Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Y09eMdlxZKsxdSSfde6pViYR1YE.roa
File: Y09eMdlxZKsxdSSfde6pViYR1YE.roa (raw, json)
Hash identifier: 5Cp3oe2/VCl3zieZ7yWRJP83vHiKOft7oGgf1s5Oc6g=
Subject key identifier: 63:4F:5E:31:D9:71:64:AB:31:75:24:9F:75:EE:A9:56:26:11:D5:81
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194AE9152C76C038A188CD67A3B1D7150E2
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Y09eMdlxZKsxdSSfde6pViYR1YE.roa
Signing time: Tue 28 Jan 2025 20:19:06 +0000
ROA not before: Tue 28 Jan 2025 20:19:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.74.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.156.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.139.0/24 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.33.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.142.0/24 maxlen: 24
31.58.143.0/24 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.153.0/24 maxlen: 24
31.58.163.0/24 maxlen: 24
31.58.230.0/23 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.42.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.108.0/24 maxlen: 24
31.59.112.0/22 maxlen: 22
31.59.184.0/22 maxlen: 24
31.59.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Jan 2025 08:07:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ae:91:52:c7:6c:03:8a:18:8c:d6:7a:3b:1d:71:50:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 28 20:19:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=634f5e31d97164ab3175249f75eea9562611d581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:36:de:bd:69:66:33:ee:91:59:9f:78:8f:7b:
fc:1a:4c:84:b6:d8:48:52:ac:33:e4:3c:6d:07:21:
cf:c6:ec:aa:e1:10:d2:33:5f:02:7d:a8:75:2a:50:
9e:98:8b:b6:2a:4c:c2:a0:3d:c8:07:f8:4f:16:65:
e3:b4:f4:a7:2e:d5:2e:50:6c:c5:8a:e7:6e:13:f1:
40:60:85:15:f5:a1:44:03:4c:8d:88:f2:de:53:7d:
b0:ec:46:71:04:b6:4f:55:90:b2:de:57:1c:7a:f3:
62:a4:14:fc:91:5f:0a:98:4d:60:10:00:e0:f5:65:
5a:94:2d:fa:09:67:0a:d7:42:84:d2:c3:85:df:d3:
51:c7:47:b8:1b:b6:57:b2:8c:6e:27:aa:6c:ef:1d:
21:53:32:4b:1a:7f:00:5a:0c:0e:6e:f6:9f:3c:1c:
35:6d:ef:6d:d9:f1:d9:ca:a2:55:ae:99:98:5c:05:
28:ee:27:c9:41:35:b1:1f:cc:9b:a5:90:34:66:e6:
e9:8e:22:ad:f1:12:92:e8:e1:98:f1:42:e2:d8:63:
a6:98:86:38:8c:ba:c7:7a:b8:bb:99:26:a5:9c:3d:
39:7b:5e:e0:f7:14:d5:e3:9d:64:2f:02:33:43:cf:
2d:aa:87:1a:b5:5a:91:48:58:62:c7:34:10:0c:44:
ff:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:4F:5E:31:D9:71:64:AB:31:75:24:9F:75:EE:A9:56:26:11:D5:81
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Y09eMdlxZKsxdSSfde6pViYR1YE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.74.0/24
31.56.89.0-31.56.91.255
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.156.0/24
31.56.200.0/22
31.57.104.0/21
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.33.0-31.58.35.255
31.58.142.0/23
31.58.152.0/22
31.58.163.0/24
31.58.230.0/23
31.59.41.0-31.59.42.255
31.59.57.0/24
31.59.96.0/22
31.59.108.0/24
31.59.112.0/22
31.59.184.0/22
31.59.228.0/24
Signature Algorithm: sha256WithRSAEncryption
20:b5:69:cc:84:75:2a:6b:a5:94:0e:53:17:1f:84:68:c6:4b:
74:96:dd:5d:89:23:b2:6b:12:83:10:dc:ed:bf:9e:13:94:85:
39:22:b3:f5:d5:9d:aa:5a:99:ba:36:91:f2:8e:2f:3d:1c:5e:
c3:d0:dd:39:8d:7b:63:13:66:b4:0a:ac:77:c2:d8:c9:b0:d1:
fa:c1:8a:13:f8:dd:02:45:93:57:f1:ef:8b:91:81:e8:a7:9c:
e4:b5:03:a9:39:2f:d3:fc:dc:87:c3:7c:87:3c:d7:ca:61:71:
60:42:77:ea:0b:d7:98:8a:0e:cb:d2:b9:6e:95:8c:51:6a:99:
85:f9:35:53:ac:b4:36:19:3e:7d:5b:72:2e:7d:d7:00:28:a6:
22:fb:e2:49:53:ac:e9:15:36:b5:6a:02:ac:93:2d:e4:8e:82:
9c:46:74:b1:fc:23:e7:aa:8d:3d:bb:00:0b:86:36:48:01:1e:
2e:2b:d9:55:1b:65:e0:46:e7:e6:ff:4a:45:36:ca:67:ad:36:
f7:48:bf:c0:a7:2f:39:ff:5c:ba:0b:b0:90:05:94:59:2f:fd:
ec:f3:46:d2:94:c2:9c:cb:ff:10:81:10:b4:7e:73:11:92:6b:
a3:68:aa:ff:be:43:37:a9:51:7d:33:42:09:de:01:a5:17:27:
cc:33:d5:6f
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAZSukVLHbAOKGIzWejsdcVDiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTI4MjAxOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzRmNWUzMWQ5NzE2NGFiMzE3NTI0OWY3NWVlYTk1NjI2MTFkNTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDbevWlmM+6RWZ94j3v8GkyEtthI
Uqwz5DxtByHPxuyq4RDSM18Cfah1KlCemIu2KkzCoD3IB/hPFmXjtPSnLtUuUGzF
iuduE/FAYIUV9aFEA0yNiPLeU32w7EZxBLZPVZCy3lccevNipBT8kV8KmE1gEADg
9WValC36CWcK10KE0sOF39NRx0e4G7ZXsoxuJ6ps7x0hUzJLGn8AWgwObvafPBw1
be9t2fHZyqJVrpmYXAUo7ifJQTWxH8ybpZA0ZubpjiKt8RKS6OGY8ULi2GOmmIY4
jLrHeri7mSalnD05e17g9xTV451kLwIzQ88tqocatVqRSFhixzQQDET/owIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFGNPXjHZcWSrMXUkn3XuqVYmEdWBMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvWTA5ZU1kbHhaS3N4ZFNTZmRlNnBWaVlSMVlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwgfUEAgABMIHuAwQB
HzgEAwQAHzgYAwQBHzgqAwQAHzg5AwQAHzhKMAwDBAAfOFkDBAIfOFgDBAMfOGgD
BAEfOHIwDAMEAR84dgMEAh84eAMEAB84nAMEAh84yAMEAx85aAMEAR85hAMEAx85
iAMEAR85kgMEAx85sAMEAh85wAMEAR85yDAMAwQEHznQAwQCHzngAwQCHznoAwQC
Hzn8MAwDBAAfOiEDBAIfOiADBAEfOo4DBAIfOpgDBAAfOqMDBAEfOuYwDAMEAB87
KQMEAB87KgMEAB87OQMEAh87YAMEAB87bAMEAh87cAMEAh87uAMEAB875DANBgkq
hkiG9w0BAQsFAAOCAQEAILVpzIR1KmullA5TFx+EaMZLdJbdXYkjsmsSgxDc7b+e
E5SFOSKz9dWdqlqZujaR8o4vPRxew9DdOY17YxNmtAqsd8LYybDR+sGKE/jdAkWT
V/Hvi5GB6Kec5LUDqTkv0/zch8N8hzzXymFxYEJ36gvXmIoOy9K5bpWMUWqZhfk1
U6y0Nhk+fVtyLn3XACimIvviSVOs6RU2tWoCrJMt5I6CnEZ0sfwj56qNPbsAC4Y2
SAEeLivZVRtl4Ebn5v9KRTbKZ60290i/wKcvOf9cuguwkAWUWS/97PNG0pTCnMv/
EIEQtH5zEZJro2iq/75DN6lRfTNCCd4BpRcnzDPVbw==
-----END CERTIFICATE-----
Generated at Sat May 10 02:04:55 2025 by rpki-client