Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8_qmfOBLFMMei6RbP4Q400v5Z8k.roa
File: 8_qmfOBLFMMei6RbP4Q400v5Z8k.roa (raw, json)
Hash identifier: gKXOh/j5So2DowNt+7Al9jWaS++mQroz1ebCr2zIHj0=
Subject key identifier: F3:FA:A6:7C:E0:4B:14:C3:1E:8B:A4:5B:3F:84:38:D3:4B:F9:67:C9
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01956B4AD119C3A34328B4B7376799CB4804
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8_qmfOBLFMMei6RbP4Q400v5Z8k.roa
Signing time: Thu 06 Mar 2025 11:50:20 +0000
ROA not before: Thu 06 Mar 2025 11:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.85.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.92.0/22 maxlen: 24
31.57.96.0/22 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.188.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.200.0/24 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.208.0/24 maxlen: 24
31.57.209.0/24 maxlen: 24
31.57.210.0/24 maxlen: 24
31.57.211.0/24 maxlen: 24
31.57.212.0/24 maxlen: 24
31.57.213.0/24 maxlen: 24
31.57.214.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.57.254.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.76.0/22 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.91.0/24 maxlen: 24
31.58.100.0/22 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.153.0/24 maxlen: 24
31.58.224.0/22 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.120.0/22 maxlen: 24
31.59.184.0/22 maxlen: 24
31.59.186.0/24 maxlen: 24
31.59.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Mar 2025 16:53:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6b:4a:d1:19:c3:a3:43:28:b4:b7:37:67:99:cb:48:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 6 11:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3faa67ce04b14c31e8ba45b3f8438d34bf967c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5a:7a:22:02:ea:e7:17:75:ab:f9:41:d0:43:
8a:81:bc:e6:c4:60:f3:46:bd:56:01:a5:69:5d:ae:
73:7f:f7:e0:5d:d4:10:59:33:fe:4c:0c:24:b2:bb:
f2:03:3b:e2:48:ef:8d:32:e4:ca:d4:14:84:58:3e:
1a:e8:40:d5:4b:60:11:be:a7:f9:b4:10:a5:e7:f8:
6f:a5:37:3d:e3:9b:03:26:71:6d:79:11:e8:3d:b5:
e3:0d:cc:0e:a1:cd:9b:95:02:63:7f:bf:29:db:e1:
4e:70:fd:f4:7f:fe:5d:03:c6:bf:b0:cf:00:50:13:
bd:01:84:49:6f:cd:98:f7:e7:80:23:20:63:17:06:
17:6b:cc:c6:b7:80:87:a6:86:cb:17:cb:07:29:04:
48:41:8e:84:ca:9c:f9:95:87:f8:89:00:67:08:aa:
c9:18:fe:e0:04:21:fd:cf:86:66:da:0a:3f:d0:f1:
bd:b3:55:eb:59:23:e4:62:c0:d2:a9:43:a2:d9:b9:
73:55:5e:7c:ae:60:e7:fe:e0:65:e2:c8:ad:4b:30:
dd:da:67:3a:f9:ce:6b:97:0c:3e:49:8a:a3:6e:a9:
6b:8f:92:f2:f5:d5:f1:f2:9d:6d:9e:70:2a:31:c5:
eb:15:e0:6d:c9:7b:a6:7c:45:e4:64:d1:3f:90:6d:
f2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:FA:A6:7C:E0:4B:14:C3:1E:8B:A4:5B:3F:84:38:D3:4B:F9:67:C9
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8_qmfOBLFMMei6RbP4Q400v5Z8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.71.0/24
31.56.85.0/24
31.56.89.0-31.56.91.255
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.92.0-31.57.99.255
31.57.104.0/21
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.176.0/21
31.57.188.0/24
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.50.0/23
31.58.68.0/22
31.58.76.0/22
31.58.84.0/22
31.58.91.0/24
31.58.100.0/22
31.58.152.0/22
31.58.224.0/22
31.59.41.0/24
31.59.96.0/22
31.59.112.0/22
31.59.120.0/22
31.59.184.0/22
31.59.230.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:f3:b4:1d:47:9b:5a:85:75:00:3f:2a:5f:d4:ed:75:6d:7e:
28:19:c4:5a:1c:b2:62:9c:97:14:28:d7:9d:15:32:c7:81:2a:
d3:9f:6f:28:0a:93:fe:d9:45:30:0d:87:49:e3:25:78:c7:c7:
9a:7f:13:f4:eb:e0:4a:d1:0a:b9:76:78:b9:49:1f:0f:c8:5b:
cb:02:da:25:73:e0:73:bf:ef:dd:89:36:2f:94:38:7b:d6:24:
f3:0b:76:85:83:aa:4b:06:f1:97:68:bd:5e:4c:9a:f7:53:ec:
8c:3a:af:ee:38:45:8a:f3:1b:d3:43:7f:d7:9a:a2:33:1b:98:
e3:9b:ed:15:b8:24:73:71:dc:74:5c:f8:b6:88:44:2c:9b:0d:
c9:57:20:44:c0:bd:2c:9a:1f:6e:64:2b:a3:9d:6c:91:8d:82:
4f:41:7f:3b:91:ec:8a:85:4d:67:3b:ad:1f:25:3d:3c:e3:b5:
9f:f3:ea:f9:32:16:0e:d9:1a:55:12:42:05:c8:a6:38:fe:be:
64:78:5f:58:f6:cc:a6:47:b0:18:3b:a2:2f:02:25:36:f1:48:
31:33:e9:a6:0d:cb:23:c8:05:14:9b:c4:73:88:7b:5e:1d:8c:
94:fe:c8:35:3c:e8:a6:01:cd:75:29:b0:fb:28:4b:04:5d:c7:
08:37:df:5a
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgISAZVrStEZw6NDKLS3N2eZy0gEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzA2MTE1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2ZhYTY3Y2UwNGIxNGMzMWU4YmE0NWIzZjg0MzhkMzRiZjk2N2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1p6IgLq5xd1q/lB0EOKgbzmxGDz
Rr1WAaVpXa5zf/fgXdQQWTP+TAwksrvyAzviSO+NMuTK1BSEWD4a6EDVS2ARvqf5
tBCl5/hvpTc945sDJnFteRHoPbXjDcwOoc2blQJjf78p2+FOcP30f/5dA8a/sM8A
UBO9AYRJb82Y9+eAIyBjFwYXa8zGt4CHpobLF8sHKQRIQY6Eypz5lYf4iQBnCKrJ
GP7gBCH9z4Zm2go/0PG9s1XrWSPkYsDSqUOi2blzVV58rmDn/uBl4sitSzDd2mc6
+c5rlww+SYqjbqlrj5Ly9dXx8p1tnnAqMcXrFeBtyXumfEXkZNE/kG3ycwIDAQAB
o4IDETCCAw0wHQYDVR0OBBYEFPP6pnzgSxTDHoukWz+EONNL+WfJMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvOF9xbWZPQkxGTU1laTZSYlA0UTQwMHY1WjhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJQYIKwYBBQUHAQcBAf8EggEUMIIBEDCCAQwEAgABMIIB
BAMEAR84BAMEAB84GAMEAR84KgMEAB84OQMEAB84RwMEAB84VTAMAwQAHzhZAwQC
HzhYAwQDHzhoAwQBHzhyMAwDBAEfOHYDBAIfOHgDBAIfOMgwDAMEAh85XAMEAh85
YAMEAx85aAMEAR85hAMEAx85iAMEAR85kgMEAx85sAMEAB85vAMEAh85wAMEAR85
yDAMAwQEHznQAwQCHzngAwQCHznoAwQCHzn8AwQBHzoiAwQBHzoyAwQCHzpEAwQC
HzpMAwQCHzpUAwQAHzpbAwQCHzpkAwQCHzqYAwQCHzrgAwQAHzspAwQCHztgAwQC
HztwAwQCHzt4AwQCHzu4AwQAHzvmMA0GCSqGSIb3DQEBCwUAA4IBAQC687QdR5ta
hXUAPypf1O11bX4oGcRaHLJinJcUKNedFTLHgSrTn28oCpP+2UUwDYdJ4yV4x8ea
fxP06+BK0Qq5dni5SR8PyFvLAtolc+Bzv+/diTYvlDh71iTzC3aFg6pLBvGXaL1e
TJr3U+yMOq/uOEWK8xvTQ3/XmqIzG5jjm+0VuCRzcdx0XPi2iEQsmw3JVyBEwL0s
mh9uZCujnWyRjYJPQX87keyKhU1nO60fJT0847Wf8+r5MhYO2RpVEkIFyKY4/r5k
eF9Y9symR7AYO6IvAiU28UgxM+mmDcsjyAUUm8RziHteHYyU/sg1POimAc11KbD7
KEsEXccIN99a
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:05:35 2025 by rpki-client