Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/VPKx-RJffEXJoBDwhUpiCrIJ-Vw.roa
File: VPKx-RJffEXJoBDwhUpiCrIJ-Vw.roa (raw, json)
Hash identifier: cCnTNmZ0MmVyZsXCzvnD6iJE1tzhjxFqdFgGBebjpZA=
Subject key identifier: 54:F2:B1:F9:12:5F:7C:45:C9:A0:10:F0:85:4A:62:0A:B2:09:F9:5C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194D505FE2D6E33774D35C28156910C5AE4
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/VPKx-RJffEXJoBDwhUpiCrIJ-Vw.roa
Signing time: Wed 05 Feb 2025 07:32:07 +0000
ROA not before: Wed 05 Feb 2025 07:32:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.74.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.129.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.151.0/24 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.191.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.197.0/24 maxlen: 24
31.57.198.0/24 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.238.0/24 maxlen: 24
31.57.252.0/22 maxlen: 24
31.57.254.0/24 maxlen: 24
31.58.33.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.153.0/24 maxlen: 24
31.58.163.0/24 maxlen: 24
31.58.230.0/23 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.42.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.108.0/24 maxlen: 24
31.59.112.0/22 maxlen: 22
31.59.184.0/22 maxlen: 24
31.59.228.0/24 maxlen: 24
31.59.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Feb 2025 08:58:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:05:fe:2d:6e:33:77:4d:35:c2:81:56:91:0c:5a:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 5 07:32:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=54f2b1f9125f7c45c9a010f0854a620ab209f95c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ec:16:cb:9e:bc:5a:d2:98:5e:9e:39:61:78:
d3:75:5f:13:e8:b7:cb:40:44:6f:cd:39:a5:91:c5:
8e:aa:0e:67:a1:68:55:b4:b9:a0:8c:c5:77:cd:8c:
fe:93:12:56:52:a4:d1:de:ae:b2:99:56:3f:a4:e6:
0f:90:99:f5:ad:d1:87:22:3e:04:a2:58:65:f8:71:
7c:6f:0d:32:d8:cb:34:0f:8b:52:2d:df:e5:8c:ea:
58:4a:43:24:db:f7:e0:b6:c3:41:b4:f9:6c:4c:61:
b5:43:e4:f8:fe:92:ab:71:8c:be:98:50:1f:e5:c9:
b8:cd:27:07:d2:14:28:cc:a5:a3:e7:3a:65:96:49:
19:21:38:68:1b:09:d4:7f:9b:c0:5e:87:29:5a:5a:
03:71:77:32:6a:bf:18:74:09:f7:bb:ee:93:85:9f:
e2:ad:7b:00:a8:89:70:84:92:a7:1d:4d:6c:bb:0a:
61:82:e6:fc:e1:99:03:e5:d8:8e:34:0e:6d:64:2f:
cf:bc:57:b5:9a:68:4a:bd:97:05:d9:27:76:12:10:
11:c3:20:3b:f6:28:55:94:77:af:3b:ba:d0:06:5c:
8d:54:10:2f:f2:cf:b8:55:77:81:e2:83:96:ec:03:
28:31:63:23:d2:fb:de:ed:fc:2c:e2:b7:a3:c8:d8:
a6:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:F2:B1:F9:12:5F:7C:45:C9:A0:10:F0:85:4A:62:0A:B2:09:F9:5C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/VPKx-RJffEXJoBDwhUpiCrIJ-Vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.74.0/24
31.56.89.0-31.56.91.255
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.104.0/21
31.57.129.0/24
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.151.0/24
31.57.176.0/21
31.57.191.0-31.57.195.255
31.57.197.0-31.57.198.255
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.238.0/24
31.57.252.0/22
31.58.33.0-31.58.35.255
31.58.152.0/22
31.58.163.0/24
31.58.230.0/23
31.59.41.0-31.59.42.255
31.59.57.0/24
31.59.96.0/22
31.59.108.0/24
31.59.112.0/22
31.59.184.0/22
31.59.228.0/24
31.59.230.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:9b:0e:a4:39:ac:9a:ee:6a:76:28:49:cd:72:33:2a:4b:44:
27:e1:b7:78:a0:c6:18:55:ae:29:d7:d3:b6:87:0c:68:58:f5:
45:9f:e7:09:06:a1:4d:d1:8a:91:98:5e:e8:05:04:40:e1:27:
ff:e5:26:74:e7:94:0b:35:05:dd:97:a5:d5:df:d4:ce:da:30:
83:6f:9a:7a:7a:ef:1e:e4:36:06:f1:94:86:5c:93:9b:92:17:
2c:25:6f:f3:e3:0a:94:c8:d6:7b:7f:8a:55:87:e7:1f:9f:7d:
61:c5:f8:b1:fc:a8:98:e9:15:61:32:2c:a4:cd:1d:ab:c3:81:
59:63:93:23:7e:2d:a4:dd:bd:51:b1:25:51:48:be:d1:66:c0:
3c:7e:76:81:9a:52:56:e8:17:8e:f1:f5:72:cd:7d:82:9e:b2:
c6:0e:e3:21:58:9d:34:dd:f2:13:f9:ac:b3:44:92:19:a6:bc:
e1:cc:6c:e6:80:e9:68:aa:96:11:de:f7:40:2f:f7:40:5e:b5:
af:ee:2b:96:c4:f0:53:27:09:ab:18:14:30:2d:43:0e:ac:0b:
a3:70:e6:3e:a2:c1:0c:f9:16:7c:62:fb:e4:ef:5c:65:6a:a6:
b9:b6:95:1e:c8:18:97:eb:60:e9:5c:a6:47:c2:04:d3:ac:76:
bd:56:3e:7b
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAZTVBf4tbjN3TTXCgVaRDFrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjA1MDczMjA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGYyYjFmOTEyNWY3YzQ1YzlhMDEwZjA4NTRhNjIwYWIyMDlmOTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmewWy568WtKYXp45YXjTdV8T6LfL
QERvzTmlkcWOqg5noWhVtLmgjMV3zYz+kxJWUqTR3q6ymVY/pOYPkJn1rdGHIj4E
olhl+HF8bw0y2Ms0D4tSLd/ljOpYSkMk2/fgtsNBtPlsTGG1Q+T4/pKrcYy+mFAf
5cm4zScH0hQozKWj5zpllkkZIThoGwnUf5vAXocpWloDcXcyar8YdAn3u+6ThZ/i
rXsAqIlwhJKnHU1suwphgub84ZkD5diONA5tZC/PvFe1mmhKvZcF2Sd2EhARwyA7
9ihVlHevO7rQBlyNVBAv8s+4VXeB4oOW7AMoMWMj0vve7fws4rejyNimVwIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFFTysfkSX3xFyaAQ8IVKYgqyCflcMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVlBLeC1SSmZmRVhKb0JEd2hVcGlDcklKLVZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDCCARgEAgABMIIB
EAMEAR84BAMEAB84GAMEAR84KgMEAB84OQMEAB84SjAMAwQAHzhZAwQCHzhYAwQD
HzhoAwQBHzhyMAwDBAEfOHYDBAIfOHgDBAIfOMgDBAMfOWgDBAAfOYEDBAEfOYQD
BAMfOYgDBAEfOZIDBAAfOZcDBAMfObAwDAMEAB85vwMEAh85wDAMAwQAHznFAwQA
HznGAwQBHznIMAwDBAQfOdADBAIfOeADBAIfOegDBAAfOe4DBAIfOfwwDAMEAB86
IQMEAh86IAMEAh86mAMEAB86owMEAR865jAMAwQAHzspAwQAHzsqAwQAHzs5AwQC
HztgAwQAHztsAwQCHztwAwQCHzu4AwQAHzvkAwQAHzvmMA0GCSqGSIb3DQEBCwUA
A4IBAQCKmw6kOaya7mp2KEnNcjMqS0Qn4bd4oMYYVa4p19O2hwxoWPVFn+cJBqFN
0YqRmF7oBQRA4Sf/5SZ055QLNQXdl6XV39TO2jCDb5p6eu8e5DYG8ZSGXJObkhcs
JW/z4wqUyNZ7f4pVh+cfn31hxfix/KiY6RVhMiykzR2rw4FZY5Mjfi2k3b1RsSVR
SL7RZsA8fnaBmlJW6BeO8fVyzX2CnrLGDuMhWJ003fIT+ayzRJIZprzhzGzmgOlo
qpYR3vdAL/dAXrWv7iuWxPBTJwmrGBQwLUMOrAujcOY+osEM+RZ8Yvvk71xlaqa5
tpUeyBiX62DpXKZHwgTTrHa9Vj57
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:04 2025 by rpki-client