Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2mVu298RCwmUJaThhiNHprbyU2I.roa
File: 2mVu298RCwmUJaThhiNHprbyU2I.roa (raw, json)
Hash identifier: CbWWxRDln5EZS4bnUFQ15kt9I9/P2vlvEEzhbgOb8d0=
Subject key identifier: DA:65:6E:DB:DF:11:0B:09:94:25:A4:E1:86:23:47:A6:B6:F2:53:62
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193C63FFEDA202E3CC2850CDDCD48BFE7FC
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2mVu298RCwmUJaThhiNHprbyU2I.roa
Signing time: Sat 14 Dec 2024 17:38:23 +0000
ROA not before: Sat 14 Dec 2024 17:38:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.62.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.73.0/24 maxlen: 24
31.56.74.0/24 maxlen: 24
31.56.75.0/24 maxlen: 24
31.56.85.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.156.0/24 maxlen: 24
31.57.65.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.146.0/23 maxlen: 24
31.57.166.0/24 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.188.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.204.0/24 maxlen: 24
31.57.207.0/24 maxlen: 24
31.57.232.0/22 maxlen: 24
31.58.130.0/24 maxlen: 24
31.58.131.0/24 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.167.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Dec 2024 20:55:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c6:3f:fe:da:20:2e:3c:c2:85:0c:dd:cd:48:bf:e7:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 14 17:38:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da656edbdf110b099425a4e1862347a6b6f25362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:d2:37:0e:f4:63:f3:97:40:b9:ec:a8:b0:0c:
ab:25:21:cd:52:26:7b:59:58:f1:49:7a:fb:0b:84:
b4:1d:da:f5:da:44:91:f8:b0:ec:01:68:c8:b1:16:
78:a8:03:04:b4:28:7f:b7:24:18:62:59:65:37:64:
e5:32:cf:cd:48:31:57:ce:e4:2f:2c:a8:7c:9a:e0:
e6:39:06:e6:c2:be:1f:ea:37:8e:bd:64:88:d3:4c:
a7:a1:35:5b:14:f5:05:1f:cb:0b:14:17:17:f8:32:
b8:36:81:c2:d1:26:4c:79:06:3c:8b:9e:9d:0e:4d:
ba:a8:05:d4:fa:0e:2a:86:88:6d:80:4b:b9:97:4f:
67:da:f7:6e:62:a2:ab:0e:79:2f:20:d6:47:9e:b4:
b1:eb:14:a0:6f:91:bf:a0:eb:88:38:f2:f1:f0:39:
0c:58:d4:85:db:5a:2c:31:43:c4:2f:b5:e8:ff:84:
39:e8:07:41:bb:1d:9a:e4:99:16:f4:5b:50:2e:9b:
fe:34:0c:f1:6e:de:5d:d6:68:a5:ab:5d:ec:1f:f4:
ed:1d:84:bb:56:42:13:3e:47:ac:9d:4b:f2:2a:23:
68:3b:ca:cf:44:c2:46:d5:e9:51:0e:a9:59:1f:a5:
93:02:57:54:90:b3:58:19:0a:b4:58:18:a0:28:09:
0b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:65:6E:DB:DF:11:0B:09:94:25:A4:E1:86:23:47:A6:B6:F2:53:62
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2mVu298RCwmUJaThhiNHprbyU2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.62.0/24
31.56.71.0/24
31.56.73.0-31.56.75.255
31.56.85.0/24
31.56.89.0/24
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.156.0/24
31.57.65.0/24
31.57.132.0/23
31.57.146.0/23
31.57.166.0/24
31.57.176.0/21
31.57.188.0/24
31.57.192.0/22
31.57.200.0/23
31.57.204.0/24
31.57.207.0/24
31.57.232.0/22
31.58.130.0/23
31.58.152.0/22
31.58.167.0/24
31.59.96.0/22
31.59.112.0/22
31.59.184.0/22
Signature Algorithm: sha256WithRSAEncryption
36:45:40:20:a1:12:41:38:fc:7b:54:60:04:3f:dd:5f:67:34:
4f:96:01:f2:09:37:bf:8f:1d:0e:68:e1:b8:a5:a5:f0:9b:9b:
bf:88:da:a7:e0:dc:a8:5e:5a:5c:be:f9:c0:6d:06:4a:9f:e3:
66:92:ad:a7:55:e5:de:62:93:1d:6b:e6:ee:d7:b9:c1:e7:00:
21:b4:6a:47:d4:43:be:13:60:7b:1b:72:79:30:d2:41:bb:93:
fb:91:7f:4f:89:e6:72:78:25:7f:01:24:d8:ed:b1:76:65:3b:
a3:82:15:57:39:42:b3:1f:5b:f6:84:36:f6:26:ec:65:40:5a:
58:aa:d1:8f:df:27:6b:88:9e:05:4d:9f:05:67:56:03:07:d2:
2e:10:83:0a:ca:b3:e1:52:7f:75:c5:a0:99:b3:f0:bf:01:70:
a3:91:30:43:33:51:f0:58:27:31:21:0e:60:cb:71:61:32:2e:
25:da:85:9b:0c:29:be:fc:d2:2e:87:6a:fa:d3:c5:0a:ff:d0:
6c:4d:76:31:44:7e:72:28:ac:77:f7:2c:77:18:f3:55:c0:45:
07:cc:9c:1a:83:ac:cc:b6:4f:58:f3:23:38:65:e6:72:8c:aa:
57:dc:78:77:06:e4:d5:e7:f3:b7:3b:1a:fa:c1:f4:c2:8a:05:
3d:72:57:a5
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAZPGP/7aIC48woUM3c1Iv+f8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjE0MTczODIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTY1NmVkYmRmMTEwYjA5OTQyNWE0ZTE4NjIzNDdhNmI2ZjI1MzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2tI3DvRj85dAueyosAyrJSHNUiZ7
WVjxSXr7C4S0Hdr12kSR+LDsAWjIsRZ4qAMEtCh/tyQYYlllN2TlMs/NSDFXzuQv
LKh8muDmOQbmwr4f6jeOvWSI00ynoTVbFPUFH8sLFBcX+DK4NoHC0SZMeQY8i56d
Dk26qAXU+g4qhohtgEu5l09n2vduYqKrDnkvINZHnrSx6xSgb5G/oOuIOPLx8DkM
WNSF21osMUPEL7Xo/4Q56AdBux2a5JkW9FtQLpv+NAzxbt5d1milq13sH/TtHYS7
VkITPkesnUvyKiNoO8rPRMJG1elRDqlZH6WTAldUkLNYGQq0WBigKAkLKQIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFNplbtvfEQsJlCWk4YYjR6a28lNiMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMm1WdTI5OFJDd21VSmFUaGhpTkhwcmJ5VTJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAEwgcQDBAEf
OAQDBAAfOBgDBAEfOCoDBAAfODkDBAAfOD4DBAAfOEcwDAMEAB84SQMEAh84SAME
AB84VQMEAB84WQMEAx84aAMEAR84cjAMAwQBHzh2AwQCHzh4AwQAHzicAwQAHzlB
AwQBHzmEAwQBHzmSAwQAHzmmAwQDHzmwAwQAHzm8AwQCHznAAwQBHznIAwQAHznM
AwQAHznPAwQCHznoAwQBHzqCAwQCHzqYAwQAHzqnAwQCHztgAwQCHztwAwQCHzu4
MA0GCSqGSIb3DQEBCwUAA4IBAQA2RUAgoRJBOPx7VGAEP91fZzRPlgHyCTe/jx0O
aOG4paXwm5u/iNqn4NyoXlpcvvnAbQZKn+Nmkq2nVeXeYpMda+bu17nB5wAhtGpH
1EO+E2B7G3J5MNJBu5P7kX9PieZyeCV/ASTY7bF2ZTujghVXOUKzH1v2hDb2Juxl
QFpYqtGP3ydriJ4FTZ8FZ1YDB9IuEIMKyrPhUn91xaCZs/C/AXCjkTBDM1HwWCcx
IQ5gy3FhMi4l2oWbDCm+/NIuh2r608UK/9BsTXYxRH5yKKx39yx3GPNVwEUHzJwa
g6zMtk9Y8yM4ZeZyjKpX3Hh3BuTV5/O3Oxr6wfTCigU9clel
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:48:58 2025 by rpki-client