Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HYnTUPWIWrfMHPkB0kI0P2Uyd4s.roa
File: HYnTUPWIWrfMHPkB0kI0P2Uyd4s.roa (raw, json)
Hash identifier: 2jXN7f3WqEL7b384WstIRMsxWQWL1mw4PS1u4Pn1AAw=
Subject key identifier: 1D:89:D3:50:F5:88:5A:B7:CC:1C:F9:01:D2:42:34:3F:65:32:77:8B
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01938CE0E98E70451A5160FA3D5B4FDB1E7D
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HYnTUPWIWrfMHPkB0kI0P2Uyd4s.roa
Signing time: Tue 03 Dec 2024 14:16:10 +0000
ROA not before: Tue 03 Dec 2024 14:16:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205463
IP address blocks: 31.58.244.0/24 maxlen: 24
31.58.245.0/24 maxlen: 24
31.58.246.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 07 Dec 2024 12:20:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8c:e0:e9:8e:70:45:1a:51:60:fa:3d:5b:4f:db:1e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 3 14:16:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d89d350f5885ab7cc1cf901d242343f6532778b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5f:ae:71:61:b1:e0:2c:5e:36:90:c8:29:5f:
53:4c:27:70:11:c3:89:f9:85:3d:9c:d7:6d:7d:88:
21:a8:7c:0b:22:5e:e9:c3:b7:04:f3:dd:06:2e:28:
b8:21:ad:99:53:ca:7a:87:33:5e:80:21:ee:47:81:
00:17:fb:9b:71:d1:a0:a3:91:25:6c:3c:1d:35:ad:
f8:19:e8:6f:80:77:0d:9f:3b:8c:d9:1d:c3:58:e9:
ce:f3:56:c4:2c:00:0d:f4:3f:59:81:85:56:ac:e1:
fc:17:0f:52:19:62:53:ae:d4:83:dc:cc:7f:7d:f9:
cc:2c:52:16:9e:d7:5c:09:71:4d:31:e7:47:b2:fd:
93:47:aa:e3:0b:02:43:1f:f8:6f:6d:73:51:49:c2:
88:79:c9:5c:07:45:77:ff:4a:58:a0:19:40:ef:59:
35:97:c8:8e:e9:f9:db:41:5b:65:22:bb:53:50:7a:
86:42:64:e7:b4:e5:b4:d9:82:f3:e1:88:db:b0:8b:
7e:66:c8:5a:9d:8d:c5:6a:eb:65:01:a9:a4:26:d6:
65:ac:92:a0:da:79:41:e5:db:dc:c4:7d:0b:ea:3b:
3d:3a:63:3e:0a:9c:36:50:a2:a5:0e:40:83:bd:a8:
3f:b5:84:20:b0:42:4e:7d:58:90:56:26:9d:6d:94:
ec:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:89:D3:50:F5:88:5A:B7:CC:1C:F9:01:D2:42:34:3F:65:32:77:8B
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HYnTUPWIWrfMHPkB0kI0P2Uyd4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.244.0/22
31.58.249.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:b8:39:7d:63:12:b4:88:5f:e0:55:08:c9:b2:1e:3b:4e:0a:
d1:a7:fb:12:05:28:ea:82:b4:ea:bd:09:04:b6:ab:ce:ae:3c:
06:a5:ea:4e:30:2f:2d:38:d9:46:a6:b8:85:b7:61:cb:3f:6e:
e3:ff:78:1e:2f:0c:e2:3f:1e:03:8d:5a:7e:5c:5d:f6:7e:bf:
d6:ec:fb:56:eb:df:a2:c1:08:3b:88:23:57:26:8b:3e:ca:30:
65:24:cc:25:fb:5e:33:b1:27:2e:b8:f3:cf:63:35:26:5b:7e:
9e:20:a9:ee:21:63:d3:98:90:d2:a9:a6:a5:59:18:6c:c3:b3:
65:85:e3:78:1e:49:6c:23:ed:11:3c:6b:bd:d7:ed:e9:99:bb:
75:5a:ff:15:b5:fa:9e:05:1c:35:a1:88:e3:d9:f0:f6:fc:91:
a2:3a:be:0a:75:8c:73:39:6e:5e:ab:e3:26:c6:b7:81:aa:2a:
4c:c8:87:5a:5e:f4:9e:91:18:6a:72:87:d9:9a:bf:e0:87:4a:
36:4d:18:48:e2:0e:64:70:e3:d5:16:60:18:dc:83:6b:53:a2:
97:6f:ba:01:37:0b:d6:56:df:ba:47:65:2d:4f:d1:12:37:51:
e6:a4:0e:59:ce:05:2a:10:ad:b7:8b:ab:50:c1:e7:36:3c:f6:
45:ff:4d:d2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOM4OmOcEUaUWD6PVtP2x59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjAzMTQxNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDg5ZDM1MGY1ODg1YWI3Y2MxY2Y5MDFkMjQyMzQzZjY1MzI3NzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqF+ucWGx4CxeNpDIKV9TTCdwEcOJ
+YU9nNdtfYghqHwLIl7pw7cE890GLii4Ia2ZU8p6hzNegCHuR4EAF/ubcdGgo5El
bDwdNa34GehvgHcNnzuM2R3DWOnO81bELAAN9D9ZgYVWrOH8Fw9SGWJTrtSD3Mx/
ffnMLFIWntdcCXFNMedHsv2TR6rjCwJDH/hvbXNRScKIeclcB0V3/0pYoBlA71k1
l8iO6fnbQVtlIrtTUHqGQmTntOW02YLz4YjbsIt+ZshanY3FautlAamkJtZlrJKg
2nlB5dvcxH0L6js9OmM+Cpw2UKKlDkCDvag/tYQgsEJOfViQViadbZTs1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB2J01D1iFq3zBz5AdJCND9lMneLMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSFluVFVQV0lXcmZNSFBrQjBrSTBQMlV5ZDRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCHzr0AwQA
Hzr5MA0GCSqGSIb3DQEBCwUAA4IBAQBNuDl9YxK0iF/gVQjJsh47TgrRp/sSBSjq
grTqvQkEtqvOrjwGpepOMC8tONlGpriFt2HLP27j/3geLwziPx4DjVp+XF32fr/W
7PtW69+iwQg7iCNXJos+yjBlJMwl+14zsScuuPPPYzUmW36eIKnuIWPTmJDSqaal
WRhsw7NlheN4HklsI+0RPGu91+3pmbt1Wv8VtfqeBRw1oYjj2fD2/JGiOr4KdYxz
OW5eq+MmxreBqipMyIdaXvSekRhqcofZmr/gh0o2TRhI4g5kcOPVFmAY3INrU6KX
b7oBNwvWVt+6R2UtT9ESN1HmpA5ZzgUqEK23i6tQwec2PPZF/03S
-----END CERTIFICATE-----
Generated at Tue Apr 29 13:58:14 2025 by rpki-client