Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OH-zpdHA3Tujt1KIkGJs_6DGV2c.roa
File: OH-zpdHA3Tujt1KIkGJs_6DGV2c.roa (raw, json)
Hash identifier: UTTVvRRZVvW1EIjTY3hxnrw1PagwKxhrXP4E3xD2GFc=
Subject key identifier: 38:7F:B3:A5:D1:C0:DD:3B:A3:B7:52:88:90:62:6C:FF:A0:C6:57:67
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01952E9EA1E8792F859E180311E3F8749CC3
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OH-zpdHA3Tujt1KIkGJs_6DGV2c.roa
Signing time: Sat 22 Feb 2025 17:05:02 +0000
ROA not before: Sat 22 Feb 2025 17:05:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.77.0/24 maxlen: 24
31.56.85.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.141.0/24 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.244.0/24 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.152.0/22 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.184.0/22 maxlen: 24
31.59.186.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 23 Feb 2025 08:04:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:2e:9e:a1:e8:79:2f:85:9e:18:03:11:e3:f8:74:9c:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 22 17:05:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=387fb3a5d1c0dd3ba3b7528890626cffa0c65767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:50:3a:94:a7:c3:ff:4a:d5:5e:d7:4e:56:ed:
e3:a6:64:3a:b1:fb:38:7a:0e:0d:25:3e:50:37:29:
d4:f9:79:b0:2a:d0:af:84:6d:a9:98:50:a3:ea:55:
00:29:d8:ff:4f:a6:ed:45:7a:34:7b:09:d0:3e:e4:
c2:f4:ac:60:9c:e3:d3:8d:3c:8c:bc:d5:7f:36:91:
e5:25:e8:0b:45:a2:e5:8d:49:dd:03:49:54:93:42:
85:27:c5:78:55:97:c5:41:10:76:83:71:14:61:1f:
ff:f9:fd:30:5d:95:fe:a8:a4:ff:0f:62:0e:7d:8f:
c6:c2:5a:01:b2:54:aa:24:1c:e2:40:45:f0:2a:b4:
ed:96:fd:01:6d:ef:60:26:82:25:2e:0f:9b:bb:38:
51:27:39:ec:f5:41:7b:ec:1c:34:63:d4:45:19:3a:
b6:3d:ce:63:55:85:d9:2d:ce:a5:e1:91:35:3a:e4:
03:d4:c6:66:ee:5f:67:1c:f1:ad:36:16:74:41:ec:
31:73:88:73:36:f5:86:80:2f:7d:30:14:e9:a4:dd:
16:a4:09:02:88:74:a8:00:2c:ea:4a:da:a6:22:9b:
44:4b:79:f8:53:0f:a7:7c:c8:04:3f:1f:bd:36:f2:
2a:8b:60:82:89:c5:4f:8e:77:c5:11:9a:f1:fa:17:
89:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:7F:B3:A5:D1:C0:DD:3B:A3:B7:52:88:90:62:6C:FF:A0:C6:57:67
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OH-zpdHA3Tujt1KIkGJs_6DGV2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.71.0/24
31.56.77.0/24
31.56.85.0/24
31.56.90.0/23
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.104.0/21
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.244.0/24
31.57.252.0/22
31.58.34.0/23
31.58.50.0/23
31.58.152.0/22
31.59.96.0/22
31.59.112.0/22
31.59.184.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:f0:a4:0d:df:d6:2f:27:7e:9e:ee:b7:d8:ad:e6:f0:7b:4c:
dd:7d:21:a4:9e:47:d3:99:ee:ae:25:c1:0d:2c:8a:0b:b3:5b:
4f:df:d0:16:df:8a:14:ec:c8:2f:8f:c8:e1:6e:14:03:45:20:
52:df:ef:c0:3a:eb:bf:80:d6:b5:7f:bb:2e:41:e2:9d:3b:e6:
21:f1:f3:bd:a7:68:bd:99:3f:40:c7:15:bf:6f:c2:83:be:81:
c1:b0:68:e3:1c:aa:1a:07:81:86:05:09:1a:de:bd:5c:c1:93:
bf:90:4c:f2:b6:be:ab:94:f8:bb:e9:a9:a7:d4:d4:17:37:66:
a2:66:eb:86:ea:c9:88:e2:53:b6:14:c6:59:15:5c:b4:0d:c4:
8c:25:2f:08:de:73:2f:6c:f1:a6:8f:f1:f4:e5:84:25:ec:04:
b7:09:ea:85:7d:2f:df:80:f7:53:8e:aa:62:f1:03:ec:d3:6b:
b1:d6:29:9c:5e:2f:06:ff:e1:49:a9:7e:dc:76:a1:b0:42:7e:
72:43:29:a8:86:16:61:e2:75:17:97:bf:14:d4:85:23:ba:6c:
6e:9a:8b:bd:93:85:a5:12:50:b0:e8:cc:8a:74:2b:d1:ea:e8:
e7:ad:da:87:fc:98:c0:53:1b:8d:dc:f8:bb:86:f8:92:87:f7:
df:01:3d:d1
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAZUunqHoeS+FnhgDEeP4dJzDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjIyMTcwNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODdmYjNhNWQxYzBkZDNiYTNiNzUyODg5MDYyNmNmZmEwYzY1NzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1A6lKfD/0rVXtdOVu3jpmQ6sfs4
eg4NJT5QNynU+XmwKtCvhG2pmFCj6lUAKdj/T6btRXo0ewnQPuTC9KxgnOPTjTyM
vNV/NpHlJegLRaLljUndA0lUk0KFJ8V4VZfFQRB2g3EUYR//+f0wXZX+qKT/D2IO
fY/GwloBslSqJBziQEXwKrTtlv0Bbe9gJoIlLg+buzhRJzns9UF77Bw0Y9RFGTq2
Pc5jVYXZLc6l4ZE1OuQD1MZm7l9nHPGtNhZ0Qewxc4hzNvWGgC99MBTppN0WpAkC
iHSoACzqStqmIptES3n4Uw+nfMgEPx+9NvIqi2CCicVPjnfFEZrx+heJHQIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFDh/s6XRwN07o7dSiJBibP+gxldnMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvT0gtenBkSEEzVHVqdDFLSWtHSnNfNkRHVjJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBxQQCAAEwgb4DBAEf
OAQDBAAfOBgDBAEfOCoDBAAfODkDBAAfOEcDBAAfOE0DBAAfOFUDBAEfOFoDBAMf
OGgDBAEfOHIwDAMEAR84dgMEAh84eAMEAh84yAMEAx85aAMEAR85hAMEAx85iAME
AR85kgMEAx85sAMEAh85wAMEAR85yDAMAwQEHznQAwQCHzngAwQCHznoAwQAHzn0
AwQCHzn8AwQBHzoiAwQBHzoyAwQCHzqYAwQCHztgAwQCHztwAwQCHzu4MA0GCSqG
SIb3DQEBCwUAA4IBAQB78KQN39YvJ36e7rfYrebwe0zdfSGknkfTme6uJcENLIoL
s1tP39AW34oU7Mgvj8jhbhQDRSBS3+/AOuu/gNa1f7suQeKdO+Yh8fO9p2i9mT9A
xxW/b8KDvoHBsGjjHKoaB4GGBQka3r1cwZO/kEzytr6rlPi76amn1NQXN2aiZuuG
6smI4lO2FMZZFVy0DcSMJS8I3nMvbPGmj/H05YQl7AS3CeqFfS/fgPdTjqpi8QPs
02ux1imcXi8G/+FJqX7cdqGwQn5yQymohhZh4nUXl78U1IUjumxumou9k4WlElCw
6MyKdCvR6ujnrdqH/JjAUxuN3Pi7hviSh/ffAT3R
-----END CERTIFICATE-----
Generated at Fri May 9 20:47:51 2025 by rpki-client