Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/kYYTolRMeFh4sqre37m5VNAglvk.roa
File: kYYTolRMeFh4sqre37m5VNAglvk.roa (raw, json)
Hash identifier: csyJkcX25brVYAIZhQBqEn5/kiaBJ4jdSJ2m0l2VRo4=
Subject key identifier: 91:86:13:A2:54:4C:78:58:78:B2:AA:DE:DF:B9:B9:54:D0:20:96:F9
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019555F034C2EB2C443D2C86C2F1B717532E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/kYYTolRMeFh4sqre37m5VNAglvk.roa
Signing time: Sun 02 Mar 2025 08:19:20 +0000
ROA not before: Sun 02 Mar 2025 08:19:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.85.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.156.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.92.0/22 maxlen: 24
31.57.96.0/22 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.196.0/24 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.76.0/22 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.91.0/24 maxlen: 24
31.58.92.0/22 maxlen: 24
31.58.100.0/22 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.160.0/24 maxlen: 24
31.58.220.0/22 maxlen: 24
31.58.224.0/22 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.184.0/22 maxlen: 24
31.59.186.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Mar 2025 17:15:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:55:f0:34:c2:eb:2c:44:3d:2c:86:c2:f1:b7:17:53:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 2 08:19:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=918613a2544c785878b2aadedfb9b954d02096f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7e:b5:a4:ac:1e:40:92:f5:4c:9b:86:47:f7:
a8:5e:92:86:b0:32:3d:49:58:0e:7e:d1:bd:88:42:
33:0e:28:bd:3b:a7:24:39:64:f1:92:2e:8b:e4:63:
8e:29:18:11:f8:72:ff:89:bc:ba:e8:73:bf:09:ad:
91:55:d8:5e:ce:4b:95:51:4d:1d:5a:4b:19:86:17:
b3:12:09:7f:a1:76:4d:24:19:e1:1f:46:40:48:ae:
0c:6c:ea:76:f0:63:ea:df:28:f3:2e:d2:73:1b:83:
9b:ad:bd:b1:eb:a8:d8:a3:de:0c:31:96:03:61:51:
8d:72:83:6b:62:c3:b3:b3:15:39:17:a3:7c:08:d0:
f1:e2:3a:9a:e9:c7:74:7d:f9:b0:7a:1d:57:d2:68:
89:57:05:35:05:8e:8e:1b:55:64:be:4f:7f:2f:e7:
9d:53:c5:7f:0a:c8:ea:b3:d9:a6:fb:21:ba:93:8b:
b6:36:49:95:87:45:bf:79:8f:a6:1b:c0:d2:7b:59:
33:45:5d:c3:c5:32:22:9a:6c:d5:41:57:c6:f7:cf:
83:ce:fa:e0:32:61:7b:7e:14:c1:e0:ef:2f:e1:e9:
f6:d9:15:7b:df:07:0e:17:13:9a:75:a4:15:d9:79:
6f:5f:5b:d4:d5:a0:f7:47:e2:19:5d:d4:a6:e9:64:
40:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:86:13:A2:54:4C:78:58:78:B2:AA:DE:DF:B9:B9:54:D0:20:96:F9
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/kYYTolRMeFh4sqre37m5VNAglvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.71.0/24
31.56.85.0/24
31.56.90.0/23
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.156.0/24
31.56.200.0/22
31.57.92.0-31.57.99.255
31.57.104.0/21
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.176.0/21
31.57.192.0-31.57.196.255
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.50.0/23
31.58.68.0/22
31.58.76.0/22
31.58.84.0/22
31.58.91.0-31.58.95.255
31.58.100.0/22
31.58.152.0/22
31.58.160.0/24
31.58.220.0-31.58.227.255
31.59.41.0/24
31.59.96.0/22
31.59.112.0/22
31.59.184.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:61:8f:84:1e:fb:ce:de:90:d6:b6:f1:ae:7d:4b:56:f2:ea:
f8:06:4b:fe:8a:6f:12:64:0f:89:0a:83:4c:5e:a5:dd:79:27:
27:7d:f7:ad:ff:d4:01:06:3d:43:d0:15:0f:8b:5e:50:ee:63:
c4:f7:39:da:16:3f:6e:a3:25:b3:57:36:be:b9:2f:cc:e8:36:
ee:e1:10:ea:37:8b:60:df:40:e0:ee:6f:8c:56:c8:5a:db:02:
8f:ff:40:8e:51:99:68:c1:9d:ea:02:bb:d1:66:ca:33:b6:4b:
f0:b5:b3:4c:87:e7:71:15:4f:99:ef:d4:20:3b:3a:f8:a3:41:
0c:d1:dc:02:89:a8:b9:4d:39:c8:a2:02:51:48:dc:81:68:86:
f4:89:3d:b4:a3:6c:d9:4c:97:60:57:f7:02:0b:05:09:ab:3d:
95:d2:29:c1:a5:80:e2:d9:ef:a4:1a:7a:e5:9c:c5:e8:34:dc:
c8:38:a9:6c:ea:83:79:fa:a1:41:11:0e:12:d9:4b:fa:2c:7d:
e3:e7:f4:71:97:b7:c9:dd:af:a7:5f:a7:22:b0:9d:29:8f:6b:
5e:be:79:4f:d5:21:cb:5a:49:67:4a:10:1a:6b:2d:d8:39:1d:
ca:4f:7c:d4:94:3c:aa:21:9b:64:03:49:aa:5f:a6:7f:80:1f:
87:48:bf:36
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAZVV8DTC6yxEPSyGwvG3F1MuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzAyMDgxOTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTg2MTNhMjU0NGM3ODU4NzhiMmFhZGVkZmI5Yjk1NGQwMjA5NmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzn61pKweQJL1TJuGR/eoXpKGsDI9
SVgOftG9iEIzDii9O6ckOWTxki6L5GOOKRgR+HL/iby66HO/Ca2RVdhezkuVUU0d
WksZhhezEgl/oXZNJBnhH0ZASK4MbOp28GPq3yjzLtJzG4Obrb2x66jYo94MMZYD
YVGNcoNrYsOzsxU5F6N8CNDx4jqa6cd0ffmweh1X0miJVwU1BY6OG1Vkvk9/L+ed
U8V/Csjqs9mm+yG6k4u2NkmVh0W/eY+mG8DSe1kzRV3DxTIimmzVQVfG98+Dzvrg
MmF7fhTB4O8v4en22RV73wcOFxOadaQV2XlvX1vU1aD3R+IZXdSm6WRAVQIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFJGGE6JUTHhYeLKq3t+5uVTQIJb5MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEva1lZVG9sUk1lRmg0c3FyZTM3bTVWTkFnbHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DgMEAR84BAMEAB84GAMEAR84KgMEAB84OQMEAB84RwMEAB84VQMEAR84WgMEAx84
aAMEAR84cjAMAwQBHzh2AwQCHzh4AwQAHzicAwQCHzjIMAwDBAIfOVwDBAIfOWAD
BAMfOWgDBAEfOYQDBAMfOYgDBAEfOZIDBAMfObAwDAMEBh85wAMEAB85xAMEAR85
yDAMAwQEHznQAwQCHzngAwQCHznoAwQCHzn8AwQBHzoiAwQBHzoyAwQCHzpEAwQC
HzpMAwQCHzpUMAwDBAAfOlsDBAUfOkADBAIfOmQDBAIfOpgDBAAfOqAwDAMEAh86
3AMEAh864AMEAB87KQMEAh87YAMEAh87cAMEAh87uDANBgkqhkiG9w0BAQsFAAOC
AQEASmGPhB77zt6Q1rbxrn1LVvLq+AZL/opvEmQPiQqDTF6l3XknJ333rf/UAQY9
Q9AVD4teUO5jxPc52hY/bqMls1c2vrkvzOg27uEQ6jeLYN9A4O5vjFbIWtsCj/9A
jlGZaMGd6gK70WbKM7ZL8LWzTIfncRVPme/UIDs6+KNBDNHcAomouU05yKICUUjc
gWiG9Ik9tKNs2UyXYFf3AgsFCas9ldIpwaWA4tnvpBp65ZzF6DTcyDipbOqDefqh
QREOEtlL+ix94+f0cZe3yd2vp1+nIrCdKY9rXr55T9Uhy1pJZ0oQGmst2Dkdyk98
1JQ8qiGbZANJql+mf4Afh0i/Ng==
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:56:52 2025 by rpki-client