Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/DZYZa9QVM2EHF20iroq_31POOpg.roa
File: DZYZa9QVM2EHF20iroq_31POOpg.roa (raw, json)
Hash identifier: aGJIPQQioxmIUSejc5LdRZgxbGVsR0V0p78367jagxw=
Subject key identifier: 0D:96:19:6B:D4:15:33:61:07:17:6D:22:AE:8A:BF:DF:53:CE:3A:98
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194541B221581AF43534CF7F26115E96C39
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/DZYZa9QVM2EHF20iroq_31POOpg.roa
Signing time: Sat 11 Jan 2025 06:44:11 +0000
ROA not before: Sat 11 Jan 2025 06:44:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214025
IP address blocks: 31.56.69.0/24 maxlen: 24
31.56.72.0/24 maxlen: 24
31.56.84.0/24 maxlen: 24
31.56.120.0/24 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.122.0/24 maxlen: 24
31.56.123.0/24 maxlen: 24
31.56.200.0/24 maxlen: 24
31.56.202.0/24 maxlen: 24
31.57.132.0/24 maxlen: 24
31.57.181.0/24 maxlen: 24
31.57.215.0/24 maxlen: 24
31.57.219.0/24 maxlen: 24
31.57.221.0/24 maxlen: 24
31.57.255.0/24 maxlen: 24
31.58.88.0/24 maxlen: 24
31.58.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 11:27:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:54:1b:22:15:81:af:43:53:4c:f7:f2:61:15:e9:6c:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 11 06:44:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d96196bd415336107176d22ae8abfdf53ce3a98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:0d:37:f4:1c:ff:8d:7f:df:04:a9:8b:1b:03:
8e:25:f4:06:95:db:0a:fc:0b:d8:1f:32:a7:0c:82:
3c:2e:07:b1:5e:be:e1:ad:37:0b:66:4a:cd:90:df:
e9:bd:00:95:a3:fa:e8:b5:81:38:c3:c9:c5:c2:6b:
69:b7:28:2b:f5:a5:1f:90:18:25:78:4c:d5:d3:61:
05:13:93:98:6e:5d:37:56:30:b2:da:3f:fe:ff:4e:
06:ea:ea:58:36:45:07:a4:ad:7e:67:76:4c:d0:3c:
ab:62:b9:40:21:bd:34:fb:6d:6c:2b:2e:97:58:9c:
a1:3f:c6:46:e4:60:1a:60:32:fd:bc:7b:07:02:4a:
14:b0:ed:08:72:3f:6d:d2:62:88:75:2a:b1:d4:4b:
45:f2:a1:fe:8b:97:97:3b:38:66:24:31:de:d8:94:
a5:16:66:5b:0a:c3:2d:37:58:ee:b8:8a:63:42:f4:
ce:cc:71:81:6d:72:56:ea:f4:02:bc:64:85:86:7d:
0f:fb:b7:a8:f7:7c:87:8a:5f:ac:ae:9d:a5:9a:d7:
2a:fb:91:06:2d:de:50:3a:8c:18:49:07:a2:f4:6f:
df:dc:1e:9a:8d:cd:57:68:7f:10:3f:c9:32:7d:c4:
4a:17:a2:b5:52:36:8b:ce:e2:dd:b5:aa:a5:7c:9f:
5c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:96:19:6B:D4:15:33:61:07:17:6D:22:AE:8A:BF:DF:53:CE:3A:98
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/DZYZa9QVM2EHF20iroq_31POOpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.69.0/24
31.56.72.0/24
31.56.84.0/24
31.56.120.0/22
31.56.200.0/24
31.56.202.0/24
31.57.132.0/24
31.57.181.0/24
31.57.215.0/24
31.57.219.0/24
31.57.221.0/24
31.57.255.0/24
31.58.88.0/23
Signature Algorithm: sha256WithRSAEncryption
53:ba:e5:99:95:9c:46:90:a4:43:02:61:0d:90:52:84:1e:33:
d3:78:bb:d8:56:27:16:00:fc:b3:3f:3f:20:b2:e6:ca:9d:ac:
a2:38:f6:74:46:88:f6:39:d5:0a:1c:8c:a3:1a:5c:f5:95:65:
7c:a9:4f:a1:2d:1d:3f:5a:10:37:2a:a6:d9:a8:7b:50:a5:55:
11:eb:09:5a:e6:76:7a:1d:6a:91:2e:3a:a9:92:47:b2:fb:16:
31:de:08:88:11:cc:22:4e:0f:61:23:01:b7:27:26:08:b1:40:
e0:4c:a1:e3:60:99:33:85:0b:38:df:db:f2:8d:17:35:4f:f6:
5c:ab:57:7f:18:1f:6f:a0:ad:b6:25:3d:2f:93:93:07:68:26:
78:6f:00:97:2d:8c:50:38:ce:6c:c4:d3:39:73:20:2f:20:46:
e6:7b:6d:12:32:f0:ba:e8:47:70:95:21:20:35:df:3d:a1:1e:
9d:b7:8e:a3:a5:56:98:57:bd:23:1d:77:7d:cd:00:04:04:31:
bc:9f:04:7c:d0:04:44:62:40:59:79:31:c4:a8:26:b6:f1:bb:
35:8f:a8:0d:bd:d0:e4:44:df:cc:0e:60:c1:2a:d7:03:ba:ef:
c4:84:74:80:d2:cf:b3:67:40:3f:cd:de:4f:6d:ed:07:36:1b:
c9:a4:91:e2
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZRUGyIVga9DU0z38mEV6Ww5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTExMDY0NDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDk2MTk2YmQ0MTUzMzYxMDcxNzZkMjJhZThhYmZkZjUzY2UzYTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5A039Bz/jX/fBKmLGwOOJfQGldsK
/AvYHzKnDII8LgexXr7hrTcLZkrNkN/pvQCVo/rotYE4w8nFwmtptygr9aUfkBgl
eEzV02EFE5OYbl03VjCy2j/+/04G6upYNkUHpK1+Z3ZM0DyrYrlAIb00+21sKy6X
WJyhP8ZG5GAaYDL9vHsHAkoUsO0Icj9t0mKIdSqx1EtF8qH+i5eXOzhmJDHe2JSl
FmZbCsMtN1juuIpjQvTOzHGBbXJW6vQCvGSFhn0P+7eo93yHil+srp2lmtcq+5EG
Ld5QOowYSQei9G/f3B6ajc1XaH8QP8kyfcRKF6K1UjaLzuLdtaqlfJ9ckwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFA2WGWvUFTNhBxdtIq6Kv99TzjqYMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvRFpZWmE5UVZNMkVIRjIwaXJvcV8zMVBPT3BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAHzhFAwQA
HzhIAwQAHzhUAwQCHzh4AwQAHzjIAwQAHzjKAwQAHzmEAwQAHzm1AwQAHznXAwQA
HznbAwQAHzndAwQAHzn/AwQBHzpYMA0GCSqGSIb3DQEBCwUAA4IBAQBTuuWZlZxG
kKRDAmENkFKEHjPTeLvYVicWAPyzPz8gsubKnayiOPZ0Roj2OdUKHIyjGlz1lWV8
qU+hLR0/WhA3KqbZqHtQpVUR6wla5nZ6HWqRLjqpkkey+xYx3giIEcwiTg9hIwG3
JyYIsUDgTKHjYJkzhQs439vyjRc1T/Zcq1d/GB9voK22JT0vk5MHaCZ4bwCXLYxQ
OM5sxNM5cyAvIEbme20SMvC66EdwlSEgNd89oR6dt46jpVaYV70jHXd9zQAEBDG8
nwR80AREYkBZeTHEqCa28bs1j6gNvdDkRN/MDmDBKtcDuu/EhHSA0s+zZ0A/zd5P
be0HNhvJpJHi
-----END CERTIFICATE-----
Generated at Mon Apr 28 02:12:56 2025 by rpki-client