Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/qGsiquw78kiZPZEaRw_E_xk9c-o.roa
File: qGsiquw78kiZPZEaRw_E_xk9c-o.roa (raw, json)
Hash identifier: /aoRFPXiZEUHjnk3XqLsTCsI2L/2b9lbU36fkcfoZik=
Subject key identifier: A8:6B:22:AA:EC:3B:F2:48:99:3D:91:1A:47:0F:C4:FF:19:3D:73:EA
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019437882F03B949074A8BACBF694EE196EE
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/qGsiquw78kiZPZEaRw_E_xk9c-o.roa
Signing time: Sun 05 Jan 2025 17:34:19 +0000
ROA not before: Sun 05 Jan 2025 17:34:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.74.0/24 maxlen: 24
31.56.75.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.112.0/24 maxlen: 24
31.56.113.0/24 maxlen: 24
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.157.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.146.0/23 maxlen: 24
31.57.147.0/24 maxlen: 24
31.57.151.0/24 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.178.0/24 maxlen: 24
31.57.189.0/24 maxlen: 24
31.57.191.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.198.0/24 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.136.0/24 maxlen: 24
31.58.142.0/24 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.157.0/24 maxlen: 24
31.58.163.0/24 maxlen: 24
31.58.230.0/23 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.42.0/24 maxlen: 24
31.59.43.0/24 maxlen: 24
31.59.56.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.58.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.130.0/24 maxlen: 24
31.59.184.0/22 maxlen: 24
31.59.228.0/24 maxlen: 24
31.59.229.0/24 maxlen: 24
31.59.231.0/24 maxlen: 24
31.59.244.0/24 maxlen: 24
31.59.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Jan 2025 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:37:88:2f:03:b9:49:07:4a:8b:ac:bf:69:4e:e1:96:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 5 17:34:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a86b22aaec3bf248993d911a470fc4ff193d73ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:50:41:21:ea:d6:3e:17:d5:c9:6f:34:d1:4c:
34:d4:a3:72:18:8d:e2:47:00:af:0a:99:e7:93:f9:
cc:91:17:3a:0a:15:58:a7:23:3a:1a:a7:50:61:91:
77:47:39:ee:7f:e4:b0:47:d2:ba:59:27:d4:6a:a3:
81:38:be:35:d6:00:88:ec:4a:5d:4e:38:b8:c5:da:
30:f1:98:71:1e:98:f6:bf:af:fa:8a:d5:3f:e3:5d:
df:dc:de:16:b3:f8:d8:37:1c:25:28:7b:ee:ee:90:
cf:19:72:0e:8b:d7:c4:2d:ce:b8:78:ae:e2:59:0e:
23:b2:de:f3:79:f0:17:20:a1:3b:c3:51:57:51:63:
48:c3:3c:2f:62:f6:e3:90:68:f7:eb:03:9f:94:b9:
4a:3e:a7:ca:cb:f1:56:b8:20:27:10:63:84:5d:3b:
5b:c4:04:58:7c:e6:f3:58:a2:6b:17:7c:6c:b5:d3:
4b:00:3d:2b:b9:75:26:92:6e:f4:1f:2f:c8:e8:2f:
aa:89:b7:c0:ef:f8:29:f1:e1:64:32:27:3e:20:c2:
62:fe:bb:51:d7:ea:ec:46:ff:64:12:bb:d7:ff:db:
39:5f:d5:be:89:8c:f4:54:37:29:81:69:df:7a:7f:
ef:48:81:1c:42:31:ed:86:9d:5c:5c:be:b7:63:37:
2e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:6B:22:AA:EC:3B:F2:48:99:3D:91:1A:47:0F:C4:FF:19:3D:73:EA
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/qGsiquw78kiZPZEaRw_E_xk9c-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.71.0/24
31.56.74.0/23
31.56.89.0/24
31.56.104.0-31.56.115.255
31.56.118.0-31.56.123.255
31.56.157.0/24
31.56.200.0/22
31.57.132.0/23
31.57.146.0/23
31.57.151.0/24
31.57.176.0/21
31.57.189.0/24
31.57.191.0-31.57.195.255
31.57.198.0/24
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.136.0/24
31.58.142.0/24
31.58.152.0/22
31.58.157.0/24
31.58.163.0/24
31.58.230.0/23
31.59.41.0-31.59.43.255
31.59.56.0-31.59.58.255
31.59.96.0/22
31.59.112.0/22
31.59.130.0/24
31.59.184.0/22
31.59.228.0/23
31.59.231.0/24
31.59.244.0/23
Signature Algorithm: sha256WithRSAEncryption
32:97:17:a3:29:d0:3e:2f:95:40:0d:90:04:92:7b:36:a1:eb:
02:ab:f2:59:14:59:b3:60:e8:fa:b2:fd:0a:67:7e:93:9e:7c:
04:f4:7e:23:6d:3c:86:79:48:2b:e7:01:40:a2:2f:b6:5f:6c:
88:c4:72:f5:f6:38:7f:9f:8f:4b:da:84:a4:94:4a:5f:75:8c:
46:a8:60:aa:21:df:74:f4:f4:eb:cc:05:e2:d1:50:69:b3:2d:
22:4d:91:3a:9e:f6:79:aa:32:f1:94:d1:e5:88:91:01:19:e2:
ba:66:e4:d8:01:e0:2d:ba:52:20:8b:7a:eb:bf:a5:00:71:4e:
40:0d:bb:f2:fb:86:fc:e8:33:e9:39:47:27:1f:2b:f4:e5:41:
1c:f8:3e:51:f9:f2:a3:db:01:61:bc:1f:b7:c4:1b:c5:db:44:
4d:eb:28:4d:8a:8b:41:0f:fa:7f:6a:ef:3d:03:db:62:31:fd:
d1:26:0f:0c:c4:5f:bf:5d:34:5f:e7:57:e1:04:83:a6:13:49:
72:95:66:bc:ab:a0:80:9a:96:e5:6d:d2:c8:4c:88:5a:40:5b:
35:94:d7:b4:33:7d:8b:d3:91:ee:88:fa:e9:70:3a:ab:4c:ba:
04:f6:bc:5a:e6:fb:a1:aa:d7:8b:a5:b3:36:88:57:6b:fd:01:
e2:ff:0c:6f
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgISAZQ3iC8DuUkHSousv2lO4ZbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTA1MTczNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODZiMjJhYWVjM2JmMjQ4OTkzZDkxMWE0NzBmYzRmZjE5M2Q3M2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFBBIerWPhfVyW800Uw01KNyGI3i
RwCvCpnnk/nMkRc6ChVYpyM6GqdQYZF3Rznuf+SwR9K6WSfUaqOBOL411gCI7Epd
Tji4xdow8ZhxHpj2v6/6itU/413f3N4Ws/jYNxwlKHvu7pDPGXIOi9fELc64eK7i
WQ4jst7zefAXIKE7w1FXUWNIwzwvYvbjkGj36wOflLlKPqfKy/FWuCAnEGOEXTtb
xARYfObzWKJrF3xstdNLAD0ruXUmkm70Hy/I6C+qibfA7/gp8eFkMic+IMJi/rtR
1+rsRv9kErvX/9s5X9W+iYz0VDcpgWnfen/vSIEcQjHthp1cXL63Yzcu4QIDAQAB
o4IDITCCAx0wHQYDVR0OBBYEFKhrIqrsO/JImT2RGkcPxP8ZPXPqMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvcUdzaXF1dzc4a2laUFpFYVJ3X0VfeGs5Yy1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNQYIKwYBBQUHAQcBAf8EggEkMIIBIDCCARwEAgABMIIB
FAMEAR84BAMEAB84GAMEAR84KgMEAB84OQMEAB84RwMEAR84SgMEAB84WTAMAwQD
HzhoAwQCHzhwMAwDBAEfOHYDBAIfOHgDBAAfOJ0DBAIfOMgDBAEfOYQDBAEfOZID
BAAfOZcDBAMfObADBAAfOb0wDAMEAB85vwMEAh85wAMEAB85xgMEAR85yDAMAwQE
HznQAwQCHzngAwQCHznoAwQCHzn8AwQBHzoiAwQAHzqIAwQAHzqOAwQCHzqYAwQA
HzqdAwQAHzqjAwQBHzrmMAwDBAAfOykDBAIfOygwDAMEAx87OAMEAB87OgMEAh87
YAMEAh87cAMEAB87ggMEAh87uAMEAR875AMEAB875wMEAR879DANBgkqhkiG9w0B
AQsFAAOCAQEAMpcXoynQPi+VQA2QBJJ7NqHrAqvyWRRZs2Do+rL9Cmd+k558BPR+
I208hnlIK+cBQKIvtl9siMRy9fY4f5+PS9qEpJRKX3WMRqhgqiHfdPT068wF4tFQ
abMtIk2ROp72eaoy8ZTR5YiRARniumbk2AHgLbpSIIt667+lAHFOQA278vuG/Ogz
6TlHJx8r9OVBHPg+Ufnyo9sBYbwft8QbxdtETesoTYqLQQ/6f2rvPQPbYjH90SYP
DMRfv100X+dX4QSDphNJcpVmvKuggJqW5W3SyEyIWkBbNZTXtDN9i9OR7oj66XA6
q0y6BPa8Wub7oarXi6WzNohXa/0B4v8Mbw==
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:48:40 2025 by rpki-client