDPJ8Ffu+J+HEUrK3rkF1M1k0P4G+FMMmfqZeYDQQBhkNrrMoLDB7RhVH
Lhre54HebR8BU+pTDiUyxKLVoyWOekipCbpuP6rnivfsmIBEistkc/lD8wJ71cCX
pP36Emov+gDVX7O2UfQxNz0umV+8nFESk6/loGp1XY7NL7adlAFudE76JfmkN0yC
wCABjsxlXInbFyu1YgNZvxWKITaOlj/XpsG8jdMb8hKDxP/sTtEb/E1pbJXUspvX
RGB960FIeiJFikDhoHiTbe2/pzKbaJf4wPsh8HiY+rDNp1FqU9ds0MWY0QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPmvun4ZXkkSyoJBAoufa6ucVVnaMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMS1hLTZmaGxlU1JMS2drRUNpNTlycTV4Vldkby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTIvNTExZjk1LWU0YmYtNDNmMS1hZjJmLWI4MTFjZmNiOWZk
NS8xL1R4c0pYNnRuWXp3Qko5WWY5b1Y0Wk9wckpjVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAB84PgME
AB85hAMEAR853jANBgkqhkiG9w0BAQsFAAOCAQEAUL/g1AeVCdNQ2EHY9TqRl1lM
t9X87ayD2pPZZ+JJz/0YPXnxJolVliKgVdiffVa5U5RRWGMm/0V1ElIm/S8PRM21
CmAMMJoVXS8g4fhVSYGK2yBe/D75HCWZhf/3B1eZldmQDJNDy6kxPgmh6v5kGk+7
FRXhFXLTYy9blRQKydJl6wz9h9llXasSELTxaqr5iQ+GaYpzzOgGvRAkJhoE30MR
VziQz77ghi4C34olWUJ7nOfjrXo9RjBAktC1MsSdqzO5kLsZDbwo2KMeNkbf2VPi
SruCLE3QHWME8Q1cROSPdiM8osBjV8K9/q9h/BMdXf9JDHV4w00ex4YQrgqZHA==
-----END CERTIFICATE-----
Generated at Mon Apr 28 03:23:00 2025 by rpki-client