Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wRXoHkXjpblMWmtg5GbWgRC7ni8.roa
File: wRXoHkXjpblMWmtg5GbWgRC7ni8.roa (raw, json)
Hash identifier: auKB2G6ZCx1pOcYPSkxC1zEexBYYfYrWaMW/px85G80=
Subject key identifier: C1:15:E8:1E:45:E3:A5:B9:4C:5A:6B:60:E4:66:D6:81:10:BB:9E:2F
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195C977B8233B79020B9F36959CEB5067F8
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wRXoHkXjpblMWmtg5GbWgRC7ni8.roa
Signing time: Mon 24 Mar 2025 18:43:41 +0000
ROA not before: Mon 24 Mar 2025 18:43:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.42.0/24 maxlen: 24
31.56.43.0/24 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.87.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.103.0/24 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.113.0/24 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.116.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.143.0/24 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.168.0/22 maxlen: 24
31.57.168.0/23 maxlen: 23
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.200.0/24 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.214.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.57.254.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.40.0/24 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.76.0/24 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.172.0/22 maxlen: 24
31.58.224.0/22 maxlen: 24
31.59.76.0/22 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.120.0/22 maxlen: 24
31.59.224.0/22 maxlen: 22
31.59.232.0/22 maxlen: 22
31.59.236.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 25 Mar 2025 06:11:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c9:77:b8:23:3b:79:02:0b:9f:36:95:9c:eb:50:67:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 24 18:43:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c115e81e45e3a5b94c5a6b60e466d68110bb9e2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:30:56:15:8a:e8:9a:56:20:8d:65:6b:36:69:
a5:05:1b:3c:29:3b:b3:b2:09:75:53:ff:34:1d:67:
89:0c:9b:02:9f:22:e5:76:4e:6f:22:5a:11:ad:9c:
4f:d8:cd:bf:fa:45:eb:57:d3:39:6a:79:a7:4e:6b:
0b:2c:89:41:7d:88:3a:2a:fa:4f:95:65:6f:34:09:
43:c8:bb:d0:c0:ab:35:6d:55:5e:9e:44:ab:95:50:
0f:46:e0:e2:5a:b2:59:a0:e6:9c:20:51:b2:1e:13:
40:a5:49:bc:94:84:9a:41:05:0e:d5:81:6b:f7:d8:
a5:3c:5d:8d:99:24:e2:f4:77:87:25:8d:25:f1:86:
b9:94:ba:3b:f9:19:79:fb:85:06:03:66:b3:55:91:
9b:14:3c:25:0d:75:17:df:61:3f:a0:34:bb:8a:ca:
cc:65:05:7c:54:3f:10:99:3e:16:eb:b5:bf:29:96:
7b:4c:23:74:25:41:ba:ea:47:a1:0e:92:09:85:ff:
89:a1:c4:7e:c6:a6:e4:32:68:b5:84:ed:08:a3:4e:
0c:f8:c2:29:fe:99:51:63:82:42:d1:e0:38:73:ff:
ee:d8:42:f7:ca:9a:2e:3d:f5:4e:e0:56:13:bd:64:
5d:28:02:b9:57:11:52:1f:95:ad:29:f3:79:d1:6c:
d8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:15:E8:1E:45:E3:A5:B9:4C:5A:6B:60:E4:66:D6:81:10:BB:9E:2F
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wRXoHkXjpblMWmtg5GbWgRC7ni8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.71.0/24
31.56.87.0/24
31.56.90.0/23
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.103.0-31.57.111.255
31.57.113.0-31.57.114.255
31.57.116.0/24
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.168.0/22
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.40.0/24
31.58.50.0/23
31.58.68.0/22
31.58.76.0/24
31.58.84.0/22
31.58.152.0/22
31.58.172.0/22
31.58.224.0/22
31.59.76.0/22
31.59.96.0/22
31.59.112.0/22
31.59.120.0/22
31.59.224.0/22
31.59.232.0/21
Signature Algorithm: sha256WithRSAEncryption
a6:06:72:04:03:f9:17:c9:32:49:5b:70:6c:97:96:e9:0e:96:
51:b0:27:70:b2:1f:51:15:29:bd:c9:9f:da:f4:de:8b:f8:e9:
67:34:6c:9f:b5:1f:da:c0:aa:50:f3:fc:a4:3a:7c:83:8b:f6:
e9:88:1b:00:cf:39:a4:8d:bc:c8:88:e0:3b:74:68:bb:b5:c3:
e3:86:4a:ee:d7:ba:14:10:71:9d:a4:65:22:fd:20:5a:f6:3a:
ac:37:9d:1b:2a:1b:be:64:ec:9c:97:5f:77:46:16:b1:03:e5:
7f:38:06:fc:33:01:5c:1d:16:18:70:da:8e:fe:73:ef:a6:11:
1d:07:d1:87:77:fe:a0:f0:16:c9:43:cd:49:64:72:94:73:a5:
1a:81:e3:99:9c:fd:82:3f:04:e7:64:0f:09:42:fb:99:8d:c6:
86:ee:02:7f:57:55:34:e6:fa:5b:c8:6d:c1:9b:d8:80:62:ea:
d5:b6:63:a8:7d:c0:95:8f:cd:bb:c7:75:2d:08:75:cf:8e:64:
89:37:54:34:60:78:9b:e4:60:af:4c:28:2e:bc:2e:53:60:48:
3f:9c:1e:59:28:38:a9:94:77:96:01:b3:24:ae:81:a7:3f:e8:
9b:b2:66:1e:5c:7a:a9:1f:bc:94:ad:2b:2e:16:92:d1:ad:be:
da:1f:80:f2
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAZXJd7gjO3kCC582lZzrUGf4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzI0MTg0MzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTE1ZTgxZTQ1ZTNhNWI5NGM1YTZiNjBlNDY2ZDY4MTEwYmI5ZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTBWFYromlYgjWVrNmmlBRs8KTuz
sgl1U/80HWeJDJsCnyLldk5vIloRrZxP2M2/+kXrV9M5anmnTmsLLIlBfYg6KvpP
lWVvNAlDyLvQwKs1bVVenkSrlVAPRuDiWrJZoOacIFGyHhNApUm8lISaQQUO1YFr
99ilPF2NmSTi9HeHJY0l8Ya5lLo7+Rl5+4UGA2azVZGbFDwlDXUX32E/oDS7isrM
ZQV8VD8QmT4W67W/KZZ7TCN0JUG66kehDpIJhf+JocR+xqbkMmi1hO0Io04M+MIp
/plRY4JC0eA4c//u2EL3ypouPfVO4FYTvWRdKAK5VxFSH5WtKfN50WzY/wIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFMEV6B5F46W5TFprYORm1oEQu54vMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvd1JYb0hrWGpwYmxNV210ZzVHYldnUkM3bmk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCCARIEAgABMIIB
CgMEAR84BAMEAB84GAMEAR84KgMEAB84OQMEAB84RwMEAB84VwMEAR84WgMEAx84
aAMEAR84cjAMAwQBHzh2AwQCHzh4AwQCHzjIMAwDBAAfOWcDBAQfOWAwDAMEAB85
cQMEAB85cgMEAB85dAMEAR85hAMEAx85iAMEAR85kgMEAh85qAMEAx85sAMEAh85
wAMEAR85yDAMAwQEHznQAwQCHzngAwQCHznoAwQCHzn8AwQBHzoiAwQAHzooAwQB
HzoyAwQCHzpEAwQAHzpMAwQCHzpUAwQCHzqYAwQCHzqsAwQCHzrgAwQCHztMAwQC
HztgAwQCHztwAwQCHzt4AwQCHzvgAwQDHzvoMA0GCSqGSIb3DQEBCwUAA4IBAQCm
BnIEA/kXyTJJW3Bsl5bpDpZRsCdwsh9RFSm9yZ/a9N6L+OlnNGyftR/awKpQ8/yk
OnyDi/bpiBsAzzmkjbzIiOA7dGi7tcPjhkru17oUEHGdpGUi/SBa9jqsN50bKhu+
ZOycl193RhaxA+V/OAb8MwFcHRYYcNqO/nPvphEdB9GHd/6g8BbJQ81JZHKUc6Ua
geOZnP2CPwTnZA8JQvuZjcaG7gJ/V1U05vpbyG3Bm9iAYurVtmOofcCVj827x3Ut
CHXPjmSJN1Q0YHib5GCvTCguvC5TYEg/nB5ZKDiplHeWAbMkroGnP+ibsmYeXHqp
H7yUrSsuFpLRrb7aH4Dy
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:01:03 2025 by rpki-client