Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/G92PKRp7ZEwDtxmy4piIJQ6gEvM.roa
File: G92PKRp7ZEwDtxmy4piIJQ6gEvM.roa (raw, json)
Hash identifier: BDmLxibqFPya7a8Xmj92zGAIPUujWWr+MHwP/fZEVDw=
Subject key identifier: 1B:DD:8F:29:1A:7B:64:4C:03:B7:19:B2:E2:98:88:25:0E:A0:12:F3
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019499A491718885ADC9585ECD05FDC49DB0
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/G92PKRp7ZEwDtxmy4piIJQ6gEvM.roa
Signing time: Fri 24 Jan 2025 18:48:06 +0000
ROA not before: Fri 24 Jan 2025 18:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137897
IP address blocks: 31.56.87.0/24 maxlen: 24
31.56.122.0/24 maxlen: 24
31.57.222.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 26 Jan 2025 15:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:99:a4:91:71:88:85:ad:c9:58:5e:cd:05:fd:c4:9d:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 24 18:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bdd8f291a7b644c03b719b2e29888250ea012f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:16:ba:6b:d2:ee:91:ca:b6:c2:a4:d9:20:0f:
8c:e0:54:77:fe:8b:44:e4:7a:45:45:f7:d8:b2:dc:
70:a3:e2:7f:d2:7e:8a:6a:68:b8:60:74:4f:5d:1f:
a3:b9:c2:4c:11:4a:d6:4b:6f:29:99:58:49:3f:a3:
9d:22:2f:86:73:91:de:fd:95:9b:7b:1d:b7:55:58:
33:f6:ba:6a:f0:d2:27:16:54:ca:6f:46:c2:71:6a:
16:da:07:61:f4:4c:14:9c:ea:ba:17:aa:99:18:ab:
75:e5:98:72:08:ac:43:2b:5e:81:21:21:79:c1:23:
06:c8:19:27:97:66:8a:2b:65:09:b6:3e:a3:c8:fc:
f2:37:e5:9b:42:da:33:34:e2:49:8f:b0:d9:f8:60:
0e:a5:03:cb:3c:79:4d:c5:1e:fc:83:e4:c1:c1:c2:
a7:6f:3c:f7:22:d6:d4:18:c5:75:d6:4c:36:ba:17:
89:62:db:7f:dc:1f:a6:68:7f:17:ba:0d:9a:67:7a:
97:28:b4:1b:a4:86:b5:81:ff:cd:69:08:9d:19:96:
47:93:62:24:91:7e:e2:28:33:83:cf:44:fd:de:b1:
92:27:aa:fa:19:2b:5c:db:98:f1:e8:c8:e9:01:60:
6a:0a:43:bc:29:91:09:df:99:36:9e:e2:41:c3:6f:
97:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:DD:8F:29:1A:7B:64:4C:03:B7:19:B2:E2:98:88:25:0E:A0:12:F3
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/G92PKRp7ZEwDtxmy4piIJQ6gEvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.87.0/24
31.56.122.0/24
31.57.222.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:3c:8b:b1:77:29:bd:74:fb:fb:de:96:bd:8b:9d:13:72:6a:
19:70:72:9d:9b:5e:69:06:b3:bb:a1:11:56:28:1e:65:e2:aa:
7d:5d:54:d1:5c:ad:bd:8c:36:0e:ad:9b:f5:a9:ba:3d:b7:2e:
29:70:11:ef:8b:2b:f9:48:2b:eb:3e:7d:b8:dd:87:7e:27:46:
36:f1:69:a6:be:36:09:0f:79:a3:c7:7e:c3:82:52:57:48:18:
91:2d:dc:7a:2a:d2:b8:3e:aa:0f:2b:a0:38:2f:74:5c:97:36:
ef:c8:70:26:c1:7e:50:c6:ae:16:ee:7e:9b:6c:2d:f2:61:bc:
bb:b7:f9:8e:ea:cd:6f:b9:0a:fa:ca:07:e2:67:b2:6e:43:5a:
18:57:cc:18:6f:4c:3b:0e:e3:3d:bf:ca:6e:ac:e9:0b:3b:f6:
85:d1:a1:39:09:df:10:75:cd:ed:21:b9:d4:4f:0c:40:4c:e7:
54:6d:ab:97:e3:74:37:cb:4a:c2:23:7d:a5:b5:f4:7d:f5:9e:
0a:46:d5:1b:a3:a2:3f:8b:e1:5f:f5:ad:0f:c2:23:68:56:22:
ef:dc:8d:15:10:3e:d3:2f:fb:43:d3:6b:93:87:25:91:23:6a:
8e:76:0d:9d:62:28:f9:26:3b:b9:ab:70:40:72:a4:85:bf:92:
11:45:21:0b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZSZpJFxiIWtyVhezQX9xJ2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTI0MTg0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmRkOGYyOTFhN2I2NDRjMDNiNzE5YjJlMjk4ODgyNTBlYTAxMmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRa6a9Lukcq2wqTZIA+M4FR3/otE
5HpFRffYstxwo+J/0n6Kami4YHRPXR+jucJMEUrWS28pmVhJP6OdIi+Gc5He/ZWb
ex23VVgz9rpq8NInFlTKb0bCcWoW2gdh9EwUnOq6F6qZGKt15ZhyCKxDK16BISF5
wSMGyBknl2aKK2UJtj6jyPzyN+WbQtozNOJJj7DZ+GAOpQPLPHlNxR78g+TBwcKn
bzz3ItbUGMV11kw2uheJYtt/3B+maH8Xug2aZ3qXKLQbpIa1gf/NaQidGZZHk2Ik
kX7iKDODz0T93rGSJ6r6GStc25jx6MjpAWBqCkO8KZEJ35k2nuJBw2+XYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBvdjykae2RMA7cZsuKYiCUOoBLzMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvRzkyUEtScDdaRXdEdHhteTRwaUlKUTZnRXZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHzhXAwQA
Hzh6AwQBHzneMA0GCSqGSIb3DQEBCwUAA4IBAQCOPIuxdym9dPv73pa9i50TcmoZ
cHKdm15pBrO7oRFWKB5l4qp9XVTRXK29jDYOrZv1qbo9ty4pcBHviyv5SCvrPn24
3Yd+J0Y28WmmvjYJD3mjx37DglJXSBiRLdx6KtK4PqoPK6A4L3RclzbvyHAmwX5Q
xq4W7n6bbC3yYby7t/mO6s1vuQr6ygfiZ7JuQ1oYV8wYb0w7DuM9v8purOkLO/aF
0aE5Cd8Qdc3tIbnUTwxATOdUbauX43Q3y0rCI32ltfR99Z4KRtUbo6I/i+Ff9a0P
wiNoViLv3I0VED7TL/tD02uThyWRI2qOdg2dYij5Jju5q3BAcqSFv5IRRSEL
-----END CERTIFICATE-----
Generated at Thu May 1 05:04:29 2025 by rpki-client