Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BVNd8Kv2gEINWcvLIl-GWRTCmuQ.roa
File: BVNd8Kv2gEINWcvLIl-GWRTCmuQ.roa (raw, json)
Hash identifier: idAqWoXV6c28xQZGjQomIlxV9Os9MJstQyksomhAODM=
Subject key identifier: 05:53:5D:F0:AB:F6:80:42:0D:59:CB:CB:22:5F:86:59:14:C2:9A:E4
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193B5B69758F7B5752159E58C90FCA65371
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BVNd8Kv2gEINWcvLIl-GWRTCmuQ.roa
Signing time: Wed 11 Dec 2024 12:34:22 +0000
ROA not before: Wed 11 Dec 2024 12:34:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204104
IP address blocks: 31.58.237.0/24 maxlen: 24
217.60.237.0/24 maxlen: 24
217.60.238.0/24 maxlen: 24
217.60.243.0/24 maxlen: 24
217.60.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Dec 2024 14:08:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:b6:97:58:f7:b5:75:21:59:e5:8c:90:fc:a6:53:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 11 12:34:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05535df0abf680420d59cbcb225f865914c29ae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1a:c3:1c:a2:c1:fa:ff:50:7b:88:db:7c:27:
7d:01:43:72:34:8b:6f:00:ab:47:89:73:cb:5b:67:
8f:a8:b3:35:51:25:57:c8:43:20:07:a7:a7:e0:af:
d9:bf:42:67:e4:2f:e4:6c:6b:4a:2c:b0:1e:a3:e7:
cc:11:eb:09:e2:d3:44:b3:35:eb:b4:c9:f7:02:3d:
7f:6a:10:4f:60:9b:df:ef:d0:df:68:d5:9e:b7:52:
82:5f:ea:e3:aa:f8:3d:9b:41:6b:3e:d5:49:36:49:
80:e5:d4:2f:6b:d7:67:aa:1f:c0:b5:91:4c:eb:db:
a8:df:86:ce:20:9b:9e:42:94:35:2a:33:ef:83:f2:
a9:ce:18:d3:80:99:f5:f0:73:1c:42:52:04:d7:a9:
e8:45:d7:fd:e6:13:3e:a0:47:d6:b0:61:80:45:02:
15:67:44:27:4b:a1:14:d2:31:b5:ab:0c:2b:e3:2c:
57:1e:aa:95:48:b1:ec:e8:61:d2:a5:1b:1b:1e:1d:
b9:44:cb:d8:8a:65:3d:c9:c1:15:07:93:36:68:b1:
a8:6e:59:ed:ee:48:a7:05:2c:83:69:a5:6b:6e:34:
22:61:41:07:d4:b4:7e:64:cc:32:47:77:d6:23:c5:
5c:ce:f5:60:a5:ae:c1:75:19:51:9a:ac:22:fd:d3:
ba:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:53:5D:F0:AB:F6:80:42:0D:59:CB:CB:22:5F:86:59:14:C2:9A:E4
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BVNd8Kv2gEINWcvLIl-GWRTCmuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.237.0/24
217.60.237.0-217.60.238.255
217.60.243.0/24
217.60.246.0/24
Signature Algorithm: sha256WithRSAEncryption
64:75:93:03:8d:dd:61:62:df:c7:41:74:50:ef:0f:a0:de:74:
71:b5:3a:bb:6e:76:9f:48:44:ba:4d:05:77:d3:49:97:f3:53:
1d:73:32:af:7e:fb:8f:0e:0c:c8:70:ea:b4:2f:81:3c:7e:89:
77:63:42:ef:2f:32:67:aa:51:50:f7:9c:be:51:a2:47:3b:c4:
3d:a5:c7:ca:e8:6f:f8:b7:ad:c3:67:dd:ba:5c:90:8f:d1:35:
cd:75:33:22:e5:49:f2:e6:cf:0e:de:7e:bf:d5:0d:0c:2d:a6:
70:7c:9c:43:58:33:95:1c:fb:79:83:1d:91:d0:7b:2e:60:fa:
5c:4a:a7:b0:6e:c0:2c:f4:2d:04:c6:7a:b2:b0:9a:ee:01:85:
31:aa:82:37:6e:f5:0d:35:04:6c:61:e4:f9:e7:f1:49:b3:37:
47:90:fe:80:8b:99:de:92:d4:ee:65:bc:62:ee:e4:c8:75:64:
90:d6:1f:58:4b:86:d1:6f:88:b6:e6:ce:8b:93:9a:90:47:bb:
83:3d:88:a4:07:fc:00:0a:1f:44:31:5f:81:d0:a1:e3:40:d7:
66:4f:53:10:28:71:d6:e6:8a:8b:76:d7:ac:94:d5:85:84:91:
ee:7f:32:54:94:3b:ff:ce:a7:e8:4a:3b:76:72:a2:f8:01:17:
e7:75:8c:d0
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZO1tpdY97V1IVnljJD8plNxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjExMTIzNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTUzNWRmMGFiZjY4MDQyMGQ1OWNiY2IyMjVmODY1OTE0YzI5YWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxrDHKLB+v9Qe4jbfCd9AUNyNItv
AKtHiXPLW2ePqLM1USVXyEMgB6en4K/Zv0Jn5C/kbGtKLLAeo+fMEesJ4tNEszXr
tMn3Aj1/ahBPYJvf79DfaNWet1KCX+rjqvg9m0FrPtVJNkmA5dQva9dnqh/AtZFM
69uo34bOIJueQpQ1KjPvg/KpzhjTgJn18HMcQlIE16noRdf95hM+oEfWsGGARQIV
Z0QnS6EU0jG1qwwr4yxXHqqVSLHs6GHSpRsbHh25RMvYimU9ycEVB5M2aLGoblnt
7kinBSyDaaVrbjQiYUEH1LR+ZMwyR3fWI8VczvVgpa7BdRlRmqwi/dO6KwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAVTXfCr9oBCDVnLyyJfhlkUwprkMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQlZOZDhLdjJnRUlOV2N2TElsLUdXUlRDbXVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAHzrtMAwD
BADZPO0DBADZPO4DBADZPPMDBADZPPYwDQYJKoZIhvcNAQELBQADggEBAGR1kwON
3WFi38dBdFDvD6DedHG1Ortudp9IRLpNBXfTSZfzUx1zMq9++48ODMhw6rQvgTx+
iXdjQu8vMmeqUVD3nL5Rokc7xD2lx8rob/i3rcNn3bpckI/RNc11MyLlSfLmzw7e
fr/VDQwtpnB8nENYM5Uc+3mDHZHQey5g+lxKp7BuwCz0LQTGerKwmu4BhTGqgjdu
9Q01BGxh5Pnn8UmzN0eQ/oCLmd6S1O5lvGLu5Mh1ZJDWH1hLhtFviLbmzouTmpBH
u4M9iKQH/AAKH0QxX4HQoeNA12ZPUxAocdbmiot216yU1YWEke5/MlSUO//Op+hK
O3ZyovgBF+d1jNA=
-----END CERTIFICATE-----
Generated at Sun Apr 27 20:19:33 2025 by rpki-client