Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/wfMZdLS_2-DRXh0BUZNpWF1_Vvg.roa
File: wfMZdLS_2-DRXh0BUZNpWF1_Vvg.roa (raw, json)
Hash identifier: AKowJ0LxL6uPDoUfZfbx9mazG1DPxjSgZA/Iwg9Sts0=
Subject key identifier: C1:F3:19:74:B4:BF:DB:E0:D1:5E:1D:01:51:93:69:58:5D:7F:56:F8
Certificate issuer: /CN=b914166b685ac015b94126cdb8b18c83a12ed862
Certificate serial: 019782EA158E9784C3CB7F361F89A83B0073
Authority key identifier: B9:14:16:6B:68:5A:C0:15:B9:41:26:CD:B8:B1:8C:83:A1:2E:D8:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRQWa2hawBW5QSbNuLGMg6Eu2GI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/wfMZdLS_2-DRXh0BUZNpWF1_Vvg.roa
Signing time: Wed 18 Jun 2025 12:01:08 +0000
ROA not before: Wed 18 Jun 2025 12:01:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47583
IP address blocks: 31.97.0.0/23 maxlen: 24
31.97.3.0/24 maxlen: 24
31.97.8.0/21 maxlen: 24
31.97.16.0/20 maxlen: 24
31.97.32.0/21 maxlen: 24
31.97.40.0/22 maxlen: 24
31.97.44.0/22 maxlen: 24
31.97.48.0/22 maxlen: 24
31.97.52.0/22 maxlen: 24
31.97.56.0/22 maxlen: 24
31.97.60.0/22 maxlen: 24
31.97.64.0/24 maxlen: 24
31.97.65.0/24 maxlen: 24
31.97.66.0/23 maxlen: 24
31.97.68.0/23 maxlen: 24
31.97.70.0/23 maxlen: 24
31.97.72.0/22 maxlen: 24
31.97.80.0/20 maxlen: 24
31.97.96.0/21 maxlen: 24
31.97.104.0/21 maxlen: 24
31.97.112.0/21 maxlen: 24
31.97.120.0/21 maxlen: 24
31.97.128.0/20 maxlen: 24
31.97.144.0/22 maxlen: 24
31.97.148.0/23 maxlen: 24
31.97.150.0/24 maxlen: 24
31.97.151.0/24 maxlen: 24
31.97.152.0/21 maxlen: 24
31.97.160.0/20 maxlen: 24
31.97.176.0/23 maxlen: 24
31.97.178.0/24 maxlen: 24
31.97.179.0/24 maxlen: 24
31.97.180.0/22 maxlen: 24
31.97.184.0/23 maxlen: 24
31.97.186.0/24 maxlen: 24
31.97.187.0/24 maxlen: 24
31.97.188.0/22 maxlen: 24
31.97.192.0/21 maxlen: 24
31.97.200.0/21 maxlen: 24
31.97.208.0/21 maxlen: 24
31.97.224.0/20 maxlen: 24
69.62.64.0/23 maxlen: 24
69.62.66.0/23 maxlen: 24
69.62.68.0/22 maxlen: 24
69.62.72.0/21 maxlen: 24
69.62.80.0/22 maxlen: 24
69.62.84.0/23 maxlen: 24
69.62.86.0/23 maxlen: 24
69.62.88.0/21 maxlen: 24
69.62.96.0/21 maxlen: 24
69.62.104.0/24 maxlen: 24
69.62.105.0/24 maxlen: 24
69.62.106.0/23 maxlen: 24
69.62.108.0/22 maxlen: 24
69.62.112.0/22 maxlen: 24
69.62.116.0/22 maxlen: 24
69.62.120.0/23 maxlen: 24
69.62.122.0/24 maxlen: 24
69.62.123.0/24 maxlen: 24
69.62.124.0/24 maxlen: 24
69.62.125.0/24 maxlen: 24
69.62.126.0/23 maxlen: 24
103.199.184.0/22 maxlen: 24
148.222.52.0/24 maxlen: 24
148.222.53.0/24 maxlen: 24
148.222.54.0/24 maxlen: 24
148.222.55.0/24 maxlen: 24
168.231.64.0/21 maxlen: 24
168.231.72.0/22 maxlen: 24
168.231.76.0/23 maxlen: 24
168.231.78.0/23 maxlen: 24
168.231.80.0/21 maxlen: 24
168.231.88.0/21 maxlen: 24
168.231.96.0/22 maxlen: 24
168.231.100.0/24 maxlen: 24
168.231.101.0/24 maxlen: 24
168.231.102.0/23 maxlen: 24
168.231.104.0/21 maxlen: 24
168.231.112.0/22 maxlen: 24
168.231.116.0/24 maxlen: 24
168.231.117.0/24 maxlen: 24
168.231.118.0/23 maxlen: 24
168.231.120.0/22 maxlen: 24
168.231.124.0/22 maxlen: 24
194.164.148.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Jun 2025 11:19:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:82:ea:15:8e:97:84:c3:cb:7f:36:1f:89:a8:3b:00:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b914166b685ac015b94126cdb8b18c83a12ed862
Validity
Not Before: Jun 18 12:01:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1f31974b4bfdbe0d15e1d01519369585d7f56f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e4:34:22:47:de:6b:c6:da:d4:be:21:bd:b0:
ae:b3:6e:83:9f:d1:52:42:b4:a3:ea:ac:c2:ae:88:
83:36:35:3c:7b:1d:b9:b5:13:da:2b:eb:7c:83:3f:
33:52:0f:d1:7a:75:7e:3f:7d:21:01:01:16:41:d0:
f5:b5:f0:57:35:de:85:b3:07:37:e3:83:a3:71:db:
2c:f3:02:a0:63:c7:e9:90:ce:fc:ca:c9:a6:3f:2d:
e2:3b:2d:b7:26:94:f2:e3:ec:47:af:94:6d:05:06:
d4:af:bd:01:02:2e:ce:a9:30:d5:1b:20:46:92:28:
c6:1a:44:be:d2:1c:24:d7:b3:86:11:bc:b5:23:c7:
09:60:13:0c:a9:7c:55:d0:7c:eb:ee:cf:9d:f3:00:
3a:76:da:8a:3c:93:4b:01:a1:38:5a:60:56:6b:49:
aa:a4:e1:9e:0d:d5:e8:d6:18:ad:da:0c:03:db:ac:
2b:a9:94:32:ea:b8:1e:48:65:e0:3f:8b:36:d0:4e:
01:f1:da:ac:57:0b:57:bb:f7:d4:89:e9:19:fe:4f:
33:5d:29:84:9e:9f:15:3b:f7:01:c5:b2:d6:11:68:
87:ae:56:e2:51:01:33:c8:e2:bb:f9:db:cd:04:07:
20:1c:8c:04:32:34:bd:a5:a7:ec:6e:a0:68:c4:a4:
83:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:F3:19:74:B4:BF:DB:E0:D1:5E:1D:01:51:93:69:58:5D:7F:56:F8
X509v3 Authority Key Identifier:
keyid:B9:14:16:6B:68:5A:C0:15:B9:41:26:CD:B8:B1:8C:83:A1:2E:D8:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRQWa2hawBW5QSbNuLGMg6Eu2GI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/wfMZdLS_2-DRXh0BUZNpWF1_Vvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/uRQWa2hawBW5QSbNuLGMg6Eu2GI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.97.0.0/23
31.97.3.0/24
31.97.8.0-31.97.75.255
31.97.80.0-31.97.215.255
31.97.224.0/20
69.62.64.0/18
103.199.184.0/22
148.222.52.0/22
168.231.64.0/18
194.164.148.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:f9:7f:0e:ff:af:a0:4a:bb:d6:53:68:0f:35:96:e0:bc:b6:
2b:b8:ef:e5:ed:09:01:7b:6e:ed:1c:8b:a1:f8:d0:d3:a4:43:
37:a0:8b:cc:33:7a:7c:38:06:1a:43:f9:f0:8a:4a:fd:03:8d:
91:83:87:db:35:ec:fa:03:a1:8d:ab:7e:45:7d:bd:ef:02:bb:
7f:48:80:07:53:e5:f7:e6:d9:6d:5d:a0:5f:70:c0:37:e2:4f:
99:34:3d:a9:03:fc:03:a5:b2:28:96:56:86:19:b7:1e:3b:07:
6d:92:cd:42:1c:9e:b5:7c:5e:aa:3a:05:8f:35:1a:12:2b:7d:
2a:77:7a:3a:95:98:66:a9:11:f5:b5:22:69:63:8e:61:20:a5:
89:f9:9a:52:9b:24:39:33:05:aa:9c:26:c0:47:43:70:dd:cc:
69:96:40:b8:b7:01:f8:ba:17:5a:60:bd:ae:a7:2f:39:1a:ef:
4f:54:c2:d3:3a:4a:d0:ef:9d:fa:a0:16:52:08:18:1e:b9:a2:
6e:ee:a8:c0:8a:ed:a4:6c:3f:73:26:25:18:f5:f6:c9:01:b6:
fa:29:b2:fd:42:db:47:77:18:84:d4:5b:43:2d:a5:c5:f4:63:
2d:ad:62:61:10:b6:b0:ac:a8:8e:72:66:0b:df:35:93:e3:40:
fc:11:3d:75
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZeC6hWOl4TDy382H4moOwBzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQxNjZiNjg1YWMwMTViOTQxMjZjZGI4YjE4YzgzYTEy
ZWQ4NjIwHhcNMjUwNjE4MTIwMTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWYzMTk3NGI0YmZkYmUwZDE1ZTFkMDE1MTkzNjk1ODVkN2Y1NmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreQ0Ikfea8ba1L4hvbCus26Dn9FS
QrSj6qzCroiDNjU8ex25tRPaK+t8gz8zUg/RenV+P30hAQEWQdD1tfBXNd6Fswc3
44Ojcdss8wKgY8fpkM78ysmmPy3iOy23JpTy4+xHr5RtBQbUr70BAi7OqTDVGyBG
kijGGkS+0hwk17OGEby1I8cJYBMMqXxV0Hzr7s+d8wA6dtqKPJNLAaE4WmBWa0mq
pOGeDdXo1hit2gwD26wrqZQy6rgeSGXgP4s20E4B8dqsVwtXu/fUiekZ/k8zXSmE
np8VO/cBxbLWEWiHrlbiUQEzyOK7+dvNBAcgHIwEMjS9pafsbqBoxKSDUwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFMHzGXS0v9vg0V4dAVGTaVhdf1b4MB8GA1UdIwQY
MBaAFLkUFmtoWsAVuUEmzbixjIOhLthiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJRV2EyaGF3Qlc1UVNiTnVMR01nNkV1MkdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9kM2JlNzAtZGRmMS00OGY1LTg2NmYt
ZWE2N2E5ODYyNWZlLzEvd2ZNWmRMU18yLURSWGgwQlVaTnBXRjFfVnZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9kM2JlNzAtZGRmMS00OGY1LTg2NmYtZWE2N2E5ODYyNWZl
LzEvdVJRV2EyaGF3Qlc1UVNiTnVMR01nNkV1MkdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQBH2EAAwQA
H2EDMAwDBAMfYQgDBAIfYUgwDAMEBB9hUAMEAx9h0AMEBB9h4AMEBkU+QAMEAmfH
uAMEApTeNAMEBqjnQAMEAsKklDANBgkqhkiG9w0BAQsFAAOCAQEAv/l/Dv+voEq7
1lNoDzWW4Ly2K7jv5e0JAXtu7RyLofjQ06RDN6CLzDN6fDgGGkP58IpK/QONkYOH
2zXs+gOhjat+RX297wK7f0iAB1Pl9+bZbV2gX3DAN+JPmTQ9qQP8A6WyKJZWhhm3
HjsHbZLNQhyetXxeqjoFjzUaEit9Knd6OpWYZqkR9bUiaWOOYSClifmaUpskOTMF
qpwmwEdDcN3MaZZAuLcB+LoXWmC9rqcvORrvT1TC0zpK0O+d+qAWUggYHrmibu6o
wIrtpGw/cyYlGPX2yQG2+imy/ULbR3cYhNRbQy2lxfRjLa1iYRC2sKyojnJmC981
k+NA/BE9dQ==
-----END CERTIFICATE-----
Generated at Sun Jul 27 09:59:47 2025 by rpki-client