Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OwQFsBmsZ08Dhip_X2lz6-0S0OY.roa
File: OwQFsBmsZ08Dhip_X2lz6-0S0OY.roa (raw, json)
Hash identifier: WPDIh87wioDTqqEs2KQGcWGHh9VtVQPWAk/Z/XfSaP0=
Subject key identifier: 3B:04:05:B0:19:AC:67:4F:03:86:2A:7F:5F:69:73:EB:ED:12:D0:E6
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195092A505B0402B97376C72BB0EB63F202
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OwQFsBmsZ08Dhip_X2lz6-0S0OY.roa
Signing time: Sat 15 Feb 2025 10:32:02 +0000
ROA not before: Sat 15 Feb 2025 10:32:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.58.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.140.0/24 maxlen: 24
31.57.141.0/24 maxlen: 24
31.57.143.0/24 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.244.0/24 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.56.0/23 maxlen: 24
31.58.64.0/23 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.230.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.184.0/22 maxlen: 24
31.59.186.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 16 Feb 2025 07:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:09:2a:50:5b:04:02:b9:73:76:c7:2b:b0:eb:63:f2:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 15 10:32:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b0405b019ac674f03862a7f5f6973ebed12d0e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:05:c8:aa:ae:73:85:62:93:96:0b:31:e6:ed:
99:4c:8d:27:70:d1:4b:2b:f7:86:21:f2:a1:17:3a:
fe:e5:a8:66:dd:6c:14:8f:5e:7e:2c:9c:97:98:53:
68:0a:c6:c7:01:c9:09:de:f4:a5:b8:57:0a:86:5a:
95:9f:6a:c6:76:a4:f6:e7:3e:89:23:6b:8e:c2:12:
d8:8c:33:1a:64:82:04:a2:90:ea:38:63:96:f4:42:
e4:17:1f:57:63:e4:51:8a:47:68:93:37:26:ba:be:
e2:ab:5d:b6:18:e5:ea:86:8d:32:1e:37:4f:c6:23:
08:2c:09:24:c2:55:ac:49:09:65:d9:f1:43:2a:3f:
3b:5d:ac:7e:60:8b:d4:98:2f:bd:2a:90:3a:6d:53:
ff:98:50:cd:16:42:01:fd:63:60:be:05:ef:4c:14:
42:64:e3:25:a9:e6:94:4a:5a:94:fd:01:cf:54:ae:
00:72:b7:8f:c4:ae:29:ff:70:92:ca:25:d8:1e:32:
d7:59:64:0e:00:b4:e1:2c:e1:66:5f:72:18:a4:c1:
30:0e:43:40:d7:f3:00:e9:a0:c5:c2:5e:90:e2:26:
5b:01:48:79:6e:79:ef:e6:d7:7b:74:da:b5:29:c0:
dd:d0:4b:a5:62:4c:19:14:11:9c:72:af:58:70:c1:
86:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:04:05:B0:19:AC:67:4F:03:86:2A:7F:5F:69:73:EB:ED:12:D0:E6
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OwQFsBmsZ08Dhip_X2lz6-0S0OY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0-31.56.58.255
31.56.71.0/24
31.56.90.0/23
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.104.0/21
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.244.0/24
31.57.252.0/22
31.58.34.0/23
31.58.50.0/23
31.58.56.0/23
31.58.64.0/23
31.58.152.0/22
31.58.230.0/24
31.59.96.0/22
31.59.112.0/22
31.59.184.0/22
Signature Algorithm: sha256WithRSAEncryption
27:5b:61:7b:79:78:1e:7b:07:c2:03:32:3a:4f:88:05:f4:93:
49:07:e8:ac:80:45:23:f8:3a:ed:bb:00:ce:70:e3:a1:e2:ca:
b9:be:3e:73:8b:a4:5b:9f:3e:f1:d3:42:c4:af:5c:49:3a:c2:
bc:7a:c7:09:f4:73:f3:47:ee:bc:c7:a0:59:b5:fd:66:c4:ab:
5e:2a:6d:94:89:9b:98:60:86:d5:79:c8:1d:b9:66:84:e9:b5:
40:58:22:db:4f:60:6d:39:ec:c9:41:7a:5c:1d:ae:7c:e7:46:
4c:a7:fa:f0:a3:50:7d:ba:79:5e:36:e4:26:6f:07:35:44:3d:
5c:ba:eb:70:27:aa:18:27:04:54:a6:4d:ac:04:d8:f0:6f:c1:
bc:23:2d:98:a5:c4:fb:58:2e:ba:e7:27:18:09:64:78:cb:c8:
9d:b5:2a:21:76:01:bf:83:ad:af:3b:aa:65:2b:db:26:e9:c8:
8a:69:48:71:ae:12:7d:d8:61:ff:f3:da:70:fa:7b:98:9b:4e:
46:7c:c4:43:27:3e:52:6c:8a:fb:c6:48:fb:bf:10:0e:e9:41:
5c:96:11:e7:2c:a9:6c:5d:a0:37:10:58:fb:e3:42:54:b6:22:
ac:fb:95:66:3f:0b:0c:5d:ff:93:45:80:d1:72:02:b0:4b:ad:
b2:f1:b8:13
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAZUJKlBbBAK5c3bHK7DrY/ICMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjE1MTAzMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjA0MDViMDE5YWM2NzRmMDM4NjJhN2Y1ZjY5NzNlYmVkMTJkMGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+AXIqq5zhWKTlgsx5u2ZTI0ncNFL
K/eGIfKhFzr+5ahm3WwUj15+LJyXmFNoCsbHAckJ3vSluFcKhlqVn2rGdqT25z6J
I2uOwhLYjDMaZIIEopDqOGOW9ELkFx9XY+RRikdokzcmur7iq122GOXqho0yHjdP
xiMILAkkwlWsSQll2fFDKj87Xax+YIvUmC+9KpA6bVP/mFDNFkIB/WNgvgXvTBRC
ZOMlqeaUSlqU/QHPVK4AcrePxK4p/3CSyiXYHjLXWWQOALThLOFmX3IYpMEwDkNA
1/MA6aDFwl6Q4iZbAUh5bnnv5td7dNq1KcDd0EulYkwZFBGccq9YcMGG+QIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFDsEBbAZrGdPA4Yqf19pc+vtEtDmMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvT3dRRnNCbXNaMDhEaGlwX1gybHo2LTBTME9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCB0wQCAAEwgcwDBAEf
OAQDBAAfOBgDBAEfOCowDAMEAB84OQMEAB84OgMEAB84RwMEAR84WgMEAx84aAME
AR84cjAMAwQBHzh2AwQCHzh4AwQCHzjIAwQDHzloAwQBHzmEAwQDHzmIAwQBHzmS
AwQDHzmwAwQCHznAAwQBHznIMAwDBAQfOdADBAIfOeADBAIfOegDBAAfOfQDBAIf
OfwDBAEfOiIDBAEfOjIDBAEfOjgDBAEfOkADBAIfOpgDBAAfOuYDBAIfO2ADBAIf
O3ADBAIfO7gwDQYJKoZIhvcNAQELBQADggEBACdbYXt5eB57B8IDMjpPiAX0k0kH
6KyARSP4Ou27AM5w46Hiyrm+PnOLpFufPvHTQsSvXEk6wrx6xwn0c/NH7rzHoFm1
/WbEq14qbZSJm5hghtV5yB25ZoTptUBYIttPYG057MlBelwdrnznRkyn+vCjUH26
eV425CZvBzVEPVy663AnqhgnBFSmTawE2PBvwbwjLZilxPtYLrrnJxgJZHjLyJ21
KiF2Ab+Dra87qmUr2ybpyIppSHGuEn3YYf/z2nD6e5ibTkZ8xEMnPlJsivvGSPu/
EA7pQVyWEecsqWxdoDcQWPvjQlS2Iqz7lWY/Cwxd/5NFgNFyArBLrbLxuBM=
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:52:20 2025 by rpki-client