Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/K0AXjk5lSpyjcnctnA_-jovZtoE.roa
File: K0AXjk5lSpyjcnctnA_-jovZtoE.roa (raw, json)
Hash identifier: Rhkc/I75tGQRC6x2e4YxNDWh7hoHCeWCXJ74syqa3AQ=
Subject key identifier: 2B:40:17:8E:4E:65:4A:9C:A3:72:77:2D:9C:0F:FE:8E:8B:D9:B6:81
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195943C3B18386EF515A11E5C26E2213DF0
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/K0AXjk5lSpyjcnctnA_-jovZtoE.roa
Signing time: Fri 14 Mar 2025 10:38:50 +0000
ROA not before: Fri 14 Mar 2025 10:38:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.77.0/24 maxlen: 24
31.57.96.0/22 maxlen: 24
31.57.103.0/24 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.113.0/24 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.115.0/24 maxlen: 24
31.57.116.0/24 maxlen: 24
31.57.117.0/24 maxlen: 24
31.57.118.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.200.0/24 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.212.0/24 maxlen: 24
31.57.213.0/24 maxlen: 24
31.57.214.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.57.254.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.224.0/22 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.120.0/22 maxlen: 24
31.59.184.0/22 maxlen: 24
31.59.186.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Mar 2025 16:32:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:3c:3b:18:38:6e:f5:15:a1:1e:5c:26:e2:21:3d:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 14 10:38:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b40178e4e654a9ca372772d9c0ffe8e8bd9b681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d1:a3:fe:05:a2:b1:ea:3d:77:2b:a7:4f:e2:
6d:ba:ac:1e:8e:0b:ea:21:21:a6:1e:2b:01:c6:79:
b7:04:ca:f7:e2:83:ae:75:5e:d1:26:57:8e:eb:a5:
08:61:e0:42:2e:3f:5c:23:1b:dc:91:c8:63:92:94:
bd:6f:25:43:09:82:c1:60:1f:29:b2:61:a3:b8:ae:
b3:a2:bb:8b:e8:7f:94:d7:40:7e:31:85:d9:83:fa:
e4:63:6d:c5:f0:4a:ee:31:c2:d4:cc:2e:e4:6a:17:
68:22:5e:70:4d:f4:db:eb:0a:0f:9f:11:f2:39:b6:
61:5b:52:94:1a:68:b2:f5:8f:e6:40:0b:ac:36:4e:
df:e8:5e:ba:06:25:9f:24:8a:47:64:fc:4e:2b:93:
78:d9:ca:fa:06:6e:69:99:b2:73:59:7e:c9:15:8c:
05:43:bd:0e:e6:fc:48:39:bf:b6:b0:5a:5e:f9:2e:
8d:b7:da:f9:f5:97:37:4f:fb:0b:1c:c5:13:37:5b:
f8:99:f5:e5:47:f7:52:8b:1d:33:39:4c:2a:6c:36:
41:db:21:a3:23:42:10:8c:fd:0d:c5:cf:52:b3:2e:
42:43:a6:b9:1f:0b:5c:43:90:2f:99:e5:5e:73:05:
18:26:5a:3a:27:0e:26:f6:fc:36:39:83:41:9a:2f:
44:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:40:17:8E:4E:65:4A:9C:A3:72:77:2D:9C:0F:FE:8E:8B:D9:B6:81
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/K0AXjk5lSpyjcnctnA_-jovZtoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.71.0/24
31.56.89.0-31.56.91.255
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.77.0/24
31.57.96.0/22
31.57.103.0-31.57.111.255
31.57.113.0-31.57.118.255
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.50.0/23
31.58.68.0/22
31.58.84.0/22
31.58.152.0/22
31.58.224.0/22
31.59.41.0/24
31.59.96.0/22
31.59.112.0/22
31.59.120.0/22
31.59.184.0/22
Signature Algorithm: sha256WithRSAEncryption
86:84:13:55:44:2b:90:ed:fd:72:ce:88:59:9f:40:11:0e:7d:
7c:b4:3e:35:10:e6:35:9e:73:33:8c:21:b7:9f:e8:55:cb:54:
fe:7c:e3:94:b5:01:3f:5d:d4:4d:7c:aa:39:46:13:ec:1b:5e:
b2:ed:4d:9b:ba:2c:27:f1:c5:e9:75:b8:4c:66:73:ed:06:a0:
95:4e:c2:34:c6:0d:94:99:da:d6:98:0d:69:15:11:6a:9a:9a:
da:49:1a:28:a2:9a:4e:b0:a2:a7:ae:7d:7f:73:e2:34:65:54:
79:24:34:dd:3d:7b:8c:bd:3f:80:c2:56:af:86:2d:2e:b7:fd:
74:ab:0b:f2:96:97:fe:91:5f:45:71:65:f6:d0:b8:af:b8:fb:
00:e4:d8:1a:3b:f3:1b:71:23:0f:4a:cd:d0:9d:cb:71:84:08:
88:c0:a4:3a:58:70:e5:32:64:a5:c3:2e:02:7c:57:2b:35:23:
64:8d:39:63:fd:db:f1:13:72:f0:fa:8d:59:66:03:d8:20:21:
2e:89:6a:e4:bc:4d:06:7d:14:e0:59:9b:ba:6f:c4:6f:81:fa:
9e:4b:d6:26:e6:89:e3:9e:54:28:a1:d0:90:0c:2b:98:c9:68:
d3:dc:cc:73:7b:11:ee:e1:c8:e8:08:cc:29:db:ab:24:79:e8:
5a:34:ee:ec
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgISAZWUPDsYOG71FaEeXCbiIT3wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzE0MTAzODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjQwMTc4ZTRlNjU0YTljYTM3Mjc3MmQ5YzBmZmU4ZThiZDliNjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNGj/gWiseo9dyunT+Jtuqwejgvq
ISGmHisBxnm3BMr34oOudV7RJleO66UIYeBCLj9cIxvckchjkpS9byVDCYLBYB8p
smGjuK6zoruL6H+U10B+MYXZg/rkY23F8EruMcLUzC7kahdoIl5wTfTb6woPnxHy
ObZhW1KUGmiy9Y/mQAusNk7f6F66BiWfJIpHZPxOK5N42cr6Bm5pmbJzWX7JFYwF
Q70O5vxIOb+2sFpe+S6Nt9r59Zc3T/sLHMUTN1v4mfXlR/dSix0zOUwqbDZB2yGj
I0IQjP0Nxc9Ssy5CQ6a5HwtcQ5AvmeVecwUYJlo6Jw4m9vw2OYNBmi9ECQIDAQAB
o4IC/jCCAvowHQYDVR0OBBYEFCtAF45OZUqco3J3LZwP/o6L2baBMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSzBBWGprNWxTcHlqY25jdG5BXy1qb3ZadG9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEgYIKwYBBQUHAQcBAf8EggEBMIH+MIH7BAIAATCB9AME
AR84BAMEAB84GAMEAR84KgMEAB84OQMEAB84RzAMAwQAHzhZAwQCHzhYAwQDHzho
AwQBHzhyMAwDBAEfOHYDBAIfOHgDBAIfOMgDBAAfOU0DBAIfOWAwDAMEAB85ZwME
BB85YDAMAwQAHzlxAwQAHzl2AwQBHzmEAwQDHzmIAwQBHzmSAwQDHzmwAwQCHznA
AwQBHznIMAwDBAQfOdADBAIfOeADBAIfOegDBAIfOfwDBAEfOiIDBAEfOjIDBAIf
OkQDBAIfOlQDBAIfOpgDBAIfOuADBAAfOykDBAIfO2ADBAIfO3ADBAIfO3gDBAIf
O7gwDQYJKoZIhvcNAQELBQADggEBAIaEE1VEK5Dt/XLOiFmfQBEOfXy0PjUQ5jWe
czOMIbef6FXLVP5845S1AT9d1E18qjlGE+wbXrLtTZu6LCfxxel1uExmc+0GoJVO
wjTGDZSZ2taYDWkVEWqamtpJGiiimk6woqeufX9z4jRlVHkkNN09e4y9P4DCVq+G
LS63/XSrC/KWl/6RX0VxZfbQuK+4+wDk2Bo78xtxIw9KzdCdy3GECIjApDpYcOUy
ZKXDLgJ8Vys1I2SNOWP92/ETcvD6jVlmA9ggIS6JauS8TQZ9FOBZm7pvxG+B+p5L
1ibmieOeVCih0JAMK5jJaNPczHN7Ee7hyOgIzCnbqyR56Fo07uw=
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:05:07 2025 by rpki-client