Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tEfqYL8u2It5BBAFECb0yoEwV9E.roa
File: tEfqYL8u2It5BBAFECb0yoEwV9E.roa (raw, json)
Hash identifier: 3R+QY9V7+fvyUgygHGCim39wO/db/5P/Zyh7W1zGTG0=
Subject key identifier: B4:47:EA:60:BF:2E:D8:8B:79:04:10:05:10:26:F4:CA:81:30:57:D1
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193EB17B6FF5B4FCF5C172714DD680942E8
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tEfqYL8u2It5BBAFECb0yoEwV9E.roa
Signing time: Sat 21 Dec 2024 21:20:20 +0000
ROA not before: Sat 21 Dec 2024 21:20:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.74.0/24 maxlen: 24
31.56.75.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.156.0/24 maxlen: 24
31.57.65.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.146.0/23 maxlen: 24
31.57.147.0/24 maxlen: 24
31.57.151.0/24 maxlen: 24
31.57.152.0/24 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.178.0/24 maxlen: 24
31.57.179.0/24 maxlen: 24
31.57.181.0/24 maxlen: 24
31.57.182.0/24 maxlen: 24
31.57.183.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.232.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.66.0/24 maxlen: 24
31.58.67.0/24 maxlen: 24
31.58.131.0/24 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.167.0/24 maxlen: 24
31.59.42.0/24 maxlen: 24
31.59.43.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.130.0/24 maxlen: 24
31.59.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Dec 2024 14:21:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:eb:17:b6:ff:5b:4f:cf:5c:17:27:14:dd:68:09:42:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 21 21:20:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b447ea60bf2ed88b790410051026f4ca813057d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e3:d6:98:26:61:ff:cf:60:33:75:b7:5a:07:
9b:d3:cb:ca:5c:cc:14:af:d7:0b:81:33:cc:82:e0:
6e:73:55:6a:73:a5:9a:00:3d:55:ff:96:53:47:86:
d5:6d:97:f1:fc:8b:61:26:b8:0f:04:19:7d:6c:97:
95:c5:64:2a:52:8c:19:17:dd:ca:7d:83:24:5b:48:
c0:08:c3:46:76:fe:52:ba:91:f7:86:3e:46:f3:a3:
03:47:81:72:33:1b:0a:79:a1:4e:c4:96:66:32:75:
fc:d4:4d:d0:39:7d:66:0c:7d:33:e0:c4:95:87:62:
9c:29:62:de:99:fb:a5:35:8f:4d:f1:ad:87:89:4c:
55:6d:d0:e0:c5:18:c3:da:fa:2f:af:14:68:25:8d:
34:72:ee:d6:ca:ec:3c:eb:b3:93:9f:0d:3f:52:fa:
4d:0a:6d:46:0b:f3:43:0f:61:d7:3d:3c:d6:62:26:
08:25:f7:d2:90:d4:f7:84:c4:fc:e8:a1:51:b2:01:
65:42:9a:f6:3d:0c:b9:b6:db:c9:5a:32:08:79:1b:
65:f2:a4:4e:5e:49:a5:c4:68:c1:a2:16:94:0d:db:
33:35:52:00:13:19:df:74:98:45:d7:26:f6:c7:28:
b0:55:ad:36:1e:70:f5:b3:9f:87:e0:30:db:14:a3:
4e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:47:EA:60:BF:2E:D8:8B:79:04:10:05:10:26:F4:CA:81:30:57:D1
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tEfqYL8u2It5BBAFECb0yoEwV9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.71.0/24
31.56.74.0/23
31.56.89.0/24
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.156.0/24
31.57.65.0/24
31.57.132.0/23
31.57.146.0/23
31.57.151.0-31.57.152.255
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0/20
31.57.232.0/22
31.58.34.0/23
31.58.66.0/23
31.58.131.0/24
31.58.152.0/22
31.58.167.0/24
31.59.42.0/23
31.59.96.0/22
31.59.112.0/22
31.59.130.0/24
31.59.184.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:94:66:f5:6d:38:c1:ce:ec:44:5e:dc:b5:06:2f:3d:a6:d7:
73:99:d7:14:22:14:f7:23:f6:f5:7e:c7:13:2d:be:57:c3:ec:
84:ad:cd:eb:ea:60:84:a8:f2:46:78:7b:69:11:d8:67:1c:8e:
0f:4b:43:93:55:8e:3c:11:de:83:d1:a7:70:e3:68:93:e5:37:
b3:55:84:3d:cf:cc:9a:1f:51:bf:40:39:87:87:5f:b3:16:5f:
72:fe:18:11:cc:11:d9:77:f2:84:10:d9:a1:a3:1c:e6:58:f4:
b5:4e:f5:6b:13:c4:3e:f5:97:a1:55:08:aa:08:02:ed:b2:5b:
e0:e8:17:91:c3:7b:e8:be:3b:e6:23:b3:dc:9e:aa:04:65:58:
a6:19:95:77:04:b2:42:1b:22:73:42:b0:8e:1b:2e:58:40:26:
76:27:8a:e3:69:d4:68:e0:ee:9c:38:ea:e1:2c:40:99:69:a4:
d0:51:00:3d:b0:b4:5a:ad:55:bb:2e:b1:52:48:9a:8d:92:e1:
14:f3:3d:3f:34:15:c1:41:07:0d:78:15:e9:64:57:dd:0c:71:
d7:e1:3a:cd:be:e7:97:d7:b4:2c:ec:32:12:d1:87:4e:00:e4:
ed:61:27:17:5b:f9:51:30:46:55:bb:e3:ff:b3:74:23:3c:1f:
08:94:22:fe
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAZPrF7b/W0/PXBcnFN1oCULoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjIxMjEyMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDQ3ZWE2MGJmMmVkODhiNzkwNDEwMDUxMDI2ZjRjYTgxMzA1N2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OPWmCZh/89gM3W3Wgeb08vKXMwU
r9cLgTPMguBuc1Vqc6WaAD1V/5ZTR4bVbZfx/IthJrgPBBl9bJeVxWQqUowZF93K
fYMkW0jACMNGdv5SupH3hj5G86MDR4FyMxsKeaFOxJZmMnX81E3QOX1mDH0z4MSV
h2KcKWLemfulNY9N8a2HiUxVbdDgxRjD2vovrxRoJY00cu7Wyuw867OTnw0/UvpN
Cm1GC/NDD2HXPTzWYiYIJffSkNT3hMT86KFRsgFlQpr2PQy5ttvJWjIIeRtl8qRO
XkmlxGjBohaUDdszNVIAExnfdJhF1yb2xyiwVa02HnD1s5+H4DDbFKNOVwIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFLRH6mC/LtiLeQQQBRAm9MqBMFfRMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdEVmcVlMOHUySXQ1QkJBRkVDYjB5b0V3VjlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAEwgcQDBAEf
OAQDBAAfOBgDBAEfOCoDBAAfODkDBAAfOEcDBAEfOEoDBAAfOFkDBAMfOGgDBAEf
OHIwDAMEAR84dgMEAh84eAMEAB84nAMEAB85QQMEAR85hAMEAR85kjAMAwQAHzmX
AwQAHzmYAwQDHzmwAwQCHznAAwQBHznIAwQEHznQAwQCHznoAwQBHzoiAwQBHzpC
AwQAHzqDAwQCHzqYAwQAHzqnAwQBHzsqAwQCHztgAwQCHztwAwQAHzuCAwQCHzu4
MA0GCSqGSIb3DQEBCwUAA4IBAQBKlGb1bTjBzuxEXty1Bi89ptdzmdcUIhT3I/b1
fscTLb5Xw+yErc3r6mCEqPJGeHtpEdhnHI4PS0OTVY48Ed6D0adw42iT5TezVYQ9
z8yaH1G/QDmHh1+zFl9y/hgRzBHZd/KEENmhoxzmWPS1TvVrE8Q+9ZehVQiqCALt
slvg6BeRw3vovjvmI7PcnqoEZVimGZV3BLJCGyJzQrCOGy5YQCZ2J4rjadRo4O6c
OOrhLECZaaTQUQA9sLRarVW7LrFSSJqNkuEU8z0/NBXBQQcNeBXpZFfdDHHX4TrN
vueX17Qs7DIS0YdOAOTtYScXW/lRMEZVu+P/s3QjPB8IlCL+
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:48:51 2025 by rpki-client