Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OQ4nOuLaaRYBaqcEZZM7OSVI7WY.roa
File: OQ4nOuLaaRYBaqcEZZM7OSVI7WY.roa (raw, json)
Hash identifier: 6BGaViu82MQrqjNLVW1Roj1TnD1AxJN4K2/6pC8NwyM=
Subject key identifier: 39:0E:27:3A:E2:DA:69:16:01:6A:A7:04:65:93:3B:39:25:48:ED:66
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193B5DA4C2CA0157F3334B6ED86A6987C2E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OQ4nOuLaaRYBaqcEZZM7OSVI7WY.roa
Signing time: Wed 11 Dec 2024 13:13:22 +0000
ROA not before: Wed 11 Dec 2024 13:13:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 31.56.86.0/24 maxlen: 24
31.56.112.0/24 maxlen: 24
31.57.162.0/23 maxlen: 23
31.57.164.0/23 maxlen: 23
31.57.180.0/24 maxlen: 24
31.58.41.0/24 maxlen: 24
31.58.42.0/24 maxlen: 24
31.58.48.0/24 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.56.0/23 maxlen: 24
31.58.64.0/23 maxlen: 24
31.58.136.0/24 maxlen: 24
31.58.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Dec 2024 18:10:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:da:4c:2c:a0:15:7f:33:34:b6:ed:86:a6:98:7c:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 11 13:13:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=390e273ae2da6916016aa70465933b392548ed66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0d:7b:a7:2f:f1:9e:d0:07:63:40:f7:48:eb:
fc:63:8a:2e:0c:32:e8:09:0e:b4:fa:91:34:63:ba:
ee:03:b1:12:44:ad:29:be:ee:d2:a8:2b:90:f7:69:
f9:fa:21:bb:56:60:b4:5b:b8:92:3b:29:3c:62:37:
d2:ce:42:47:39:3d:1e:45:93:16:e2:6a:96:42:43:
c6:1f:85:1e:0f:49:a8:b9:a3:e2:28:83:32:01:e1:
fc:b1:aa:f5:6d:5e:98:c8:4a:ae:d2:52:b8:f0:f5:
42:9d:05:71:49:68:ae:0b:56:28:97:11:45:64:23:
3b:b2:bb:97:0e:06:0a:af:1b:bc:c7:12:58:c7:eb:
e6:e9:52:21:98:46:0d:81:ef:76:5c:b4:6a:19:24:
de:78:00:ba:ed:fa:a5:1f:de:d0:59:da:14:b9:a4:
a9:cf:ce:be:b1:09:ce:8c:c8:51:12:e6:86:df:ac:
0b:8e:c1:fb:4f:85:a0:e1:f8:11:83:f6:6f:b2:52:
ca:5d:74:63:81:af:a5:08:2f:b1:4e:66:97:d0:2b:
fa:7e:02:47:89:05:92:81:22:84:c3:9b:b6:cc:65:
61:dc:14:b2:af:b7:c3:32:b7:b0:99:ee:57:bb:ad:
94:f1:84:12:ba:77:b9:88:89:14:e2:35:71:55:4f:
f5:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:0E:27:3A:E2:DA:69:16:01:6A:A7:04:65:93:3B:39:25:48:ED:66
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OQ4nOuLaaRYBaqcEZZM7OSVI7WY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.86.0/24
31.56.112.0/24
31.57.162.0-31.57.165.255
31.57.180.0/24
31.58.41.0-31.58.42.255
31.58.48.0/24
31.58.50.0/23
31.58.56.0/23
31.58.64.0/23
31.58.136.0/24
31.58.153.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:52:ef:93:50:29:cb:b8:58:84:ff:f4:a5:14:89:a3:01:ce:
74:f7:88:b9:61:91:02:30:e8:0f:cb:7d:89:af:3a:d9:7d:cb:
e3:39:1a:22:31:95:04:94:c4:65:02:b2:00:e2:42:8d:2b:a6:
19:f5:a0:21:dd:74:ca:d2:33:74:b2:67:b4:55:7c:e3:6f:81:
ef:12:f9:0d:2b:74:94:37:b0:9d:bf:70:e5:23:d5:0a:6f:44:
cd:c7:61:8e:e0:b1:ec:d4:c6:9e:33:ed:f0:5a:e9:5f:1f:84:
c8:1f:07:86:e7:3b:57:8b:6b:ef:27:f8:e7:7e:f7:ec:66:43:
19:55:5e:6c:bb:22:ca:db:6b:17:a1:1d:f1:eb:97:75:eb:57:
65:60:52:e0:46:e2:88:e3:29:56:fb:e0:ca:a3:10:43:47:8d:
dd:10:0a:ee:09:e4:0c:25:81:42:41:94:f1:09:9e:27:65:d9:
ca:0c:73:73:20:17:64:34:3d:2a:b2:1f:b4:93:f5:9a:74:0d:
bd:13:86:ee:e7:98:e5:a8:5e:89:a5:80:a9:02:c0:2b:15:b5:
6e:34:3a:2e:07:a0:62:02:d9:31:ff:59:ac:a8:86:5d:cd:5a:
72:2e:bf:c1:11:8c:d4:67:22:3a:2a:f6:dc:39:87:eb:d8:db:
92:d2:89:29
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZO12kwsoBV/MzS27YammHwuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjExMTMxMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTBlMjczYWUyZGE2OTE2MDE2YWE3MDQ2NTkzM2IzOTI1NDhlZDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQ17py/xntAHY0D3SOv8Y4ouDDLo
CQ60+pE0Y7ruA7ESRK0pvu7SqCuQ92n5+iG7VmC0W7iSOyk8YjfSzkJHOT0eRZMW
4mqWQkPGH4UeD0mouaPiKIMyAeH8sar1bV6YyEqu0lK48PVCnQVxSWiuC1YolxFF
ZCM7sruXDgYKrxu8xxJYx+vm6VIhmEYNge92XLRqGSTeeAC67fqlH97QWdoUuaSp
z86+sQnOjMhREuaG36wLjsH7T4Wg4fgRg/ZvslLKXXRjga+lCC+xTmaX0Cv6fgJH
iQWSgSKEw5u2zGVh3BSyr7fDMrewme5Xu62U8YQSune5iIkU4jVxVU/1/QIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFDkOJzri2mkWAWqnBGWTOzklSO1mMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvT1E0bk91TGFhUllCYXFjRVpaTTdPU1ZJN1dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAHzhWAwQA
HzhwMAwDBAEfOaIDBAEfOaQDBAAfObQwDAMEAB86KQMEAB86KgMEAB86MAMEAR86
MgMEAR86OAMEAR86QAMEAB86iAMEAB86mTANBgkqhkiG9w0BAQsFAAOCAQEAbVLv
k1Apy7hYhP/0pRSJowHOdPeIuWGRAjDoD8t9ia862X3L4zkaIjGVBJTEZQKyAOJC
jSumGfWgId10ytIzdLJntFV842+B7xL5DSt0lDewnb9w5SPVCm9EzcdhjuCx7NTG
njPt8FrpXx+EyB8Hhuc7V4tr7yf453737GZDGVVebLsiyttrF6Ed8euXdetXZWBS
4EbiiOMpVvvgyqMQQ0eN3RAK7gnkDCWBQkGU8QmeJ2XZygxzcyAXZDQ9KrIftJP1
mnQNvROG7ueY5aheiaWAqQLAKxW1bjQ6LgegYgLZMf9ZrKiGXc1aci6/wRGM1Gci
Oir23DmH69jbktKJKQ==
-----END CERTIFICATE-----
Generated at Mon Apr 28 11:53:56 2025 by rpki-client