Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HLYpUMI42_KgxNFqGGt0O0xs1hE.roa
File: HLYpUMI42_KgxNFqGGt0O0xs1hE.roa (raw, json)
Hash identifier: olx6XlEEEMFIND4mjIEE2oftUgnojvF4CBKD9+MEPig=
Subject key identifier: 1C:B6:29:50:C2:38:DB:F2:A0:C4:D1:6A:18:6B:74:3B:4C:6C:D6:11
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195892B97714D6CE2F67D40E9A537574A6E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HLYpUMI42_KgxNFqGGt0O0xs1hE.roa
Signing time: Wed 12 Mar 2025 07:04:50 +0000
ROA not before: Wed 12 Mar 2025 07:04:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.66.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.85.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.96.0/22 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.188.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.200.0/24 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.212.0/24 maxlen: 24
31.57.213.0/24 maxlen: 24
31.57.214.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.57.254.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.76.0/22 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.91.0/24 maxlen: 24
31.58.100.0/22 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.224.0/22 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.120.0/22 maxlen: 24
31.59.184.0/22 maxlen: 24
31.59.186.0/24 maxlen: 24
31.59.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Mar 2025 16:34:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:89:2b:97:71:4d:6c:e2:f6:7d:40:e9:a5:37:57:4a:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 12 07:04:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cb62950c238dbf2a0c4d16a186b743b4c6cd611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:fc:92:a6:eb:ae:13:53:95:17:b5:24:00:27:
48:82:3a:1f:35:41:94:9c:fa:63:55:43:34:a8:09:
e5:79:03:69:5f:6e:8d:63:5b:3e:3b:c2:e7:42:2e:
06:53:cf:28:c7:df:8b:56:7d:0e:17:57:0a:19:23:
8c:c1:45:7e:48:a7:5f:00:87:93:11:52:73:e4:43:
43:fa:62:4f:33:6b:77:f9:58:f1:3a:5a:aa:c0:f1:
d2:4e:72:56:59:cb:2f:d1:05:65:b3:76:92:53:47:
3d:f7:69:65:af:dd:df:07:34:0f:e9:dc:99:29:8c:
c8:5e:a4:37:ef:2a:8e:7a:b3:11:e5:30:c2:f8:4c:
54:38:e6:31:75:73:82:f8:dd:29:cf:6e:ac:7e:47:
ee:96:b3:a2:9d:a4:67:1e:ef:9f:d6:d4:b0:2c:48:
71:66:83:71:53:df:67:00:2e:2c:0e:29:1b:fd:be:
3a:cb:31:bb:b4:c4:b8:60:05:3a:45:c7:20:97:1d:
6d:ba:05:5b:26:02:0e:d9:17:86:7c:06:68:0a:70:
1f:80:1b:03:23:65:1c:3e:26:ed:97:78:5b:aa:b3:
c4:73:bc:b6:eb:c4:a2:ee:49:2e:42:1f:f8:98:e7:
a1:5c:1c:40:c8:fd:cb:6b:f0:cc:1f:5e:f4:96:3e:
04:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:B6:29:50:C2:38:DB:F2:A0:C4:D1:6A:18:6B:74:3B:4C:6C:D6:11
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HLYpUMI42_KgxNFqGGt0O0xs1hE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.66.0/24
31.56.71.0/24
31.56.85.0/24
31.56.89.0-31.56.91.255
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.96.0/22
31.57.104.0/21
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.176.0/21
31.57.188.0/24
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.50.0/23
31.58.68.0/22
31.58.76.0/22
31.58.84.0/22
31.58.91.0/24
31.58.100.0/22
31.58.152.0/22
31.58.224.0/22
31.59.41.0/24
31.59.96.0/22
31.59.112.0/22
31.59.120.0/22
31.59.184.0/22
31.59.230.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:da:52:81:d2:1f:c7:13:59:94:6e:26:53:1e:6b:63:5f:88:
eb:7d:e7:52:5d:07:71:cc:d8:aa:6b:15:d3:f0:79:2e:b1:9d:
16:78:a4:3f:7a:84:ac:2d:cc:e2:65:1b:d6:df:54:66:14:e7:
5e:b8:f6:7c:f1:06:de:4a:67:5d:0d:b4:2b:32:52:19:50:2f:
9e:3f:29:5d:cc:94:d9:cf:86:ac:81:1f:53:09:c8:36:d3:4f:
70:2e:4a:7a:0f:d1:2a:4e:99:a8:00:ba:ab:c4:a8:7f:c7:65:
c8:8b:45:52:66:40:2d:c3:c1:9b:29:62:05:4a:40:9f:c3:ed:
99:25:bd:aa:df:1a:05:fc:79:51:dc:0c:0a:61:c8:af:45:38:
fb:f1:b4:44:26:47:a6:03:23:8e:06:34:ff:1c:ec:f6:d7:d6:
ec:bb:41:5e:1e:b5:ea:d3:f7:6b:8e:28:1f:dc:c1:9b:1c:f2:
6e:c7:2c:65:be:07:0f:5e:3a:0c:4a:fe:38:c7:00:67:84:39:
74:f9:13:68:da:51:88:4b:5f:51:31:ab:4c:e2:f9:60:17:e6:
6b:e0:bb:1f:ae:62:fb:a8:fe:bc:05:b3:6c:9e:e1:18:1f:3f:
50:1b:47:67:08:4a:4a:8f:30:ce:62:ea:1c:44:a7:00:20:e3:
ff:a3:c9:4d
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAZWJK5dxTWzi9n1A6aU3V0puMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzEyMDcwNDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2I2Mjk1MGMyMzhkYmYyYTBjNGQxNmExODZiNzQzYjRjNmNkNjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPySpuuuE1OVF7UkACdIgjofNUGU
nPpjVUM0qAnleQNpX26NY1s+O8LnQi4GU88ox9+LVn0OF1cKGSOMwUV+SKdfAIeT
EVJz5END+mJPM2t3+VjxOlqqwPHSTnJWWcsv0QVls3aSU0c992llr93fBzQP6dyZ
KYzIXqQ37yqOerMR5TDC+ExUOOYxdXOC+N0pz26sfkfulrOinaRnHu+f1tSwLEhx
ZoNxU99nAC4sDikb/b46yzG7tMS4YAU6Rccglx1tugVbJgIO2ReGfAZoCnAfgBsD
I2UcPibtl3hbqrPEc7y268Si7kkuQh/4mOehXBxAyP3La/DMH170lj4EtQIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFBy2KVDCONvyoMTRahhrdDtMbNYRMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSExZcFVNSTQyX0tneE5GcUdHdDBPMHhzMWhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCCAQoEAgABMIIB
AgMEAR84BAMEAB84GAMEAR84KgMEAB84OQMEAB84QgMEAB84RwMEAB84VTAMAwQA
HzhZAwQCHzhYAwQDHzhoAwQBHzhyMAwDBAEfOHYDBAIfOHgDBAIfOMgDBAIfOWAD
BAMfOWgDBAEfOYQDBAMfOYgDBAEfOZIDBAMfObADBAAfObwDBAIfOcADBAEfOcgw
DAMEBB850AMEAh854AMEAh856AMEAh85/AMEAR86IgMEAR86MgMEAh86RAMEAh86
TAMEAh86VAMEAB86WwMEAh86ZAMEAh86mAMEAh864AMEAB87KQMEAh87YAMEAh87
cAMEAh87eAMEAh87uAMEAB875jANBgkqhkiG9w0BAQsFAAOCAQEAjNpSgdIfxxNZ
lG4mUx5rY1+I633nUl0HcczYqmsV0/B5LrGdFnikP3qErC3M4mUb1t9UZhTnXrj2
fPEG3kpnXQ20KzJSGVAvnj8pXcyU2c+GrIEfUwnINtNPcC5Keg/RKk6ZqAC6q8So
f8dlyItFUmZALcPBmyliBUpAn8PtmSW9qt8aBfx5UdwMCmHIr0U4+/G0RCZHpgMj
jgY0/xzs9tfW7LtBXh616tP3a44oH9zBmxzybscsZb4HD146DEr+OMcAZ4Q5dPkT
aNpRiEtfUTGrTOL5YBfma+C7H65i+6j+vAWzbJ7hGB8/UBtHZwhKSo8wzmLqHESn
ACDj/6PJTQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:42:12 2025 by rpki-client