Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/D1bFY_HUBL6ZHzeFkAptJW8xgfw.roa
File: D1bFY_HUBL6ZHzeFkAptJW8xgfw.roa (raw, json)
Hash identifier: tEURdkE2yM/irzXFJWEVhAiBO6ao76If2G3TF+/vM7k=
Subject key identifier: 0F:56:C5:63:F1:D4:04:BE:99:1F:37:85:90:0A:6D:25:6F:31:81:FC
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019562C433AB59615748F5F7997D661380B7
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/D1bFY_HUBL6ZHzeFkAptJW8xgfw.roa
Signing time: Tue 04 Mar 2025 20:06:20 +0000
ROA not before: Tue 04 Mar 2025 20:06:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 31.56.154.0/24 maxlen: 24
31.56.158.0/24 maxlen: 24
31.56.159.0/24 maxlen: 24
31.56.168.0/24 maxlen: 24
31.56.169.0/24 maxlen: 24
31.56.170.0/24 maxlen: 24
31.56.171.0/24 maxlen: 24
31.56.174.0/24 maxlen: 24
31.56.175.0/24 maxlen: 24
31.57.24.0/22 maxlen: 24
31.57.28.0/22 maxlen: 24
31.57.48.0/22 maxlen: 24
31.57.52.0/22 maxlen: 24
31.57.56.0/22 maxlen: 24
31.57.60.0/22 maxlen: 24
31.57.120.0/22 maxlen: 24
31.57.124.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.196.0/22 maxlen: 24
31.58.204.0/22 maxlen: 24
31.58.208.0/23 maxlen: 24
31.58.212.0/22 maxlen: 24
31.58.232.0/23 maxlen: 24
217.60.0.0/21 maxlen: 24
217.60.0.0/24 maxlen: 24
217.60.1.0/24 maxlen: 24
217.60.2.0/24 maxlen: 24
217.60.4.0/24 maxlen: 24
217.60.5.0/24 maxlen: 24
217.60.6.0/24 maxlen: 24
217.60.8.0/21 maxlen: 24
217.60.8.0/24 maxlen: 24
217.60.10.0/24 maxlen: 24
217.60.11.0/24 maxlen: 24
217.60.12.0/24 maxlen: 24
217.60.13.0/24 maxlen: 24
217.60.14.0/24 maxlen: 24
217.60.24.0/22 maxlen: 24
217.60.32.0/21 maxlen: 24
217.60.44.0/22 maxlen: 24
217.60.56.0/21 maxlen: 24
217.60.56.0/24 maxlen: 24
217.60.57.0/24 maxlen: 24
217.60.58.0/24 maxlen: 24
217.60.59.0/24 maxlen: 24
217.60.60.0/24 maxlen: 24
217.60.61.0/24 maxlen: 24
217.60.62.0/24 maxlen: 24
217.60.63.0/24 maxlen: 24
217.60.188.0/22 maxlen: 24
217.60.192.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Mar 2025 08:13:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:62:c4:33:ab:59:61:57:48:f5:f7:99:7d:66:13:80:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 4 20:06:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f56c563f1d404be991f3785900a6d256f3181fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5e:62:51:85:1f:fc:2e:b0:f6:e4:f7:13:a9:
2f:3f:5a:6d:50:cb:23:1d:f9:ac:66:f0:f4:d1:f1:
80:ec:e6:e7:5d:81:25:07:ad:a9:42:77:d9:b0:42:
29:79:0a:93:58:f6:30:c2:97:11:33:84:22:2b:db:
67:86:cc:b5:ec:ae:c3:00:e9:62:06:77:1c:1d:05:
d1:16:f7:a2:c3:79:7e:75:3d:8a:50:90:8c:48:6f:
d9:e4:81:1b:bc:d0:29:e8:f5:5c:a7:9a:3f:b3:94:
7d:6b:e2:1c:1c:e7:52:de:b1:a3:0b:53:6e:0b:d2:
b3:69:f5:71:17:9c:aa:12:c7:28:f3:70:c9:b6:ab:
c0:83:f2:b3:4d:92:54:84:6b:38:c2:7a:81:d9:a6:
75:f6:fa:aa:b1:d6:2e:e4:2b:2d:f4:4b:75:50:2e:
cd:94:a5:2a:97:ae:4c:87:d2:ab:fb:04:15:64:ce:
a4:23:fd:1e:30:f6:c1:07:6f:9c:0c:36:4c:da:ed:
f1:11:19:0e:6b:bf:bb:36:7a:a9:0b:32:92:a9:a8:
04:86:a8:45:31:b7:6b:c2:98:52:6a:1c:5a:db:7f:
a7:b0:4c:22:f3:be:f2:4f:68:20:cf:3e:d1:02:5f:
d2:e9:08:a1:e4:d5:7f:81:f8:87:2e:fc:e9:58:b6:
3b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:56:C5:63:F1:D4:04:BE:99:1F:37:85:90:0A:6D:25:6F:31:81:FC
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/D1bFY_HUBL6ZHzeFkAptJW8xgfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.154.0/24
31.56.158.0/23
31.56.168.0/22
31.56.174.0/23
31.57.24.0/21
31.57.48.0/20
31.57.120.0/21
31.58.34.0/23
31.58.196.0/22
31.58.204.0-31.58.209.255
31.58.212.0/22
31.58.232.0/23
217.60.0.0/20
217.60.24.0/22
217.60.32.0/21
217.60.44.0/22
217.60.56.0/21
217.60.188.0-217.60.195.255
Signature Algorithm: sha256WithRSAEncryption
44:f1:7a:04:d7:c3:7a:1b:4c:10:44:b8:81:f7:86:df:10:1f:
ad:2d:59:e2:21:a3:00:8f:5c:10:99:7c:f1:fe:c5:a5:9e:27:
bd:95:06:ec:71:58:31:13:56:6a:b4:f0:b3:e1:63:17:46:14:
6c:1e:a5:bd:1e:d9:19:b1:3d:23:a7:42:d0:c3:73:50:b7:de:
87:15:52:60:90:28:fc:e1:5b:2f:2f:f0:4c:33:e0:27:41:e0:
95:a0:c8:cf:33:39:f0:02:61:28:b1:bd:42:43:c5:f0:bf:07:
46:ac:dc:94:01:c0:36:63:46:ed:96:61:93:49:7f:08:d8:6f:
df:a7:e1:b9:4f:5e:35:c5:3c:11:fa:8d:ec:0b:42:94:4a:13:
74:07:95:64:f4:95:64:b0:e8:9c:a3:f0:85:2e:4f:8f:d8:5d:
44:49:2c:6c:b7:a0:ec:55:cb:79:c5:d8:e9:08:09:9f:ea:9b:
09:ef:fb:b5:05:da:a0:cd:a8:38:40:b3:a0:00:2c:e4:37:7c:
b8:58:77:74:fe:84:10:05:a1:2c:fe:c1:e4:4d:c2:15:cc:84:
8c:91:09:1b:01:f5:6b:03:44:17:ba:36:d6:9b:45:f2:d9:4c:
e1:ec:f0:c2:51:e6:48:35:fe:a7:99:db:1a:41:1f:35:68:34:
ac:76:e8:5c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZVixDOrWWFXSPX3mX1mE4C3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzA0MjAwNjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjU2YzU2M2YxZDQwNGJlOTkxZjM3ODU5MDBhNmQyNTZmMzE4MWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAul5iUYUf/C6w9uT3E6kvP1ptUMsj
HfmsZvD00fGA7ObnXYElB62pQnfZsEIpeQqTWPYwwpcRM4QiK9tnhsy17K7DAOli
BnccHQXRFveiw3l+dT2KUJCMSG/Z5IEbvNAp6PVcp5o/s5R9a+IcHOdS3rGjC1Nu
C9KzafVxF5yqEsco83DJtqvAg/KzTZJUhGs4wnqB2aZ19vqqsdYu5Cst9Et1UC7N
lKUql65Mh9Kr+wQVZM6kI/0eMPbBB2+cDDZM2u3xERkOa7+7NnqpCzKSqagEhqhF
MbdrwphSahxa23+nsEwi877yT2ggzz7RAl/S6Qih5NV/gfiHLvzpWLY7WwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFA9WxWPx1AS+mR83hZAKbSVvMYH8MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvRDFiRllfSFVCTDZaSHplRmtBcHRKVzh4Z2Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAB84
mgMEAR84ngMEAh84qAMEAR84rgMEAx85GAMEBB85MAMEAx85eAMEAR86IgMEAh86
xDAMAwQCHzrMAwQBHzrQAwQCHzrUAwQBHzroAwQE2TwAAwQC2TwYAwQD2TwgAwQC
2TwsAwQD2Tw4MAwDBALZPLwDBALZPMAwDQYJKoZIhvcNAQELBQADggEBAETxegTX
w3obTBBEuIH3ht8QH60tWeIhowCPXBCZfPH+xaWeJ72VBuxxWDETVmq08LPhYxdG
FGwepb0e2RmxPSOnQtDDc1C33ocVUmCQKPzhWy8v8Ewz4CdB4JWgyM8zOfACYSix
vUJDxfC/B0as3JQBwDZjRu2WYZNJfwjYb9+n4blPXjXFPBH6jewLQpRKE3QHlWT0
lWSw6Jyj8IUuT4/YXURJLGy3oOxVy3nF2OkICZ/qmwnv+7UF2qDNqDhAs6AALOQ3
fLhYd3T+hBAFoSz+weRNwhXMhIyRCRsB9WsDRBe6NtabRfLZTOHs8MJR5kg1/qeZ
2xpBHzVoNKx26Fw=
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:58:14 2025 by rpki-client