Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-CEeGGUpGcMksXReW0nSmdj8V98.roa
File: 1-CEeGGUpGcMksXReW0nSmdj8V98.roa (raw, json)
Hash identifier: opwC6qtQEwggD14O03iieeJzyr/7gcOr007RDxKCyOA=
Subject key identifier: F8:21:1E:18:65:29:19:C3:24:B1:74:5E:5B:49:D2:99:D8:FC:57:DF
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194282330AFF4BD99A18D1609AF7DA9F04A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-CEeGGUpGcMksXReW0nSmdj8V98.roa
Signing time: Thu 02 Jan 2025 17:49:42 +0000
ROA not before: Thu 02 Jan 2025 17:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.74.0/24 maxlen: 24
31.56.75.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.112.0/24 maxlen: 24
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.146.0/23 maxlen: 24
31.57.147.0/24 maxlen: 24
31.57.151.0/24 maxlen: 24
31.57.152.0/24 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.178.0/24 maxlen: 24
31.57.179.0/24 maxlen: 24
31.57.189.0/24 maxlen: 24
31.57.191.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.210.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.136.0/24 maxlen: 24
31.58.142.0/24 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.157.0/24 maxlen: 24
31.58.230.0/23 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.42.0/24 maxlen: 24
31.59.43.0/24 maxlen: 24
31.59.56.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.58.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.130.0/24 maxlen: 24
31.59.184.0/22 maxlen: 24
31.59.228.0/24 maxlen: 24
31.59.229.0/24 maxlen: 24
31.59.231.0/24 maxlen: 24
31.59.244.0/24 maxlen: 24
31.59.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Jan 2025 14:12:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:30:af:f4:bd:99:a1:8d:16:09:af:7d:a9:f0:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8211e18652919c324b1745e5b49d299d8fc57df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1e:aa:29:76:d4:ba:fc:0d:da:4e:8b:a5:af:
87:1c:c4:29:f6:d0:23:91:29:38:0b:15:8b:b3:6e:
29:50:e6:ce:b6:59:c9:e7:e5:37:f3:d8:1f:74:bb:
d2:0f:e5:95:2a:24:b0:ae:37:97:ec:b4:f1:ac:95:
35:31:49:37:13:91:0a:e8:d0:24:0e:4f:6a:9a:07:
c5:84:47:10:fd:25:2f:4f:68:85:f7:88:e0:78:8e:
27:0d:61:fb:df:32:1b:a2:96:49:fb:fe:59:f4:4b:
80:d0:16:fd:2e:66:ff:65:3c:38:72:d6:e7:a6:8f:
88:e6:99:09:2e:a9:c8:e2:7b:7f:c5:0a:e6:ea:f0:
6f:2b:d0:74:b4:71:21:d4:a2:cb:75:18:8c:9d:8b:
ff:ca:fd:42:17:f7:60:5e:85:6e:76:47:eb:f8:94:
8a:e1:bf:c9:80:ec:0b:2a:56:fa:4f:54:99:9a:c8:
86:bd:df:f2:df:14:09:58:08:38:80:3a:df:b9:4f:
b8:4c:8a:f7:ae:7a:62:46:fb:03:02:01:90:19:31:
f1:ac:39:16:94:a7:51:16:b5:6d:b4:f6:f8:df:e4:
ca:e7:14:aa:f2:05:1a:f4:70:e3:4b:79:c8:62:31:
60:6e:41:f2:dd:a2:ed:cd:4c:1b:39:77:b9:19:65:
47:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:21:1E:18:65:29:19:C3:24:B1:74:5E:5B:49:D2:99:D8:FC:57:DF
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-CEeGGUpGcMksXReW0nSmdj8V98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.71.0/24
31.56.74.0/23
31.56.89.0/24
31.56.104.0-31.56.112.255
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.132.0/23
31.57.146.0/23
31.57.151.0-31.57.152.255
31.57.176.0/21
31.57.189.0/24
31.57.191.0-31.57.195.255
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.136.0/24
31.58.142.0/24
31.58.152.0/22
31.58.157.0/24
31.58.230.0/23
31.59.41.0-31.59.43.255
31.59.56.0-31.59.58.255
31.59.96.0/22
31.59.112.0/22
31.59.130.0/24
31.59.184.0/22
31.59.228.0/23
31.59.231.0/24
31.59.244.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:28:ee:30:09:c4:54:37:12:8c:9d:ad:23:80:ec:0d:78:cc:
80:87:46:55:5f:ab:41:36:8c:3e:56:d3:35:e9:78:15:43:ee:
bd:e5:28:c2:60:4d:26:1e:d8:82:dd:2c:51:36:a4:f0:1d:99:
5d:4b:fb:b5:cd:70:59:03:3f:66:23:23:b7:c6:ab:d1:92:fb:
90:89:50:c3:95:ce:c1:ba:19:0e:a3:b1:6b:07:93:6e:a2:15:
70:75:43:62:73:44:47:02:91:a3:06:dd:3b:53:2f:07:10:12:
ff:2e:45:58:81:02:55:d0:4d:94:c8:87:1a:72:37:68:75:9a:
53:eb:49:17:87:9b:9a:44:45:18:88:51:ef:e8:46:db:cf:1e:
12:8d:6d:c6:db:9a:ca:eb:39:0a:97:79:b6:6c:62:3c:a7:6d:
cb:e2:77:92:de:5a:74:17:8e:a0:11:4e:2b:16:15:1c:4b:78:
ec:05:9b:ff:0e:d9:4d:ef:6f:e4:b6:c0:1d:69:0b:bd:42:6c:
64:b9:ec:c3:ed:9f:f6:ce:84:00:c4:f1:a4:38:11:93:05:e0:
bd:a0:a5:3d:65:f6:b7:18:6a:07:99:54:2e:4a:44:76:92:4c:
62:65:e5:27:30:5e:10:b8:61:ec:1e:ae:81:35:d3:d0:04:75:
71:10:1d:52
-----BEGIN CERTIFICATE-----
MIIGEjCCBPqgAwIBAgISAZQoIzCv9L2ZoY0WCa99qfBKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODIxMWUxODY1MjkxOWMzMjRiMTc0NWU1YjQ5ZDI5OWQ4ZmM1N2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxB6qKXbUuvwN2k6Lpa+HHMQp9tAj
kSk4CxWLs24pUObOtlnJ5+U389gfdLvSD+WVKiSwrjeX7LTxrJU1MUk3E5EK6NAk
Dk9qmgfFhEcQ/SUvT2iF94jgeI4nDWH73zIbopZJ+/5Z9EuA0Bb9Lmb/ZTw4ctbn
po+I5pkJLqnI4nt/xQrm6vBvK9B0tHEh1KLLdRiMnYv/yv1CF/dgXoVudkfr+JSK
4b/JgOwLKlb6T1SZmsiGvd/y3xQJWAg4gDrfuU+4TIr3rnpiRvsDAgGQGTHxrDkW
lKdRFrVttPb43+TK5xSq8gUa9HDjS3nIYjFgbkHy3aLtzUwbOXe5GWVHUQIDAQAB
o4IDHjCCAxowHQYDVR0OBBYEFPghHhhlKRnDJLF0XltJ0pnY/FffMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMS1DRWVHR1VwR2NNa3NYUmVXMG5TbWRqOFY5OC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTIvNTExZjk1LWU0YmYtNDNmMS1hZjJmLWI4MTFjZmNiOWZk
NS8xL1R4c0pYNnRuWXp3Qko5WWY5b1Y0Wk9wckpjVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCATEGCCsGAQUFBwEHAQH/BIIBIDCCARwwggEYBAIAATCC
ARADBAEfOAQDBAAfOBgDBAEfOCoDBAAfODkDBAAfOEcDBAEfOEoDBAAfOFkwDAME
Ax84aAMEAB84cAMEAR84cjAMAwQBHzh2AwQCHzh4AwQCHzjIAwQBHzmEAwQBHzmS
MAwDBAAfOZcDBAAfOZgDBAMfObADBAAfOb0wDAMEAB85vwMEAh85wAMEAR85yDAM
AwQEHznQAwQCHzngAwQCHznoAwQCHzn8AwQBHzoiAwQAHzqIAwQAHzqOAwQCHzqY
AwQAHzqdAwQBHzrmMAwDBAAfOykDBAIfOygwDAMEAx87OAMEAB87OgMEAh87YAME
Ah87cAMEAB87ggMEAh87uAMEAR875AMEAB875wMEAR879DANBgkqhkiG9w0BAQsF
AAOCAQEADijuMAnEVDcSjJ2tI4DsDXjMgIdGVV+rQTaMPlbTNel4FUPuveUowmBN
Jh7Ygt0sUTak8B2ZXUv7tc1wWQM/ZiMjt8ar0ZL7kIlQw5XOwboZDqOxaweTbqIV
cHVDYnNERwKRowbdO1MvBxAS/y5FWIECVdBNlMiHGnI3aHWaU+tJF4ebmkRFGIhR
7+hG288eEo1txtuayus5Cpd5tmxiPKdty+J3kt5adBeOoBFOKxYVHEt47AWb/w7Z
Te9v5LbAHWkLvUJsZLnsw+2f9s6EAMTxpDgRkwXgvaClPWX2txhqB5lULkpEdpJM
YmXlJzBeELhh7B6ugTXT0AR1cRAdUg==
-----END CERTIFICATE-----
Generated at Tue Apr 29 01:18:59 2025 by rpki-client