Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jKlCXU5DC7h1RKurRY7jOst12M0.roa
File: jKlCXU5DC7h1RKurRY7jOst12M0.roa (raw, json)
Hash identifier: tn8vIvlCHEMFpNEtyag5hxyPzE1IPXEcrvZ9W2fpBCc=
Subject key identifier: 8C:A9:42:5D:4E:43:0B:B8:75:44:AB:AB:45:8E:E3:3A:CB:75:D8:CD
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01944F15D9AD0D3E6F6A125CBDD2D0049924
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jKlCXU5DC7h1RKurRY7jOst12M0.roa
Signing time: Fri 10 Jan 2025 07:20:19 +0000
ROA not before: Fri 10 Jan 2025 07:20:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.44.0/24 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.67.0/24 maxlen: 24
31.56.74.0/24 maxlen: 24
31.56.75.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.112.0/24 maxlen: 24
31.56.113.0/24 maxlen: 24
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.126.0/24 maxlen: 24
31.56.157.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.191.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.136.0/24 maxlen: 24
31.58.142.0/24 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.153.0/24 maxlen: 24
31.58.157.0/24 maxlen: 24
31.58.163.0/24 maxlen: 24
31.58.230.0/23 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.42.0/24 maxlen: 24
31.59.43.0/24 maxlen: 24
31.59.56.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.97.0/24 maxlen: 24
31.59.112.0/22 maxlen: 22
31.59.112.0/24 maxlen: 24
31.59.113.0/24 maxlen: 24
31.59.130.0/24 maxlen: 24
31.59.184.0/22 maxlen: 24
31.59.228.0/24 maxlen: 24
31.59.229.0/24 maxlen: 24
31.59.231.0/24 maxlen: 24
31.59.244.0/24 maxlen: 24
31.59.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Jan 2025 16:57:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4f:15:d9:ad:0d:3e:6f:6a:12:5c:bd:d2:d0:04:99:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 10 07:20:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ca9425d4e430bb87544abab458ee33acb75d8cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:49:d1:94:94:91:6b:22:7d:47:1a:d6:bd:c6:
22:89:48:f8:7b:d4:e7:b2:5a:e5:04:05:ad:dc:b1:
ff:12:6c:b8:90:a6:75:56:12:fb:5d:3c:79:46:8e:
7b:16:8a:f8:ce:2d:95:41:8c:4f:e6:28:d7:29:93:
9a:be:66:d8:40:32:d1:a5:53:17:e6:59:da:12:8c:
22:ce:42:f9:1b:17:3e:e1:8b:59:45:5a:56:36:33:
d6:6d:6a:33:80:10:d6:9d:b2:5a:d4:94:b7:11:b5:
5c:78:39:4c:e7:ba:87:48:27:d8:00:46:15:3d:cf:
fa:45:76:d5:b4:45:1a:c3:da:f8:93:74:b1:7c:03:
73:95:62:07:73:c2:fd:fe:c4:1a:26:f7:9e:31:f9:
22:14:7c:61:4c:18:1c:3d:86:18:5e:17:d0:85:66:
54:f6:ca:35:44:c5:b0:78:87:52:20:b5:5b:84:31:
fd:b3:04:f8:9d:cd:41:58:f9:74:3c:28:1e:cb:30:
49:a7:16:6f:64:5a:d0:8b:04:3e:ae:1c:ad:ca:72:
ef:67:fe:51:66:55:f0:4c:10:fd:aa:6f:f3:86:e8:
da:3b:ff:14:47:bc:9a:2e:b1:47:ef:b7:d7:af:f4:
60:76:25:10:01:70:09:16:5e:8b:db:b6:65:04:c0:
2d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:A9:42:5D:4E:43:0B:B8:75:44:AB:AB:45:8E:E3:3A:CB:75:D8:CD
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jKlCXU5DC7h1RKurRY7jOst12M0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0-31.56.44.255
31.56.57.0/24
31.56.67.0/24
31.56.74.0/23
31.56.89.0/24
31.56.104.0-31.56.115.255
31.56.118.0-31.56.123.255
31.56.126.0/24
31.56.157.0/24
31.56.200.0/22
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.176.0/21
31.57.191.0-31.57.195.255
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.136.0/24
31.58.142.0/24
31.58.152.0/22
31.58.157.0/24
31.58.163.0/24
31.58.230.0/23
31.59.41.0-31.59.43.255
31.59.56.0/23
31.59.96.0/22
31.59.112.0/22
31.59.130.0/24
31.59.184.0/22
31.59.228.0/23
31.59.231.0/24
31.59.244.0/23
Signature Algorithm: sha256WithRSAEncryption
77:b7:4f:90:04:e5:aa:65:22:09:3a:87:80:28:ae:59:1a:c9:
15:93:2d:ff:b4:1a:e0:de:f2:4b:c1:0f:e3:28:e0:69:47:63:
5b:b3:b0:5c:90:93:ad:87:48:8d:00:47:83:f0:54:db:04:6c:
2c:dc:87:78:68:3e:a1:c6:a7:a0:47:b7:36:16:0c:1d:1c:79:
4d:ec:9d:12:57:79:cd:b7:3b:e5:09:cb:96:60:a7:c8:aa:02:
a9:1c:36:e6:0c:b5:2c:5c:e2:01:2f:6b:e7:82:20:f7:12:00:
a7:4e:86:bc:ec:bf:c3:74:c8:ae:e6:8b:2d:bb:db:2d:40:06:
e4:ee:8e:b6:a5:a1:a9:41:74:df:e2:14:f0:d7:fd:7b:9e:2a:
12:c9:44:92:64:e6:66:3b:a8:8d:eb:51:14:43:98:28:da:7e:
10:8c:03:ad:7c:f3:2e:c3:19:a0:13:43:92:47:c5:db:79:5a:
7d:5e:6b:aa:b6:81:8f:52:41:31:63:5a:38:0e:8a:fc:dc:0b:
f5:70:80:b7:b0:fe:49:04:79:e2:44:fe:b9:6c:7f:5e:a7:b6:
6f:bd:4b:27:01:ce:64:84:13:fc:d6:c5:56:5b:2c:76:c0:7c:
b4:5d:e9:2e:a7:1e:54:f6:21:f4:a0:5c:48:03:25:55:f4:7e:
3b:9b:5c:58
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAZRPFdmtDT5vahJcvdLQBJkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTEwMDcyMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2E5NDI1ZDRlNDMwYmI4NzU0NGFiYWI0NThlZTMzYWNiNzVkOGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1EnRlJSRayJ9RxrWvcYiiUj4e9Tn
slrlBAWt3LH/Emy4kKZ1VhL7XTx5Ro57For4zi2VQYxP5ijXKZOavmbYQDLRpVMX
5lnaEowizkL5Gxc+4YtZRVpWNjPWbWozgBDWnbJa1JS3EbVceDlM57qHSCfYAEYV
Pc/6RXbVtEUaw9r4k3SxfANzlWIHc8L9/sQaJveeMfkiFHxhTBgcPYYYXhfQhWZU
9so1RMWweIdSILVbhDH9swT4nc1BWPl0PCgeyzBJpxZvZFrQiwQ+rhytynLvZ/5R
ZlXwTBD9qm/zhujaO/8UR7yaLrFH77fXr/RgdiUQAXAJFl6L27ZlBMAtNQIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFIypQl1OQwu4dUSrq0WO4zrLddjNMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvaktsQ1hVNURDN2gxUkt1clJZN2pPc3QxMk0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DgMEAR84BAMEAB84GDAMAwQBHzgqAwQAHzgsAwQAHzg5AwQAHzhDAwQBHzhKAwQA
HzhZMAwDBAMfOGgDBAIfOHAwDAMEAR84dgMEAh84eAMEAB84fgMEAB84nQMEAh84
yAMEAR85hAMEAx85iAMEAR85kgMEAx85sDAMAwQAHzm/AwQCHznAAwQBHznIMAwD
BAQfOdADBAIfOeADBAIfOegDBAIfOfwDBAEfOiIDBAAfOogDBAAfOo4DBAIfOpgD
BAAfOp0DBAAfOqMDBAEfOuYwDAMEAB87KQMEAh87KAMEAR87OAMEAh87YAMEAh87
cAMEAB87ggMEAh87uAMEAR875AMEAB875wMEAR879DANBgkqhkiG9w0BAQsFAAOC
AQEAd7dPkATlqmUiCTqHgCiuWRrJFZMt/7Qa4N7yS8EP4yjgaUdjW7OwXJCTrYdI
jQBHg/BU2wRsLNyHeGg+ocanoEe3NhYMHRx5TeydEld5zbc75QnLlmCnyKoCqRw2
5gy1LFziAS9r54Ig9xIAp06GvOy/w3TIruaLLbvbLUAG5O6OtqWhqUF03+IU8Nf9
e54qEslEkmTmZjuojetRFEOYKNp+EIwDrXzzLsMZoBNDkkfF23lafV5rqraBj1JB
MWNaOA6K/NwL9XCAt7D+SQR54kT+uWx/Xqe2b71LJwHOZIQT/NbFVlssdsB8tF3p
LqceVPYh9KBcSAMlVfR+O5tcWA==
-----END CERTIFICATE-----
Generated at Sun May 11 00:49:22 2025 by rpki-client