Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/GZPp3J8yqxGoY-jonFKZy_qP4Fg.roa
File: GZPp3J8yqxGoY-jonFKZy_qP4Fg.roa (raw, json)
Hash identifier: DAQFQvgwquj2ebCHRfmPj2Td07HbhRd9woFb1DeoLes=
Subject key identifier: 19:93:E9:DC:9F:32:AB:11:A8:63:E8:E8:9C:52:99:CB:FA:8F:E0:58
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195429087AA69FC239683F4F732C44BA101
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/GZPp3J8yqxGoY-jonFKZy_qP4Fg.roa
Signing time: Wed 26 Feb 2025 14:02:02 +0000
ROA not before: Wed 26 Feb 2025 14:02:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.85.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.120.0/24 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.152.0/22 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.184.0/22 maxlen: 24
31.59.186.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Feb 2025 08:18:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:42:90:87:aa:69:fc:23:96:83:f4:f7:32:c4:4b:a1:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 26 14:02:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1993e9dc9f32ab11a863e8e89c5299cbfa8fe058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:50:03:f1:5b:11:db:22:d0:ea:7b:f5:f3:04:
00:77:12:90:dc:86:ce:f3:65:d4:c1:9b:ee:59:82:
5a:4f:a6:59:b7:83:d5:a2:1d:c9:98:d1:27:30:af:
84:99:03:ab:4f:8f:16:59:9c:fb:53:67:60:d8:0a:
f1:c1:dd:27:bd:13:6b:5c:e9:74:74:8f:d2:5c:61:
76:c7:cf:f3:95:22:67:a3:a0:67:ae:98:85:06:92:
b8:71:8b:25:e4:31:e4:64:4e:b8:f9:f8:0a:13:07:
43:a8:dc:a1:bc:e3:6f:3b:c9:67:4a:0d:af:d9:f0:
ab:61:51:29:1e:e8:12:22:cb:f9:01:b9:19:bc:51:
89:c8:46:08:b6:92:c7:fe:7f:e8:8a:a2:07:54:bd:
08:87:ba:1c:d8:8d:85:2e:3b:62:61:5f:f8:78:38:
38:77:78:8e:bb:8a:a2:a3:1d:9d:06:be:e1:14:8c:
ab:3a:8a:38:19:d8:03:50:19:e4:70:69:50:62:7e:
91:3a:9b:73:9c:4d:72:f7:c2:81:3c:40:72:a0:cf:
2e:72:00:15:07:c7:ee:11:a7:54:ac:c3:a6:a6:e7:
a3:7a:78:f1:9a:b6:f4:b0:cb:a1:9c:93:4e:f7:5a:
80:e5:bb:7f:ec:44:f9:8e:ad:cd:f7:92:51:07:3a:
4e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:93:E9:DC:9F:32:AB:11:A8:63:E8:E8:9C:52:99:CB:FA:8F:E0:58
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/GZPp3J8yqxGoY-jonFKZy_qP4Fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.71.0/24
31.56.85.0/24
31.56.90.0/23
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.104.0/21
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.50.0/23
31.58.152.0/22
31.59.96.0/22
31.59.112.0/22
31.59.184.0/22
Signature Algorithm: sha256WithRSAEncryption
82:ca:9a:f3:71:94:04:44:5f:f3:96:e3:a5:bd:b3:26:0d:02:
99:30:c8:00:4f:34:08:ca:f6:d6:0a:1e:69:c6:1a:e8:e4:91:
07:16:1a:d4:11:ef:b4:f9:87:ae:91:df:97:21:8f:38:e9:6f:
e4:2b:33:81:77:5b:42:23:fe:a8:51:33:81:31:2f:12:2f:b2:
c0:91:8a:2f:2f:ac:76:ff:0b:29:aa:23:a0:15:7a:7b:ea:08:
d2:7d:96:94:68:7e:e7:d5:c0:bd:bf:cc:3e:e3:06:9f:fa:ef:
0a:cd:50:14:23:b4:12:22:39:74:a2:80:03:e6:c4:8e:68:f5:
07:df:be:47:ed:df:db:16:b7:29:35:e6:1f:d1:0c:b3:c8:ac:
97:5e:76:cd:75:bb:e7:ff:92:ea:bb:94:4b:47:d0:f5:7c:7a:
a3:2e:f9:4e:fc:c3:a2:c9:ba:d2:e9:13:1e:f2:ef:03:04:5b:
e3:5b:f6:37:c5:3e:4e:fd:77:95:d6:da:c5:ed:2f:d5:59:d2:
83:58:a8:c8:ea:3d:a2:81:d1:e1:95:69:a3:9b:f1:3d:2a:a3:
97:52:c6:aa:40:a1:95:97:2e:55:f2:15:9d:22:8c:b0:d4:cd:
15:bf:72:ad:d6:00:44:d1:3d:93:8b:fd:ca:74:13:54:89:be:
91:67:4c:df
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAZVCkIeqafwjloP09zLES6EBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjI2MTQwMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTkzZTlkYzlmMzJhYjExYTg2M2U4ZTg5YzUyOTljYmZhOGZlMDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFAD8VsR2yLQ6nv18wQAdxKQ3IbO
82XUwZvuWYJaT6ZZt4PVoh3JmNEnMK+EmQOrT48WWZz7U2dg2Arxwd0nvRNrXOl0
dI/SXGF2x8/zlSJno6BnrpiFBpK4cYsl5DHkZE64+fgKEwdDqNyhvONvO8lnSg2v
2fCrYVEpHugSIsv5AbkZvFGJyEYItpLH/n/oiqIHVL0Ih7oc2I2FLjtiYV/4eDg4
d3iOu4qiox2dBr7hFIyrOoo4GdgDUBnkcGlQYn6ROptznE1y98KBPEByoM8ucgAV
B8fuEadUrMOmpuejenjxmrb0sMuhnJNO91qA5bt/7ET5jq3N95JRBzpOhwIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFBmT6dyfMqsRqGPo6JxSmcv6j+BYMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvR1pQcDNKOHlxeEdvWS1qb25GS1p5X3FQNEZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBAEf
OAQDBAAfOBgDBAEfOCoDBAAfODkDBAAfOEcDBAAfOFUDBAEfOFoDBAMfOGgDBAEf
OHIwDAMEAR84dgMEAh84eAMEAh84yAMEAx85aAMEAR85hAMEAx85iAMEAR85kgME
Ax85sAMEAh85wAMEAR85yDAMAwQEHznQAwQCHzngAwQCHznoAwQCHzn8AwQBHzoi
AwQBHzoyAwQCHzqYAwQCHztgAwQCHztwAwQCHzu4MA0GCSqGSIb3DQEBCwUAA4IB
AQCCyprzcZQERF/zluOlvbMmDQKZMMgATzQIyvbWCh5pxhro5JEHFhrUEe+0+Yeu
kd+XIY846W/kKzOBd1tCI/6oUTOBMS8SL7LAkYovL6x2/wspqiOgFXp76gjSfZaU
aH7n1cC9v8w+4waf+u8KzVAUI7QSIjl0ooAD5sSOaPUH375H7d/bFrcpNeYf0Qyz
yKyXXnbNdbvn/5Lqu5RLR9D1fHqjLvlO/MOiybrS6RMe8u8DBFvjW/Y3xT5O/XeV
1trF7S/VWdKDWKjI6j2igdHhlWmjm/E9KqOXUsaqQKGVly5V8hWdIoyw1M0Vv3Kt
1gBE0T2Ti/3KdBNUib6RZ0zf
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:50:48 2025 by rpki-client