Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/60sMDpktOQyKq95EPPyat1wF4AY.roa
File: 60sMDpktOQyKq95EPPyat1wF4AY.roa (raw, json)
Hash identifier: sm8VC51pPmuB+I0y4+Npe35rMU4rudSM+OjCmFptQNE=
Subject key identifier: EB:4B:0C:0E:99:2D:39:0C:8A:AB:DE:44:3C:FC:9A:B7:5C:05:E0:06
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01942C845CA17DAA506111D339371FED0386
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/60sMDpktOQyKq95EPPyat1wF4AY.roa
Signing time: Fri 03 Jan 2025 14:14:19 +0000
ROA not before: Fri 03 Jan 2025 14:14:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.74.0/24 maxlen: 24
31.56.75.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.112.0/24 maxlen: 24
31.56.113.0/24 maxlen: 24
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.146.0/23 maxlen: 24
31.57.147.0/24 maxlen: 24
31.57.151.0/24 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.178.0/24 maxlen: 24
31.57.179.0/24 maxlen: 24
31.57.189.0/24 maxlen: 24
31.57.191.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.198.0/24 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.210.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.136.0/24 maxlen: 24
31.58.142.0/24 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.157.0/24 maxlen: 24
31.58.230.0/23 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.42.0/24 maxlen: 24
31.59.43.0/24 maxlen: 24
31.59.56.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.58.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.130.0/24 maxlen: 24
31.59.184.0/22 maxlen: 24
31.59.228.0/24 maxlen: 24
31.59.229.0/24 maxlen: 24
31.59.231.0/24 maxlen: 24
31.59.244.0/24 maxlen: 24
31.59.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 Jan 2025 06:40:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:2c:84:5c:a1:7d:aa:50:61:11:d3:39:37:1f:ed:03:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 3 14:14:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb4b0c0e992d390c8aabde443cfc9ab75c05e006
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e6:32:05:85:10:82:ec:ef:f7:59:40:18:81:
71:98:89:59:c7:1a:ca:e8:04:f8:9d:62:b4:a2:1c:
9a:14:ec:77:9a:e8:a0:8d:02:27:b4:96:4c:45:29:
74:00:76:7e:d8:ac:d7:37:14:98:fa:a3:4e:49:2f:
33:25:39:3f:0c:5f:17:81:50:e8:52:c5:37:f0:b0:
46:c6:52:39:80:18:f1:f4:70:00:a1:9b:75:de:15:
f8:56:c6:8c:8a:b2:59:3a:83:36:a5:07:00:c4:f3:
cb:b2:db:38:62:aa:b3:7b:ae:17:4f:e0:08:55:2e:
a3:e0:93:11:dd:81:4a:41:a4:47:60:b4:74:d9:a3:
07:76:c6:46:0d:53:9b:d4:b8:27:88:37:1d:c8:26:
a2:6f:f4:a4:31:12:73:af:6b:0d:b6:25:d6:cb:84:
57:20:39:70:bf:38:1f:c6:b6:c3:d8:aa:ff:27:1f:
59:bc:e2:81:43:89:51:4d:d9:b9:81:5c:b1:f2:ab:
11:36:44:75:c1:c6:f2:3c:7f:3e:dd:0e:ae:91:17:
c0:f7:4d:25:df:c7:a8:d7:5d:3a:3a:42:ab:03:8e:
af:8f:68:56:a8:f3:ea:27:b8:47:e9:60:ae:5a:3c:
24:82:2d:c7:b3:3c:56:35:45:47:87:02:e2:40:5d:
c0:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:4B:0C:0E:99:2D:39:0C:8A:AB:DE:44:3C:FC:9A:B7:5C:05:E0:06
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/60sMDpktOQyKq95EPPyat1wF4AY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.71.0/24
31.56.74.0/23
31.56.89.0/24
31.56.104.0-31.56.115.255
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.132.0/23
31.57.146.0/23
31.57.151.0/24
31.57.176.0/21
31.57.189.0/24
31.57.191.0-31.57.195.255
31.57.198.0/24
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.136.0/24
31.58.142.0/24
31.58.152.0/22
31.58.157.0/24
31.58.230.0/23
31.59.41.0-31.59.43.255
31.59.56.0-31.59.58.255
31.59.96.0/22
31.59.112.0/22
31.59.130.0/24
31.59.184.0/22
31.59.228.0/23
31.59.231.0/24
31.59.244.0/23
Signature Algorithm: sha256WithRSAEncryption
92:67:82:b1:d3:54:3f:d3:45:f1:b2:15:65:00:d5:a2:d2:60:
e4:65:c6:6e:82:11:66:72:f1:46:0f:e2:f3:48:cd:05:d1:cc:
0c:63:2a:47:f3:cf:fe:c6:cb:80:0f:f2:a5:85:a8:98:4a:80:
f7:35:2a:39:be:62:20:34:60:8d:d3:c0:01:a6:ee:48:55:e2:
47:e8:e8:ac:a3:b5:de:be:cd:69:46:78:f9:73:51:23:ba:66:
5f:cd:07:2f:c3:be:d4:d4:55:eb:5d:66:e6:a1:43:04:f0:0d:
7b:fb:59:d8:d3:29:cf:9f:ec:03:97:49:3d:13:5b:e0:cb:0f:
5f:26:45:26:35:87:29:e9:f3:49:ad:4f:02:63:03:2a:43:82:
a7:f2:52:69:dd:fe:52:d2:6b:9e:6b:0f:82:2d:02:39:6f:02:
8c:fe:c0:81:77:33:87:e2:50:4c:48:b0:12:f5:e5:b8:89:a1:
74:53:ce:11:43:8d:80:47:bb:10:83:a3:95:43:e1:83:d8:7d:
fb:1b:3d:56:70:c8:b0:b4:a6:17:7e:0a:63:79:aa:bf:23:6c:
35:ee:2b:c2:1e:f2:83:13:e1:f1:61:43:ac:82:f3:10:3b:0a:
61:b3:f6:2b:48:67:c0:c2:58:7b:5f:98:ef:d5:62:be:c6:5f:
e0:e5:35:82
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgISAZQshFyhfapQYRHTOTcf7QOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAzMTQxNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjRiMGMwZTk5MmQzOTBjOGFhYmRlNDQzY2ZjOWFiNzVjMDVlMDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+YyBYUQguzv91lAGIFxmIlZxxrK
6AT4nWK0ohyaFOx3muigjQIntJZMRSl0AHZ+2KzXNxSY+qNOSS8zJTk/DF8XgVDo
UsU38LBGxlI5gBjx9HAAoZt13hX4VsaMirJZOoM2pQcAxPPLsts4Yqqze64XT+AI
VS6j4JMR3YFKQaRHYLR02aMHdsZGDVOb1LgniDcdyCaib/SkMRJzr2sNtiXWy4RX
IDlwvzgfxrbD2Kr/Jx9ZvOKBQ4lRTdm5gVyx8qsRNkR1wcbyPH8+3Q6ukRfA900l
38eo1106OkKrA46vj2hWqPPqJ7hH6WCuWjwkgi3HszxWNUVHhwLiQF3AhwIDAQAB
o4IDFTCCAxEwHQYDVR0OBBYEFOtLDA6ZLTkMiqveRDz8mrdcBeAGMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNjBzTURwa3RPUXlLcTk1RVBQeWF0MXdGNEFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKQYIKwYBBQUHAQcBAf8EggEYMIIBFDCCARAEAgABMIIB
CAMEAR84BAMEAB84GAMEAR84KgMEAB84OQMEAB84RwMEAR84SgMEAB84WTAMAwQD
HzhoAwQCHzhwMAwDBAEfOHYDBAIfOHgDBAIfOMgDBAEfOYQDBAEfOZIDBAAfOZcD
BAMfObADBAAfOb0wDAMEAB85vwMEAh85wAMEAB85xgMEAR85yDAMAwQEHznQAwQC
HzngAwQCHznoAwQCHzn8AwQBHzoiAwQAHzqIAwQAHzqOAwQCHzqYAwQAHzqdAwQB
HzrmMAwDBAAfOykDBAIfOygwDAMEAx87OAMEAB87OgMEAh87YAMEAh87cAMEAB87
ggMEAh87uAMEAR875AMEAB875wMEAR879DANBgkqhkiG9w0BAQsFAAOCAQEAkmeC
sdNUP9NF8bIVZQDVotJg5GXGboIRZnLxRg/i80jNBdHMDGMqR/PP/sbLgA/ypYWo
mEqA9zUqOb5iIDRgjdPAAabuSFXiR+jorKO13r7NaUZ4+XNRI7pmX80HL8O+1NRV
611m5qFDBPANe/tZ2NMpz5/sA5dJPRNb4MsPXyZFJjWHKenzSa1PAmMDKkOCp/JS
ad3+UtJrnmsPgi0COW8CjP7AgXczh+JQTEiwEvXluImhdFPOEUONgEe7EIOjlUPh
g9h9+xs9VnDIsLSmF34KY3mqvyNsNe4rwh7ygxPh8WFDrILzEDsKYbP2K0hnwMJY
e1+Y79VivsZf4OU1gg==
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:10 2025 by rpki-client