Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ZY9oXQdMcBJEmAd4KHJBt9IQWkw.roa
File: ZY9oXQdMcBJEmAd4KHJBt9IQWkw.roa (raw, json)
Hash identifier: ZUgqTtwORZL6Q8ssP5d+ezkJeYspT4P0dnxJPYWHJa0=
Subject key identifier: 65:8F:68:5D:07:4C:70:12:44:98:07:78:28:72:41:B7:D2:10:5A:4C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195B01CC42736949F3C536868AB0EE1230E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ZY9oXQdMcBJEmAd4KHJBt9IQWkw.roa
Signing time: Wed 19 Mar 2025 20:33:50 +0000
ROA not before: Wed 19 Mar 2025 20:33:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.42.0/24 maxlen: 24
31.56.43.0/24 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.103.0/24 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.113.0/24 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.116.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.143.0/24 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.168.0/22 maxlen: 24
31.57.168.0/23 maxlen: 23
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.200.0/24 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.212.0/24 maxlen: 24
31.57.213.0/24 maxlen: 24
31.57.214.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.57.254.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.40.0/24 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.76.0/24 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.172.0/22 maxlen: 24
31.58.224.0/22 maxlen: 24
31.59.76.0/22 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.120.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Mar 2025 08:44:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b0:1c:c4:27:36:94:9f:3c:53:68:68:ab:0e:e1:23:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 19 20:33:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=658f685d074c701244980778287241b7d2105a4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:57:f0:2f:73:17:d8:44:df:23:b0:b1:d3:7c:
7e:76:dd:5e:36:7c:48:d0:ca:81:85:a2:70:ee:ed:
79:61:e0:0c:83:f5:3a:d1:94:e8:6f:dd:3e:37:44:
e1:3a:9e:86:d4:ee:82:d9:c5:7f:f7:30:04:ed:17:
b3:b3:e8:90:fe:3b:29:b0:f9:e8:49:02:2b:e6:2f:
a4:ee:73:78:b9:cc:2c:b5:ec:64:23:b1:33:fb:7b:
9e:f3:61:14:bd:28:62:fd:40:86:82:d5:fd:3a:13:
5d:68:72:be:b6:6f:93:7e:47:d5:39:bd:38:d4:a4:
d8:e8:cb:33:ae:f1:e7:76:47:3e:e7:f4:41:15:9e:
be:e9:86:5d:e9:7b:55:08:9d:d3:72:78:fb:d0:d8:
06:a4:a2:68:63:b6:c5:e0:eb:c9:a1:85:b3:37:0f:
e2:94:51:4b:ef:ce:03:0d:22:9c:a2:4d:b5:0d:75:
65:91:d2:75:0e:a0:f8:5c:ef:f3:bd:98:69:c2:c3:
87:9b:6e:ff:7f:37:c4:c3:19:f6:f5:8f:5a:d5:d6:
a0:36:5e:de:ed:ab:4d:c8:a7:e1:64:ec:ef:bb:d7:
d0:f5:9a:70:30:30:18:07:4f:3a:00:03:67:7f:2c:
f5:82:54:78:86:0b:33:4c:6d:09:ac:46:ca:4e:0a:
5c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:8F:68:5D:07:4C:70:12:44:98:07:78:28:72:41:B7:D2:10:5A:4C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ZY9oXQdMcBJEmAd4KHJBt9IQWkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.71.0/24
31.56.90.0/23
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.103.0-31.57.111.255
31.57.113.0-31.57.114.255
31.57.116.0/24
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.168.0/22
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.40.0/24
31.58.50.0/23
31.58.68.0/22
31.58.76.0/24
31.58.84.0/22
31.58.152.0/22
31.58.172.0/22
31.58.224.0/22
31.59.76.0/22
31.59.96.0/22
31.59.112.0/22
31.59.120.0/22
Signature Algorithm: sha256WithRSAEncryption
84:ca:d3:06:93:a0:a1:bc:ef:48:2a:69:92:c8:8f:c7:d7:4d:
b4:57:46:7c:0d:f9:1d:08:a5:97:16:3d:7f:54:66:5c:a9:01:
50:4e:ed:71:cf:9d:b7:cb:00:50:36:3f:32:e3:64:91:c4:d1:
a8:69:ed:8c:f2:b4:32:e3:bf:05:b4:8a:cf:20:72:50:c4:d9:
9b:1b:31:5f:a1:b0:65:8f:a9:6e:a1:ae:14:f6:3a:26:c2:c2:
cd:33:91:db:97:33:e3:b0:91:17:26:fc:f1:e5:d5:e4:52:36:
60:21:8e:5b:38:0c:5b:ab:7e:ba:81:e1:38:c7:5e:1d:f4:16:
26:d5:8a:4f:98:66:06:24:95:b1:84:a8:6a:c8:4e:75:15:82:
60:26:13:4e:42:da:bd:93:ae:a7:d7:27:b8:05:c0:49:76:45:
2d:2e:e0:e1:45:1c:17:e8:c7:97:27:99:4f:22:23:a6:6e:83:
c8:bc:af:11:a1:a3:74:ff:36:1d:6a:3d:39:58:db:b2:07:1a:
b2:a7:34:5c:7c:0a:20:cd:e9:bd:80:24:a2:71:2d:42:55:f3:
da:60:85:c7:04:76:14:79:22:ff:a5:0e:9b:35:85:6f:44:a1:
ff:cb:97:96:4c:40:a5:20:42:9f:e3:f7:b3:7b:ad:16:6c:5d:
84:ad:7b:40
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgISAZWwHMQnNpSfPFNoaKsO4SMOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzE5MjAzMzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NThmNjg1ZDA3NGM3MDEyNDQ5ODA3NzgyODcyNDFiN2QyMTA1YTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVfwL3MX2ETfI7Cx03x+dt1eNnxI
0MqBhaJw7u15YeAMg/U60ZTob90+N0ThOp6G1O6C2cV/9zAE7Rezs+iQ/jspsPno
SQIr5i+k7nN4ucwstexkI7Ez+3ue82EUvShi/UCGgtX9OhNdaHK+tm+TfkfVOb04
1KTY6MszrvHndkc+5/RBFZ6+6YZd6XtVCJ3Tcnj70NgGpKJoY7bF4OvJoYWzNw/i
lFFL784DDSKcok21DXVlkdJ1DqD4XO/zvZhpwsOHm27/fzfEwxn29Y9a1dagNl7e
7atNyKfhZOzvu9fQ9ZpwMDAYB086AANnfyz1glR4hgszTG0JrEbKTgpceQIDAQAB
o4IDAzCCAv8wHQYDVR0OBBYEFGWPaF0HTHASRJgHeChyQbfSEFpMMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvWlk5b1hRZE1jQkpFbUFkNEtISkJ0OUlRV2t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFwYIKwYBBQUHAQcBAf8EggEGMIIBAjCB/wQCAAEwgfgD
BAEfOAQDBAAfOBgDBAEfOCoDBAAfODkDBAAfOEcDBAEfOFoDBAMfOGgDBAEfOHIw
DAMEAR84dgMEAh84eAMEAh84yDAMAwQAHzlnAwQEHzlgMAwDBAAfOXEDBAAfOXID
BAAfOXQDBAEfOYQDBAMfOYgDBAEfOZIDBAIfOagDBAMfObADBAIfOcADBAEfOcgw
DAMEBB850AMEAh854AMEAh856AMEAh85/AMEAR86IgMEAB86KAMEAR86MgMEAh86
RAMEAB86TAMEAh86VAMEAh86mAMEAh86rAMEAh864AMEAh87TAMEAh87YAMEAh87
cAMEAh87eDANBgkqhkiG9w0BAQsFAAOCAQEAhMrTBpOgobzvSCppksiPx9dNtFdG
fA35HQillxY9f1RmXKkBUE7tcc+dt8sAUDY/MuNkkcTRqGntjPK0MuO/BbSKzyBy
UMTZmxsxX6GwZY+pbqGuFPY6JsLCzTOR25cz47CRFyb88eXV5FI2YCGOWzgMW6t+
uoHhOMdeHfQWJtWKT5hmBiSVsYSoashOdRWCYCYTTkLavZOup9cnuAXASXZFLS7g
4UUcF+jHlyeZTyIjpm6DyLyvEaGjdP82HWo9OVjbsgcasqc0XHwKIM3pvYAkonEt
QlXz2mCFxwR2FHki/6UOmzWFb0Sh/8uXlkxApSBCn+P3s3utFmxdhK17QA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:00:57 2025 by rpki-client