Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/GMh2tbNAWJCczADMfjhGM-IovV8.roa
File: GMh2tbNAWJCczADMfjhGM-IovV8.roa (raw, json)
Hash identifier: 3GI7gw0b27+0YmjeVsD71af6lJ3UeF+fduCPZUJb/XU=
Subject key identifier: 18:C8:76:B5:B3:40:58:90:9C:CC:00:CC:7E:38:46:33:E2:28:BD:5F
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01954B8AC44190ACFD88AAFBD9C96FAFBEB1
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/GMh2tbNAWJCczADMfjhGM-IovV8.roa
Signing time: Fri 28 Feb 2025 07:52:20 +0000
ROA not before: Fri 28 Feb 2025 07:52:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 31.56.154.0/24 maxlen: 24
31.56.158.0/24 maxlen: 24
31.56.159.0/24 maxlen: 24
31.56.168.0/24 maxlen: 24
31.56.169.0/24 maxlen: 24
31.56.170.0/24 maxlen: 24
31.56.171.0/24 maxlen: 24
31.56.174.0/24 maxlen: 24
31.56.175.0/24 maxlen: 24
31.57.24.0/22 maxlen: 24
31.57.28.0/22 maxlen: 24
31.57.48.0/22 maxlen: 24
31.57.52.0/22 maxlen: 24
31.57.56.0/22 maxlen: 24
31.57.60.0/22 maxlen: 24
31.57.120.0/22 maxlen: 24
31.57.124.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.196.0/22 maxlen: 24
31.58.204.0/22 maxlen: 24
31.58.208.0/23 maxlen: 24
31.58.212.0/22 maxlen: 24
31.58.232.0/23 maxlen: 24
31.58.234.0/24 maxlen: 24
31.58.236.0/24 maxlen: 24
31.59.120.0/22 maxlen: 24
217.60.0.0/18 maxlen: 24
217.60.1.0/24 maxlen: 24
217.60.5.0/24 maxlen: 24
217.60.11.0/24 maxlen: 24
217.60.13.0/24 maxlen: 24
217.60.24.0/24 maxlen: 24
217.60.25.0/24 maxlen: 24
217.60.26.0/24 maxlen: 24
217.60.27.0/24 maxlen: 24
217.60.188.0/22 maxlen: 24
217.60.192.0/22 maxlen: 24
217.60.196.0/23 maxlen: 24
217.60.244.0/23 maxlen: 24
217.60.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Feb 2025 13:22:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4b:8a:c4:41:90:ac:fd:88:aa:fb:d9:c9:6f:af:be:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 28 07:52:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18c876b5b34058909ccc00cc7e384633e228bd5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:fa:60:02:0c:e3:c5:00:6b:d8:8e:c2:c7:f9:
62:e6:c6:58:cd:50:23:12:6a:4c:02:da:bd:92:8a:
6c:0d:1e:25:30:b0:ac:ae:7c:0c:e5:ad:d0:21:7f:
48:09:a7:f8:ab:00:67:0c:69:86:a5:44:86:d2:a6:
61:0f:f9:a9:b0:59:b7:c9:1a:77:f0:f1:d0:00:97:
6d:9d:1f:03:0c:1b:d1:e3:72:d4:40:a3:5a:4a:59:
2e:32:8c:08:05:f6:b4:e8:61:89:95:9d:69:c7:1b:
e6:55:03:62:bb:6a:e8:cb:00:ca:88:6e:d7:d9:84:
ce:31:71:de:64:08:2b:e9:27:24:43:7f:00:61:15:
ea:d5:1b:1f:b7:ab:58:11:6c:60:40:54:06:c6:a3:
2f:50:f9:8f:df:32:45:0a:9e:02:0b:2a:44:e9:29:
23:0d:88:c2:b5:55:91:10:27:96:37:bd:bd:36:70:
77:74:22:95:c8:42:00:78:08:c4:c2:b7:8d:6e:15:
bc:ba:eb:80:31:ff:d0:3f:fb:bc:ba:87:6b:af:c7:
65:0e:75:a0:0e:1e:71:50:f2:55:56:88:d6:74:20:
26:82:b1:b1:68:0e:94:34:39:4b:1e:a6:15:9b:c7:
37:3b:c1:ae:fc:4f:6e:fa:f4:20:69:3f:ec:84:3a:
11:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:C8:76:B5:B3:40:58:90:9C:CC:00:CC:7E:38:46:33:E2:28:BD:5F
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/GMh2tbNAWJCczADMfjhGM-IovV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.154.0/24
31.56.158.0/23
31.56.168.0/22
31.56.174.0/23
31.57.24.0/21
31.57.48.0/20
31.57.120.0/21
31.58.34.0/23
31.58.196.0/22
31.58.204.0-31.58.209.255
31.58.212.0/22
31.58.232.0-31.58.234.255
31.58.236.0/24
31.59.120.0/22
217.60.0.0/18
217.60.188.0-217.60.197.255
217.60.244.0/23
217.60.248.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:ee:64:04:c0:09:4f:d3:3b:53:93:e4:14:d3:e1:a5:8a:e6:
d2:17:4c:28:a7:0d:f9:33:4a:01:2c:c7:54:ce:9c:0f:7f:3f:
78:b7:c7:26:bf:92:c0:37:f2:a3:1c:2d:c0:43:23:d8:6b:e4:
8b:40:be:98:10:b5:16:5d:7f:34:6d:29:4f:02:54:69:50:97:
9b:76:41:f8:47:73:3c:46:dd:14:44:c7:dd:37:bc:5c:f7:f3:
88:6b:84:ef:13:8f:cf:14:6b:51:46:1f:3b:ca:22:a8:8c:31:
dd:a2:33:7a:90:fc:aa:ce:24:b6:59:ce:80:b8:36:31:53:03:
f5:e9:63:66:56:b2:35:f6:6f:ee:7d:ad:0f:d6:d7:89:ea:b0:
6d:9d:5d:e9:fc:47:4f:45:59:49:26:d2:45:af:25:52:a6:06:
a1:b5:5e:e9:37:07:35:50:56:9c:38:6b:67:8b:db:8c:df:a8:
e2:67:43:df:3c:4c:d8:27:34:b7:89:1c:80:4c:a7:43:d1:0b:
79:df:93:6c:d6:6c:9c:49:72:88:c3:61:41:7e:cb:49:38:10:
db:69:13:90:77:fd:30:a4:b5:b3:4a:62:54:53:ca:bc:6b:79:
46:39:6c:99:f5:19:99:f5:70:c9:03:83:45:2c:f5:b7:82:29:
24:01:cd:d1
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZVLisRBkKz9iKr72clvr76xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjI4MDc1MjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGM4NzZiNWIzNDA1ODkwOWNjYzAwY2M3ZTM4NDYzM2UyMjhiZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/pgAgzjxQBr2I7Cx/li5sZYzVAj
EmpMAtq9kopsDR4lMLCsrnwM5a3QIX9ICaf4qwBnDGmGpUSG0qZhD/mpsFm3yRp3
8PHQAJdtnR8DDBvR43LUQKNaSlkuMowIBfa06GGJlZ1pxxvmVQNiu2roywDKiG7X
2YTOMXHeZAgr6SckQ38AYRXq1Rsft6tYEWxgQFQGxqMvUPmP3zJFCp4CCypE6Skj
DYjCtVWRECeWN729NnB3dCKVyEIAeAjEwreNbhW8uuuAMf/QP/u8uodrr8dlDnWg
Dh5xUPJVVojWdCAmgrGxaA6UNDlLHqYVm8c3O8Gu/E9u+vQgaT/shDoRkQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFBjIdrWzQFiQnMwAzH44RjPiKL1fMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvR01oMnRiTkFXSkNjekFETWZqaEdNLUlvdlY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAAf
OJoDBAEfOJ4DBAIfOKgDBAEfOK4DBAMfORgDBAQfOTADBAMfOXgDBAEfOiIDBAIf
OsQwDAMEAh86zAMEAR860AMEAh861DAMAwQDHzroAwQAHzrqAwQAHzrsAwQCHzt4
AwQG2TwAMAwDBALZPLwDBAHZPMQDBAHZPPQDBADZPPgwDQYJKoZIhvcNAQELBQAD
ggEBAGvuZATACU/TO1OT5BTT4aWK5tIXTCinDfkzSgEsx1TOnA9/P3i3xya/ksA3
8qMcLcBDI9hr5ItAvpgQtRZdfzRtKU8CVGlQl5t2QfhHczxG3RREx903vFz384hr
hO8Tj88Ua1FGHzvKIqiMMd2iM3qQ/KrOJLZZzoC4NjFTA/XpY2ZWsjX2b+59rQ/W
14nqsG2dXen8R09FWUkm0kWvJVKmBqG1Xuk3BzVQVpw4a2eL24zfqOJnQ988TNgn
NLeJHIBMp0PRC3nfk2zWbJxJcojDYUF+y0k4ENtpE5B3/TCktbNKYlRTyrxreUY5
bJn1GZn1cMkDg0Us9beCKSQBzdE=
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:08:09 2025 by rpki-client