Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TbE20erqq-mst44HTBHuyFpoExg.roa
File: TbE20erqq-mst44HTBHuyFpoExg.roa (raw, json)
Hash identifier: /R3mVi2qSHy/2szYcE8aPYbA/UsLNqnJkHjg99LVnzk=
Subject key identifier: 4D:B1:36:D1:EA:EA:AB:E9:AC:B7:8E:07:4C:11:EE:C8:5A:68:13:18
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194087F2B2D1922A6A41F539970971E63FE
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TbE20erqq-mst44HTBHuyFpoExg.roa
Signing time: Fri 27 Dec 2024 14:22:19 +0000
ROA not before: Fri 27 Dec 2024 14:22:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.16.0/22 maxlen: 22
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.74.0/24 maxlen: 24
31.56.75.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.146.0/23 maxlen: 24
31.57.147.0/24 maxlen: 24
31.57.151.0/24 maxlen: 24
31.57.152.0/24 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.178.0/24 maxlen: 24
31.57.179.0/24 maxlen: 24
31.57.181.0/24 maxlen: 24
31.57.182.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.232.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.152.0/22 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.42.0/24 maxlen: 24
31.59.43.0/24 maxlen: 24
31.59.56.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.58.0/24 maxlen: 24
31.59.64.0/22 maxlen: 24
31.59.80.0/22 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.124.0/22 maxlen: 24
31.59.130.0/24 maxlen: 24
31.59.176.0/22 maxlen: 22
31.59.180.0/22 maxlen: 22
31.59.184.0/22 maxlen: 24
31.59.188.0/22 maxlen: 22
31.59.192.0/22 maxlen: 22
31.59.216.0/22 maxlen: 24
31.59.228.0/24 maxlen: 24
31.59.229.0/24 maxlen: 24
31.59.231.0/24 maxlen: 24
31.59.244.0/24 maxlen: 24
31.59.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Dec 2024 15:29:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:08:7f:2b:2d:19:22:a6:a4:1f:53:99:70:97:1e:63:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 27 14:22:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4db136d1eaeaabe9acb78e074c11eec85a681318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:91:b0:84:3d:64:17:ae:c0:1c:1e:29:51:70:
de:ca:fd:a6:5b:96:f6:36:b0:49:87:c1:ee:0d:fe:
f2:9c:9c:e8:02:a3:cc:f4:3f:d6:b3:36:03:70:e5:
ff:9d:d1:68:bf:5c:c4:5a:37:aa:ed:16:04:94:66:
4e:6d:6a:90:26:9a:89:b3:06:7a:b5:80:e1:c6:9d:
73:af:72:94:e6:e8:d3:c6:6c:86:02:49:71:ae:71:
ea:e8:21:6c:28:40:cf:7a:db:14:6e:bd:70:c4:45:
5f:22:83:d7:91:4c:3c:69:25:57:75:52:08:db:c8:
bd:a6:34:2a:b5:29:f4:b8:e3:e8:09:d1:c9:a7:dd:
ff:0c:34:d7:cf:7a:68:9f:3d:80:b8:34:51:05:c4:
55:3d:19:cc:1b:3c:54:0c:8b:62:9c:5d:5e:45:98:
18:63:08:15:22:ad:b5:8d:33:3a:fb:98:05:34:69:
dd:14:be:9a:5e:2f:d2:20:85:87:c4:8b:e9:9a:5c:
d6:55:c1:17:02:d9:2e:1a:c8:2b:58:c8:5e:1d:48:
cf:30:34:51:34:6d:ab:2d:57:73:4d:2f:1c:b7:ab:
bb:21:54:82:ca:f7:b1:5c:29:c4:4c:f4:bd:62:03:
50:9c:fe:41:95:b0:68:a0:52:1a:6e:75:f9:d5:8a:
99:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B1:36:D1:EA:EA:AB:E9:AC:B7:8E:07:4C:11:EE:C8:5A:68:13:18
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TbE20erqq-mst44HTBHuyFpoExg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.16.0/22
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.71.0/24
31.56.74.0/23
31.56.89.0/24
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.57.132.0/23
31.57.146.0/23
31.57.151.0-31.57.152.255
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0/20
31.57.232.0/22
31.58.34.0/23
31.58.152.0/22
31.59.41.0-31.59.43.255
31.59.56.0-31.59.58.255
31.59.64.0/22
31.59.80.0/22
31.59.96.0/22
31.59.112.0/22
31.59.124.0/22
31.59.130.0/24
31.59.176.0-31.59.195.255
31.59.216.0/22
31.59.228.0/23
31.59.231.0/24
31.59.244.0/23
Signature Algorithm: sha256WithRSAEncryption
28:21:a7:6c:06:2b:c9:b1:b8:59:56:b0:ae:7f:66:a1:f4:db:
91:40:1e:44:2d:f2:63:88:06:6c:2f:84:ad:cd:9f:2c:18:28:
3f:14:d9:ee:de:dd:b4:0f:66:fe:d5:b5:0e:fc:53:1b:3b:02:
e7:97:19:07:bf:7c:83:9f:9b:db:5b:8f:96:dc:70:77:f1:a1:
48:c9:11:15:f8:e2:48:e4:99:3a:c5:a5:0e:db:5d:c3:bd:eb:
9c:d3:53:6e:06:e5:20:8b:af:68:84:e9:e8:6e:f7:96:9b:7c:
07:ed:88:cd:c0:1b:b0:fb:6d:c3:98:2d:04:e4:1c:19:80:2f:
ad:8f:ae:4c:fe:da:61:38:cf:31:cf:3d:db:1d:f2:89:e5:2c:
52:d9:7a:47:7e:11:e1:67:5a:22:4a:1d:11:fd:79:a8:a0:fc:
25:9f:00:81:0e:2b:87:f4:a6:f0:ab:05:d3:67:e3:14:a0:96:
ae:ea:50:3c:1e:c8:19:6d:b3:1a:38:f7:3a:ef:29:c3:a0:45:
fb:f0:18:e6:00:06:c6:9a:60:24:28:ec:44:a3:41:da:1d:a4:
e1:dd:61:e5:6b:e8:3d:85:b8:4e:68:b9:7a:22:53:a4:82:4a:
d5:1e:cd:52:14:00:68:8e:03:32:a6:a9:d6:69:15:3f:93:76:
cd:86:f3:01
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgISAZQIfystGSKmpB9TmXCXHmP+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjI3MTQyMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGIxMzZkMWVhZWFhYmU5YWNiNzhlMDc0YzExZWVjODVhNjgxMzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JGwhD1kF67AHB4pUXDeyv2mW5b2
NrBJh8HuDf7ynJzoAqPM9D/WszYDcOX/ndFov1zEWjeq7RYElGZObWqQJpqJswZ6
tYDhxp1zr3KU5ujTxmyGAklxrnHq6CFsKEDPetsUbr1wxEVfIoPXkUw8aSVXdVII
28i9pjQqtSn0uOPoCdHJp93/DDTXz3ponz2AuDRRBcRVPRnMGzxUDItinF1eRZgY
YwgVIq21jTM6+5gFNGndFL6aXi/SIIWHxIvpmlzWVcEXAtkuGsgrWMheHUjPMDRR
NG2rLVdzTS8ct6u7IVSCyvexXCnETPS9YgNQnP5BlbBooFIabnX51YqZUQIDAQAB
o4IC/jCCAvowHQYDVR0OBBYEFE2xNtHq6qvprLeOB0wR7shaaBMYMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVGJFMjBlcnFxLW1zdDQ0SFRCSHV5RnBvRXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEgYIKwYBBQUHAQcBAf8EggEBMIH+MIH7BAIAATCB9AME
AR84BAMEAh84EAMEAB84GAMEAR84KgMEAB84OQMEAB84RwMEAR84SgMEAB84WQME
Ax84aAMEAR84cjAMAwQBHzh2AwQCHzh4AwQBHzmEAwQBHzmSMAwDBAAfOZcDBAAf
OZgDBAMfObADBAIfOcADBAEfOcgDBAQfOdADBAIfOegDBAEfOiIDBAIfOpgwDAME
AB87KQMEAh87KDAMAwQDHzs4AwQAHzs6AwQCHztAAwQCHztQAwQCHztgAwQCHztw
AwQCHzt8AwQAHzuCMAwDBAQfO7ADBAIfO8ADBAIfO9gDBAEfO+QDBAAfO+cDBAEf
O/QwDQYJKoZIhvcNAQELBQADggEBACghp2wGK8mxuFlWsK5/ZqH025FAHkQt8mOI
BmwvhK3NnywYKD8U2e7e3bQPZv7VtQ78Uxs7AueXGQe/fIOfm9tbj5bccHfxoUjJ
ERX44kjkmTrFpQ7bXcO965zTU24G5SCLr2iE6ehu95abfAftiM3AG7D7bcOYLQTk
HBmAL62Prkz+2mE4zzHPPdsd8onlLFLZekd+EeFnWiJKHRH9eaig/CWfAIEOK4f0
pvCrBdNn4xSglq7qUDweyBltsxo49zrvKcOgRfvwGOYABsaaYCQo7ESjQdodpOHd
YeVr6D2FuE5ouXoiU6SCStUezVIUAGiOAzKmqdZpFT+Tds2G8wE=
-----END CERTIFICATE-----
Generated at Fri May 9 16:31:29 2025 by rpki-client