Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Kvq9yRKCTeTdMrMEAvxmVjEum8E.roa
File: Kvq9yRKCTeTdMrMEAvxmVjEum8E.roa (raw, json)
Hash identifier: 2vTyyy55XBnUGNLjWOQwL07UuowhaDIil5LUPRKpC/o=
Subject key identifier: 2A:FA:BD:C9:12:82:4D:E4:DD:32:B3:04:02:FC:66:56:31:2E:9B:C1
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01947DD2AEE2CC45F482C3E27CCFCE1C45E6
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Kvq9yRKCTeTdMrMEAvxmVjEum8E.roa
Signing time: Sun 19 Jan 2025 09:09:06 +0000
ROA not before: Sun 19 Jan 2025 09:09:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.74.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.120.0/24 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.122.0/24 maxlen: 24
31.56.123.0/24 maxlen: 24
31.56.156.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.65.0/24 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.33.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.142.0/24 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.153.0/24 maxlen: 24
31.58.163.0/24 maxlen: 24
31.58.230.0/23 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.42.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.108.0/24 maxlen: 24
31.59.112.0/22 maxlen: 22
31.59.184.0/22 maxlen: 24
31.59.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 07:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7d:d2:ae:e2:cc:45:f4:82:c3:e2:7c:cf:ce:1c:45:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 19 09:09:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2afabdc912824de4dd32b30402fc6656312e9bc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:dd:fc:73:3f:8f:7d:d8:68:55:63:22:13:e7:
83:fe:f2:ed:bb:de:af:8a:35:31:ba:ea:d4:18:4f:
2c:54:64:cb:2c:e0:c2:93:f9:99:78:e6:61:d7:e5:
a2:8c:38:8c:5b:16:5c:20:1b:c8:a8:69:92:41:79:
df:ce:91:18:3f:ca:f8:5e:46:86:d8:5d:bf:a6:a5:
9f:e3:5a:d4:22:d0:f1:c6:90:95:09:4b:5a:a8:9c:
f0:17:cb:d9:c5:71:7a:d5:c0:ea:30:9d:32:da:c1:
5b:31:fd:6e:52:41:a3:21:7b:f0:4e:34:01:ab:3e:
81:77:bc:6e:74:7f:98:17:a6:0c:65:bf:c5:68:bc:
55:7d:34:0f:60:fd:bd:5c:11:5c:ba:2c:ac:12:bc:
e9:05:0f:e5:8d:af:f5:4b:1c:e5:d1:74:b3:e0:db:
db:16:3f:35:02:90:a9:ff:0f:4c:74:40:f9:be:b5:
9e:e4:3c:0f:50:a1:d1:ad:af:fd:47:8e:63:71:5e:
40:47:3b:02:2d:40:a3:99:a2:07:2d:61:9f:7a:d0:
a0:dc:c4:7d:18:8d:ac:c7:3b:cb:d1:d0:c6:12:b1:
b0:2b:9f:76:e5:9d:b8:8c:01:3d:ee:c8:eb:10:db:
b3:1d:d9:06:72:4b:d2:63:20:4a:49:3f:aa:d1:37:
60:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:FA:BD:C9:12:82:4D:E4:DD:32:B3:04:02:FC:66:56:31:2E:9B:C1
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Kvq9yRKCTeTdMrMEAvxmVjEum8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.74.0/24
31.56.89.0/24
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.156.0/24
31.56.200.0/22
31.57.65.0/24
31.57.104.0/21
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.33.0-31.58.35.255
31.58.142.0/24
31.58.152.0/22
31.58.163.0/24
31.58.230.0/23
31.59.41.0-31.59.42.255
31.59.57.0/24
31.59.96.0/22
31.59.108.0/24
31.59.112.0/22
31.59.184.0/22
31.59.228.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:d5:5f:d4:9f:6d:6d:a4:13:27:d0:4b:63:0a:d9:35:b8:48:
fd:f3:ca:ec:bf:12:23:93:8a:b1:14:e0:5d:66:16:6a:d0:54:
56:f0:48:e6:53:53:e1:c1:a0:f1:21:02:6e:e9:c8:50:c0:c7:
b6:c8:49:bd:0d:87:0b:f7:8c:45:1e:90:b1:78:85:b6:29:3a:
8f:e2:f9:93:53:d8:5a:8d:20:6e:80:8c:48:f5:4a:6b:1a:28:
6c:5f:a8:00:78:03:a5:1f:d6:bc:2c:2a:d1:8c:44:92:2b:8e:
e8:dc:58:52:c1:0b:87:8c:82:ef:f6:ae:ce:8d:a8:c5:61:b6:
fc:07:00:4d:51:ac:6d:90:23:bf:9a:68:b7:cb:dc:af:29:30:
ca:54:a9:c1:d9:80:23:c3:29:9c:5f:57:46:e6:88:7b:55:20:
4e:3c:51:bb:20:a8:bf:bd:89:5d:1d:e3:0d:f4:76:8f:51:68:
5b:55:a4:3c:7e:d7:44:12:d5:e4:b9:7d:a8:90:f3:62:4a:86:
fc:0d:11:6c:34:cf:83:17:c9:81:16:f6:7f:97:ce:3a:ad:2a:
54:5e:35:d8:2f:d1:39:27:e8:4d:01:bd:63:92:d8:bf:51:22:
28:a9:fc:fe:56:2f:ff:f0:b8:d2:88:e1:f3:70:32:10:eb:db:
54:62:84:fa
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAZR90q7izEX0gsPifM/OHEXmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTE5MDkwOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWZhYmRjOTEyODI0ZGU0ZGQzMmIzMDQwMmZjNjY1NjMxMmU5YmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr938cz+PfdhoVWMiE+eD/vLtu96v
ijUxuurUGE8sVGTLLODCk/mZeOZh1+WijDiMWxZcIBvIqGmSQXnfzpEYP8r4XkaG
2F2/pqWf41rUItDxxpCVCUtaqJzwF8vZxXF61cDqMJ0y2sFbMf1uUkGjIXvwTjQB
qz6Bd7xudH+YF6YMZb/FaLxVfTQPYP29XBFcuiysErzpBQ/lja/1Sxzl0XSz4Nvb
Fj81ApCp/w9MdED5vrWe5DwPUKHRra/9R45jcV5ARzsCLUCjmaIHLWGfetCg3MR9
GI2sxzvL0dDGErGwK5925Z24jAE97sjrENuzHdkGckvSYyBKST+q0TdgfQIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFCr6vckSgk3k3TKzBAL8ZlYxLpvBMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvS3ZxOXlSS0NUZVRkTXJNRUF2eG1WakV1bThFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgfMEAgABMIHsAwQB
HzgEAwQAHzgYAwQBHzgqAwQAHzg5AwQAHzhKAwQAHzhZAwQDHzhoAwQBHzhyMAwD
BAEfOHYDBAIfOHgDBAAfOJwDBAIfOMgDBAAfOUEDBAMfOWgDBAEfOYQDBAMfOYgD
BAEfOZIDBAMfObADBAIfOcADBAEfOcgwDAMEBB850AMEAh854AMEAh856AMEAh85
/DAMAwQAHzohAwQCHzogAwQAHzqOAwQCHzqYAwQAHzqjAwQBHzrmMAwDBAAfOykD
BAAfOyoDBAAfOzkDBAIfO2ADBAAfO2wDBAIfO3ADBAIfO7gDBAAfO+QwDQYJKoZI
hvcNAQELBQADggEBALnVX9SfbW2kEyfQS2MK2TW4SP3zyuy/EiOTirEU4F1mFmrQ
VFbwSOZTU+HBoPEhAm7pyFDAx7bISb0Nhwv3jEUekLF4hbYpOo/i+ZNT2FqNIG6A
jEj1SmsaKGxfqAB4A6Uf1rwsKtGMRJIrjujcWFLBC4eMgu/2rs6NqMVhtvwHAE1R
rG2QI7+aaLfL3K8pMMpUqcHZgCPDKZxfV0bmiHtVIE48UbsgqL+9iV0d4w30do9R
aFtVpDx+10QS1eS5faiQ82JKhvwNEWw0z4MXyYEW9n+XzjqtKlReNdgv0Tkn6E0B
vWOS2L9RIiip/P5WL//wuNKI4fNwMhDr21RihPo=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:05:25 2025 by rpki-client