Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/CgOXoYuoWXthOZRB16uLQZYiWDU.roa
File: CgOXoYuoWXthOZRB16uLQZYiWDU.roa (raw, json)
Hash identifier: 1/kgh71XeXZFU4jFk56l4VaQXTtlUW8VJBbIYPBbDSc=
Subject key identifier: 0A:03:97:A1:8B:A8:59:7B:61:39:94:41:D7:AB:8B:41:96:22:58:35
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193D896D11FA3E0E0321608EC4EB69F3286
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/CgOXoYuoWXthOZRB16uLQZYiWDU.roa
Signing time: Wed 18 Dec 2024 07:06:22 +0000
ROA not before: Wed 18 Dec 2024 07:06:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.73.0/24 maxlen: 24
31.56.74.0/24 maxlen: 24
31.56.75.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.156.0/24 maxlen: 24
31.57.44.0/23 maxlen: 24
31.57.65.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.145.0/24 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.178.0/24 maxlen: 24
31.57.179.0/24 maxlen: 24
31.57.181.0/24 maxlen: 24
31.57.182.0/24 maxlen: 24
31.57.183.0/24 maxlen: 24
31.57.188.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.204.0/24 maxlen: 24
31.57.207.0/24 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.232.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.130.0/24 maxlen: 24
31.58.131.0/24 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.167.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Dec 2024 09:27:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d8:96:d1:1f:a3:e0:e0:32:16:08:ec:4e:b6:9f:32:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 18 07:06:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a0397a18ba8597b61399441d7ab8b4196225835
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f7:17:22:fa:1c:b9:95:40:ce:43:ee:2c:b7:
6f:9e:13:93:eb:5f:5a:11:f0:c4:1f:8b:dd:6d:f4:
cb:b9:aa:9c:0d:1d:aa:a0:a8:8e:c3:ae:08:9c:94:
f0:c5:ea:6f:17:31:19:58:76:9b:64:c0:cc:38:16:
33:cc:4c:e4:cb:b0:f7:48:84:bc:57:81:8a:60:02:
da:9f:f0:30:bc:f9:72:40:1e:e6:cf:de:e4:a8:ba:
ac:59:5e:f0:be:62:e8:ce:b5:ae:4a:3f:c8:b5:8c:
67:1f:cc:86:92:34:a8:d6:64:78:b2:59:e8:93:95:
3d:b4:f4:df:68:87:eb:d5:70:83:2b:be:96:c0:a3:
64:1a:87:80:49:cb:a3:5f:cf:af:ba:e8:0c:b1:e5:
51:65:83:87:b9:2b:7d:83:92:43:63:cb:82:91:9a:
34:a3:6e:26:eb:7e:24:bb:6c:a0:0f:d1:1e:81:7e:
11:98:e6:a6:ff:43:fe:50:db:03:da:91:f7:67:82:
9f:90:d5:39:6a:e6:8b:a2:07:e7:98:6e:66:b5:b8:
d8:e8:2a:a7:38:5a:21:16:c8:4e:94:e8:6a:72:ea:
3a:61:62:52:c3:30:04:a0:65:4f:30:3d:a6:da:9e:
59:e5:69:bc:de:4a:da:37:92:17:6f:73:34:58:d4:
c6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:03:97:A1:8B:A8:59:7B:61:39:94:41:D7:AB:8B:41:96:22:58:35
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/CgOXoYuoWXthOZRB16uLQZYiWDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.71.0/24
31.56.73.0-31.56.75.255
31.56.89.0/24
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.156.0/24
31.57.44.0/23
31.57.65.0/24
31.57.132.0/23
31.57.145.0-31.57.147.255
31.57.176.0/21
31.57.188.0/24
31.57.192.0/22
31.57.200.0/23
31.57.204.0/24
31.57.207.0-31.57.223.255
31.57.232.0/22
31.58.34.0/23
31.58.130.0/23
31.58.152.0/22
31.58.167.0/24
31.59.96.0/22
31.59.112.0/22
31.59.184.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:c2:d0:26:cc:ca:a7:6c:77:f0:78:49:6e:c1:92:98:43:7d:
c5:8a:3d:6e:c4:48:80:a4:3f:36:ec:0c:22:a9:3c:ce:f3:16:
82:ab:7c:71:6c:f0:2d:50:75:3a:87:69:d5:cd:5c:6d:07:5f:
3d:44:9d:9e:aa:66:39:27:0d:6b:4b:54:ab:db:f4:86:ba:65:
70:ee:3b:44:41:d3:33:4c:e5:72:2a:41:05:d7:76:b9:a9:4c:
d5:da:b5:cc:48:78:24:77:8c:f9:c1:36:38:5d:41:02:e4:5d:
81:46:96:ee:37:a8:d0:91:75:2f:0a:50:09:1d:9a:0d:43:a2:
ac:4b:5f:e2:f9:7f:d4:3c:fe:c1:97:8d:0f:13:5c:f8:0e:67:
9a:47:fd:2d:b1:a3:3f:7d:c4:02:2c:cb:54:61:e7:d9:b4:ea:
47:b8:de:c1:00:73:72:62:e5:95:c2:ab:e9:69:13:93:86:e7:
c2:65:e4:c8:7e:14:cd:65:f5:5f:1e:f3:a4:1c:8a:6d:d9:79:
ee:36:32:4f:9c:2a:25:55:30:b5:d0:d9:d9:ab:1a:55:a9:e4:
df:2a:cc:db:a8:8d:1c:ec:b7:38:05:65:af:84:1d:db:cc:72:
91:a0:23:cc:2c:ee:c2:53:89:00:5a:4c:a4:03:82:dc:d0:c0:
b3:54:d7:5c
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAZPYltEfo+DgMhYI7E62nzKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjE4MDcwNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTAzOTdhMThiYTg1OTdiNjEzOTk0NDFkN2FiOGI0MTk2MjI1ODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPcXIvocuZVAzkPuLLdvnhOT619a
EfDEH4vdbfTLuaqcDR2qoKiOw64InJTwxepvFzEZWHabZMDMOBYzzEzky7D3SIS8
V4GKYALan/AwvPlyQB7mz97kqLqsWV7wvmLozrWuSj/ItYxnH8yGkjSo1mR4slno
k5U9tPTfaIfr1XCDK76WwKNkGoeAScujX8+vuugMseVRZYOHuSt9g5JDY8uCkZo0
o24m634ku2ygD9EegX4RmOam/0P+UNsD2pH3Z4KfkNU5auaLogfnmG5mtbjY6Cqn
OFohFshOlOhqcuo6YWJSwzAEoGVPMD2m2p5Z5Wm83kraN5IXb3M0WNTGtwIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFAoDl6GLqFl7YTmUQderi0GWIlg1MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQ2dPWG9ZdW9XWHRoT1pSQjE2dUxRWllpV0RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCB1QQCAAEwgc4DBAEf
OAQDBAAfOBgDBAEfOCoDBAAfODkDBAAfOEcwDAMEAB84SQMEAh84SAMEAB84WQME
Ax84aAMEAR84cjAMAwQBHzh2AwQCHzh4AwQAHzicAwQBHzksAwQAHzlBAwQBHzmE
MAwDBAAfOZEDBAIfOZADBAMfObADBAAfObwDBAIfOcADBAEfOcgDBAAfOcwwDAME
AB85zwMEBR85wAMEAh856AMEAR86IgMEAR86ggMEAh86mAMEAB86pwMEAh87YAME
Ah87cAMEAh87uDANBgkqhkiG9w0BAQsFAAOCAQEAvMLQJszKp2x38HhJbsGSmEN9
xYo9bsRIgKQ/NuwMIqk8zvMWgqt8cWzwLVB1Oodp1c1cbQdfPUSdnqpmOScNa0tU
q9v0hrplcO47REHTM0zlcipBBdd2ualM1dq1zEh4JHeM+cE2OF1BAuRdgUaW7jeo
0JF1LwpQCR2aDUOirEtf4vl/1Dz+wZeNDxNc+A5nmkf9LbGjP33EAizLVGHn2bTq
R7jewQBzcmLllcKr6WkTk4bnwmXkyH4UzWX1Xx7zpByKbdl57jYyT5wqJVUwtdDZ
2asaVank3yrM26iNHOy3OAVlr4Qd28xykaAjzCzuwlOJAFpMpAOC3NDAs1TXXA==
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:06 2025 by rpki-client