Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OWQ-aW-Mo1JFNXJGsb63d-33Mlw.roa
File: OWQ-aW-Mo1JFNXJGsb63d-33Mlw.roa (raw, json)
Hash identifier: /9+gHkQwbCdGtvK1D7blSEgC8YeA15na5Krm4tCfjeY=
Subject key identifier: 39:64:3E:69:6F:8C:A3:52:45:35:72:46:B1:BE:B7:77:ED:F7:32:5C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194300B10D19858E4DE3DF9591C440312FA
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OWQ-aW-Mo1JFNXJGsb63d-33Mlw.roa
Signing time: Sat 04 Jan 2025 06:40:19 +0000
ROA not before: Sat 04 Jan 2025 06:40:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.74.0/24 maxlen: 24
31.56.75.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.112.0/24 maxlen: 24
31.56.113.0/24 maxlen: 24
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.146.0/23 maxlen: 24
31.57.147.0/24 maxlen: 24
31.57.151.0/24 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.178.0/24 maxlen: 24
31.57.189.0/24 maxlen: 24
31.57.191.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.198.0/24 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.210.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.136.0/24 maxlen: 24
31.58.142.0/24 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.157.0/24 maxlen: 24
31.58.230.0/23 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.42.0/24 maxlen: 24
31.59.43.0/24 maxlen: 24
31.59.56.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.58.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.130.0/24 maxlen: 24
31.59.184.0/22 maxlen: 24
31.59.228.0/24 maxlen: 24
31.59.229.0/24 maxlen: 24
31.59.231.0/24 maxlen: 24
31.59.244.0/24 maxlen: 24
31.59.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 Jan 2025 05:36:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:30:0b:10:d1:98:58:e4:de:3d:f9:59:1c:44:03:12:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 4 06:40:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39643e696f8ca35245357246b1beb777edf7325c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:39:47:23:7e:c7:11:f3:b0:47:aa:1f:f8:9a:
b9:e8:09:af:8b:6e:a2:49:02:e8:94:64:9c:f1:3e:
64:0b:5a:ea:f4:75:99:ab:37:b5:25:61:c6:2c:5f:
e9:47:53:9b:48:6f:15:67:4d:26:66:89:b7:f2:33:
b7:ca:1b:a4:71:da:ae:35:67:df:12:10:1a:e2:d8:
51:a9:34:86:68:d8:0d:1c:02:09:15:de:17:bb:31:
f7:8a:9e:21:74:7e:94:e9:e8:ee:c8:5b:aa:7b:51:
4a:90:c2:6f:f0:d7:9d:17:69:01:71:ca:ae:40:14:
4a:4d:08:03:06:0e:bd:f9:50:0b:8e:9a:d5:10:83:
67:30:af:96:1d:ad:c7:3f:37:4c:29:5f:68:48:1a:
fe:1b:06:a8:54:18:b4:2f:6c:07:2b:ad:f1:7f:ae:
07:bc:d9:83:91:92:98:eb:69:33:f3:6a:72:df:fe:
22:58:bc:8a:06:f1:03:b8:90:a4:fb:4a:c1:85:4d:
fc:eb:bf:1c:3f:33:6d:17:4c:9c:74:fb:42:34:b7:
8c:37:ac:31:5f:22:fb:d5:15:62:b2:3d:fa:f5:13:
ef:4d:9d:2b:26:d1:eb:39:2f:2e:e0:bc:cb:81:83:
93:af:bd:35:70:19:6e:42:c6:4e:36:81:14:50:a0:
e6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:64:3E:69:6F:8C:A3:52:45:35:72:46:B1:BE:B7:77:ED:F7:32:5C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OWQ-aW-Mo1JFNXJGsb63d-33Mlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.71.0/24
31.56.74.0/23
31.56.89.0/24
31.56.104.0-31.56.115.255
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.132.0/23
31.57.146.0/23
31.57.151.0/24
31.57.176.0/21
31.57.189.0/24
31.57.191.0-31.57.195.255
31.57.198.0/24
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.136.0/24
31.58.142.0/24
31.58.152.0/22
31.58.157.0/24
31.58.230.0/23
31.59.41.0-31.59.43.255
31.59.56.0-31.59.58.255
31.59.96.0/22
31.59.112.0/22
31.59.130.0/24
31.59.184.0/22
31.59.228.0/23
31.59.231.0/24
31.59.244.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:2b:12:a7:bd:0a:97:cc:df:f3:41:f5:97:76:2f:1e:ce:17:
5f:80:31:02:62:dd:78:69:a4:2b:40:bf:3d:6d:a3:b5:d5:a9:
f0:e2:3b:80:1b:27:91:5d:65:14:b5:9e:b8:56:dd:22:95:f5:
7b:dc:03:7c:b7:7f:9b:d6:b1:e1:65:97:a3:81:d9:97:ad:da:
65:79:d0:bd:99:3a:ab:bd:d7:66:52:ba:3f:a4:4a:8d:33:dd:
74:84:b3:2f:23:c6:86:5d:6e:0b:f4:88:bb:b4:4b:80:e9:4e:
7b:aa:ad:15:84:cc:83:24:69:4a:92:91:f8:ba:07:f2:94:b6:
f5:07:29:14:94:0d:49:a0:58:ea:74:41:d6:7b:25:89:2e:b6:
fb:ff:27:b2:c8:33:11:6e:47:b5:94:7e:cd:64:a6:99:17:21:
f8:38:5d:58:10:78:59:e1:07:87:75:44:72:cc:a0:e9:53:c1:
4d:6e:22:b9:a4:c7:e0:4a:f3:9e:a2:13:3b:d8:99:88:b8:56:
8f:e4:22:86:8e:1b:7b:4c:77:4c:ae:df:d9:21:96:47:91:85:
8b:bd:71:5e:8b:ce:ab:d8:bd:6e:12:08:a1:5a:05:ab:23:85:
9a:5c:77:63:4d:ff:59:cd:43:f9:a0:b5:8b:b1:05:ec:9a:64:
16:4f:97:b8
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgISAZQwCxDRmFjk3j35WRxEAxL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTA0MDY0MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTY0M2U2OTZmOGNhMzUyNDUzNTcyNDZiMWJlYjc3N2VkZjczMjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zlHI37HEfOwR6of+Jq56Amvi26i
SQLolGSc8T5kC1rq9HWZqze1JWHGLF/pR1ObSG8VZ00mZom38jO3yhukcdquNWff
EhAa4thRqTSGaNgNHAIJFd4XuzH3ip4hdH6U6ejuyFuqe1FKkMJv8NedF2kBccqu
QBRKTQgDBg69+VALjprVEINnMK+WHa3HPzdMKV9oSBr+GwaoVBi0L2wHK63xf64H
vNmDkZKY62kz82py3/4iWLyKBvEDuJCk+0rBhU38678cPzNtF0ycdPtCNLeMN6wx
XyL71RVisj369RPvTZ0rJtHrOS8u4LzLgYOTr701cBluQsZONoEUUKDmxwIDAQAB
o4IDFTCCAxEwHQYDVR0OBBYEFDlkPmlvjKNSRTVyRrG+t3ft9zJcMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvT1dRLWFXLU1vMUpGTlhKR3NiNjNkLTMzTWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKQYIKwYBBQUHAQcBAf8EggEYMIIBFDCCARAEAgABMIIB
CAMEAR84BAMEAB84GAMEAR84KgMEAB84OQMEAB84RwMEAR84SgMEAB84WTAMAwQD
HzhoAwQCHzhwMAwDBAEfOHYDBAIfOHgDBAIfOMgDBAEfOYQDBAEfOZIDBAAfOZcD
BAMfObADBAAfOb0wDAMEAB85vwMEAh85wAMEAB85xgMEAR85yDAMAwQEHznQAwQC
HzngAwQCHznoAwQCHzn8AwQBHzoiAwQAHzqIAwQAHzqOAwQCHzqYAwQAHzqdAwQB
HzrmMAwDBAAfOykDBAIfOygwDAMEAx87OAMEAB87OgMEAh87YAMEAh87cAMEAB87
ggMEAh87uAMEAR875AMEAB875wMEAR879DANBgkqhkiG9w0BAQsFAAOCAQEAPSsS
p70Kl8zf80H1l3YvHs4XX4AxAmLdeGmkK0C/PW2jtdWp8OI7gBsnkV1lFLWeuFbd
IpX1e9wDfLd/m9ax4WWXo4HZl63aZXnQvZk6q73XZlK6P6RKjTPddISzLyPGhl1u
C/SIu7RLgOlOe6qtFYTMgyRpSpKR+LoH8pS29QcpFJQNSaBY6nRB1nsliS62+/8n
ssgzEW5HtZR+zWSmmRch+DhdWBB4WeEHh3VEcsyg6VPBTW4iuaTH4ErznqITO9iZ
iLhWj+Qiho4be0x3TK7f2SGWR5GFi71xXovOq9i9bhIIoVoFqyOFmlx3Y03/Wc1D
+aC1i7EF7JpkFk+XuA==
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:14 2025 by rpki-client