Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bm-XFo9z8EmOnJxtax6GPwC1azc.roa
File: bm-XFo9z8EmOnJxtax6GPwC1azc.roa (raw, json)
Hash identifier: fzAh7p3KSwKNvwHZR7s6hdzrhYLuLgQELLM/qo9oyDM=
Subject key identifier: 6E:6F:97:16:8F:73:F0:49:8E:9C:9C:6D:6B:1E:86:3F:00:B5:6B:37
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01948388C774D19A68E6047DA9FABCC4E414
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bm-XFo9z8EmOnJxtax6GPwC1azc.roa
Signing time: Mon 20 Jan 2025 11:46:06 +0000
ROA not before: Mon 20 Jan 2025 11:46:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.74.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.120.0/24 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.122.0/24 maxlen: 24
31.56.123.0/24 maxlen: 24
31.56.156.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.65.0/24 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.207.0/24 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.33.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.142.0/24 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.153.0/24 maxlen: 24
31.58.163.0/24 maxlen: 24
31.58.230.0/23 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.42.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.108.0/24 maxlen: 24
31.59.112.0/22 maxlen: 22
31.59.184.0/22 maxlen: 24
31.59.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Jan 2025 08:47:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:83:88:c7:74:d1:9a:68:e6:04:7d:a9:fa:bc:c4:e4:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 20 11:46:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e6f97168f73f0498e9c9c6d6b1e863f00b56b37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b9:19:fb:60:c2:c3:e2:e0:b5:12:c1:6d:57:
79:f0:db:e2:00:e7:52:35:c7:b8:e7:db:68:94:8a:
63:aa:a7:64:8e:5e:d4:9b:d2:30:9b:9a:3d:34:e9:
98:54:fa:37:15:69:28:39:f2:e9:20:fd:df:f0:5a:
28:42:17:fb:de:d5:ef:f0:e4:21:59:ea:e2:76:c4:
06:26:14:57:b6:8f:89:86:0d:43:8d:e8:17:15:bb:
d3:08:20:e4:e2:d5:a2:fc:ee:14:1d:59:58:f0:0b:
3d:d0:91:9b:83:2f:5c:be:a6:a8:c4:fe:3a:e7:6f:
a5:05:14:f2:7a:cd:58:4c:eb:e6:f5:2a:54:5f:b1:
32:e9:5d:8f:ca:1d:1c:a5:34:68:e3:25:3c:de:62:
df:56:d4:dd:7b:b8:86:9e:ac:95:a9:99:4f:ad:5f:
b7:d1:e0:e9:60:4f:2e:35:a7:b2:8c:e2:9e:5b:1a:
b5:cc:2c:f4:66:c7:69:ad:47:17:26:3a:db:0b:27:
dd:47:8e:f5:79:5a:44:50:4c:f8:f5:47:c1:04:7f:
db:6a:8a:2d:dc:f4:e2:35:50:6a:02:89:90:b0:9f:
bc:cb:0f:40:da:49:1e:b6:22:ad:ba:c3:6d:8b:bb:
69:fb:ad:b9:0c:a3:60:59:d7:68:b9:50:d7:14:08:
8f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:6F:97:16:8F:73:F0:49:8E:9C:9C:6D:6B:1E:86:3F:00:B5:6B:37
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bm-XFo9z8EmOnJxtax6GPwC1azc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.74.0/24
31.56.89.0-31.56.91.255
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.156.0/24
31.56.200.0/22
31.57.65.0/24
31.57.104.0/21
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.207.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.33.0-31.58.35.255
31.58.142.0/24
31.58.152.0/22
31.58.163.0/24
31.58.230.0/23
31.59.41.0-31.59.42.255
31.59.57.0/24
31.59.96.0/22
31.59.108.0/24
31.59.112.0/22
31.59.184.0/22
31.59.228.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:e5:5d:4b:c5:a0:8d:8a:c1:14:71:33:fa:3a:bc:4c:ab:85:
4d:6f:5c:24:2a:c0:c5:7c:05:26:fb:e7:ba:31:19:cb:fd:52:
b6:e7:9a:a6:36:2d:b0:d6:98:e3:f4:28:b1:1a:ce:3b:57:71:
5e:43:e4:59:e4:36:14:af:fa:69:4a:a9:64:5c:c3:dd:b3:55:
58:be:39:00:85:63:fa:d8:22:ee:a0:e4:46:70:ac:16:d1:63:
d2:d7:05:a9:cc:9c:9a:2e:9e:5d:28:4f:02:80:a3:75:6a:8f:
7d:ec:7d:4f:19:95:0d:8c:dc:03:89:9c:6e:e3:f9:ac:7d:dd:
18:ba:20:a4:2a:44:99:21:13:29:c2:29:5a:85:a0:06:d1:eb:
01:b4:ce:9a:aa:35:2e:6c:38:7e:57:1e:19:48:c5:80:d8:28:
b4:d0:4d:71:b8:07:27:45:55:9e:ff:50:a1:c1:b5:bd:ac:cb:
30:22:46:4e:4a:8d:a0:84:5a:6e:40:c4:23:2f:b7:ae:cc:0a:
d8:7c:60:7f:a4:70:a1:af:19:3d:af:5e:73:fc:8b:d0:16:db:
26:8a:8f:13:a7:4b:b9:36:f4:b7:a5:de:a9:54:1a:29:95:71:
bc:1c:29:72:72:b5:9f:66:51:4e:2b:4b:68:c6:d7:35:64:5e:
fa:fb:29:67
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgISAZSDiMd00Zpo5gR9qfq8xOQUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTIwMTE0NjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTZmOTcxNjhmNzNmMDQ5OGU5YzljNmQ2YjFlODYzZjAwYjU2YjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbkZ+2DCw+LgtRLBbVd58NviAOdS
Nce459tolIpjqqdkjl7Um9Iwm5o9NOmYVPo3FWkoOfLpIP3f8FooQhf73tXv8OQh
WeridsQGJhRXto+Jhg1DjegXFbvTCCDk4tWi/O4UHVlY8As90JGbgy9cvqaoxP46
52+lBRTyes1YTOvm9SpUX7Ey6V2Pyh0cpTRo4yU83mLfVtTde7iGnqyVqZlPrV+3
0eDpYE8uNaeyjOKeWxq1zCz0ZsdprUcXJjrbCyfdR471eVpEUEz49UfBBH/baoot
3PTiNVBqAomQsJ+8yw9A2kketiKtusNti7tp+625DKNgWddouVDXFAiPaQIDAQAB
o4IC/jCCAvowHQYDVR0OBBYEFG5vlxaPc/BJjpycbWsehj8AtWs3MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvYm0tWEZvOXo4RW1Pbkp4dGF4NkdQd0MxYXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEgYIKwYBBQUHAQcBAf8EggEBMIH+MIH7BAIAATCB9AME
AR84BAMEAB84GAMEAR84KgMEAB84OQMEAB84SjAMAwQAHzhZAwQCHzhYAwQDHzho
AwQBHzhyMAwDBAEfOHYDBAIfOHgDBAAfOJwDBAIfOMgDBAAfOUEDBAMfOWgDBAEf
OYQDBAMfOYgDBAEfOZIDBAMfObADBAIfOcADBAEfOcgwDAMEAB85zwMEAh854AME
Ah856AMEAh85/DAMAwQAHzohAwQCHzogAwQAHzqOAwQCHzqYAwQAHzqjAwQBHzrm
MAwDBAAfOykDBAAfOyoDBAAfOzkDBAIfO2ADBAAfO2wDBAIfO3ADBAIfO7gDBAAf
O+QwDQYJKoZIhvcNAQELBQADggEBAJrlXUvFoI2KwRRxM/o6vEyrhU1vXCQqwMV8
BSb757oxGcv9UrbnmqY2LbDWmOP0KLEazjtXcV5D5FnkNhSv+mlKqWRcw92zVVi+
OQCFY/rYIu6g5EZwrBbRY9LXBanMnJounl0oTwKAo3Vqj33sfU8ZlQ2M3AOJnG7j
+ax93Ri6IKQqRJkhEynCKVqFoAbR6wG0zpqqNS5sOH5XHhlIxYDYKLTQTXG4BydF
VZ7/UKHBtb2syzAiRk5KjaCEWm5AxCMvt67MCth8YH+kcKGvGT2vXnP8i9AW2yaK
jxOnS7k29Lel3qlUGimVcbwcKXJytZ9mUU4rS2jG1zVkXvr7KWc=
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:48:59 2025 by rpki-client