Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/nqeQY2avLUBHlRksCwVHsk4rplg.roa
File: nqeQY2avLUBHlRksCwVHsk4rplg.roa (raw, json)
Hash identifier: FOXIKOAxp9l/EWqRG8STD1HSwSwzvQVLlj/FRyMHmxk=
Subject key identifier: 9E:A7:90:63:66:AF:2D:40:47:95:19:2C:0B:05:47:B2:4E:2B:A6:58
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01957BD522678C272F14DDB7880CE8ED9DCE
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/nqeQY2avLUBHlRksCwVHsk4rplg.roa
Signing time: Sun 09 Mar 2025 16:55:20 +0000
ROA not before: Sun 09 Mar 2025 16:55:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.46.0/24 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.85.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.92.0/22 maxlen: 24
31.57.96.0/22 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.188.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.200.0/24 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.208.0/24 maxlen: 24
31.57.209.0/24 maxlen: 24
31.57.210.0/24 maxlen: 24
31.57.211.0/24 maxlen: 24
31.57.212.0/24 maxlen: 24
31.57.213.0/24 maxlen: 24
31.57.214.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.57.254.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.76.0/22 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.91.0/24 maxlen: 24
31.58.100.0/22 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.224.0/22 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.120.0/22 maxlen: 24
31.59.184.0/22 maxlen: 24
31.59.186.0/24 maxlen: 24
31.59.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Mar 2025 13:14:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7b:d5:22:67:8c:27:2f:14:dd:b7:88:0c:e8:ed:9d:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 9 16:55:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ea7906366af2d404795192c0b0547b24e2ba658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2d:42:f8:18:27:1a:69:1d:43:a8:0f:db:bc:
15:cf:e2:5c:c5:50:c6:ad:ad:35:c6:d2:9a:f0:30:
1e:20:84:72:1f:a7:88:99:2d:f1:2f:35:cc:9a:47:
ab:e8:41:4b:86:2c:8e:f6:1f:ba:f6:61:eb:38:05:
6f:17:fe:42:4a:65:a3:bf:bf:9f:89:0d:2c:b8:60:
c3:0a:47:70:97:5e:ec:1f:e3:72:e0:36:bf:89:20:
39:65:aa:fe:2c:42:5a:ad:9e:76:52:e2:3d:c3:5a:
36:ca:5a:d5:8a:05:3d:48:3e:75:2c:32:89:23:f0:
c2:3d:56:e4:c3:e1:60:42:df:38:74:0f:3b:c3:09:
3e:8a:b7:c5:f7:6a:f1:ca:04:ba:a6:80:2b:3a:04:
b2:32:57:80:51:22:2a:6e:89:ca:e9:25:cd:18:0b:
d5:63:9e:a0:31:3f:f5:b6:86:98:29:7b:ae:56:ec:
a6:c2:ba:63:d4:5e:2c:07:61:b3:6e:53:47:e7:9d:
4c:cf:56:5c:20:af:03:9e:8a:6f:89:b1:5f:cb:0c:
bd:85:87:35:76:7a:18:a2:b1:05:88:b5:0a:3f:64:
8e:ed:20:34:65:7f:05:20:57:ca:2d:a7:c8:87:e3:
64:15:71:11:8e:57:fc:c9:c7:70:f1:d5:1b:e2:4f:
10:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:A7:90:63:66:AF:2D:40:47:95:19:2C:0B:05:47:B2:4E:2B:A6:58
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/nqeQY2avLUBHlRksCwVHsk4rplg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.46.0/24
31.56.57.0/24
31.56.71.0/24
31.56.85.0/24
31.56.89.0-31.56.91.255
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.92.0-31.57.99.255
31.57.104.0/21
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.176.0/21
31.57.188.0/24
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.50.0/23
31.58.68.0/22
31.58.76.0/22
31.58.84.0/22
31.58.91.0/24
31.58.100.0/22
31.58.152.0/22
31.58.224.0/22
31.59.41.0/24
31.59.96.0/22
31.59.112.0/22
31.59.120.0/22
31.59.184.0/22
31.59.230.0/24
Signature Algorithm: sha256WithRSAEncryption
00:19:4d:98:d1:96:71:de:21:c8:80:8c:c0:8e:5a:0a:99:4b:
fd:ad:88:df:3e:63:fb:fb:bb:db:77:3f:34:2e:fc:98:ab:11:
95:f2:ae:f4:59:71:6e:a7:fb:74:a2:d5:f5:23:98:72:0f:e9:
9e:18:a6:60:e2:47:90:c1:09:6a:ce:6d:d5:dc:20:79:af:78:
17:e4:83:69:6d:8e:30:86:77:b1:6b:0a:1b:79:fc:85:02:44:
07:da:4d:7d:78:db:5e:7b:32:7a:93:fc:84:1e:7e:27:e2:5a:
74:b5:84:3b:c8:33:9a:3a:e0:34:fc:34:1a:a4:78:9e:63:6b:
cf:4e:c3:ed:c9:0d:64:93:07:3b:bc:d3:4c:1d:f6:76:2c:3e:
33:5d:c7:24:b4:aa:a1:bb:71:84:bd:16:28:af:b5:5d:53:92:
a9:c1:34:d6:a6:75:50:6a:a0:6c:d0:09:7d:14:cf:19:5f:d3:
33:e2:0f:95:30:fd:4d:0c:9a:7b:70:b5:11:59:ee:fe:ab:95:
f7:19:b0:d4:8c:7f:02:ec:53:9f:8f:a8:8b:ef:20:e4:50:01:
45:0b:06:43:d0:74:b6:f0:0a:62:b4:32:64:c0:92:81:ef:5d:
a7:c3:b1:7f:57:d6:66:23:06:c7:3a:ec:ab:82:cf:c7:69:1c:
38:57:8e:55
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAZV71SJnjCcvFN23iAzo7Z3OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzA5MTY1NTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWE3OTA2MzY2YWYyZDQwNDc5NTE5MmMwYjA1NDdiMjRlMmJhNjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyy1C+BgnGmkdQ6gP27wVz+JcxVDG
ra01xtKa8DAeIIRyH6eImS3xLzXMmker6EFLhiyO9h+69mHrOAVvF/5CSmWjv7+f
iQ0suGDDCkdwl17sH+Ny4Da/iSA5Zar+LEJarZ52UuI9w1o2ylrVigU9SD51LDKJ
I/DCPVbkw+FgQt84dA87wwk+irfF92rxygS6poArOgSyMleAUSIqbonK6SXNGAvV
Y56gMT/1toaYKXuuVuymwrpj1F4sB2GzblNH551Mz1ZcIK8DnopvibFfywy9hYc1
dnoYorEFiLUKP2SO7SA0ZX8FIFfKLafIh+NkFXERjlf8ycdw8dUb4k8QcQIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFJ6nkGNmry1AR5UZLAsFR7JOK6ZYMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvbnFlUVkyYXZMVUJIbFJrc0N3VkhzazRycGxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCCARIEAgABMIIB
CgMEAR84BAMEAB84GAMEAR84KgMEAB84LgMEAB84OQMEAB84RwMEAB84VTAMAwQA
HzhZAwQCHzhYAwQDHzhoAwQBHzhyMAwDBAEfOHYDBAIfOHgDBAIfOMgwDAMEAh85
XAMEAh85YAMEAx85aAMEAR85hAMEAx85iAMEAR85kgMEAx85sAMEAB85vAMEAh85
wAMEAR85yDAMAwQEHznQAwQCHzngAwQCHznoAwQCHzn8AwQBHzoiAwQBHzoyAwQC
HzpEAwQCHzpMAwQCHzpUAwQAHzpbAwQCHzpkAwQCHzqYAwQCHzrgAwQAHzspAwQC
HztgAwQCHztwAwQCHzt4AwQCHzu4AwQAHzvmMA0GCSqGSIb3DQEBCwUAA4IBAQAA
GU2Y0ZZx3iHIgIzAjloKmUv9rYjfPmP7+7vbdz80LvyYqxGV8q70WXFup/t0otX1
I5hyD+meGKZg4keQwQlqzm3V3CB5r3gX5INpbY4whnexawobefyFAkQH2k19eNte
ezJ6k/yEHn4n4lp0tYQ7yDOaOuA0/DQapHieY2vPTsPtyQ1kkwc7vNNMHfZ2LD4z
XccktKqhu3GEvRYor7VdU5KpwTTWpnVQaqBs0Al9FM8ZX9Mz4g+VMP1NDJp7cLUR
We7+q5X3GbDUjH8C7FOfj6iL7yDkUAFFCwZD0HS28ApitDJkwJKB712nw7F/V9Zm
IwbHOuyrgs/HaRw4V45V
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:52:24 2025 by rpki-client