Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/qafu5BxhSISBDPi4Y9_L_PwSSEo.roa
File: qafu5BxhSISBDPi4Y9_L_PwSSEo.roa (raw, json)
Hash identifier: zvadXQX0xQSGKuPnWN3oPCepqxrqTQx8o5kLhMJnXrQ=
Subject key identifier: A9:A7:EE:E4:1C:61:48:84:81:0C:F8:B8:63:DF:CB:FC:FC:12:48:4A
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194282331069BE4147672A156D21652D1E8
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/qafu5BxhSISBDPi4Y9_L_PwSSEo.roa
Signing time: Thu 02 Jan 2025 17:49:42 +0000
ROA not before: Thu 02 Jan 2025 17:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 31.56.154.0/24 maxlen: 24
31.56.158.0/24 maxlen: 24
31.56.159.0/24 maxlen: 24
31.56.168.0/24 maxlen: 24
31.56.169.0/24 maxlen: 24
31.56.170.0/24 maxlen: 24
31.56.171.0/24 maxlen: 24
31.56.174.0/24 maxlen: 24
31.56.175.0/24 maxlen: 24
31.57.24.0/22 maxlen: 24
31.57.28.0/22 maxlen: 24
31.57.48.0/22 maxlen: 24
31.57.52.0/22 maxlen: 24
31.57.56.0/22 maxlen: 24
31.57.60.0/22 maxlen: 24
31.57.92.0/22 maxlen: 24
31.57.96.0/22 maxlen: 24
31.57.120.0/22 maxlen: 24
31.57.124.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.196.0/22 maxlen: 24
31.58.204.0/22 maxlen: 24
31.58.212.0/22 maxlen: 24
31.58.220.0/22 maxlen: 24
31.58.224.0/22 maxlen: 24
31.59.120.0/22 maxlen: 24
217.60.0.0/18 maxlen: 24
217.60.1.0/24 maxlen: 24
217.60.5.0/24 maxlen: 24
217.60.11.0/24 maxlen: 24
217.60.13.0/24 maxlen: 24
217.60.24.0/24 maxlen: 24
217.60.25.0/24 maxlen: 24
217.60.26.0/24 maxlen: 24
217.60.27.0/24 maxlen: 24
217.60.236.0/24 maxlen: 24
217.60.248.0/24 maxlen: 24
217.60.253.0/24 maxlen: 24
217.60.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 13:32:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:31:06:9b:e4:14:76:72:a1:56:d2:16:52:d1:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9a7eee41c614884810cf8b863dfcbfcfc12484a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:74:e2:f6:ed:f4:d5:de:ad:6f:5b:44:ee:b7:
1f:69:b9:19:dd:5d:bb:bb:8f:75:99:d0:9b:67:44:
37:41:a6:fd:ac:da:6e:8b:a8:5e:94:01:3c:22:3c:
90:24:97:0b:cb:f9:c7:ac:c2:05:26:96:68:13:5a:
a4:9a:f2:cc:78:0a:5f:21:72:51:82:37:65:fd:6b:
d9:30:70:05:0f:72:9f:4b:50:05:2b:be:86:82:a5:
f9:00:ee:9d:f4:dd:b8:b2:dc:85:f9:ee:f7:83:84:
a8:ac:9f:6b:9e:9b:af:05:75:2c:17:22:bf:7c:46:
31:2b:ae:e4:d8:b1:30:cc:7d:cf:fb:e6:4a:00:6e:
2b:2f:88:60:1d:18:a2:00:e9:7b:b8:d7:46:b8:da:
aa:c4:d8:d8:09:91:91:46:19:f4:da:d7:8e:c7:e4:
f7:0e:e3:24:8a:0b:4b:89:0a:e8:e8:7d:8b:9c:e5:
36:7d:83:10:a0:fe:85:2a:34:31:0e:32:43:9f:be:
0f:f5:8b:3a:ae:59:6c:cd:8c:dc:8f:67:78:9e:fe:
eb:23:43:c7:be:ad:b8:b8:ea:50:99:ef:4f:d1:40:
d7:47:2c:15:91:9f:09:8a:fc:1d:c2:ad:8d:c9:2a:
6c:0d:9e:ea:c9:d9:d9:97:73:20:5e:5e:8d:8f:47:
cf:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A7:EE:E4:1C:61:48:84:81:0C:F8:B8:63:DF:CB:FC:FC:12:48:4A
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/qafu5BxhSISBDPi4Y9_L_PwSSEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.154.0/24
31.56.158.0/23
31.56.168.0/22
31.56.174.0/23
31.57.24.0/21
31.57.48.0/20
31.57.92.0-31.57.99.255
31.57.120.0/21
31.58.34.0/23
31.58.196.0/22
31.58.204.0/22
31.58.212.0/22
31.58.220.0-31.58.227.255
31.59.120.0/22
217.60.0.0/18
217.60.236.0/24
217.60.248.0/24
217.60.253.0-217.60.254.255
Signature Algorithm: sha256WithRSAEncryption
4f:9c:05:18:3e:81:ee:ab:f1:fb:f6:79:77:66:ba:3c:2b:46:
2c:f1:4c:ed:23:7b:6d:f3:de:d7:9d:f2:49:c2:bd:bf:19:7f:
e1:98:7a:40:03:6a:1f:5f:c2:03:83:b1:7e:ac:6b:a5:4c:f5:
ce:a1:2b:ef:9b:21:64:fc:00:fd:05:50:2d:45:62:fe:78:04:
dc:60:0c:f9:3d:22:3e:f8:37:86:ac:f6:91:fb:80:9e:92:1f:
fb:8f:2c:85:9e:f4:35:7f:80:3b:61:e3:e6:ff:8e:54:61:82:
8e:19:d3:27:23:96:b3:19:2b:2a:dd:14:fd:67:9e:d5:32:a8:
ed:e6:08:7b:f4:99:6c:8d:52:e2:b4:91:87:b7:0f:f1:46:ef:
19:ea:7a:e8:14:5d:fa:f8:12:9d:20:11:03:26:a2:2e:1d:8c:
ef:cc:05:d7:ee:2d:e7:8c:98:fd:fc:19:04:78:21:93:96:b6:
85:8b:b6:10:1f:73:dc:23:1b:5c:0d:8b:20:2f:8d:66:08:c6:
af:25:fe:43:d6:0c:52:70:8b:3b:fd:51:67:f9:32:0e:5a:28:
d7:d6:4a:24:bc:b8:89:40:9a:95:71:b8:b4:c1:4e:32:52:e6:
22:4e:6b:e9:84:c0:f8:fd:da:0a:ec:17:8f:1c:a8:99:7b:a9:
4a:a3:e0:fd
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZQoIzEGm+QUdnKhVtIWUtHoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWE3ZWVlNDFjNjE0ODg0ODEwY2Y4Yjg2M2RmY2JmY2ZjMTI0ODRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXTi9u301d6tb1tE7rcfabkZ3V27
u491mdCbZ0Q3Qab9rNpui6helAE8IjyQJJcLy/nHrMIFJpZoE1qkmvLMeApfIXJR
gjdl/WvZMHAFD3KfS1AFK76GgqX5AO6d9N24styF+e73g4SorJ9rnpuvBXUsFyK/
fEYxK67k2LEwzH3P++ZKAG4rL4hgHRiiAOl7uNdGuNqqxNjYCZGRRhn02teOx+T3
DuMkigtLiQro6H2LnOU2fYMQoP6FKjQxDjJDn74P9Ys6rllszYzcj2d4nv7rI0PH
vq24uOpQme9P0UDXRywVkZ8Jivwdwq2NySpsDZ7qydnZl3MgXl6Nj0fPtQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFKmn7uQcYUiEgQz4uGPfy/z8EkhKMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvcWFmdTVCeGhTSVNCRFBpNFk5X0xfUHdTU0VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAAf
OJoDBAEfOJ4DBAIfOKgDBAEfOK4DBAMfORgDBAQfOTAwDAMEAh85XAMEAh85YAME
Ax85eAMEAR86IgMEAh86xAMEAh86zAMEAh861DAMAwQCHzrcAwQCHzrgAwQCHzt4
AwQG2TwAAwQA2TzsAwQA2Tz4MAwDBADZPP0DBADZPP4wDQYJKoZIhvcNAQELBQAD
ggEBAE+cBRg+ge6r8fv2eXdmujwrRizxTO0je23z3ted8knCvb8Zf+GYekADah9f
wgODsX6sa6VM9c6hK++bIWT8AP0FUC1FYv54BNxgDPk9Ij74N4as9pH7gJ6SH/uP
LIWe9DV/gDth4+b/jlRhgo4Z0ycjlrMZKyrdFP1nntUyqO3mCHv0mWyNUuK0kYe3
D/FG7xnqeugUXfr4Ep0gEQMmoi4djO/MBdfuLeeMmP38GQR4IZOWtoWLthAfc9wj
G1wNiyAvjWYIxq8l/kPWDFJwizv9UWf5Mg5aKNfWSiS8uIlAmpVxuLTBTjJS5iJO
a+mEwPj92grsF48cqJl7qUqj4P0=
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:10 2025 by rpki-client