Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2_wioXjm7vLv5DMKWpXeMmMWt-w.roa
File: 2_wioXjm7vLv5DMKWpXeMmMWt-w.roa (raw, json)
Hash identifier: acx/Rda+OCrsNpII2egmLfZqYeeW2BkGAHmGucCEp5Y=
Subject key identifier: DB:FC:22:A1:78:E6:EE:F2:EF:E4:33:0A:5A:95:DE:32:63:16:B7:EC
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01935813A405955FE1774F5F88D0C1F73E37
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2_wioXjm7vLv5DMKWpXeMmMWt-w.roa
Signing time: Sat 23 Nov 2024 08:11:42 +0000
ROA not before: Sat 23 Nov 2024 08:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.48.0/24 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.127.0/24 maxlen: 24
31.57.65.0/24 maxlen: 24
31.57.67.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.58.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Nov 2024 07:23:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:58:13:a4:05:95:5f:e1:77:4f:5f:88:d0:c1:f7:3e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 23 08:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbfc22a178e6eef2efe4330a5a95de326316b7ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:54:b9:ce:fd:86:f7:6e:e0:33:3e:60:6a:59:
21:3f:8e:c7:97:f7:31:3d:88:fe:6b:ba:09:09:4a:
73:d7:0a:2b:25:29:b4:72:28:22:04:81:be:14:54:
40:3d:21:6e:2e:90:e3:5d:ee:a1:17:85:b5:f4:6a:
e5:8e:80:1f:b5:31:a6:9d:b5:4d:df:1e:b5:b1:59:
b4:c4:fd:d7:f7:b3:b1:b8:47:a3:74:b4:b0:2a:d8:
56:87:6d:6f:73:49:0f:af:0a:81:ea:7f:86:d5:f9:
c6:99:48:61:e1:19:d6:48:89:7a:c1:20:23:76:59:
60:e8:a1:6a:24:f0:a4:0e:81:8a:71:40:b3:00:55:
33:ca:e3:ce:e9:5d:83:5c:dc:9f:0c:64:f6:73:47:
d7:c9:bb:1a:ff:71:ac:7b:3c:36:27:b1:5d:e9:b0:
3c:25:58:d3:b7:a9:3e:ca:59:fc:47:a2:60:cd:64:
28:85:b3:45:3c:d8:b6:1d:0a:ee:cc:e8:f1:cd:11:
2a:10:b0:30:79:7e:ad:21:d3:12:96:77:95:fc:2f:
f9:b2:f2:7d:38:fa:e4:3a:6a:75:5a:b2:f3:c5:2a:
b9:dd:38:c0:6c:21:32:ef:5f:2e:7b:22:76:62:34:
af:86:e5:10:8c:12:48:2e:d2:ba:78:fe:2e:df:6a:
a8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:FC:22:A1:78:E6:EE:F2:EF:E4:33:0A:5A:95:DE:32:63:16:B7:EC
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2_wioXjm7vLv5DMKWpXeMmMWt-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.48.0/24
31.56.57.0/24
31.56.89.0/24
31.56.120.0/22
31.56.127.0/24
31.57.65.0/24
31.57.67.0/24
31.57.132.0/23
31.57.146.0/23
31.57.176.0/21
31.57.192.0/22
31.57.232.0/22
31.58.49.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:32:45:94:99:3a:a5:1d:33:53:1e:bf:e7:57:50:dc:03:0b:
e8:30:f8:65:cc:47:5f:f6:cf:19:30:e8:4c:ca:ae:fb:01:42:
a0:ef:f7:ec:79:9f:fa:b4:e2:2c:6d:ca:b7:66:6d:e7:e6:e0:
e6:01:aa:63:ea:31:60:71:bb:f4:c4:19:68:6e:92:af:20:aa:
15:08:55:3c:84:92:a1:ed:73:0f:b3:9d:4b:0b:2f:72:3a:5f:
04:44:91:6b:a7:66:48:09:cd:85:5c:0d:a6:bc:06:c8:4d:0d:
d5:82:da:d6:ce:e3:7e:81:82:d6:07:83:ca:d5:50:09:30:14:
04:68:5a:2e:c2:be:e8:61:a3:ae:3c:ed:db:85:eb:ab:79:87:
d9:e0:e1:d0:1e:24:2d:8d:74:27:04:a4:19:bf:d1:e4:a0:c8:
32:3a:ca:10:75:9d:89:37:0c:a1:de:b3:72:73:16:c8:90:16:
49:7a:6f:e5:3f:b1:5b:53:2d:f0:ef:35:f8:d5:17:32:7c:6a:
0a:f4:2a:48:03:f0:01:dd:27:96:aa:06:60:1e:7c:f5:63:c9:
2d:20:2b:a4:15:6e:a9:6b:0c:5c:dd:c9:6c:2e:7d:d4:59:2d:
3c:42:92:ba:7e:63:93:83:1b:d3:6d:8a:c4:2f:36:01:87:86:
19:10:0a:ef
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZNYE6QFlV/hd09fiNDB9z43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTIzMDgxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmZjMjJhMTc4ZTZlZWYyZWZlNDMzMGE1YTk1ZGUzMjYzMTZiN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVS5zv2G927gMz5galkhP47Hl/cx
PYj+a7oJCUpz1worJSm0cigiBIG+FFRAPSFuLpDjXe6hF4W19GrljoAftTGmnbVN
3x61sVm0xP3X97OxuEejdLSwKthWh21vc0kPrwqB6n+G1fnGmUhh4RnWSIl6wSAj
dllg6KFqJPCkDoGKcUCzAFUzyuPO6V2DXNyfDGT2c0fXybsa/3Gsezw2J7Fd6bA8
JVjTt6k+yln8R6JgzWQohbNFPNi2HQruzOjxzREqELAweX6tIdMSlneV/C/5svJ9
OPrkOmp1WrLzxSq53TjAbCEy718ueyJ2YjSvhuUQjBJILtK6eP4u32qo3wIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFNv8IqF45u7y7+QzClqV3jJjFrfsMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMl93aW9Yam03dkx2NURNS1dwWGVNbU1XdC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQBHzgEAwQA
HzgYAwQBHzgqAwQAHzgwAwQAHzg5AwQAHzhZAwQCHzh4AwQAHzh/AwQAHzlBAwQA
HzlDAwQBHzmEAwQBHzmSAwQDHzmwAwQCHznAAwQCHznoAwQAHzoxMA0GCSqGSIb3
DQEBCwUAA4IBAQBNMkWUmTqlHTNTHr/nV1DcAwvoMPhlzEdf9s8ZMOhMyq77AUKg
7/fseZ/6tOIsbcq3Zm3n5uDmAapj6jFgcbv0xBlobpKvIKoVCFU8hJKh7XMPs51L
Cy9yOl8ERJFrp2ZICc2FXA2mvAbITQ3VgtrWzuN+gYLWB4PK1VAJMBQEaFouwr7o
YaOuPO3bheureYfZ4OHQHiQtjXQnBKQZv9HkoMgyOsoQdZ2JNwyh3rNycxbIkBZJ
em/lP7FbUy3w7zX41RcyfGoK9CpIA/AB3SeWqgZgHnz1Y8ktICukFW6pawxc3cls
Ln3UWS08QpK6fmOTgxvTbYrELzYBh4YZEArv
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:09 2025 by rpki-client