Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jorZxpgwOvLcqveBUZ_UrDHRB70.roa
File: jorZxpgwOvLcqveBUZ_UrDHRB70.roa (raw, json)
Hash identifier: qi1wQzrQhOpsZfLcqXpuXWwk0MAIVwYtnVNrCjko+Z4=
Subject key identifier: 8E:8A:D9:C6:98:30:3A:F2:DC:AA:F7:81:51:9F:D4:AC:31:D1:07:BD
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019410F28FEC6E26DA46E6814DF2E4D51B7C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jorZxpgwOvLcqveBUZ_UrDHRB70.roa
Signing time: Sun 29 Dec 2024 05:45:19 +0000
ROA not before: Sun 29 Dec 2024 05:45:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214677
IP address blocks: 31.56.7.0/24 maxlen: 24
31.56.26.0/24 maxlen: 24
31.58.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:10:f2:8f:ec:6e:26:da:46:e6:81:4d:f2:e4:d5:1b:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 29 05:45:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e8ad9c698303af2dcaaf781519fd4ac31d107bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:1e:9d:c1:db:3e:70:f3:33:34:d2:a4:ca:88:
39:1f:c8:99:e5:4e:f7:df:b0:c5:64:40:55:7c:f1:
46:50:6c:a1:b7:51:a4:19:e5:e1:e8:7c:9f:8e:b0:
ed:d7:0d:44:46:3f:15:36:70:e9:ab:4e:ac:dc:1a:
9a:43:71:62:ec:a0:88:d8:e6:68:b4:4e:9f:bb:e6:
b7:81:c8:84:10:f6:3c:22:45:30:aa:2c:eb:66:d5:
c0:ab:96:bb:37:6a:1f:c8:49:dd:3e:15:c1:4e:80:
bc:52:27:f4:9e:41:15:d1:e8:c2:c8:4a:23:34:fe:
3a:2b:2c:a4:81:f6:9a:13:61:ad:b1:41:0b:0c:4d:
2a:b2:41:d6:15:43:be:d6:c6:b2:52:ca:a9:f8:b1:
fa:1a:01:87:6a:63:bd:99:bd:bc:56:0e:5d:d8:ee:
8c:48:f9:2a:48:cd:3a:a1:1c:6b:cf:44:21:17:f8:
3d:5a:71:f5:90:41:c0:13:de:1b:82:9d:e3:23:33:
b6:67:45:a3:0b:e2:2d:2b:75:f6:ee:50:33:c0:66:
0d:88:a8:8a:21:e9:4d:a3:af:35:26:43:ef:5b:91:
ef:07:18:14:60:ef:2d:84:76:0b:a6:0c:9e:65:e5:
c5:30:69:1c:2c:24:e2:66:c3:e2:9b:5b:99:0d:d5:
b4:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:8A:D9:C6:98:30:3A:F2:DC:AA:F7:81:51:9F:D4:AC:31:D1:07:BD
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jorZxpgwOvLcqveBUZ_UrDHRB70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.7.0/24
31.56.26.0/24
31.58.156.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:8d:bf:54:9d:24:95:73:60:37:81:c5:7b:e9:e8:df:66:d4:
2d:e6:5a:c0:03:87:47:19:70:70:0f:bf:64:31:11:53:61:57:
56:7f:a5:d1:d8:03:f2:0d:98:67:70:57:07:f4:a4:26:85:d3:
1d:12:b8:29:2a:c6:a0:e2:e2:fd:9c:2a:bd:58:5b:47:98:f2:
97:45:1e:b0:67:13:e1:dd:08:ab:58:7a:16:a3:fb:42:d0:ec:
79:bf:04:7e:41:33:0a:d9:a5:bf:ac:42:2d:5e:57:70:02:e8:
5a:61:c3:c6:25:bb:2c:54:c5:d4:37:50:ac:7f:1a:e5:1b:92:
8c:9b:0c:e4:20:50:f2:6e:16:00:be:44:5c:db:ca:03:ff:00:
3e:e2:7b:dc:73:61:31:91:eb:18:4e:08:f8:4d:94:21:8f:00:
53:1e:19:02:ca:ec:25:02:7d:d4:35:70:52:20:ea:8c:7b:d4:
9c:6e:06:89:af:e3:4b:ae:4a:9f:b3:4c:9b:bc:42:80:9b:ea:
d5:52:b4:0b:78:d1:e5:0a:92:d3:8c:5f:bb:e0:58:86:75:cd:
ea:83:a7:4e:13:ee:de:3e:0a:57:52:f8:1e:d9:fc:d3:e5:66:
24:0f:d3:85:df:31:98:54:8b:eb:2d:21:3d:a7:b9:94:59:00:
cf:97:e0:fa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQQ8o/sbibaRuaBTfLk1Rt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjI5MDU0NTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZThhZDljNjk4MzAzYWYyZGNhYWY3ODE1MTlmZDRhYzMxZDEwN2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5B6dwds+cPMzNNKkyog5H8iZ5U73
37DFZEBVfPFGUGyht1GkGeXh6HyfjrDt1w1ERj8VNnDpq06s3BqaQ3Fi7KCI2OZo
tE6fu+a3gciEEPY8IkUwqizrZtXAq5a7N2ofyEndPhXBToC8Uif0nkEV0ejCyEoj
NP46KyykgfaaE2GtsUELDE0qskHWFUO+1sayUsqp+LH6GgGHamO9mb28Vg5d2O6M
SPkqSM06oRxrz0QhF/g9WnH1kEHAE94bgp3jIzO2Z0WjC+ItK3X27lAzwGYNiKiK
IelNo681JkPvW5HvBxgUYO8thHYLpgyeZeXFMGkcLCTiZsPim1uZDdW0TwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI6K2caYMDry3Kr3gVGf1Kwx0Qe9MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvam9yWnhwZ3dPdkxjcXZlQlVaX1VyREhSQjcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHzgHAwQA
HzgaAwQAHzqcMA0GCSqGSIb3DQEBCwUAA4IBAQBPjb9UnSSVc2A3gcV76ejfZtQt
5lrAA4dHGXBwD79kMRFTYVdWf6XR2APyDZhncFcH9KQmhdMdErgpKsag4uL9nCq9
WFtHmPKXRR6wZxPh3QirWHoWo/tC0Ox5vwR+QTMK2aW/rEItXldwAuhaYcPGJbss
VMXUN1CsfxrlG5KMmwzkIFDybhYAvkRc28oD/wA+4nvcc2ExkesYTgj4TZQhjwBT
HhkCyuwlAn3UNXBSIOqMe9ScbgaJr+NLrkqfs0ybvEKAm+rVUrQLeNHlCpLTjF+7
4FiGdc3qg6dOE+7ePgpXUvge2fzT5WYkD9OF3zGYVIvrLSE9p7mUWQDPl+D6
-----END CERTIFICATE-----
Generated at Sun May 11 12:24:50 2025 by rpki-client