Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/PlunulflT1uvgtZvmaxZqzkydLM.roa
File: PlunulflT1uvgtZvmaxZqzkydLM.roa (raw, json)
Hash identifier: w0co89x7nDThHlwlX5hwvXxbDEjAK1lqsC3eNS/L6KQ=
Subject key identifier: 3E:5B:A7:BA:57:E5:4F:5B:AF:82:D6:6F:99:AC:59:AB:39:32:74:B3
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01941D97DCF1D42121A3DC2201EE43243228
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/PlunulflT1uvgtZvmaxZqzkydLM.roa
Signing time: Tue 31 Dec 2024 16:41:19 +0000
ROA not before: Tue 31 Dec 2024 16:41:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.74.0/24 maxlen: 24
31.56.75.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.146.0/23 maxlen: 24
31.57.147.0/24 maxlen: 24
31.57.151.0/24 maxlen: 24
31.57.152.0/24 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.178.0/24 maxlen: 24
31.57.179.0/24 maxlen: 24
31.57.182.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.210.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.136.0/24 maxlen: 24
31.58.142.0/24 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.230.0/23 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.42.0/24 maxlen: 24
31.59.43.0/24 maxlen: 24
31.59.56.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.58.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.130.0/24 maxlen: 24
31.59.184.0/22 maxlen: 24
31.59.228.0/24 maxlen: 24
31.59.229.0/24 maxlen: 24
31.59.231.0/24 maxlen: 24
31.59.244.0/24 maxlen: 24
31.59.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 10:29:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1d:97:dc:f1:d4:21:21:a3:dc:22:01:ee:43:24:32:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 31 16:41:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e5ba7ba57e54f5baf82d66f99ac59ab393274b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:dc:63:65:0b:d0:2e:f3:ba:56:0c:7d:4c:6c:
56:23:ed:4f:8b:73:fe:08:56:ce:81:00:a6:f0:2b:
1a:18:88:32:29:2e:04:3b:2d:e2:b9:2e:8f:87:e7:
d7:73:c5:c7:61:16:57:82:a4:41:09:26:de:b0:37:
eb:f8:3f:31:19:29:d1:ed:4c:9c:39:3f:6e:ac:22:
fc:35:29:eb:99:55:83:47:9b:52:4c:ab:96:60:b6:
45:8c:34:3c:9e:5a:db:a1:09:55:90:26:1a:14:04:
ae:54:cf:00:c0:ea:7e:a9:9a:66:d4:ec:87:42:43:
a3:ba:8b:0a:1d:9f:02:c3:03:55:f2:cf:b7:d9:c4:
56:4d:ed:48:0d:bc:35:86:e9:ef:4d:2d:f3:41:7a:
b1:9f:b3:7c:ab:61:d5:21:37:71:78:ed:c5:2b:13:
0b:d1:38:ec:34:05:82:05:c5:bf:fc:4e:00:46:2e:
ca:82:fd:13:1c:03:27:f7:7d:c7:17:29:60:c7:03:
fc:3e:94:3f:12:d1:c3:3c:ad:3f:2d:95:13:a8:08:
d6:b6:24:cc:04:e9:52:ae:b3:7f:7c:cb:d0:39:db:
e8:5d:d7:c9:51:b3:8f:45:64:0a:49:ed:2f:8a:44:
c5:06:c2:cc:dc:ff:09:58:f9:05:6d:64:b9:86:8f:
7b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:5B:A7:BA:57:E5:4F:5B:AF:82:D6:6F:99:AC:59:AB:39:32:74:B3
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/PlunulflT1uvgtZvmaxZqzkydLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.71.0/24
31.56.74.0/23
31.56.89.0/24
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.132.0/23
31.57.146.0/23
31.57.151.0-31.57.152.255
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.136.0/24
31.58.142.0/24
31.58.152.0/22
31.58.230.0/23
31.59.41.0-31.59.43.255
31.59.56.0-31.59.58.255
31.59.96.0/22
31.59.112.0/22
31.59.130.0/24
31.59.184.0/22
31.59.228.0/23
31.59.231.0/24
31.59.244.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:4e:ed:79:21:9f:59:0a:1f:4f:b4:fe:a5:77:62:46:52:a0:
81:df:6b:68:52:af:75:55:f1:b7:f2:c2:db:b8:c6:25:31:91:
12:ab:5a:b0:6a:bd:dd:98:db:df:e8:2a:71:d7:6b:59:4a:8c:
8a:4c:d1:20:74:4f:cc:36:85:2a:a9:05:16:19:23:54:30:47:
04:23:91:1f:4e:92:3b:cb:67:fc:14:1d:8e:f1:a4:34:82:7d:
d9:c0:51:0f:a6:91:b5:ff:a2:7e:87:34:90:e6:c4:3a:d6:70:
17:58:e5:52:97:fb:a5:d2:dc:73:b1:4d:ac:b9:10:02:2a:1e:
7e:66:52:29:08:61:b1:c5:38:c8:e1:2b:08:27:7a:2a:2c:7c:
1c:b1:06:63:58:af:0e:f6:1f:6c:19:45:b8:b0:58:ad:1b:b5:
de:ad:df:62:39:83:9b:bc:6f:8e:07:53:2b:c1:38:16:7a:61:
74:ca:85:b1:c1:79:09:f1:54:27:b2:a1:9e:8f:30:1d:4e:be:
62:3d:55:84:f0:b8:65:33:ed:24:6c:bc:79:3c:0d:21:84:ef:
17:3c:fa:38:c4:2b:8d:b9:49:08:ea:43:57:04:82:db:cc:05:
de:6f:ba:82:31:8c:43:56:17:8c:ca:9d:be:2b:63:d2:8e:51:
29:b6:a0:1b
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgISAZQdl9zx1CEho9wiAe5DJDIoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjMxMTY0MTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTViYTdiYTU3ZTU0ZjViYWY4MmQ2NmY5OWFjNTlhYjM5MzI3NGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstxjZQvQLvO6Vgx9TGxWI+1Pi3P+
CFbOgQCm8CsaGIgyKS4EOy3iuS6Ph+fXc8XHYRZXgqRBCSbesDfr+D8xGSnR7Uyc
OT9urCL8NSnrmVWDR5tSTKuWYLZFjDQ8nlrboQlVkCYaFASuVM8AwOp+qZpm1OyH
QkOjuosKHZ8CwwNV8s+32cRWTe1IDbw1hunvTS3zQXqxn7N8q2HVITdxeO3FKxML
0TjsNAWCBcW//E4ARi7Kgv0THAMn933HFylgxwP8PpQ/EtHDPK0/LZUTqAjWtiTM
BOlSrrN/fMvQOdvoXdfJUbOPRWQKSe0vikTFBsLM3P8JWPkFbWS5ho97mwIDAQAB
o4IC/jCCAvowHQYDVR0OBBYEFD5bp7pX5U9br4LWb5msWas5MnSzMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUGx1bnVsZmxUMXV2Z3Radm1heFpxemt5ZExNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEgYIKwYBBQUHAQcBAf8EggEBMIH+MIH7BAIAATCB9AME
AR84BAMEAB84GAMEAR84KgMEAB84OQMEAB84RwMEAR84SgMEAB84WQMEAx84aAME
AR84cjAMAwQBHzh2AwQCHzh4AwQCHzjIAwQBHzmEAwQBHzmSMAwDBAAfOZcDBAAf
OZgDBAMfObADBAIfOcADBAEfOcgwDAMEBB850AMEAh854AMEAh856AMEAh85/AME
AR86IgMEAB86iAMEAB86jgMEAh86mAMEAR865jAMAwQAHzspAwQCHzsoMAwDBAMf
OzgDBAAfOzoDBAIfO2ADBAIfO3ADBAAfO4IDBAIfO7gDBAEfO+QDBAAfO+cDBAEf
O/QwDQYJKoZIhvcNAQELBQADggEBAHpO7Xkhn1kKH0+0/qV3YkZSoIHfa2hSr3VV
8bfywtu4xiUxkRKrWrBqvd2Y29/oKnHXa1lKjIpM0SB0T8w2hSqpBRYZI1QwRwQj
kR9OkjvLZ/wUHY7xpDSCfdnAUQ+mkbX/on6HNJDmxDrWcBdY5VKX+6XS3HOxTay5
EAIqHn5mUikIYbHFOMjhKwgneiosfByxBmNYrw72H2wZRbiwWK0btd6t32I5g5u8
b44HUyvBOBZ6YXTKhbHBeQnxVCeyoZ6PMB1OvmI9VYTwuGUz7SRsvHk8DSGE7xc8
+jjEK425SQjqQ1cEgtvMBd5vuoIxjENWF4zKnb4rY9KOUSm2oBs=
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:51:31 2025 by rpki-client