Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tWfRX0JgMBk7gl25f3ZkVb96ts0.roa
File: tWfRX0JgMBk7gl25f3ZkVb96ts0.roa (raw, json)
Hash identifier: KucDAtPO7g0m49XL/mWYkrUd+Jh0d457iu8z6fYPuSY=
Subject key identifier: B5:67:D1:5F:42:60:30:19:3B:82:5D:B9:7F:76:64:55:BF:7A:B6:CD
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019499A3A7947114BE4181B7E09CC7C087B9
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tWfRX0JgMBk7gl25f3ZkVb96ts0.roa
Signing time: Fri 24 Jan 2025 18:47:06 +0000
ROA not before: Fri 24 Jan 2025 18:47:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.74.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.120.0/24 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.156.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.65.0/24 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.33.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.142.0/24 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.153.0/24 maxlen: 24
31.58.163.0/24 maxlen: 24
31.58.230.0/23 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.42.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.108.0/24 maxlen: 24
31.59.112.0/22 maxlen: 22
31.59.184.0/22 maxlen: 24
31.59.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 26 Jan 2025 11:25:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:99:a3:a7:94:71:14:be:41:81:b7:e0:9c:c7:c0:87:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 24 18:47:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b567d15f426030193b825db97f766455bf7ab6cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ab:b2:84:bf:9a:2d:a2:ac:6d:3c:ce:11:67:
0d:3d:dc:a0:ab:24:ad:79:5e:5b:d7:b7:9a:66:69:
35:12:c8:e1:10:3a:43:a4:89:78:f8:94:47:e3:e3:
17:5c:23:bd:55:6a:7d:fd:8f:d6:4c:15:29:9b:95:
09:95:98:e2:3e:f4:da:b8:15:c7:c1:f5:fc:7e:6f:
68:ea:70:82:58:e1:bc:55:21:0e:8b:4d:fc:78:f3:
e6:aa:18:1c:da:c4:1c:b8:cb:4c:da:e1:ab:9d:a6:
99:99:86:54:a1:0b:e2:4a:9d:1e:01:22:f6:f6:80:
6d:7b:36:e9:ce:b1:b6:4b:e5:be:9a:ce:04:04:9f:
c4:2b:7f:93:be:02:50:1a:e3:8c:a9:02:73:12:73:
cd:9d:be:6c:10:b3:3e:c4:65:0b:cc:6a:19:96:44:
ea:62:2d:77:98:90:4e:93:3e:e0:f0:fe:44:46:a3:
85:0b:2f:f4:48:5a:47:7f:f0:c0:2c:fa:8a:73:69:
68:8b:e7:be:81:6c:e2:66:6c:20:30:ef:14:bf:d5:
0b:08:15:fd:3d:89:df:ec:a3:f2:ea:a6:76:0a:18:
fb:e4:f2:26:c8:3b:95:6b:f1:48:48:d0:ee:34:fd:
44:95:6c:d8:26:4a:e1:40:9f:8a:f1:d4:25:7c:46:
86:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:67:D1:5F:42:60:30:19:3B:82:5D:B9:7F:76:64:55:BF:7A:B6:CD
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tWfRX0JgMBk7gl25f3ZkVb96ts0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.74.0/24
31.56.89.0-31.56.91.255
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.156.0/24
31.56.200.0/22
31.57.65.0/24
31.57.104.0/21
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.33.0-31.58.35.255
31.58.142.0/24
31.58.152.0/22
31.58.163.0/24
31.58.230.0/23
31.59.41.0-31.59.42.255
31.59.57.0/24
31.59.96.0/22
31.59.108.0/24
31.59.112.0/22
31.59.184.0/22
31.59.228.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:5c:08:4c:0e:98:6b:98:0f:63:a2:a5:d1:31:86:cf:bf:48:
84:d8:c7:31:c6:e3:06:bb:6f:6b:8d:6c:68:b9:32:a9:d1:73:
5d:da:b9:76:19:57:49:e5:79:5e:6e:79:f1:8d:d3:df:45:75:
6b:fc:0f:e8:63:b6:9b:40:84:5a:74:95:f5:b2:ea:63:e3:ff:
69:c1:60:e6:d0:78:6b:c9:4e:63:eb:9c:e1:dd:a7:02:ad:4b:
03:0a:ea:51:15:47:d6:e2:25:46:fa:05:06:0c:d3:06:a6:55:
73:19:b0:7e:81:c1:72:9f:1f:ba:67:62:5a:dd:92:9d:8c:a6:
f3:d4:7a:8f:cd:7c:7e:a3:87:7c:66:94:9f:1f:34:bd:0d:6d:
c2:34:d7:46:c0:90:c4:c9:11:a9:f8:c4:6c:4b:f7:b9:4e:9f:
b7:33:13:b4:7d:ac:cf:5b:06:64:3e:75:f0:ec:01:43:40:ce:
11:73:fa:3a:cb:5b:c9:b2:bb:a4:fd:92:1a:29:d3:e1:b6:d3:
3e:9a:dd:42:ab:9e:2b:77:aa:44:a2:25:5a:d1:ad:5f:de:c0:
d0:58:fd:00:14:0e:ba:8b:52:a2:66:69:9c:c5:eb:87:68:62:
b6:5c:20:b6:09:e6:dc:bd:7b:2e:c6:54:66:34:30:32:b9:35:
68:fb:14:d8
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgISAZSZo6eUcRS+QYG34JzHwIe5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTI0MTg0NzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTY3ZDE1ZjQyNjAzMDE5M2I4MjVkYjk3Zjc2NjQ1NWJmN2FiNmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6uyhL+aLaKsbTzOEWcNPdygqySt
eV5b17eaZmk1EsjhEDpDpIl4+JRH4+MXXCO9VWp9/Y/WTBUpm5UJlZjiPvTauBXH
wfX8fm9o6nCCWOG8VSEOi038ePPmqhgc2sQcuMtM2uGrnaaZmYZUoQviSp0eASL2
9oBtezbpzrG2S+W+ms4EBJ/EK3+TvgJQGuOMqQJzEnPNnb5sELM+xGULzGoZlkTq
Yi13mJBOkz7g8P5ERqOFCy/0SFpHf/DALPqKc2loi+e+gWziZmwgMO8Uv9ULCBX9
PYnf7KPy6qZ2Chj75PImyDuVa/FISNDuNP1ElWzYJkrhQJ+K8dQlfEaGOQIDAQAB
o4IC/jCCAvowHQYDVR0OBBYEFLVn0V9CYDAZO4JduX92ZFW/erbNMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdFdmUlgwSmdNQms3Z2wyNWYzWmtWYjk2dHMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEgYIKwYBBQUHAQcBAf8EggEBMIH+MIH7BAIAATCB9AME
AR84BAMEAB84GAMEAR84KgMEAB84OQMEAB84SjAMAwQAHzhZAwQCHzhYAwQDHzho
AwQBHzhyMAwDBAEfOHYDBAIfOHgDBAAfOJwDBAIfOMgDBAAfOUEDBAMfOWgDBAEf
OYQDBAMfOYgDBAEfOZIDBAMfObADBAIfOcADBAEfOcgwDAMEBB850AMEAh854AME
Ah856AMEAh85/DAMAwQAHzohAwQCHzogAwQAHzqOAwQCHzqYAwQAHzqjAwQBHzrm
MAwDBAAfOykDBAAfOyoDBAAfOzkDBAIfO2ADBAAfO2wDBAIfO3ADBAIfO7gDBAAf
O+QwDQYJKoZIhvcNAQELBQADggEBAFtcCEwOmGuYD2OipdExhs+/SITYxzHG4wa7
b2uNbGi5MqnRc13auXYZV0nleV5uefGN099FdWv8D+hjtptAhFp0lfWy6mPj/2nB
YObQeGvJTmPrnOHdpwKtSwMK6lEVR9biJUb6BQYM0wamVXMZsH6BwXKfH7pnYlrd
kp2MpvPUeo/NfH6jh3xmlJ8fNL0NbcI010bAkMTJEan4xGxL97lOn7czE7R9rM9b
BmQ+dfDsAUNAzhFz+jrLW8myu6T9khop0+G20z6a3UKrnit3qkSiJVrRrV/ewNBY
/QAUDrqLUqJmaZzF64doYrZcILYJ5ty9ey7GVGY0MDK5NWj7FNg=
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:48:42 2025 by rpki-client