Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9OLSpkoiDbCQDb_N7Yx3gvOP10s.roa
File: 9OLSpkoiDbCQDb_N7Yx3gvOP10s.roa (raw, json)
Hash identifier: AOUR1TlDdB3AQyeEO5KkiojZ2i5cNeQUEu1+DJbL+lI=
Subject key identifier: F4:E2:D2:A6:4A:22:0D:B0:90:0D:BF:CD:ED:8C:77:82:F3:8F:D7:4B
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019408BD6CB3982D585C6C2D74A23C424879
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9OLSpkoiDbCQDb_N7Yx3gvOP10s.roa
Signing time: Fri 27 Dec 2024 15:30:19 +0000
ROA not before: Fri 27 Dec 2024 15:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.16.0/22 maxlen: 22
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.74.0/24 maxlen: 24
31.56.75.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.146.0/23 maxlen: 24
31.57.147.0/24 maxlen: 24
31.57.151.0/24 maxlen: 24
31.57.152.0/24 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.178.0/24 maxlen: 24
31.57.179.0/24 maxlen: 24
31.57.181.0/24 maxlen: 24
31.57.182.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.232.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.176.0/22 maxlen: 24
31.58.200.0/22 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.42.0/24 maxlen: 24
31.59.43.0/24 maxlen: 24
31.59.56.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.58.0/24 maxlen: 24
31.59.64.0/22 maxlen: 24
31.59.80.0/22 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.124.0/22 maxlen: 24
31.59.130.0/24 maxlen: 24
31.59.176.0/22 maxlen: 22
31.59.180.0/22 maxlen: 22
31.59.184.0/22 maxlen: 24
31.59.188.0/22 maxlen: 22
31.59.192.0/22 maxlen: 22
31.59.216.0/22 maxlen: 24
31.59.228.0/24 maxlen: 24
31.59.229.0/24 maxlen: 24
31.59.231.0/24 maxlen: 24
31.59.244.0/24 maxlen: 24
31.59.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Dec 2024 15:32:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:08:bd:6c:b3:98:2d:58:5c:6c:2d:74:a2:3c:42:48:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 27 15:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4e2d2a64a220db0900dbfcded8c7782f38fd74b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:77:a2:62:bf:22:0d:40:39:9f:d8:4a:e2:f6:
57:f3:37:d7:05:eb:38:b4:75:b2:4e:7b:e9:96:89:
ef:f2:83:71:b3:d9:19:50:b8:4a:e3:e4:d3:2a:16:
fb:6d:c8:cb:37:ba:d6:22:c4:b9:c8:0c:6b:2f:9e:
24:f9:0b:1c:4d:5f:2d:ec:cd:6c:5a:eb:40:a3:c9:
ae:0e:40:03:39:65:92:dc:d5:97:06:3e:99:1c:a5:
10:55:83:f3:95:c0:77:35:6a:11:ce:31:42:55:bb:
00:87:56:90:61:be:b2:7d:d1:ea:3d:84:97:53:8a:
22:b6:85:3a:41:6a:6a:f7:39:9c:68:bf:6f:d4:ab:
96:7e:27:1e:dd:6b:f4:a9:fd:5b:9d:63:82:09:0e:
6b:b6:ab:d9:3f:98:b5:b2:e1:7a:13:a1:60:6a:8c:
64:bb:4c:84:c1:7a:41:d2:a0:6c:c0:55:ff:b6:37:
7e:54:42:0a:ef:92:05:31:c5:bc:44:db:3e:37:de:
0e:a6:15:5f:55:30:41:49:b9:57:70:de:7a:56:18:
99:c0:5b:76:35:c5:40:cc:3f:95:f4:c6:b7:b6:05:
59:21:1f:d6:8c:d5:ac:41:2e:23:89:53:1b:a0:98:
99:5a:bb:15:fc:e9:a8:04:c9:b0:0b:c3:5a:3c:28:
80:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:E2:D2:A6:4A:22:0D:B0:90:0D:BF:CD:ED:8C:77:82:F3:8F:D7:4B
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9OLSpkoiDbCQDb_N7Yx3gvOP10s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.16.0/22
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.71.0/24
31.56.74.0/23
31.56.89.0/24
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.57.132.0/23
31.57.146.0/23
31.57.151.0-31.57.152.255
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0/20
31.57.232.0/22
31.58.34.0/23
31.58.152.0/22
31.58.176.0/22
31.58.200.0/22
31.59.41.0-31.59.43.255
31.59.56.0-31.59.58.255
31.59.64.0/22
31.59.80.0/22
31.59.96.0/22
31.59.112.0/22
31.59.124.0/22
31.59.130.0/24
31.59.176.0-31.59.195.255
31.59.216.0/22
31.59.228.0/23
31.59.231.0/24
31.59.244.0/23
Signature Algorithm: sha256WithRSAEncryption
29:23:80:68:16:87:26:b9:b6:e1:ec:0e:d3:c4:1e:be:ed:4f:
77:c6:a4:cc:3f:84:ad:cf:f0:d5:35:bb:7d:1f:bb:30:90:c2:
d4:97:a4:63:26:01:23:03:17:f0:cf:f5:7b:18:d8:37:b4:60:
b7:fc:e2:96:ba:50:26:ba:0d:aa:8e:ed:fe:d9:fc:60:99:ee:
84:e8:bf:33:cf:44:d3:9a:2a:67:23:11:12:25:5e:b2:a3:1e:
44:cf:6a:a8:fa:35:c7:e7:a4:e4:a2:2d:7e:a1:1c:5c:33:6d:
38:5e:ad:12:40:24:ed:84:01:66:32:43:40:ca:5a:ac:91:7c:
14:6a:84:ab:08:01:fb:e9:6b:97:9b:30:2e:b5:bc:69:0d:4d:
f3:e1:42:29:ca:d4:5f:b1:aa:fa:5f:8b:2d:43:6e:e2:fc:93:
d6:69:64:35:cb:24:77:d0:de:85:ed:08:3b:ae:49:96:4e:b7:
f1:b7:68:b0:c6:9f:41:23:71:42:6e:4c:93:dc:3c:7a:20:5b:
d8:45:2f:6f:ab:57:88:21:5b:cf:46:6a:9a:c7:dd:83:a8:9a:
9a:c7:1d:9c:92:d7:47:d2:11:08:6e:43:f2:de:5c:db:7f:18:
ce:e5:1c:cf:e3:28:73:c4:81:c0:a9:03:84:30:7b:6a:8c:3c:
02:49:4c:a1
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgISAZQIvWyzmC1YXGwtdKI8Qkh5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjI3MTUzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGUyZDJhNjRhMjIwZGIwOTAwZGJmY2RlZDhjNzc4MmYzOGZkNzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3eiYr8iDUA5n9hK4vZX8zfXBes4
tHWyTnvplonv8oNxs9kZULhK4+TTKhb7bcjLN7rWIsS5yAxrL54k+QscTV8t7M1s
WutAo8muDkADOWWS3NWXBj6ZHKUQVYPzlcB3NWoRzjFCVbsAh1aQYb6yfdHqPYSX
U4oitoU6QWpq9zmcaL9v1KuWfice3Wv0qf1bnWOCCQ5rtqvZP5i1suF6E6Fgaoxk
u0yEwXpB0qBswFX/tjd+VEIK75IFMcW8RNs+N94OphVfVTBBSblXcN56VhiZwFt2
NcVAzD+V9Ma3tgVZIR/WjNWsQS4jiVMboJiZWrsV/OmoBMmwC8NaPCiATQIDAQAB
o4IDDTCCAwkwHQYDVR0OBBYEFPTi0qZKIg2wkA2/ze2Md4Lzj9dLMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvOU9MU3Brb2lEYkNRRGJfTjdZeDNndk9QMTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIQYIKwYBBQUHAQcBAf8EggEQMIIBDDCCAQgEAgABMIIB
AAMEAR84BAMEAh84EAMEAB84GAMEAR84KgMEAB84OQMEAB84RwMEAR84SgMEAB84
WQMEAx84aAMEAR84cjAMAwQBHzh2AwQCHzh4AwQBHzmEAwQBHzmSMAwDBAAfOZcD
BAAfOZgDBAMfObADBAIfOcADBAEfOcgDBAQfOdADBAIfOegDBAEfOiIDBAIfOpgD
BAIfOrADBAIfOsgwDAMEAB87KQMEAh87KDAMAwQDHzs4AwQAHzs6AwQCHztAAwQC
HztQAwQCHztgAwQCHztwAwQCHzt8AwQAHzuCMAwDBAQfO7ADBAIfO8ADBAIfO9gD
BAEfO+QDBAAfO+cDBAEfO/QwDQYJKoZIhvcNAQELBQADggEBACkjgGgWhya5tuHs
DtPEHr7tT3fGpMw/hK3P8NU1u30fuzCQwtSXpGMmASMDF/DP9XsY2De0YLf84pa6
UCa6DaqO7f7Z/GCZ7oTovzPPRNOaKmcjERIlXrKjHkTPaqj6NcfnpOSiLX6hHFwz
bTherRJAJO2EAWYyQ0DKWqyRfBRqhKsIAfvpa5ebMC61vGkNTfPhQinK1F+xqvpf
iy1DbuL8k9ZpZDXLJHfQ3oXtCDuuSZZOt/G3aLDGn0EjcUJuTJPcPHogW9hFL2+r
V4ghW89GaprH3YOomprHHZyS10fSEQhuQ/LeXNt/GM7lHM/jKHPEgcCpA4Qwe2qM
PAJJTKE=
-----END CERTIFICATE-----
Generated at Mon Apr 28 16:00:00 2025 by rpki-client