Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Kn_fY8S6xpvkL-H-_gTYrT0-L1Y.roa
File: Kn_fY8S6xpvkL-H-_gTYrT0-L1Y.roa (raw, json)
Hash identifier: JHd5uGzWIopp7bnyPoqTcWrcbtP0J69VDE65hDYBK8A=
Subject key identifier: 2A:7F:DF:63:C4:BA:C6:9B:E4:2F:E1:FE:FE:04:D8:AD:3D:3E:2F:56
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195FF60875CB9F7D3BE021321481BAA031A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Kn_fY8S6xpvkL-H-_gTYrT0-L1Y.roa
Signing time: Fri 04 Apr 2025 05:57:50 +0000
ROA not before: Fri 04 Apr 2025 05:57:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 31.56.69.0/24 maxlen: 24
31.56.72.0/24 maxlen: 24
31.56.84.0/24 maxlen: 24
31.57.104.0/24 maxlen: 24
31.57.188.0/24 maxlen: 24
31.58.56.0/23 maxlen: 24
31.58.64.0/23 maxlen: 24
31.58.88.0/24 maxlen: 24
31.58.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Apr 2025 10:59:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ff:60:87:5c:b9:f7:d3:be:02:13:21:48:1b:aa:03:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 4 05:57:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a7fdf63c4bac69be42fe1fefe04d8ad3d3e2f56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a7:34:d0:2d:79:27:aa:43:90:5f:ba:80:d7:
02:d5:03:72:98:66:b7:48:76:c2:8c:b2:25:96:0b:
89:fd:72:ce:be:5f:94:64:59:18:6c:8a:2d:e8:9c:
27:a9:17:ba:e6:8e:95:23:a5:27:63:5c:33:ab:a0:
06:21:98:9c:02:94:10:21:78:44:ae:dd:ba:67:4d:
99:08:32:fd:f4:4e:37:6f:49:3f:72:60:ab:40:78:
75:94:06:c2:3b:a7:4b:cf:09:72:be:d8:8e:b0:62:
12:4a:30:9d:2e:21:d0:3d:32:24:16:b0:5a:3a:24:
5d:4f:70:e0:cf:75:67:97:bb:e4:3c:eb:54:5d:1e:
33:a6:ab:36:a5:02:60:8a:a4:31:35:54:75:8f:83:
5e:30:d1:61:4e:d4:d5:15:d4:7d:3a:81:6d:97:97:
3b:cd:96:08:77:42:95:db:5a:4f:ed:f4:fe:c9:88:
0c:38:a6:47:8a:93:fe:a2:02:31:f4:71:6b:b0:b4:
58:b3:58:46:42:ad:bb:cb:0f:0f:5b:de:0b:e9:a6:
65:9a:b7:43:73:a3:3c:15:0a:98:82:6d:80:ff:fd:
83:fd:71:43:21:49:56:e9:ff:29:88:3b:98:f1:03:
35:66:e2:04:05:64:fb:5e:83:ad:77:6b:52:10:a0:
17:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:7F:DF:63:C4:BA:C6:9B:E4:2F:E1:FE:FE:04:D8:AD:3D:3E:2F:56
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Kn_fY8S6xpvkL-H-_gTYrT0-L1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.69.0/24
31.56.72.0/24
31.56.84.0/24
31.57.104.0/24
31.57.188.0/24
31.58.56.0/23
31.58.64.0/23
31.58.88.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:cd:f2:71:0e:c1:f8:33:f4:b1:54:ba:cc:fd:27:01:66:a2:
a9:94:3d:95:bf:6f:52:24:ed:03:9b:44:4b:84:64:a6:a1:3e:
02:5d:02:12:e8:04:52:4a:4a:6e:c4:0c:97:9c:c7:0a:66:10:
aa:7d:2d:1b:9d:ff:ce:9f:33:bb:66:e0:61:1e:db:50:b9:95:
0d:e8:d0:55:49:a9:4a:a6:11:6b:32:f8:32:da:90:c0:88:6c:
6f:35:a2:8e:50:bf:d6:4a:07:c4:40:98:dd:62:8a:c7:2c:21:
6e:d9:3d:8f:12:71:9a:57:2b:5f:be:e1:72:8e:25:fd:dd:8e:
d2:a8:47:d8:d1:60:19:d2:3d:86:b8:5e:87:c6:8b:bb:26:fe:
07:40:c9:0a:d8:e2:dd:d9:23:86:91:27:a8:cb:b6:1a:44:33:
18:b3:14:84:b5:33:5c:c2:53:ab:a8:1f:c9:de:74:69:49:38:
80:c0:d5:4c:a6:3a:38:81:0b:56:89:47:41:94:7c:fc:c5:fd:
7f:70:e3:45:a4:fb:f1:75:f4:14:ba:3c:d8:f1:58:8a:ac:42:
b7:eb:ae:7c:5d:55:09:3e:70:61:18:4a:1f:c5:44:a3:ed:b8:
9f:e3:e8:64:14:2c:b7:e8:64:ef:b4:13:c7:81:9f:19:7e:25:
d6:2d:a5:ce
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZX/YIdcuffTvgITIUgbqgMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDA0MDU1NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTdmZGY2M2M0YmFjNjliZTQyZmUxZmVmZTA0ZDhhZDNkM2UyZjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6c00C15J6pDkF+6gNcC1QNymGa3
SHbCjLIllguJ/XLOvl+UZFkYbIot6JwnqRe65o6VI6UnY1wzq6AGIZicApQQIXhE
rt26Z02ZCDL99E43b0k/cmCrQHh1lAbCO6dLzwlyvtiOsGISSjCdLiHQPTIkFrBa
OiRdT3Dgz3Vnl7vkPOtUXR4zpqs2pQJgiqQxNVR1j4NeMNFhTtTVFdR9OoFtl5c7
zZYId0KV21pP7fT+yYgMOKZHipP+ogIx9HFrsLRYs1hGQq27yw8PW94L6aZlmrdD
c6M8FQqYgm2A//2D/XFDIUlW6f8piDuY8QM1ZuIEBWT7XoOtd2tSEKAXFwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCp/32PEusab5C/h/v4E2K09Pi9WMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvS25fZlk4UzZ4cHZrTC1ILV9nVFlyVDAtTDFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAHzhFAwQA
HzhIAwQAHzhUAwQAHzloAwQAHzm8AwQBHzo4AwQBHzpAAwQBHzpYMA0GCSqGSIb3
DQEBCwUAA4IBAQANzfJxDsH4M/SxVLrM/ScBZqKplD2Vv29SJO0Dm0RLhGSmoT4C
XQIS6ARSSkpuxAyXnMcKZhCqfS0bnf/OnzO7ZuBhHttQuZUN6NBVSalKphFrMvgy
2pDAiGxvNaKOUL/WSgfEQJjdYorHLCFu2T2PEnGaVytfvuFyjiX93Y7SqEfY0WAZ
0j2GuF6Hxou7Jv4HQMkK2OLd2SOGkSeoy7YaRDMYsxSEtTNcwlOrqB/J3nRpSTiA
wNVMpjo4gQtWiUdBlHz8xf1/cONFpPvxdfQUujzY8ViKrEK36658XVUJPnBhGEof
xUSj7bif4+hkFCy36GTvtBPHgZ8ZfiXWLaXO
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:16:09 2025 by rpki-client