Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/IviTCWUthqiaS-kys2Uljwj-iP0.roa
File: IviTCWUthqiaS-kys2Uljwj-iP0.roa (raw, json)
Hash identifier: Dy0ESsMGZZV7huxy2QyEE9ebo2c9mFewHGm9oRnnp2E=
Subject key identifier: 22:F8:93:09:65:2D:86:A8:9A:4B:E9:32:B3:65:25:8F:08:FE:88:FD
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193A6067A34A04E7616517BF05CAD49DE0C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/IviTCWUthqiaS-kys2Uljwj-iP0.roa
Signing time: Sun 08 Dec 2024 11:27:42 +0000
ROA not before: Sun 08 Dec 2024 11:27:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.50.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.85.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.156.0/24 maxlen: 24
31.57.65.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.146.0/23 maxlen: 24
31.57.166.0/24 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.188.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.204.0/24 maxlen: 24
31.57.228.0/24 maxlen: 24
31.57.232.0/22 maxlen: 24
31.58.130.0/24 maxlen: 24
31.58.131.0/24 maxlen: 24
31.58.152.0/22 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Dec 2024 12:40:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a6:06:7a:34:a0:4e:76:16:51:7b:f0:5c:ad:49:de:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 8 11:27:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22f89309652d86a89a4be932b365258f08fe88fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:fe:f2:b8:04:2d:68:0f:b7:90:97:92:93:88:
0a:4f:a1:c4:21:27:ff:35:42:9b:a6:b6:dd:79:28:
75:d9:08:48:f7:4e:27:22:e8:25:d7:f5:16:d6:ba:
94:81:bd:52:7b:53:21:9b:df:7f:7d:41:15:ef:d3:
40:78:3d:94:3f:77:b9:63:0b:1b:ff:d9:71:28:36:
7e:8b:9d:c9:99:91:c5:64:2f:87:ce:2c:5f:d9:38:
fd:91:c6:93:9c:d8:8a:c3:dd:d5:8c:37:da:75:39:
a8:19:06:85:56:bb:8a:39:43:97:53:32:bc:b2:09:
d5:29:25:ca:ca:26:e6:f6:f0:1f:76:d1:ca:90:63:
ba:13:bd:43:9a:05:4d:6a:4f:0e:e6:9e:65:8b:09:
26:c9:9a:7a:32:26:a3:c0:6d:73:7a:c4:06:d4:d5:
ca:d4:7e:5b:85:ba:66:be:25:b8:73:62:71:52:e0:
14:ce:4d:c1:33:ef:f6:99:7b:43:c1:22:b8:59:4c:
be:6e:7b:00:a8:7f:43:0c:d7:21:7a:0c:18:19:40:
c0:ff:97:42:8e:0d:30:9d:e1:39:42:ed:eb:c3:3f:
f7:6d:53:05:20:1c:8c:e0:6f:3e:14:d5:ab:12:17:
2a:c0:34:5d:b3:98:92:f7:be:78:96:9f:ca:c7:0f:
53:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:F8:93:09:65:2D:86:A8:9A:4B:E9:32:B3:65:25:8F:08:FE:88:FD
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/IviTCWUthqiaS-kys2Uljwj-iP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.50.0/23
31.56.57.0/24
31.56.85.0/24
31.56.89.0/24
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.156.0/24
31.57.65.0/24
31.57.132.0/23
31.57.146.0/23
31.57.166.0/24
31.57.176.0/21
31.57.188.0/24
31.57.192.0/22
31.57.200.0/23
31.57.204.0/24
31.57.228.0/24
31.57.232.0/22
31.58.130.0/23
31.58.152.0/22
31.59.96.0/22
31.59.112.0/22
31.59.184.0/22
Signature Algorithm: sha256WithRSAEncryption
87:95:56:79:4c:04:28:fa:df:f4:8b:4d:83:75:b9:7f:44:0f:
c2:bd:f1:06:23:d8:0a:8c:06:d0:2d:6a:70:b1:ef:ea:75:e4:
35:ba:87:3e:d5:f5:14:5a:f8:10:66:82:4b:1e:a9:e3:04:72:
97:51:58:cd:73:0c:92:cb:4e:9a:d7:25:4b:74:59:cb:cd:15:
ab:98:ec:0b:a9:7b:3b:69:4b:0c:bc:2b:98:b6:87:3f:1e:00:
1a:78:8c:a3:f8:e5:aa:87:77:e3:66:e0:82:ec:e6:24:f8:4e:
86:40:9d:3d:2e:11:ff:21:2f:81:a8:51:b0:5b:97:4b:35:a6:
f8:d6:00:53:05:f7:00:30:bf:b8:04:30:a1:e9:35:09:7b:24:
7b:da:cb:dd:06:f6:4f:4c:be:2e:bb:14:76:65:ad:26:26:a0:
74:cb:42:5d:c7:b1:2c:89:63:b1:a5:62:71:ae:c0:89:8b:a5:
a6:73:78:02:29:2f:4e:3f:f8:22:f1:e4:09:ac:96:11:23:05:
55:f2:ef:3e:08:92:7a:13:99:be:51:5d:02:61:90:93:ed:97:
c0:22:ae:07:4a:d0:3e:7a:e5:f8:69:e4:c0:a6:15:40:97:7c:
d8:67:7c:6a:5f:34:c0:af:8e:01:2d:69:b4:49:4e:ba:d8:47:
1d:82:16:f0
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAZOmBno0oE52FlF78FytSd4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjA4MTEyNzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmY4OTMwOTY1MmQ4NmE4OWE0YmU5MzJiMzY1MjU4ZjA4ZmU4OGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiP7yuAQtaA+3kJeSk4gKT6HEISf/
NUKbprbdeSh12QhI904nIugl1/UW1rqUgb1Se1Mhm99/fUEV79NAeD2UP3e5Ywsb
/9lxKDZ+i53JmZHFZC+Hzixf2Tj9kcaTnNiKw93VjDfadTmoGQaFVruKOUOXUzK8
sgnVKSXKyibm9vAfdtHKkGO6E71DmgVNak8O5p5liwkmyZp6MiajwG1zesQG1NXK
1H5bhbpmviW4c2JxUuAUzk3BM+/2mXtDwSK4WUy+bnsAqH9DDNchegwYGUDA/5dC
jg0wneE5Qu3rwz/3bVMFIByM4G8+FNWrEhcqwDRds5iS9754lp/Kxw9TsQIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFCL4kwllLYaomkvpMrNlJY8I/oj9MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSXZpVENXVXRocWlhUy1reXMyVWxqd2otaVAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBAEf
OAQDBAAfOBgDBAEfOCoDBAEfODIDBAAfODkDBAAfOFUDBAAfOFkDBAMfOGgDBAEf
OHIwDAMEAR84dgMEAh84eAMEAB84nAMEAB85QQMEAR85hAMEAR85kgMEAB85pgME
Ax85sAMEAB85vAMEAh85wAMEAR85yAMEAB85zAMEAB855AMEAh856AMEAR86ggME
Ah86mAMEAh87YAMEAh87cAMEAh87uDANBgkqhkiG9w0BAQsFAAOCAQEAh5VWeUwE
KPrf9ItNg3W5f0QPwr3xBiPYCowG0C1qcLHv6nXkNbqHPtX1FFr4EGaCSx6p4wRy
l1FYzXMMkstOmtclS3RZy80Vq5jsC6l7O2lLDLwrmLaHPx4AGniMo/jlqod342bg
guzmJPhOhkCdPS4R/yEvgahRsFuXSzWm+NYAUwX3ADC/uAQwoek1CXske9rL3Qb2
T0y+LrsUdmWtJiagdMtCXcexLIljsaVica7AiYulpnN4AikvTj/4IvHkCayWESMF
VfLvPgiSehOZvlFdAmGQk+2XwCKuB0rQPnrl+GnkwKYVQJd82Gd8al80wK+OAS1p
tElOuthHHYIW8A==
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:24:37 2025 by rpki-client