Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ZBfy2ztBKNXYB8RY8_bw9zDG-xk.roa
File: ZBfy2ztBKNXYB8RY8_bw9zDG-xk.roa (raw, json)
Hash identifier: EjABQBog5Y5ySQNfOqiWtJgJbzJTB+Nr+z9t2oIp96c=
Subject key identifier: 64:17:F2:DB:3B:41:28:D5:D8:07:C4:58:F3:F6:F0:F7:30:C6:FB:19
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193825504E639606F06CE74D5A2496FA1B7
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ZBfy2ztBKNXYB8RY8_bw9zDG-xk.roa
Signing time: Sun 01 Dec 2024 13:07:10 +0000
ROA not before: Sun 01 Dec 2024 13:07:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.48.0/24 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.120.0/22 maxlen: 24
31.56.127.0/24 maxlen: 24
31.57.65.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.146.0/23 maxlen: 24
31.57.166.0/24 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.184.0/23 maxlen: 24
31.57.186.0/23 maxlen: 24
31.57.188.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.204.0/24 maxlen: 24
31.57.228.0/24 maxlen: 24
31.57.232.0/22 maxlen: 24
31.58.129.0/24 maxlen: 24
31.58.130.0/24 maxlen: 24
31.58.131.0/24 maxlen: 24
31.58.150.0/24 maxlen: 24
31.58.152.0/22 maxlen: 24
31.59.68.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.120.0/22 maxlen: 22
31.59.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Dec 2024 20:58:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:82:55:04:e6:39:60:6f:06:ce:74:d5:a2:49:6f:a1:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 1 13:07:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6417f2db3b4128d5d807c458f3f6f0f730c6fb19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:08:7e:c1:be:74:31:af:83:63:cd:d3:38:a2:
20:fc:90:bc:92:e9:ea:c2:fc:58:cf:90:88:48:83:
b6:54:16:87:62:7d:36:03:a4:54:9d:08:57:c7:81:
a2:60:36:ea:fe:9d:13:b0:63:3e:4c:05:97:ab:fc:
9d:1d:ef:f3:f2:4a:ee:b4:1f:ee:98:3e:81:d5:a5:
2b:49:4e:db:08:5c:2a:48:dc:23:ad:c8:6e:b4:be:
77:d6:e9:8a:5a:03:54:e3:68:d7:df:bd:cb:6a:bb:
e8:52:bc:fe:a1:1c:14:03:8a:72:1b:58:b2:3d:54:
05:d4:fa:a2:86:69:01:5d:75:65:c0:7c:a2:dd:a8:
7a:fb:f4:f9:39:25:aa:f2:07:97:1e:2d:f6:44:49:
84:8b:22:31:0f:ae:32:b5:cf:42:81:9e:ee:72:ba:
39:e5:e8:ea:56:e6:cb:fc:64:b9:cd:33:fc:fc:52:
d8:7c:47:21:3e:27:76:de:68:7d:b5:e4:49:ba:c0:
70:10:ea:fa:d7:a3:9b:8c:55:a7:39:d1:9f:4f:51:
33:f5:3d:88:3c:fd:63:af:c9:73:01:cd:2d:44:e3:
a8:65:bc:2f:86:71:d2:13:ba:89:fe:52:d1:bd:ff:
a7:72:99:b9:1c:86:8f:3d:ae:3e:33:fd:08:39:00:
21:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:17:F2:DB:3B:41:28:D5:D8:07:C4:58:F3:F6:F0:F7:30:C6:FB:19
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ZBfy2ztBKNXYB8RY8_bw9zDG-xk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.48.0/24
31.56.57.0/24
31.56.89.0/24
31.56.104.0/21
31.56.120.0/22
31.56.127.0/24
31.57.65.0/24
31.57.132.0/23
31.57.146.0/23
31.57.166.0/24
31.57.176.0-31.57.188.255
31.57.192.0/22
31.57.204.0/24
31.57.228.0/24
31.57.232.0/22
31.58.129.0-31.58.131.255
31.58.150.0/24
31.58.152.0/22
31.59.68.0/24
31.59.96.0/22
31.59.112.0/22
31.59.120.0/22
31.59.184.0/22
Signature Algorithm: sha256WithRSAEncryption
29:23:c8:5b:0e:a8:96:2f:80:ce:a3:e2:c7:0d:f8:ce:d6:b6:
05:24:92:f8:e7:66:c5:6e:09:3c:2b:18:f6:c2:e6:91:08:42:
d2:d2:19:77:a7:0e:36:43:d0:e7:97:74:63:75:85:20:c4:0a:
d2:6c:58:97:51:4e:3d:a4:bb:fe:26:3a:f0:66:b0:67:c2:a0:
aa:42:c5:72:e2:90:4a:d6:84:1d:f1:7f:b7:84:3c:8d:2b:3e:
27:46:38:5e:a4:9b:86:0f:fd:df:93:6c:6e:1c:f0:5f:08:2a:
f1:e6:11:63:db:28:82:a5:19:ab:b3:c5:ad:e9:07:39:0a:8c:
4c:2d:55:9f:f5:83:59:5e:89:56:94:f8:d2:16:02:80:3f:2b:
68:a0:6b:bf:f9:44:c6:43:2a:7b:78:04:d5:f5:00:0b:e5:37:
78:d5:c6:07:68:96:ea:ed:94:00:eb:bd:95:cb:31:e7:40:38:
87:db:1c:b3:45:cc:4a:d8:8a:29:46:3c:23:9c:2b:5b:e2:74:
74:a6:89:a3:8c:a7:62:c5:20:1d:c9:fc:14:3c:27:20:0c:34:
05:42:34:67:6e:12:ea:8a:1d:79:6e:df:14:48:b7:39:f7:73:
5d:97:2c:01:99:9f:0a:08:a1:33:0e:f1:b4:08:d3:aa:e5:82:
60:56:b3:de
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZOCVQTmOWBvBs501aJJb6G3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjAxMTMwNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDE3ZjJkYjNiNDEyOGQ1ZDgwN2M0NThmM2Y2ZjBmNzMwYzZmYjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwh+wb50Ma+DY83TOKIg/JC8kunq
wvxYz5CISIO2VBaHYn02A6RUnQhXx4GiYDbq/p0TsGM+TAWXq/ydHe/z8krutB/u
mD6B1aUrSU7bCFwqSNwjrchutL531umKWgNU42jX373LarvoUrz+oRwUA4pyG1iy
PVQF1PqihmkBXXVlwHyi3ah6+/T5OSWq8geXHi32REmEiyIxD64ytc9CgZ7ucro5
5ejqVubL/GS5zTP8/FLYfEchPid23mh9teRJusBwEOr616ObjFWnOdGfT1Ez9T2I
PP1jr8lzAc0tROOoZbwvhnHSE7qJ/lLRvf+ncpm5HIaPPa4+M/0IOQAhlQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFGQX8ts7QSjV2AfEWPP28PcwxvsZMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvWkJmeTJ6dEJLTlhZQjhSWThfYnc5ekRHLXhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAEf
OAQDBAAfOBgDBAEfOCoDBAAfODADBAAfODkDBAAfOFkDBAMfOGgDBAIfOHgDBAAf
OH8DBAAfOUEDBAEfOYQDBAEfOZIDBAAfOaYwDAMEBB85sAMEAB85vAMEAh85wAME
AB85zAMEAB855AMEAh856DAMAwQAHzqBAwQCHzqAAwQAHzqWAwQCHzqYAwQAHztE
AwQCHztgAwQCHztwAwQCHzt4AwQCHzu4MA0GCSqGSIb3DQEBCwUAA4IBAQApI8hb
DqiWL4DOo+LHDfjO1rYFJJL452bFbgk8Kxj2wuaRCELS0hl3pw42Q9Dnl3RjdYUg
xArSbFiXUU49pLv+JjrwZrBnwqCqQsVy4pBK1oQd8X+3hDyNKz4nRjhepJuGD/3f
k2xuHPBfCCrx5hFj2yiCpRmrs8Wt6Qc5CoxMLVWf9YNZXolWlPjSFgKAPytooGu/
+UTGQyp7eATV9QAL5Td41cYHaJbq7ZQA672VyzHnQDiH2xyzRcxK2IopRjwjnCtb
4nR0pomjjKdixSAdyfwUPCcgDDQFQjRnbhLqih15bt8USLc593NdlywBmZ8KCKEz
DvG0CNOq5YJgVrPe
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:51:24 2025 by rpki-client