Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/g4t9WAP0j7bY3NumA5P2ep8UyiQ.roa
File: g4t9WAP0j7bY3NumA5P2ep8UyiQ.roa (raw, json)
Hash identifier: LuJLLwWOhaf73gYGnDcuB4kutvKJ+UoIPreVOYHpuw8=
Subject key identifier: 83:8B:7D:58:03:F4:8F:B6:D8:DC:DB:A6:03:93:F6:7A:9F:14:CA:24
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195C6CEB3B476D7A81E8819A744E11BDDF2
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/g4t9WAP0j7bY3NumA5P2ep8UyiQ.roa
Signing time: Mon 24 Mar 2025 06:19:49 +0000
ROA not before: Mon 24 Mar 2025 06:19:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.42.0/24 maxlen: 24
31.56.43.0/24 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.87.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.103.0/24 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.113.0/24 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.116.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.143.0/24 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.168.0/22 maxlen: 24
31.57.168.0/23 maxlen: 23
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.200.0/24 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.212.0/24 maxlen: 24
31.57.213.0/24 maxlen: 24
31.57.214.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.57.254.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.40.0/24 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.76.0/24 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.172.0/22 maxlen: 24
31.58.224.0/22 maxlen: 24
31.59.76.0/22 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.120.0/22 maxlen: 24
31.59.224.0/22 maxlen: 22
31.59.232.0/22 maxlen: 22
31.59.236.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 24 Mar 2025 18:39:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c6:ce:b3:b4:76:d7:a8:1e:88:19:a7:44:e1:1b:dd:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 24 06:19:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=838b7d5803f48fb6d8dcdba60393f67a9f14ca24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:cb:4e:f4:83:de:40:c3:43:2e:39:bb:ef:6a:
28:9e:76:3b:0a:f2:ef:d0:88:f8:d8:01:36:f3:40:
04:0f:97:25:ec:23:e7:d2:96:e7:2c:6e:d9:e8:30:
ca:d0:ed:f3:9b:ea:b5:74:66:88:e8:77:42:30:51:
19:32:3a:6b:ee:b2:f0:9a:a6:e1:09:08:fa:9f:cb:
d9:f2:a0:df:4c:d7:31:3b:ab:18:40:ab:16:e0:39:
80:c1:a4:ec:dd:6c:cc:a1:e7:be:9f:f8:7b:c9:7d:
c1:bb:f4:2e:0f:42:29:dd:0b:d1:e0:e5:fc:61:a1:
89:f0:d5:40:ea:20:35:97:a3:93:bb:67:6f:5e:4f:
92:0c:ff:e9:5c:ad:25:6a:5e:da:46:0d:6c:5b:7b:
78:41:fd:1c:28:db:34:ef:85:a0:f9:9b:41:70:8b:
c4:dd:0f:d8:21:0b:bc:bd:48:3d:71:20:63:29:3f:
96:72:c9:c5:95:80:5b:d3:6b:2c:30:0e:50:4d:e1:
04:44:4d:d3:ae:51:1e:80:e8:55:f4:5a:a8:cf:f1:
d5:37:fd:bc:ed:8c:b4:5f:96:ba:57:f4:d4:a8:a2:
b6:dc:32:de:01:a5:95:2b:8c:b2:b0:4f:41:4d:35:
64:5c:f2:8f:19:08:70:37:65:bf:ea:2e:fd:45:40:
58:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:8B:7D:58:03:F4:8F:B6:D8:DC:DB:A6:03:93:F6:7A:9F:14:CA:24
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/g4t9WAP0j7bY3NumA5P2ep8UyiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.71.0/24
31.56.87.0/24
31.56.90.0/23
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.103.0-31.57.111.255
31.57.113.0-31.57.114.255
31.57.116.0/24
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.168.0/22
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.40.0/24
31.58.50.0/23
31.58.68.0/22
31.58.76.0/24
31.58.84.0/22
31.58.152.0/22
31.58.172.0/22
31.58.224.0/22
31.59.76.0/22
31.59.96.0/22
31.59.112.0/22
31.59.120.0/22
31.59.224.0/22
31.59.232.0/21
Signature Algorithm: sha256WithRSAEncryption
32:43:f9:ed:5e:99:84:23:7a:ff:07:88:2b:46:57:79:87:6b:
f2:3a:16:f3:78:d5:06:54:58:21:cd:19:bf:2a:3c:80:4f:94:
bf:d2:10:35:7d:5b:41:2a:a5:18:9f:fb:b7:f6:1e:af:3b:6b:
d9:12:91:81:86:80:7e:fa:56:00:53:99:41:6a:99:5a:7f:9f:
3b:b8:f8:59:2a:96:0f:ab:73:83:8f:c0:54:23:d1:3b:43:9b:
03:54:eb:67:a1:e0:e2:b8:0f:7f:0a:88:55:ec:ca:1f:19:dc:
ca:da:d1:c3:e2:a2:ee:43:e9:30:0a:e5:65:4c:e9:8c:6a:10:
21:6d:ef:d7:2b:97:41:a9:b4:6b:cf:59:f6:0e:49:0d:37:f9:
cc:e6:9a:dd:85:e7:f6:a8:b7:2f:58:f3:b7:40:0f:3d:17:43:
1f:75:7c:3e:d0:06:44:06:81:5b:63:0b:e9:2e:80:aa:9a:28:
b8:3d:76:1a:70:f6:84:df:c0:f1:4d:24:0d:a5:f0:af:8e:ec:
54:f7:35:d0:b6:66:7b:4f:29:26:e4:de:2e:4b:72:8b:dd:ac:
52:3d:12:3b:7d:52:7c:6e:62:89:ed:51:bd:40:77:3e:64:3a:
eb:e3:78:2c:98:b6:d8:1c:5d:42:87:ce:1a:f0:19:a8:24:ec:
27:5c:95:f8
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAZXGzrO0dteoHogZp0ThG93yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzI0MDYxOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzhiN2Q1ODAzZjQ4ZmI2ZDhkY2RiYTYwMzkzZjY3YTlmMTRjYTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlstO9IPeQMNDLjm772oonnY7CvLv
0Ij42AE280AED5cl7CPn0pbnLG7Z6DDK0O3zm+q1dGaI6HdCMFEZMjpr7rLwmqbh
CQj6n8vZ8qDfTNcxO6sYQKsW4DmAwaTs3WzMoee+n/h7yX3Bu/QuD0Ip3QvR4OX8
YaGJ8NVA6iA1l6OTu2dvXk+SDP/pXK0lal7aRg1sW3t4Qf0cKNs074Wg+ZtBcIvE
3Q/YIQu8vUg9cSBjKT+WcsnFlYBb02ssMA5QTeEERE3TrlEegOhV9Fqoz/HVN/28
7Yy0X5a6V/TUqKK23DLeAaWVK4yysE9BTTVkXPKPGQhwN2W/6i79RUBYDQIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFIOLfVgD9I+22NzbpgOT9nqfFMokMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZzR0OVdBUDBqN2JZM051bUE1UDJlcDhVeWlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCCARIEAgABMIIB
CgMEAR84BAMEAB84GAMEAR84KgMEAB84OQMEAB84RwMEAB84VwMEAR84WgMEAx84
aAMEAR84cjAMAwQBHzh2AwQCHzh4AwQCHzjIMAwDBAAfOWcDBAQfOWAwDAMEAB85
cQMEAB85cgMEAB85dAMEAR85hAMEAx85iAMEAR85kgMEAh85qAMEAx85sAMEAh85
wAMEAR85yDAMAwQEHznQAwQCHzngAwQCHznoAwQCHzn8AwQBHzoiAwQAHzooAwQB
HzoyAwQCHzpEAwQAHzpMAwQCHzpUAwQCHzqYAwQCHzqsAwQCHzrgAwQCHztMAwQC
HztgAwQCHztwAwQCHzt4AwQCHzvgAwQDHzvoMA0GCSqGSIb3DQEBCwUAA4IBAQAy
Q/ntXpmEI3r/B4grRld5h2vyOhbzeNUGVFghzRm/KjyAT5S/0hA1fVtBKqUYn/u3
9h6vO2vZEpGBhoB++lYAU5lBaplaf587uPhZKpYPq3ODj8BUI9E7Q5sDVOtnoeDi
uA9/CohV7MofGdzK2tHD4qLuQ+kwCuVlTOmMahAhbe/XK5dBqbRrz1n2DkkNN/nM
5prdhef2qLcvWPO3QA89F0MfdXw+0AZEBoFbYwvpLoCqmii4PXYacPaE38DxTSQN
pfCvjuxU9zXQtmZ7Tykm5N4uS3KL3axSPRI7fVJ8bmKJ7VG9QHc+ZDrr43gsmLbY
HF1Ch84a8BmoJOwnXJX4
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:05:20 2025 by rpki-client