Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/VUtBvVsK1pq5ufSwyfW8HqREkhA.roa
File: VUtBvVsK1pq5ufSwyfW8HqREkhA.roa (raw, json)
Hash identifier: nSC7/erv48IYnJ1yRN0uiC6dMss+8l6HHpfPvpZV6Xg=
Subject key identifier: 55:4B:41:BD:5B:0A:D6:9A:B9:B9:F4:B0:C9:F5:BC:1E:A4:44:92:10
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193E3051FF470F7214614593D73F9B8E4B3
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/VUtBvVsK1pq5ufSwyfW8HqREkhA.roa
Signing time: Fri 20 Dec 2024 07:43:04 +0000
ROA not before: Fri 20 Dec 2024 07:43:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.64.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.74.0/24 maxlen: 24
31.56.75.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.156.0/24 maxlen: 24
31.57.65.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.145.0/24 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.178.0/24 maxlen: 24
31.57.179.0/24 maxlen: 24
31.57.181.0/24 maxlen: 24
31.57.182.0/24 maxlen: 24
31.57.183.0/24 maxlen: 24
31.57.188.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.204.0/24 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.232.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.131.0/24 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.167.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.130.0/24 maxlen: 24
31.59.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Dec 2024 09:04:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e3:05:1f:f4:70:f7:21:46:14:59:3d:73:f9:b8:e4:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 20 07:43:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=554b41bd5b0ad69ab9b9f4b0c9f5bc1ea4449210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:05:38:c3:cd:7a:38:b3:79:ff:6c:2e:c6:5b:
90:e1:56:3e:19:2b:ec:be:a2:79:ed:3b:97:24:40:
fc:82:a7:86:98:23:b1:50:72:1a:57:00:ee:ca:14:
69:8b:37:22:bd:77:3d:b1:24:63:83:ba:fe:43:e4:
24:a8:2d:e3:7f:c5:c0:96:18:86:54:34:93:2f:5b:
b4:96:3d:2f:18:ac:cd:3b:db:3e:b3:86:0c:39:72:
78:df:af:18:85:1e:1f:cb:cd:fb:e7:e9:bb:38:85:
fc:8c:8a:96:b8:34:7d:41:e8:0f:15:c4:5f:95:04:
29:ab:b2:b9:ae:f9:2e:1f:28:ee:57:50:a5:5d:05:
12:3e:67:0b:d8:10:85:83:f1:19:f1:c2:0b:b2:6f:
06:cf:b9:bf:36:73:4f:53:c6:21:5e:dd:66:58:77:
0c:37:fd:de:de:c0:88:e6:36:be:10:c3:2f:61:6e:
54:f0:e7:b9:24:15:9e:23:32:66:b2:27:8a:78:f4:
63:be:e9:72:3a:8d:b9:38:59:98:33:95:04:86:d1:
e4:f6:53:4c:45:8d:fb:14:f4:c3:68:d0:c8:34:30:
1e:ad:01:87:c3:9c:7d:b8:16:3d:fe:ae:6a:3e:c4:
5c:8f:dc:30:7e:f9:51:fa:0a:cb:81:07:a6:ed:a9:
e5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:4B:41:BD:5B:0A:D6:9A:B9:B9:F4:B0:C9:F5:BC:1E:A4:44:92:10
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/VUtBvVsK1pq5ufSwyfW8HqREkhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.64.0/24
31.56.71.0/24
31.56.74.0/23
31.56.89.0/24
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.156.0/24
31.57.65.0/24
31.57.132.0/23
31.57.145.0-31.57.147.255
31.57.176.0/21
31.57.188.0/24
31.57.192.0/22
31.57.200.0/23
31.57.204.0/24
31.57.208.0/20
31.57.232.0/22
31.58.34.0/23
31.58.131.0/24
31.58.152.0/22
31.58.167.0/24
31.59.96.0/22
31.59.112.0/22
31.59.130.0/24
31.59.184.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:ae:ea:ce:29:cc:70:ce:8a:85:6e:73:7f:e0:1f:0b:f6:e8:
49:b7:d6:09:7c:77:fe:8d:b0:6d:d8:1c:29:28:f3:ff:8d:4f:
ac:11:cd:3d:d6:0f:18:26:ca:81:1f:ab:d2:64:e7:b7:38:e3:
dd:09:47:09:80:3c:49:9b:26:2f:e9:90:70:42:95:36:b3:02:
45:3d:17:74:49:30:8c:eb:7f:f9:42:da:d3:6b:10:46:6a:f4:
df:8d:f6:18:88:4d:f1:bf:ba:2f:a7:a9:b7:4b:c4:89:a7:b8:
d3:bc:41:fc:9b:f9:a4:6b:3a:9b:6b:49:c7:70:92:52:a2:16:
30:58:a9:6f:72:7f:53:d4:bc:78:c3:b1:6b:94:ec:9a:db:6d:
e1:7b:a3:13:3a:3f:3e:b1:4e:1b:6c:77:4c:65:67:f5:99:64:
d5:c8:c2:4f:43:25:e1:7d:a6:13:0d:01:b2:9b:7c:51:f6:3a:
35:45:eb:61:22:0d:0d:02:b9:aa:3d:6d:69:e7:36:0d:bf:3a:
05:c2:e5:6b:74:27:28:e6:44:85:42:3a:0a:cb:10:e0:2c:83:
a4:ad:10:36:40:fd:08:59:fd:2f:5b:03:79:ee:02:b3:42:4d:
90:fe:cc:e8:d4:5d:d6:7a:12:8d:d1:24:26:00:ef:e8:e9:0e:
86:6b:68:ab
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAZPjBR/0cPchRhRZPXP5uOSzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjIwMDc0MzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTRiNDFiZDViMGFkNjlhYjliOWY0YjBjOWY1YmMxZWE0NDQ5MjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQU4w816OLN5/2wuxluQ4VY+GSvs
vqJ57TuXJED8gqeGmCOxUHIaVwDuyhRpizcivXc9sSRjg7r+Q+QkqC3jf8XAlhiG
VDSTL1u0lj0vGKzNO9s+s4YMOXJ4368YhR4fy8375+m7OIX8jIqWuDR9QegPFcRf
lQQpq7K5rvkuHyjuV1ClXQUSPmcL2BCFg/EZ8cILsm8Gz7m/NnNPU8YhXt1mWHcM
N/3e3sCI5ja+EMMvYW5U8Oe5JBWeIzJmsieKePRjvulyOo25OFmYM5UEhtHk9lNM
RY37FPTDaNDINDAerQGHw5x9uBY9/q5qPsRcj9wwfvlR+grLgQem7anlqQIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFFVLQb1bCtaaubn0sMn1vB6kRJIQMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVlV0QnZWc0sxcHE1dWZTd3lmVzhIcVJFa2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAEwgcQDBAEf
OAQDBAAfOBgDBAEfOCoDBAAfODkDBAAfOEADBAAfOEcDBAEfOEoDBAAfOFkDBAMf
OGgDBAEfOHIwDAMEAR84dgMEAh84eAMEAB84nAMEAB85QQMEAR85hDAMAwQAHzmR
AwQCHzmQAwQDHzmwAwQAHzm8AwQCHznAAwQBHznIAwQAHznMAwQEHznQAwQCHzno
AwQBHzoiAwQAHzqDAwQCHzqYAwQAHzqnAwQCHztgAwQCHztwAwQAHzuCAwQCHzu4
MA0GCSqGSIb3DQEBCwUAA4IBAQAvrurOKcxwzoqFbnN/4B8L9uhJt9YJfHf+jbBt
2BwpKPP/jU+sEc091g8YJsqBH6vSZOe3OOPdCUcJgDxJmyYv6ZBwQpU2swJFPRd0
STCM63/5QtrTaxBGavTfjfYYiE3xv7ovp6m3S8SJp7jTvEH8m/mkazqba0nHcJJS
ohYwWKlvcn9T1Lx4w7FrlOya223he6MTOj8+sU4bbHdMZWf1mWTVyMJPQyXhfaYT
DQGym3xR9jo1RethIg0NArmqPW1p5zYNvzoFwuVrdCco5kSFQjoKyxDgLIOkrRA2
QP0IWf0vWwN57gKzQk2Q/szo1F3WehKN0SQmAO/o6Q6Ga2ir
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:51:06 2025 by rpki-client