Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KBEBg4SO1MLci6FVE5llpBmYpwU.roa
File: KBEBg4SO1MLci6FVE5llpBmYpwU.roa (raw, json)
Hash identifier: WtL91bkaFcfMoms5d8LG8sqskt7L3f+sf756vZK6ar4=
Subject key identifier: 28:11:01:83:84:8E:D4:C2:DC:8B:A1:55:13:99:65:A4:19:98:A7:05
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019439F7A7E1799CE2BC3FCDF99F65BD48C8
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KBEBg4SO1MLci6FVE5llpBmYpwU.roa
Signing time: Mon 06 Jan 2025 04:55:19 +0000
ROA not before: Mon 06 Jan 2025 04:55:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.74.0/24 maxlen: 24
31.56.75.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.112.0/24 maxlen: 24
31.56.113.0/24 maxlen: 24
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.157.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.146.0/23 maxlen: 24
31.57.147.0/24 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.178.0/24 maxlen: 24
31.57.189.0/24 maxlen: 24
31.57.191.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.198.0/24 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.136.0/24 maxlen: 24
31.58.142.0/24 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.157.0/24 maxlen: 24
31.58.163.0/24 maxlen: 24
31.58.230.0/23 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.42.0/24 maxlen: 24
31.59.43.0/24 maxlen: 24
31.59.56.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.58.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.97.0/24 maxlen: 24
31.59.112.0/22 maxlen: 22
31.59.112.0/24 maxlen: 24
31.59.113.0/24 maxlen: 24
31.59.130.0/24 maxlen: 24
31.59.184.0/22 maxlen: 24
31.59.228.0/24 maxlen: 24
31.59.229.0/24 maxlen: 24
31.59.231.0/24 maxlen: 24
31.59.244.0/24 maxlen: 24
31.59.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Jan 2025 14:06:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:39:f7:a7:e1:79:9c:e2:bc:3f:cd:f9:9f:65:bd:48:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 6 04:55:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28110183848ed4c2dc8ba155139965a41998a705
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:48:60:76:80:25:fe:78:9a:59:76:d9:99:90:
b3:36:d1:15:52:15:0e:43:87:7f:16:03:82:13:f2:
34:9e:41:2a:d8:ad:f1:bb:82:ea:21:d2:e0:29:61:
8a:72:1d:e1:34:d7:b2:5b:29:47:aa:d1:4c:85:0d:
80:e2:03:45:58:f1:24:0c:65:92:7c:b7:f8:65:96:
a7:e8:33:d7:c7:93:85:94:47:54:c3:c1:8a:fe:06:
15:60:ae:f6:22:a2:78:9a:0f:8a:e7:18:ec:f6:37:
d6:f1:e9:29:79:77:56:62:4f:64:8c:f8:84:06:a0:
f0:22:64:79:c1:7b:61:a3:06:58:97:ff:67:e5:47:
af:9d:3c:bb:7a:46:b3:7a:dd:25:8e:04:a5:8c:1b:
0e:4a:e8:8c:93:f3:67:5c:f8:2a:25:55:7d:ef:4e:
97:be:8b:c2:59:91:f5:be:67:09:6d:a8:be:92:e6:
f7:45:16:fd:bb:9b:b1:7d:e3:66:9d:a1:52:a1:0f:
a7:ba:9e:d0:e4:75:d7:e9:3f:bc:c4:5d:5f:ab:8f:
21:aa:27:01:b7:75:a2:ba:76:89:34:08:38:c9:ee:
30:54:60:41:70:fe:80:21:34:49:59:75:f0:16:01:
79:42:dd:1d:1a:ae:27:6c:1a:6d:e7:31:3d:e6:15:
0d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:11:01:83:84:8E:D4:C2:DC:8B:A1:55:13:99:65:A4:19:98:A7:05
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KBEBg4SO1MLci6FVE5llpBmYpwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.71.0/24
31.56.74.0/23
31.56.89.0/24
31.56.104.0-31.56.115.255
31.56.118.0-31.56.123.255
31.56.157.0/24
31.56.200.0/22
31.57.132.0/23
31.57.146.0/23
31.57.176.0/21
31.57.189.0/24
31.57.191.0-31.57.195.255
31.57.198.0/24
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.136.0/24
31.58.142.0/24
31.58.152.0/22
31.58.157.0/24
31.58.163.0/24
31.58.230.0/23
31.59.41.0-31.59.43.255
31.59.56.0-31.59.58.255
31.59.96.0/22
31.59.112.0/22
31.59.130.0/24
31.59.184.0/22
31.59.228.0/23
31.59.231.0/24
31.59.244.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:45:86:74:1b:34:0a:17:15:06:8f:c8:3b:85:45:84:83:f5:
40:5a:60:81:22:76:ce:d1:eb:22:d3:1d:41:fc:a9:81:00:c1:
69:6d:40:49:ff:d8:6f:14:eb:68:5a:a9:dd:9b:c0:7e:77:66:
98:00:0b:b1:ea:67:1b:ca:b5:ca:a8:4e:03:72:c5:15:66:be:
65:16:91:10:37:6f:9c:4f:51:82:ca:7b:e4:5c:b3:c5:5c:2c:
1e:f6:7c:44:0b:72:35:5d:b6:a4:31:09:13:2b:8c:58:5c:c8:
c5:b5:f3:62:53:6d:57:f3:51:ee:3c:c2:10:06:e8:1d:5b:82:
a5:24:cf:fc:06:db:53:f4:8c:13:51:c0:bd:1a:7a:93:53:cb:
9a:6e:cf:21:ae:6c:59:75:1d:21:03:2a:39:4f:3f:b5:a6:c4:
f7:c6:38:da:46:4f:d7:c0:a5:1e:c9:9d:b1:5c:f4:83:10:90:
bc:00:f5:61:95:4d:60:d2:89:80:e6:d9:1c:4d:a1:78:e0:c7:
49:e5:fe:38:ca:ba:96:57:c8:46:79:2a:68:fc:6d:25:a1:a4:
b4:3d:58:fa:11:7e:c8:66:24:6f:c9:f7:a5:ff:9c:3e:86:30:
85:e3:37:e5:e6:04:41:0c:90:5f:e6:d9:49:1a:19:31:38:28:
48:b3:43:0b
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAZQ596fheZzivD/N+Z9lvUjIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTA2MDQ1NTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODExMDE4Mzg0OGVkNGMyZGM4YmExNTUxMzk5NjVhNDE5OThhNzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40hgdoAl/niaWXbZmZCzNtEVUhUO
Q4d/FgOCE/I0nkEq2K3xu4LqIdLgKWGKch3hNNeyWylHqtFMhQ2A4gNFWPEkDGWS
fLf4ZZan6DPXx5OFlEdUw8GK/gYVYK72IqJ4mg+K5xjs9jfW8ekpeXdWYk9kjPiE
BqDwImR5wXthowZYl/9n5UevnTy7ekazet0ljgSljBsOSuiMk/NnXPgqJVV9706X
vovCWZH1vmcJbai+kub3RRb9u5uxfeNmnaFSoQ+nup7Q5HXX6T+8xF1fq48hqicB
t3WiunaJNAg4ye4wVGBBcP6AITRJWXXwFgF5Qt0dGq4nbBpt5zE95hUN0wIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFCgRAYOEjtTC3IuhVROZZaQZmKcFMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvS0JFQmc0U08xTUxjaTZGVkU1bGxwQm1ZcHdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DgMEAR84BAMEAB84GAMEAR84KgMEAB84OQMEAB84RwMEAR84SgMEAB84WTAMAwQD
HzhoAwQCHzhwMAwDBAEfOHYDBAIfOHgDBAAfOJ0DBAIfOMgDBAEfOYQDBAEfOZID
BAMfObADBAAfOb0wDAMEAB85vwMEAh85wAMEAB85xgMEAR85yDAMAwQEHznQAwQC
HzngAwQCHznoAwQCHzn8AwQBHzoiAwQAHzqIAwQAHzqOAwQCHzqYAwQAHzqdAwQA
HzqjAwQBHzrmMAwDBAAfOykDBAIfOygwDAMEAx87OAMEAB87OgMEAh87YAMEAh87
cAMEAB87ggMEAh87uAMEAR875AMEAB875wMEAR879DANBgkqhkiG9w0BAQsFAAOC
AQEAKkWGdBs0ChcVBo/IO4VFhIP1QFpggSJ2ztHrItMdQfypgQDBaW1ASf/YbxTr
aFqp3ZvAfndmmAALsepnG8q1yqhOA3LFFWa+ZRaREDdvnE9Rgsp75FyzxVwsHvZ8
RAtyNV22pDEJEyuMWFzIxbXzYlNtV/NR7jzCEAboHVuCpSTP/AbbU/SME1HAvRp6
k1PLmm7PIa5sWXUdIQMqOU8/tabE98Y42kZP18ClHsmdsVz0gxCQvAD1YZVNYNKJ
gObZHE2heODHSeX+OMq6llfIRnkqaPxtJaGktD1Y+hF+yGYkb8n3pf+cPoYwheM3
5eYEQQyQX+bZSRoZMTgoSLNDCw==
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:51:09 2025 by rpki-client