Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/LSAjxATPmzYrq8MJ9nfr1q3OsAw.roa
File: LSAjxATPmzYrq8MJ9nfr1q3OsAw.roa (raw, json)
Hash identifier: i8rvhma9cShJVr7gU3ENJ1XPRWLx/ba9LNuePCZ396k=
Subject key identifier: 2D:20:23:C4:04:CF:9B:36:2B:AB:C3:09:F6:77:EB:D6:AD:CE:B0:0C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195DBD16D1A2BA50243BB2FDE2BD91A1D3C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/LSAjxATPmzYrq8MJ9nfr1q3OsAw.roa
Signing time: Fri 28 Mar 2025 08:14:49 +0000
ROA not before: Fri 28 Mar 2025 08:14:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.56.204.0/22 maxlen: 24
31.57.103.0/24 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.113.0/24 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.120.0/22 maxlen: 24
31.57.124.0/22 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.143.0/24 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.168.0/22 maxlen: 24
31.57.168.0/23 maxlen: 23
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.214.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.40.0/24 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.76.0/24 maxlen: 24
31.58.77.0/24 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.172.0/22 maxlen: 24
31.58.224.0/22 maxlen: 24
31.59.76.0/22 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.120.0/22 maxlen: 24
31.59.136.0/21 maxlen: 24
31.59.144.0/21 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/21 maxlen: 24
31.59.168.0/21 maxlen: 24
31.59.224.0/22 maxlen: 22
31.59.232.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 30 Mar 2025 16:54:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:db:d1:6d:1a:2b:a5:02:43:bb:2f:de:2b:d9:1a:1d:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 28 08:14:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d2023c404cf9b362babc309f677ebd6adceb00c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:9b:f1:74:74:28:62:64:d1:f3:ff:12:44:bd:
66:ac:2a:40:71:9c:6a:5a:d8:a2:ca:55:ff:d2:cf:
2a:59:59:f6:36:5e:1d:4e:99:dd:86:9f:70:69:64:
1e:21:b7:a5:54:1f:31:e6:4d:97:59:d7:34:33:80:
92:b0:e2:20:86:2e:39:c5:b6:82:00:32:be:55:80:
ee:15:90:28:1e:a5:fa:ed:93:67:6f:e4:df:ac:e9:
ce:11:2e:c3:cb:15:49:3f:aa:59:59:9c:e4:6b:b2:
fc:0e:0e:2b:62:7d:e4:8b:04:7b:18:07:15:0f:31:
56:71:c5:c9:9f:6d:1e:b9:23:d8:61:74:8b:1a:36:
37:68:8d:0b:09:aa:a1:58:bb:a0:8d:36:15:fb:9d:
1b:d8:2c:a0:c2:93:2c:66:dc:ec:05:9c:9a:67:6c:
2f:38:42:54:17:61:76:9f:b4:bd:c8:45:ac:80:6d:
05:b1:9b:82:8a:b4:51:9e:dc:b0:ce:5b:0f:c3:e4:
ca:4c:11:16:c6:10:d9:1b:e9:59:2a:9f:8c:39:fd:
79:f0:c2:06:ac:f1:77:5c:f7:c6:3a:26:23:d3:db:
6a:fc:3c:a5:8e:03:57:1f:42:49:c4:24:04:56:34:
43:f5:08:dd:2c:ee:2f:a6:14:3b:eb:d5:2f:22:bc:
1a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:20:23:C4:04:CF:9B:36:2B:AB:C3:09:F6:77:EB:D6:AD:CE:B0:0C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/LSAjxATPmzYrq8MJ9nfr1q3OsAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.57.0/24
31.56.71.0/24
31.56.90.0/23
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/21
31.57.103.0-31.57.111.255
31.57.113.0-31.57.114.255
31.57.120.0/21
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.168.0/22
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.40.0/24
31.58.50.0/23
31.58.68.0/22
31.58.76.0/23
31.58.84.0/22
31.58.152.0/22
31.58.172.0/22
31.58.224.0/22
31.59.76.0/22
31.59.96.0/22
31.59.112.0/22
31.59.120.0/22
31.59.136.0-31.59.175.255
31.59.224.0/22
31.59.232.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:73:47:04:f7:60:55:94:bf:aa:0a:2c:93:49:7f:80:84:9b:
6c:36:55:5c:96:eb:4b:e0:9c:99:51:1b:1c:e8:07:79:e3:dc:
06:f2:be:e0:8d:48:ca:44:4e:eb:e9:e0:07:24:56:62:5a:b3:
55:ee:b4:3e:dd:69:4b:05:a8:73:b0:92:26:fb:d3:4e:cb:7d:
f0:e8:10:6f:8f:2b:f2:9e:8c:ac:3d:d8:57:e8:91:7c:93:45:
ef:a6:80:e8:56:6b:28:af:20:d3:14:61:d3:60:f0:ce:ba:95:
5c:c4:9d:5f:98:0a:32:db:74:fa:28:de:3e:a1:70:12:0f:65:
f7:65:2b:00:4c:a9:8b:79:a4:7c:44:5b:34:6f:37:56:20:fc:
b5:7a:16:f5:94:3e:ff:61:56:f4:fb:da:cb:0c:96:d5:56:d7:
e5:0e:a6:bb:ed:e2:d7:1e:fd:34:4a:18:41:79:24:62:39:1b:
c2:05:d1:88:9a:53:18:73:03:e0:c6:01:50:c5:81:4d:94:6a:
d3:61:93:34:6a:9b:0e:2c:c9:4e:0c:dc:4d:1f:e9:dc:6b:ce:
dc:cc:75:8a:f5:ef:f1:79:d1:d2:28:44:4d:a1:2a:43:e8:f0:
33:6a:d0:4b:cf:72:76:12:ec:6c:d8:f3:9e:88:77:56:69:2a:
11:e5:51:6b
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAZXb0W0aK6UCQ7sv3ivZGh08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzI4MDgxNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDIwMjNjNDA0Y2Y5YjM2MmJhYmMzMDlmNjc3ZWJkNmFkY2ViMDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZvxdHQoYmTR8/8SRL1mrCpAcZxq
WtiiylX/0s8qWVn2Nl4dTpndhp9waWQeIbelVB8x5k2XWdc0M4CSsOIghi45xbaC
ADK+VYDuFZAoHqX67ZNnb+TfrOnOES7DyxVJP6pZWZzka7L8Dg4rYn3kiwR7GAcV
DzFWccXJn20euSPYYXSLGjY3aI0LCaqhWLugjTYV+50b2CygwpMsZtzsBZyaZ2wv
OEJUF2F2n7S9yEWsgG0FsZuCirRRntywzlsPw+TKTBEWxhDZG+lZKp+MOf158MIG
rPF3XPfGOiYj09tq/DyljgNXH0JJxCQEVjRD9QjdLO4vphQ769UvIrwa/wIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFC0gI8QEz5s2K6vDCfZ369atzrAMMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTFNBanhBVFBtellycThNSjluZnIxcTNPc0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCCARQEAgABMIIB
DAMEAR84BAMEAB84GAMEAB84OQMEAB84RwMEAR84WgMEAx84aAMEAR84cjAMAwQB
Hzh2AwQCHzh4AwQDHzjIMAwDBAAfOWcDBAQfOWAwDAMEAB85cQMEAB85cgMEAx85
eAMEAR85hAMEAx85iAMEAR85kgMEAh85qAMEAx85sAMEAh85wAMEAR85yDAMAwQE
HznQAwQCHzngAwQCHznoAwQCHzn8AwQBHzoiAwQAHzooAwQBHzoyAwQCHzpEAwQB
HzpMAwQCHzpUAwQCHzqYAwQCHzqsAwQCHzrgAwQCHztMAwQCHztgAwQCHztwAwQC
Hzt4MAwDBAMfO4gDBAQfO6ADBAIfO+ADBAIfO+gwDQYJKoZIhvcNAQELBQADggEB
AI5zRwT3YFWUv6oKLJNJf4CEm2w2VVyW60vgnJlRGxzoB3nj3AbyvuCNSMpETuvp
4AckVmJas1XutD7daUsFqHOwkib7007LffDoEG+PK/KejKw92FfokXyTRe+mgOhW
ayivINMUYdNg8M66lVzEnV+YCjLbdPoo3j6hcBIPZfdlKwBMqYt5pHxEWzRvN1Yg
/LV6FvWUPv9hVvT72ssMltVW1+UOprvt4tce/TRKGEF5JGI5G8IF0YiaUxhzA+DG
AVDFgU2UatNhkzRqmw4syU4M3E0f6dxrztzMdYr17/F50dIoRE2hKkPo8DNq0EvP
cnYS7GzY856Id1ZpKhHlUWs=
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:03:40 2025 by rpki-client