Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-aJN51o6d4pL2IctXl0NH2uwjRA.roa
File: 1-aJN51o6d4pL2IctXl0NH2uwjRA.roa (raw, json)
Hash identifier: D2nqHF3We4cYIx4EG3MOxaoFvbZn03+cuWVHWu5lJTE=
Subject key identifier: F9:A2:4D:E7:5A:3A:77:8A:4B:D8:87:2D:5E:5D:0D:1F:6B:B0:8D:10
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195CBF07C0635D2F9C47A58F239C0599335
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-aJN51o6d4pL2IctXl0NH2uwjRA.roa
Signing time: Tue 25 Mar 2025 06:14:49 +0000
ROA not before: Tue 25 Mar 2025 06:14:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.87.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.103.0/24 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.113.0/24 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.116.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.143.0/24 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.168.0/22 maxlen: 24
31.57.168.0/23 maxlen: 23
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.200.0/24 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.214.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.57.254.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.40.0/24 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.76.0/24 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.172.0/22 maxlen: 24
31.58.224.0/22 maxlen: 24
31.59.76.0/22 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.120.0/22 maxlen: 24
31.59.136.0/21 maxlen: 24
31.59.144.0/21 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/21 maxlen: 24
31.59.168.0/21 maxlen: 24
31.59.224.0/22 maxlen: 22
31.59.232.0/22 maxlen: 22
31.59.236.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 25 Mar 2025 13:15:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cb:f0:7c:06:35:d2:f9:c4:7a:58:f2:39:c0:59:93:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 25 06:14:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9a24de75a3a778a4bd8872d5e5d0d1f6bb08d10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:65:0c:6b:02:98:b7:3f:27:29:22:c0:cd:65:
e7:c9:01:c9:cb:24:76:f4:23:41:2d:76:15:09:85:
4a:2e:88:80:e5:20:1e:0d:18:be:60:9d:2c:25:8b:
b9:c5:01:b6:12:5e:bd:a8:07:99:f2:41:52:d0:95:
36:d0:c7:7f:68:df:23:47:5c:74:1e:94:cb:15:82:
9a:b9:e4:c1:aa:87:e5:ad:43:45:93:26:24:76:22:
2a:75:36:73:9c:9a:9d:3c:7b:48:5a:24:07:5d:eb:
e0:21:40:fb:77:ae:a5:4c:a4:55:ee:9a:eb:cd:61:
e2:54:88:e6:80:a8:d4:c1:25:3d:d4:8c:c7:e6:49:
96:17:f8:d5:3f:74:3f:0a:98:55:44:2a:9b:5c:d3:
e7:05:bf:6e:c3:d1:aa:e2:19:ca:19:60:58:5b:34:
6a:57:6b:cb:f0:35:53:c8:3d:a4:58:8e:43:dc:8f:
8c:a8:92:27:19:12:8e:78:d5:3a:bf:b4:1c:b6:65:
e9:bf:76:3c:61:3a:cc:9e:87:96:58:38:34:42:7d:
74:95:2c:ab:d4:73:0c:73:20:53:1e:c8:71:f5:74:
20:77:f1:75:f7:14:09:8a:2d:0a:9d:c7:7a:90:17:
eb:8f:d8:64:a8:ec:81:29:89:8e:f1:d1:b2:fa:44:
75:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:A2:4D:E7:5A:3A:77:8A:4B:D8:87:2D:5E:5D:0D:1F:6B:B0:8D:10
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-aJN51o6d4pL2IctXl0NH2uwjRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.57.0/24
31.56.71.0/24
31.56.87.0/24
31.56.90.0/23
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.103.0-31.57.111.255
31.57.113.0-31.57.114.255
31.57.116.0/24
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.168.0/22
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.40.0/24
31.58.50.0/23
31.58.68.0/22
31.58.76.0/24
31.58.84.0/22
31.58.152.0/22
31.58.172.0/22
31.58.224.0/22
31.59.76.0/22
31.59.96.0/22
31.59.112.0/22
31.59.120.0/22
31.59.136.0-31.59.175.255
31.59.224.0/22
31.59.232.0/21
Signature Algorithm: sha256WithRSAEncryption
2c:3b:59:d1:60:6b:a5:d5:d4:1a:e9:93:2d:e3:58:eb:c6:56:
f9:9e:81:4a:d6:d5:63:fc:b8:05:ee:80:a5:9c:31:1f:26:23:
75:83:0e:27:5b:45:94:6f:14:6b:77:a4:80:ba:e1:a5:50:f4:
82:53:a3:24:a7:d2:1a:df:66:31:cb:65:8f:b6:c1:7d:c0:9a:
f4:cc:28:eb:fe:a7:9a:f1:1f:25:1e:51:85:cf:0f:0a:2d:f5:
86:97:19:50:7e:a4:14:df:cf:6f:0d:df:d7:95:56:66:08:8d:
86:e8:1f:6c:87:b2:aa:b7:30:63:45:28:6d:65:6a:0a:2a:49:
c3:28:de:fd:66:2f:c0:e2:aa:ef:ea:25:e1:c7:ea:f7:1e:0a:
e1:6f:0f:c5:6c:c2:91:f1:42:14:9b:8e:52:73:01:9f:f9:65:
87:4b:bb:a0:c7:8e:b1:e3:50:67:ca:38:85:6b:e1:3b:d5:98:
49:02:57:93:5a:8f:fe:ed:b4:98:43:f2:d2:72:ec:90:94:59:
1d:6c:58:42:33:06:89:bf:ff:67:57:65:a3:0b:e7:80:96:e1:
64:0f:ed:7f:1f:9e:d4:10:f4:79:07:9a:79:b6:e3:60:7f:91:
4c:10:35:64:38:ee:c9:aa:a1:4b:ba:dc:c0:20:74:38:b5:9c:
c3:6c:54:11
-----BEGIN CERTIFICATE-----
MIIGFDCCBPygAwIBAgISAZXL8HwGNdL5xHpY8jnAWZM1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzI1MDYxNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWEyNGRlNzVhM2E3NzhhNGJkODg3MmQ1ZTVkMGQxZjZiYjA4ZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2UMawKYtz8nKSLAzWXnyQHJyyR2
9CNBLXYVCYVKLoiA5SAeDRi+YJ0sJYu5xQG2El69qAeZ8kFS0JU20Md/aN8jR1x0
HpTLFYKaueTBqoflrUNFkyYkdiIqdTZznJqdPHtIWiQHXevgIUD7d66lTKRV7prr
zWHiVIjmgKjUwSU91IzH5kmWF/jVP3Q/CphVRCqbXNPnBb9uw9Gq4hnKGWBYWzRq
V2vL8DVTyD2kWI5D3I+MqJInGRKOeNU6v7QctmXpv3Y8YTrMnoeWWDg0Qn10lSyr
1HMMcyBTHshx9XQgd/F19xQJii0Kncd6kBfrj9hkqOyBKYmO8dGy+kR1jQIDAQAB
o4IDIDCCAxwwHQYDVR0OBBYEFPmiTedaOneKS9iHLV5dDR9rsI0QMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMS1hSk41MW82ZDRwTDJJY3RYbDBOSDJ1d2pSQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTIvNTExZjk1LWU0YmYtNDNmMS1hZjJmLWI4MTFjZmNiOWZk
NS8xL1R4c0pYNnRuWXp3Qko5WWY5b1Y0Wk9wckpjVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCATMGCCsGAQUFBwEHAQH/BIIBIjCCAR4wggEaBAIAATCC
ARIDBAEfOAQDBAAfOBgDBAAfODkDBAAfOEcDBAAfOFcDBAEfOFoDBAMfOGgDBAEf
OHIwDAMEAR84dgMEAh84eAMEAh84yDAMAwQAHzlnAwQEHzlgMAwDBAAfOXEDBAAf
OXIDBAAfOXQDBAEfOYQDBAMfOYgDBAEfOZIDBAIfOagDBAMfObADBAIfOcADBAEf
OcgwDAMEBB850AMEAh854AMEAh856AMEAh85/AMEAR86IgMEAB86KAMEAR86MgME
Ah86RAMEAB86TAMEAh86VAMEAh86mAMEAh86rAMEAh864AMEAh87TAMEAh87YAME
Ah87cAMEAh87eDAMAwQDHzuIAwQEHzugAwQCHzvgAwQDHzvoMA0GCSqGSIb3DQEB
CwUAA4IBAQAsO1nRYGul1dQa6ZMt41jrxlb5noFK1tVj/LgF7oClnDEfJiN1gw4n
W0WUbxRrd6SAuuGlUPSCU6Mkp9Ia32Yxy2WPtsF9wJr0zCjr/qea8R8lHlGFzw8K
LfWGlxlQfqQU389vDd/XlVZmCI2G6B9sh7KqtzBjRShtZWoKKknDKN79Zi/A4qrv
6iXhx+r3Hgrhbw/FbMKR8UIUm45ScwGf+WWHS7ugx46x41BnyjiFa+E71ZhJAleT
Wo/+7bSYQ/LScuyQlFkdbFhCMwaJv/9nV2WjC+eAluFkD+1/H57UEPR5B5p5tuNg
f5FMEDVkOO7JqqFLutzAIHQ4tZzDbFQR
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:58:13 2025 by rpki-client