Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2pIYY3cRINT1aF5xohqonczJJ00.roa
File: 2pIYY3cRINT1aF5xohqonczJJ00.roa (raw, json)
Hash identifier: p31iPjasrGya2jUFZmHnjk0F/Fup4gbmWQO/jfUraFg=
Subject key identifier: DA:92:18:63:77:11:20:D4:F5:68:5E:71:A2:1A:A8:9D:CC:C9:27:4D
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01958B357164FE9ABF8DA8AEC31C97D139E1
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2pIYY3cRINT1aF5xohqonczJJ00.roa
Signing time: Wed 12 Mar 2025 16:34:50 +0000
ROA not before: Wed 12 Mar 2025 16:34:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.66.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.96.0/22 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.188.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.200.0/24 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.212.0/24 maxlen: 24
31.57.213.0/24 maxlen: 24
31.57.214.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.57.254.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.76.0/22 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.91.0/24 maxlen: 24
31.58.100.0/22 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.224.0/22 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.120.0/22 maxlen: 24
31.59.184.0/22 maxlen: 24
31.59.186.0/24 maxlen: 24
31.59.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Mar 2025 18:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8b:35:71:64:fe:9a:bf:8d:a8:ae:c3:1c:97:d1:39:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 12 16:34:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da921863771120d4f5685e71a21aa89dccc9274d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:94:93:9e:cb:0d:88:24:de:0c:4e:d5:42:3d:
5e:3c:19:68:f8:7b:7b:d7:af:0a:dd:0b:a5:d6:93:
6a:53:97:e4:ef:46:ca:3c:2c:d5:a9:77:f1:38:d4:
52:ca:85:f2:2d:2b:ca:1c:19:f9:1f:0e:f8:ef:10:
99:84:b8:dc:1e:2b:5d:fd:58:bd:de:cf:c9:1c:ea:
4d:61:a1:82:e6:64:e8:a4:a2:3c:cb:1b:df:8f:5b:
6a:71:01:8a:4a:67:1d:a2:a1:24:63:b1:34:e2:07:
45:c7:57:df:20:b4:e3:4f:97:af:3b:4d:3e:cd:a3:
b6:4c:ac:a3:98:b8:93:4a:48:ca:10:aa:45:60:7e:
d7:dd:3c:bf:d1:59:ca:7e:f2:24:af:7a:5c:20:10:
ae:73:da:bb:4c:f2:43:6f:12:a1:2e:2d:24:c7:10:
dc:ab:fb:a7:ff:60:7a:73:fe:bd:38:a3:40:12:f9:
ab:83:98:2f:1a:c3:c0:4a:dc:df:14:45:a8:97:ef:
fe:ac:be:00:8c:aa:a7:4f:09:07:97:66:b4:9a:52:
29:fb:67:bd:5c:9a:f2:05:44:c5:e0:a7:bd:6d:f2:
dd:94:34:ba:4a:90:51:03:f2:0a:58:09:f8:ea:bd:
51:a0:00:1d:6a:d1:64:54:48:23:e3:b9:18:84:e8:
0d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:92:18:63:77:11:20:D4:F5:68:5E:71:A2:1A:A8:9D:CC:C9:27:4D
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2pIYY3cRINT1aF5xohqonczJJ00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.66.0/24
31.56.71.0/24
31.56.89.0-31.56.91.255
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.96.0/22
31.57.104.0/21
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.176.0/21
31.57.188.0/24
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.50.0/23
31.58.68.0/22
31.58.76.0/22
31.58.84.0/22
31.58.91.0/24
31.58.100.0/22
31.58.152.0/22
31.58.224.0/22
31.59.41.0/24
31.59.96.0/22
31.59.112.0/22
31.59.120.0/22
31.59.184.0/22
31.59.230.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:cd:08:b0:a5:69:b1:4d:12:94:aa:fc:31:97:f5:90:25:34:
a8:68:c2:99:a7:5d:23:ba:73:6e:4d:cc:c9:3d:99:e6:1a:26:
44:26:f7:f9:fc:da:21:81:6d:de:cb:68:10:37:d3:f3:00:a1:
aa:0f:c4:73:04:13:91:59:b0:59:e9:14:6e:1a:fa:20:70:8d:
fa:14:01:34:bc:cf:59:fe:97:4d:9d:b4:41:2c:32:f3:13:01:
cb:d5:a3:44:bf:91:e9:42:a5:e6:09:13:fb:19:b8:e8:e6:af:
de:0e:94:90:6e:e0:ae:8d:1a:a9:74:fc:f2:bf:0b:71:f3:0a:
95:51:d2:18:34:67:06:ac:42:4f:54:25:c5:de:d2:9e:59:b7:
e8:38:d4:67:ec:75:2a:0d:2c:86:86:0d:dd:4d:46:71:22:9f:
1d:e7:bf:09:36:a6:60:4f:94:7e:48:5b:2d:3f:c5:a1:58:29:
fd:35:2f:33:fd:3f:62:0c:a3:69:04:5b:da:43:19:f7:4c:f7:
6d:b1:6d:6a:d7:59:d2:aa:d4:de:33:92:96:9d:e9:9e:d2:e5:
df:bb:ce:5f:b7:ad:30:a5:fd:b6:fc:b9:12:18:63:6c:bc:e7:
56:2f:0f:4f:b8:d1:5c:0f:56:85:aa:a8:85:9b:b4:6c:30:17:
ba:25:cf:a6
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgISAZWLNXFk/pq/jaiuwxyX0TnhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzEyMTYzNDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTkyMTg2Mzc3MTEyMGQ0ZjU2ODVlNzFhMjFhYTg5ZGNjYzkyNzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5STnssNiCTeDE7VQj1ePBlo+Ht7
168K3Qul1pNqU5fk70bKPCzVqXfxONRSyoXyLSvKHBn5Hw747xCZhLjcHitd/Vi9
3s/JHOpNYaGC5mTopKI8yxvfj1tqcQGKSmcdoqEkY7E04gdFx1ffILTjT5evO00+
zaO2TKyjmLiTSkjKEKpFYH7X3Ty/0VnKfvIkr3pcIBCuc9q7TPJDbxKhLi0kxxDc
q/un/2B6c/69OKNAEvmrg5gvGsPAStzfFEWol+/+rL4AjKqnTwkHl2a0mlIp+2e9
XJryBUTF4Ke9bfLdlDS6SpBRA/IKWAn46r1RoAAdatFkVEgj47kYhOgNJQIDAQAB
o4IDCDCCAwQwHQYDVR0OBBYEFNqSGGN3ESDU9WhecaIaqJ3MySdNMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMnBJWVkzY1JJTlQxYUY1eG9ocW9uY3pKSjAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHAYIKwYBBQUHAQcBAf8EggELMIIBBzCCAQMEAgABMIH8
AwQBHzgEAwQAHzgYAwQBHzgqAwQAHzg5AwQAHzhCAwQAHzhHMAwDBAAfOFkDBAIf
OFgDBAMfOGgDBAEfOHIwDAMEAR84dgMEAh84eAMEAh84yAMEAh85YAMEAx85aAME
AR85hAMEAx85iAMEAR85kgMEAx85sAMEAB85vAMEAh85wAMEAR85yDAMAwQEHznQ
AwQCHzngAwQCHznoAwQCHzn8AwQBHzoiAwQBHzoyAwQCHzpEAwQCHzpMAwQCHzpU
AwQAHzpbAwQCHzpkAwQCHzqYAwQCHzrgAwQAHzspAwQCHztgAwQCHztwAwQCHzt4
AwQCHzu4AwQAHzvmMA0GCSqGSIb3DQEBCwUAA4IBAQAKzQiwpWmxTRKUqvwxl/WQ
JTSoaMKZp10junNuTczJPZnmGiZEJvf5/NohgW3ey2gQN9PzAKGqD8RzBBORWbBZ
6RRuGvogcI36FAE0vM9Z/pdNnbRBLDLzEwHL1aNEv5HpQqXmCRP7Gbjo5q/eDpSQ
buCujRqpdPzyvwtx8wqVUdIYNGcGrEJPVCXF3tKeWbfoONRn7HUqDSyGhg3dTUZx
Ip8d578JNqZgT5R+SFstP8WhWCn9NS8z/T9iDKNpBFvaQxn3TPdtsW1q11nSqtTe
M5KWneme0uXfu85ft60wpf22/LkSGGNsvOdWLw9PuNFcD1aFqqiFm7RsMBe6Jc+m
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:01:00 2025 by rpki-client