Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/3URzcJUYlw4NQY62L4blnr7-7k4.roa
File: 3URzcJUYlw4NQY62L4blnr7-7k4.roa (raw, json)
Hash identifier: CTz36eWksBXYMhbwPVJIUv+67p16nrMBur8+eEr3bTo=
Subject key identifier: DD:44:73:70:95:18:97:0E:0D:41:8E:B6:2F:86:E5:9E:BE:FE:EE:4E
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01944B5E9D82F079E2D35826CFE59AFC048B
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/3URzcJUYlw4NQY62L4blnr7-7k4.roa
Signing time: Thu 09 Jan 2025 14:01:19 +0000
ROA not before: Thu 09 Jan 2025 14:01:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
31.57.184.0/22 maxlen: 24
31.59.68.0/24 maxlen: 24
31.59.136.0/21 maxlen: 24
31.59.144.0/21 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/21 maxlen: 24
31.59.168.0/21 maxlen: 24
217.60.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 17:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4b:5e:9d:82:f0:79:e2:d3:58:26:cf:e5:9a:fc:04:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 9 14:01:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd4473709518970e0d418eb62f86e59ebefeee4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:b7:46:41:86:5d:f1:41:bf:f4:ea:90:c9:74:
0c:d9:d5:57:c2:81:55:5b:93:df:c3:64:0c:de:9b:
9b:5a:29:da:ad:00:76:24:38:ef:a7:76:51:50:6d:
ba:5c:0a:70:a3:85:20:fc:3e:72:f4:bb:4f:f6:e4:
fa:1e:bf:ea:f1:d4:99:d3:33:ba:e3:84:99:34:4c:
67:2b:db:c6:65:83:4e:a4:13:1d:ec:5a:b1:a9:0f:
60:77:95:fb:aa:bd:14:a0:c9:3b:65:e5:3c:34:1d:
b3:02:9f:4e:c9:36:27:c5:38:c6:ad:16:f1:c0:59:
ff:3b:8c:25:39:e7:69:7f:f1:c7:15:f9:00:18:44:
3c:e4:4e:2c:b6:63:5f:76:41:fd:06:a7:07:b3:f8:
68:1f:4d:b3:8f:00:e0:e8:19:d1:c2:cb:56:5e:55:
42:fc:ff:be:dc:2d:80:c8:9b:5d:a6:0b:20:58:f1:
7a:67:61:94:a0:dc:9b:4e:18:30:3c:fa:02:b9:c7:
df:e1:58:5d:8c:f4:51:5d:9a:b4:ec:dc:dc:26:f2:
da:55:05:c2:4c:36:74:24:4c:68:5c:00:6f:a1:1f:
9d:7b:d3:f2:66:e7:44:89:9b:31:7f:56:00:52:24:
eb:7c:fb:00:2f:0c:66:58:ea:0a:68:bb:3d:62:12:
eb:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:44:73:70:95:18:97:0E:0D:41:8E:B6:2F:86:E5:9E:BE:FE:EE:4E
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/3URzcJUYlw4NQY62L4blnr7-7k4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.142.0/23
31.56.148.0/22
31.57.184.0/22
31.59.68.0/24
31.59.136.0-31.59.175.255
217.60.62.0/24
Signature Algorithm: sha256WithRSAEncryption
02:05:ff:c0:98:bf:f0:f6:ff:9a:e0:1f:82:62:53:9c:dc:64:
dc:2f:99:60:18:91:ff:94:5c:e3:9d:30:20:11:e5:64:74:b0:
f7:2c:eb:25:c5:6f:fb:e0:32:af:72:fe:4c:67:c3:ae:da:99:
4e:06:84:d3:37:3a:a0:74:61:a6:3a:44:da:d7:ca:ba:d1:15:
7b:2f:15:cb:17:55:f8:01:5e:49:80:06:4f:ab:c1:22:c8:7f:
51:3c:21:db:17:c4:46:a6:d7:51:9b:21:da:30:a1:11:62:3c:
e1:1d:db:31:ce:ab:db:c3:97:63:24:5d:99:eb:86:e2:63:b5:
af:90:4a:fd:18:7b:73:ce:ea:81:cf:aa:d6:fb:97:13:6a:35:
0f:46:65:84:e5:60:ca:e2:c8:3d:41:6e:a7:9a:57:18:15:d2:
dd:47:db:39:1d:45:6c:fb:dc:a9:a9:92:07:25:72:22:78:cf:
46:10:23:33:81:32:e8:6d:e4:49:93:8b:1d:ab:c2:76:f4:31:
53:d2:b3:70:2d:17:a9:17:d2:d2:e1:0b:f6:51:f0:82:b2:97:
33:f2:07:64:65:46:9d:70:fa:22:ea:b1:0c:96:df:27:df:66:
7d:4d:ec:06:d2:3b:bc:c6:20:50:58:18:8b:8d:c2:66:c1:b5:
d4:76:fd:e1
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZRLXp2C8Hni01gmz+Wa/ASLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTA5MTQwMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDQ0NzM3MDk1MTg5NzBlMGQ0MThlYjYyZjg2ZTU5ZWJlZmVlZTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LdGQYZd8UG/9OqQyXQM2dVXwoFV
W5Pfw2QM3pubWinarQB2JDjvp3ZRUG26XApwo4Ug/D5y9LtP9uT6Hr/q8dSZ0zO6
44SZNExnK9vGZYNOpBMd7FqxqQ9gd5X7qr0UoMk7ZeU8NB2zAp9OyTYnxTjGrRbx
wFn/O4wlOedpf/HHFfkAGEQ85E4stmNfdkH9BqcHs/hoH02zjwDg6BnRwstWXlVC
/P++3C2AyJtdpgsgWPF6Z2GUoNybThgwPPoCucff4VhdjPRRXZq07NzcJvLaVQXC
TDZ0JExoXABvoR+de9PyZudEiZsxf1YAUiTrfPsALwxmWOoKaLs9YhLrNQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFN1Ec3CVGJcODUGOti+G5Z6+/u5OMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvM1VSemNKVVlsdzROUVk2Mkw0YmxucjctN2s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQDHzgIAwQB
HziOAwQCHziUAwQCHzm4AwQAHztEMAwDBAMfO4gDBAQfO6ADBADZPD4wDQYJKoZI
hvcNAQELBQADggEBAAIF/8CYv/D2/5rgH4JiU5zcZNwvmWAYkf+UXOOdMCAR5WR0
sPcs6yXFb/vgMq9y/kxnw67amU4GhNM3OqB0YaY6RNrXyrrRFXsvFcsXVfgBXkmA
Bk+rwSLIf1E8IdsXxEam11GbIdowoRFiPOEd2zHOq9vDl2MkXZnrhuJjta+QSv0Y
e3PO6oHPqtb7lxNqNQ9GZYTlYMriyD1BbqeaVxgV0t1H2zkdRWz73KmpkgclciJ4
z0YQIzOBMuht5EmTix2rwnb0MVPSs3AtF6kX0tLhC/ZR8IKylzPyB2RlRp1w+iLq
sQyW3yffZn1N7AbSO7zGIFBYGIuNwmbBtdR2/eE=
-----END CERTIFICATE-----
Generated at Sun May 11 22:53:22 2025 by rpki-client