Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Omd24ry4khEmBl3RHvyvCk-qNzI.roa
File: Omd24ry4khEmBl3RHvyvCk-qNzI.roa (raw, json)
Hash identifier: 8dzrOffVqDx/nA75g1OfBW2fAXYrAxggnsNKJyyR7ks=
Subject key identifier: 3A:67:76:E2:BC:B8:92:11:26:06:5D:D1:1E:FC:AF:0A:4F:AA:37:32
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01941C1CD67796E5E35DF1C0AB7D0E65DF65
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Omd24ry4khEmBl3RHvyvCk-qNzI.roa
Signing time: Tue 31 Dec 2024 09:47:19 +0000
ROA not before: Tue 31 Dec 2024 09:47:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215224
IP address blocks: 31.56.1.0/24 maxlen: 24
31.57.144.0/24 maxlen: 24
31.57.231.0/24 maxlen: 24
31.59.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1c:1c:d6:77:96:e5:e3:5d:f1:c0:ab:7d:0e:65:df:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 31 09:47:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a6776e2bcb8921126065dd11efcaf0a4faa3732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:dc:fc:23:01:c5:54:58:31:80:fe:a1:60:1e:
23:93:0c:d5:cc:79:4f:6a:7e:d2:5b:69:93:1f:25:
b5:6c:0f:d2:ed:0a:42:1f:e3:c3:e2:a0:30:1f:41:
43:f6:9e:1c:6e:4b:ca:51:40:22:7d:4d:f5:74:d2:
4c:bb:a5:e3:55:b5:7a:4f:2d:91:ff:28:39:a1:81:
e5:2c:75:e9:30:20:97:ac:cd:8f:1f:08:bc:82:59:
6e:a7:a0:64:d3:70:4e:80:3b:4e:d9:ca:7e:eb:f0:
9b:49:58:2e:b2:4e:6e:75:84:ae:e3:fd:db:27:3f:
73:d3:39:fc:a0:23:1b:da:31:9c:4f:fd:77:08:19:
56:85:00:7b:3b:1d:86:c5:66:32:c8:38:6e:62:fc:
7d:df:64:39:b3:fe:9b:39:3b:c6:28:22:5d:74:07:
e4:b5:cd:a5:fe:cf:b2:7a:b3:52:d2:60:9c:53:60:
97:eb:11:b1:4e:bc:60:a7:c4:a1:e7:03:20:5b:9b:
ad:09:94:b2:28:f5:36:2a:28:e0:76:fb:50:bd:dd:
96:17:6f:6d:a9:7c:4d:a6:ae:ef:1c:4e:9d:dc:54:
58:a6:be:01:ab:e6:bb:f1:c5:c0:b6:c6:84:38:04:
ca:d1:6a:b6:8a:6f:92:30:28:2d:b8:11:89:85:81:
0a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:67:76:E2:BC:B8:92:11:26:06:5D:D1:1E:FC:AF:0A:4F:AA:37:32
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Omd24ry4khEmBl3RHvyvCk-qNzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.1.0/24
31.57.144.0/24
31.57.231.0/24
31.59.108.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:0d:7f:b5:a0:16:af:fd:f2:fa:c5:f7:d9:95:2b:07:de:92:
34:6a:04:00:94:a9:8d:05:f2:31:da:25:34:3b:7d:ac:dc:c0:
04:2e:63:dc:29:91:81:14:23:b0:d1:2c:17:a0:78:48:61:1e:
60:aa:7d:c2:b0:bf:af:d1:89:15:b1:94:76:3e:f3:63:86:92:
1a:4f:a1:b3:4c:89:9e:99:ce:cb:dc:7e:ea:7c:04:d8:40:79:
42:58:ae:27:2e:fc:50:ba:15:30:e3:c8:26:3d:40:97:4b:39:
ca:fa:5a:92:9d:20:ec:13:3b:77:7c:0d:74:59:c3:35:1a:f3:
c4:6f:fc:45:82:88:90:e4:e4:6b:1d:50:04:99:9e:2f:b6:dd:
3b:43:11:93:2e:77:bb:f5:c5:13:b0:9d:be:70:62:5c:bb:c8:
da:d3:17:ed:40:b5:9f:19:d2:51:ad:d0:8b:b3:7d:c4:34:38:
4b:26:aa:ff:62:6e:c5:39:a1:94:b3:85:d9:51:b3:d8:ac:00:
5a:f4:c5:59:1a:bb:4a:84:88:e5:cd:47:2e:ef:63:0a:35:0f:
01:b6:19:04:c3:51:dd:53:21:ba:a1:46:f0:f7:46:c5:d5:d6:
69:55:e9:fa:f7:a7:a5:bb:7c:11:ea:ae:58:3e:fb:9d:dd:45:
01:3e:f8:f1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQcHNZ3luXjXfHAq30OZd9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjMxMDk0NzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTY3NzZlMmJjYjg5MjExMjYwNjVkZDExZWZjYWYwYTRmYWEzNzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNz8IwHFVFgxgP6hYB4jkwzVzHlP
an7SW2mTHyW1bA/S7QpCH+PD4qAwH0FD9p4cbkvKUUAifU31dNJMu6XjVbV6Ty2R
/yg5oYHlLHXpMCCXrM2PHwi8gllup6Bk03BOgDtO2cp+6/CbSVgusk5udYSu4/3b
Jz9z0zn8oCMb2jGcT/13CBlWhQB7Ox2GxWYyyDhuYvx932Q5s/6bOTvGKCJddAfk
tc2l/s+yerNS0mCcU2CX6xGxTrxgp8Sh5wMgW5utCZSyKPU2KijgdvtQvd2WF29t
qXxNpq7vHE6d3FRYpr4Bq+a78cXAtsaEOATK0Wq2im+SMCgtuBGJhYEKYQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDpnduK8uJIRJgZd0R78rwpPqjcyMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvT21kMjRyeTRraEVtQmwzUkh2eXZDay1xTnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzgBAwQA
HzmQAwQAHznnAwQAHztsMA0GCSqGSIb3DQEBCwUAA4IBAQBbDX+1oBav/fL6xffZ
lSsH3pI0agQAlKmNBfIx2iU0O32s3MAELmPcKZGBFCOw0SwXoHhIYR5gqn3CsL+v
0YkVsZR2PvNjhpIaT6GzTImemc7L3H7qfATYQHlCWK4nLvxQuhUw48gmPUCXSznK
+lqSnSDsEzt3fA10WcM1GvPEb/xFgoiQ5ORrHVAEmZ4vtt07QxGTLne79cUTsJ2+
cGJcu8ja0xftQLWfGdJRrdCLs33ENDhLJqr/Ym7FOaGUs4XZUbPYrABa9MVZGrtK
hIjlzUcu72MKNQ8BthkEw1HdUyG6oUbw90bF1dZpVen696elu3wR6q5YPvud3UUB
Pvjx
-----END CERTIFICATE-----
Generated at Mon Apr 28 02:16:26 2025 by rpki-client