Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/O2zDSmkfu4m6t5jVXtcKhXhcNYQ.roa
File: O2zDSmkfu4m6t5jVXtcKhXhcNYQ.roa (raw, json)
Hash identifier: oRnOq0H20kPoMpwcrxQ2RDCOW6BXR32KFcRuxBa96uU=
Subject key identifier: 3B:6C:C3:4A:69:1F:BB:89:BA:B7:98:D5:5E:D7:0A:85:78:5C:35:84
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195A9C5C65973D57565152C9C130CCFDAEA
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/O2zDSmkfu4m6t5jVXtcKhXhcNYQ.roa
Signing time: Tue 18 Mar 2025 15:01:05 +0000
ROA not before: Tue 18 Mar 2025 15:01:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.42.0/24 maxlen: 24
31.56.43.0/24 maxlen: 24
31.56.47.0/24 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.103.0/24 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.113.0/24 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.115.0/24 maxlen: 24
31.57.116.0/24 maxlen: 24
31.57.117.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.168.0/22 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.200.0/24 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.212.0/24 maxlen: 24
31.57.213.0/24 maxlen: 24
31.57.214.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.57.254.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.40.0/24 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.76.0/24 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.172.0/22 maxlen: 24
31.58.224.0/22 maxlen: 24
31.59.76.0/22 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.120.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Mar 2025 07:32:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a9:c5:c6:59:73:d5:75:65:15:2c:9c:13:0c:cf:da:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 18 15:01:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b6cc34a691fbb89bab798d55ed70a85785c3584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:84:08:9d:ea:e6:b2:fa:b3:ac:1a:01:bf:6d:
a4:f2:b3:6c:25:8a:38:1d:c6:b9:3e:fe:b7:1a:07:
ac:a5:d0:58:d4:ab:63:bb:45:fd:dd:ff:f3:29:5a:
b8:f2:25:15:06:b6:14:02:f8:12:2f:a6:83:62:38:
3c:2b:f4:8a:79:e4:4c:d3:ad:c4:57:65:01:03:3b:
75:49:ad:d1:82:f7:0e:96:28:2f:3c:22:15:ab:19:
37:ce:f3:b3:1c:70:ad:94:85:de:21:f0:9a:be:35:
53:30:6c:39:45:f0:52:a5:66:6e:5d:db:5d:0b:a7:
ab:b3:d5:dc:af:2e:15:6f:a7:57:d1:59:32:f5:c9:
98:38:f6:23:79:fe:03:8a:63:df:d5:e6:f2:5e:e4:
b8:e7:5b:04:5c:3b:9e:9e:f6:d2:17:26:36:4c:44:
05:a6:b5:4c:1b:78:ea:7b:bf:c5:d3:db:94:ed:00:
84:2d:65:8d:33:43:29:e7:5d:70:ca:ac:74:fd:ed:
9b:b8:a5:12:b1:0f:de:a4:23:73:cf:83:27:80:95:
51:2a:5b:2b:2f:59:4d:a2:2f:05:cb:53:82:a5:b1:
06:00:07:9f:c8:2e:4a:2e:d7:45:e0:43:7e:2e:aa:
2f:80:c1:a2:27:f2:87:dc:8d:b7:a8:f4:09:49:a5:
3e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:6C:C3:4A:69:1F:BB:89:BA:B7:98:D5:5E:D7:0A:85:78:5C:35:84
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/O2zDSmkfu4m6t5jVXtcKhXhcNYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.47.0/24
31.56.57.0/24
31.56.71.0/24
31.56.90.0/23
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.103.0-31.57.111.255
31.57.113.0-31.57.117.255
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.168.0/22
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.40.0/24
31.58.50.0/23
31.58.68.0/22
31.58.76.0/24
31.58.84.0/22
31.58.152.0/22
31.58.172.0/22
31.58.224.0/22
31.59.76.0/22
31.59.96.0/22
31.59.112.0/22
31.59.120.0/22
Signature Algorithm: sha256WithRSAEncryption
85:c1:a6:cb:16:64:e8:21:67:6b:cb:1a:16:70:a9:2e:de:93:
c6:46:a2:0a:7e:33:df:38:70:b8:0e:f6:05:55:a7:a7:fe:b6:
0e:2c:2e:bf:9d:10:9f:a7:a0:8e:67:7e:f3:59:47:29:2a:68:
53:c1:e7:dc:d3:53:ec:70:26:a2:07:78:fe:ee:5e:84:8d:2d:
b2:c7:b2:e3:f9:65:10:8b:b7:ed:69:21:f0:5b:72:c4:e1:0b:
31:2f:39:a5:62:df:6d:43:4d:64:0b:45:21:ac:d9:7f:c0:27:
0e:fa:bf:0d:59:d5:17:09:2e:68:4b:4d:05:ad:a1:d6:0d:cb:
2c:38:ba:11:f8:a3:29:cd:0f:36:c9:16:d3:ad:db:dc:8b:88:
0a:a4:e0:11:89:af:30:89:a1:04:99:cb:6e:dd:e2:79:a7:d7:
aa:bf:57:8c:b3:9e:f0:3c:7e:6a:a0:60:3d:b1:b5:4a:15:e9:
4d:7f:bb:f3:fd:82:66:7e:50:22:17:f0:23:05:6a:44:5a:f4:
7e:ea:a3:10:58:68:a3:ea:0b:7e:5f:6b:f3:8a:80:ed:92:06:
b2:30:63:64:f4:02:ce:20:f9:48:2b:78:03:39:57:fb:ae:0f:
e3:c7:94:fd:aa:da:b3:bc:28:6f:34:2b:8e:2c:8a:52:c6:b1:
b8:e5:5b:f8
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgISAZWpxcZZc9V1ZRUsnBMMz9rqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzE4MTUwMTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjZjYzM0YTY5MWZiYjg5YmFiNzk4ZDU1ZWQ3MGE4NTc4NWMzNTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2oQInermsvqzrBoBv22k8rNsJYo4
Hca5Pv63GgespdBY1Ktju0X93f/zKVq48iUVBrYUAvgSL6aDYjg8K/SKeeRM063E
V2UBAzt1Sa3RgvcOligvPCIVqxk3zvOzHHCtlIXeIfCavjVTMGw5RfBSpWZuXdtd
C6ers9Xcry4Vb6dX0Vky9cmYOPYjef4DimPf1ebyXuS451sEXDuenvbSFyY2TEQF
prVMG3jqe7/F09uU7QCELWWNM0Mp511wyqx0/e2buKUSsQ/epCNzz4MngJVRKlsr
L1lNoi8Fy1OCpbEGAAefyC5KLtdF4EN+LqovgMGiJ/KH3I23qPQJSaU+EQIDAQAB
o4IDAzCCAv8wHQYDVR0OBBYEFDtsw0ppH7uJureY1V7XCoV4XDWEMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTzJ6RFNta2Z1NG02dDVqVlh0Y0toWGhjTllRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFwYIKwYBBQUHAQcBAf8EggEGMIIBAjCB/wQCAAEwgfgD
BAEfOAQDBAAfOBgDBAEfOCoDBAAfOC8DBAAfODkDBAAfOEcDBAEfOFoDBAMfOGgD
BAEfOHIwDAMEAR84dgMEAh84eAMEAh84yDAMAwQAHzlnAwQEHzlgMAwDBAAfOXED
BAEfOXQDBAEfOYQDBAMfOYgDBAEfOZIDBAIfOagDBAMfObADBAIfOcADBAEfOcgw
DAMEBB850AMEAh854AMEAh856AMEAh85/AMEAR86IgMEAB86KAMEAR86MgMEAh86
RAMEAB86TAMEAh86VAMEAh86mAMEAh86rAMEAh864AMEAh87TAMEAh87YAMEAh87
cAMEAh87eDANBgkqhkiG9w0BAQsFAAOCAQEAhcGmyxZk6CFna8saFnCpLt6Txkai
Cn4z3zhwuA72BVWnp/62Diwuv50Qn6egjmd+81lHKSpoU8Hn3NNT7HAmogd4/u5e
hI0tssey4/llEIu37Wkh8FtyxOELMS85pWLfbUNNZAtFIazZf8AnDvq/DVnVFwku
aEtNBa2h1g3LLDi6EfijKc0PNskW063b3IuICqTgEYmvMImhBJnLbt3ieafXqr9X
jLOe8Dx+aqBgPbG1ShXpTX+78/2CZn5QIhfwIwVqRFr0fuqjEFhoo+oLfl9r84qA
7ZIGsjBjZPQCziD5SCt4AzlX+64P48eU/aras7wobzQrjiyKUsaxuOVb+A==
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:58:20 2025 by rpki-client