Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/A0c4fRe-WPlkW0A_RivgqGyNNMQ.roa
File: A0c4fRe-WPlkW0A_RivgqGyNNMQ.roa (raw, json)
Hash identifier: 4heU6HkHlaCfTXDqQTHPizK1Rhwm7FkmHH/Ol0Pbk0k=
Subject key identifier: 03:47:38:7D:17:BE:58:F9:64:5B:40:3F:46:2B:E0:A8:6C:8D:34:C4
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01954B8C9A264A21E6F4F735552150A83676
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/A0c4fRe-WPlkW0A_RivgqGyNNMQ.roa
Signing time: Fri 28 Feb 2025 07:54:20 +0000
ROA not before: Fri 28 Feb 2025 07:54:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.85.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.92.0/22 maxlen: 24
31.57.96.0/22 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.227.0/24 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.76.0/22 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.92.0/22 maxlen: 24
31.58.100.0/22 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.220.0/22 maxlen: 24
31.58.224.0/22 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.184.0/22 maxlen: 24
31.59.186.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Mar 2025 08:10:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4b:8c:9a:26:4a:21:e6:f4:f7:35:55:21:50:a8:36:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 28 07:54:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0347387d17be58f9645b403f462be0a86c8d34c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:94:6c:e6:ea:6d:c7:8c:8c:c5:a8:17:04:45:
9b:60:32:b6:1a:83:27:a9:f1:d6:86:a9:7a:f1:ea:
0a:1f:a0:65:e2:0d:69:4e:e1:61:61:40:3b:0c:90:
f6:92:2c:02:df:48:95:58:64:58:a6:05:a8:48:9d:
34:98:f6:94:06:03:0e:74:52:a3:a7:3a:19:32:00:
c5:7f:bf:29:9e:6e:c4:35:06:3a:aa:05:b1:19:69:
5a:75:e2:e1:40:52:65:c0:d9:c6:bd:1c:2b:e6:e0:
c2:61:01:b2:6a:e3:5c:11:b0:14:46:4f:a9:31:8a:
0a:2e:c8:18:b7:2a:df:0c:e1:af:7f:43:29:7a:fb:
a7:52:63:a1:37:05:98:4b:e2:92:9c:e6:9f:1d:a3:
6d:aa:d8:0b:84:c6:71:3d:30:6d:61:a3:64:5a:3b:
38:d8:48:a1:f4:1d:46:7f:24:ed:9a:82:10:65:72:
8c:15:33:32:16:81:3f:83:98:29:c6:ed:aa:9b:22:
28:41:db:32:57:87:dd:7d:20:fb:4d:4a:45:e8:b3:
1a:c6:16:8f:d2:3a:2b:4f:8b:76:cf:88:49:14:f7:
e5:f3:1f:ee:0f:bc:4e:67:ab:83:31:ab:ef:e4:94:
7b:cb:0d:23:eb:8a:ae:cc:d7:20:2a:d8:f7:91:e8:
2b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:47:38:7D:17:BE:58:F9:64:5B:40:3F:46:2B:E0:A8:6C:8D:34:C4
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/A0c4fRe-WPlkW0A_RivgqGyNNMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.71.0/24
31.56.85.0/24
31.56.90.0/23
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.92.0-31.57.99.255
31.57.104.0/21
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.50.0/23
31.58.68.0/22
31.58.76.0/22
31.58.84.0/22
31.58.92.0/22
31.58.100.0/22
31.58.152.0/22
31.58.220.0-31.58.227.255
31.59.96.0/22
31.59.112.0/22
31.59.184.0/22
Signature Algorithm: sha256WithRSAEncryption
01:26:f4:ca:68:c6:7a:2f:d3:ba:48:56:86:81:66:d5:94:0d:
d5:82:21:2a:90:f0:97:0f:5b:2b:6f:77:fa:4e:75:ad:16:3b:
67:4b:e4:4a:11:a9:f8:b9:92:99:ef:cb:94:87:83:44:66:ae:
44:e7:34:d3:ac:a6:00:cc:70:a7:d3:d3:8f:b1:64:8e:91:3d:
25:4d:4a:3d:40:04:e1:28:98:f8:0c:ba:10:3a:2f:c1:5a:82:
ec:c2:52:66:4e:22:14:d7:88:fa:eb:9e:34:70:57:21:3f:5a:
df:be:77:6b:81:d9:76:45:c8:d1:90:45:03:e4:4f:4d:84:b7:
5e:1d:c6:c4:dc:f9:0b:99:1d:dd:42:04:a6:47:b4:26:81:4e:
14:62:7a:2a:be:19:e4:5d:ca:45:6f:41:32:90:4e:68:3d:1e:
52:e9:47:d0:b1:3c:4b:b7:72:bf:73:c8:be:be:b7:8a:1b:e7:
49:e0:f1:61:40:7f:18:48:c2:09:a5:ff:d2:76:5a:e7:c6:a7:
f2:f2:c3:e7:53:c7:3a:fa:51:2c:ee:e7:ff:0f:ac:23:17:b4:
36:bf:05:0f:f3:b7:4a:67:9f:10:9a:79:2d:0c:bc:00:ed:6d:
6f:51:81:fc:3b:5d:2c:a2:e3:7a:db:ac:3e:53:6d:d7:96:61:
bc:59:fc:02
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAZVLjJomSiHm9Pc1VSFQqDZ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjI4MDc1NDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzQ3Mzg3ZDE3YmU1OGY5NjQ1YjQwM2Y0NjJiZTBhODZjOGQzNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA85Rs5uptx4yMxagXBEWbYDK2GoMn
qfHWhql68eoKH6Bl4g1pTuFhYUA7DJD2kiwC30iVWGRYpgWoSJ00mPaUBgMOdFKj
pzoZMgDFf78pnm7ENQY6qgWxGWladeLhQFJlwNnGvRwr5uDCYQGyauNcEbAURk+p
MYoKLsgYtyrfDOGvf0MpevunUmOhNwWYS+KSnOafHaNtqtgLhMZxPTBtYaNkWjs4
2Eih9B1GfyTtmoIQZXKMFTMyFoE/g5gpxu2qmyIoQdsyV4fdfSD7TUpF6LMaxhaP
0jorT4t2z4hJFPfl8x/uD7xOZ6uDMavv5JR7yw0j64quzNcgKtj3kegrmwIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFANHOH0Xvlj5ZFtAP0Yr4KhsjTTEMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQTBjNGZSZS1XUGxrVzBBX1JpdmdxR3lOTk1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgfMEAgABMIHsAwQB
HzgEAwQAHzgYAwQBHzgqAwQAHzg5AwQAHzhHAwQAHzhVAwQBHzhaAwQDHzhoAwQB
HzhyMAwDBAEfOHYDBAIfOHgDBAIfOMgwDAMEAh85XAMEAh85YAMEAx85aAMEAR85
hAMEAx85iAMEAR85kgMEAx85sAMEAh85wAMEAR85yDAMAwQEHznQAwQCHzngAwQC
HznoAwQCHzn8AwQBHzoiAwQBHzoyAwQCHzpEAwQCHzpMAwQCHzpUAwQCHzpcAwQC
HzpkAwQCHzqYMAwDBAIfOtwDBAIfOuADBAIfO2ADBAIfO3ADBAIfO7gwDQYJKoZI
hvcNAQELBQADggEBAAEm9Mpoxnov07pIVoaBZtWUDdWCISqQ8JcPWytvd/pOda0W
O2dL5EoRqfi5kpnvy5SHg0RmrkTnNNOspgDMcKfT04+xZI6RPSVNSj1ABOEomPgM
uhA6L8FaguzCUmZOIhTXiPrrnjRwVyE/Wt++d2uB2XZFyNGQRQPkT02Et14dxsTc
+QuZHd1CBKZHtCaBThRieiq+GeRdykVvQTKQTmg9HlLpR9CxPEu3cr9zyL6+t4ob
50ng8WFAfxhIwgml/9J2WufGp/Lyw+dTxzr6USzu5/8PrCMXtDa/BQ/zt0pnnxCa
eS0MvADtbW9Rgfw7XSyi43rbrD5TbdeWYbxZ/AI=
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:56:56 2025 by rpki-client