Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/PZIs6fxjJIQ-QgapcvCi2OpTtSU.roa
File: PZIs6fxjJIQ-QgapcvCi2OpTtSU.roa (raw, json)
Hash identifier: NAfgOhkiyzwqzRC+eoXttkVUEmefkvUDoXFMVVJBbSM=
Subject key identifier: 3D:92:2C:E9:FC:63:24:84:3E:42:06:A9:72:F0:A2:D8:EA:53:B5:25
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195EB41C23998921A9A06944D47A5697909
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/PZIs6fxjJIQ-QgapcvCi2OpTtSU.roa
Signing time: Mon 31 Mar 2025 08:11:50 +0000
ROA not before: Mon 31 Mar 2025 08:11:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36530
IP address blocks: 31.56.69.0/24 maxlen: 24
31.56.72.0/24 maxlen: 24
31.56.84.0/24 maxlen: 24
31.56.202.0/24 maxlen: 24
31.57.104.0/24 maxlen: 24
31.57.181.0/24 maxlen: 24
31.57.188.0/24 maxlen: 24
31.57.221.0/24 maxlen: 24
31.57.252.0/24 maxlen: 24
31.57.253.0/24 maxlen: 24
31.58.88.0/24 maxlen: 24
31.58.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Mar 2025 14:36:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:eb:41:c2:39:98:92:1a:9a:06:94:4d:47:a5:69:79:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 31 08:11:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d922ce9fc6324843e4206a972f0a2d8ea53b525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:25:5b:ac:23:c3:9f:11:02:e3:cd:18:4e:96:
8e:7f:05:1e:52:6d:e1:68:80:82:d8:7f:53:fe:bb:
30:6e:19:16:91:75:29:9f:60:0b:a4:42:01:12:16:
53:59:f5:21:67:4e:ad:ab:25:e6:4f:5d:81:7b:f2:
02:1e:5c:82:ac:25:a8:51:d5:da:93:0b:c4:8a:19:
fd:5a:10:fb:3a:87:34:7a:dd:13:f8:10:90:7e:49:
13:4f:b3:9e:23:c8:e1:4b:20:f0:d2:f5:34:ab:60:
bf:6f:fe:2c:23:f4:a5:b7:52:b2:15:32:62:db:d8:
9e:6f:9e:ec:61:78:d8:15:20:64:be:d2:88:79:32:
6a:8a:b9:b3:45:18:0c:91:f7:ae:f9:32:27:42:84:
d6:fd:6d:f0:bb:8d:68:b8:9d:20:97:eb:75:60:3a:
ec:c0:a9:ad:2b:e4:8a:20:9a:53:16:62:92:1e:1f:
8c:ee:ff:76:d8:57:b2:52:69:2e:e4:0c:e5:30:b5:
bb:be:24:47:b7:ae:14:73:a3:f0:d9:14:85:33:c8:
da:7f:2c:a5:90:01:3d:73:10:a2:b0:f7:06:ed:0a:
3e:44:02:c7:bd:65:cf:03:c8:c3:da:f1:9b:02:4c:
f5:d5:f4:33:0b:f7:a7:82:06:57:94:19:e8:5f:47:
08:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:92:2C:E9:FC:63:24:84:3E:42:06:A9:72:F0:A2:D8:EA:53:B5:25
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/PZIs6fxjJIQ-QgapcvCi2OpTtSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.69.0/24
31.56.72.0/24
31.56.84.0/24
31.56.202.0/24
31.57.104.0/24
31.57.181.0/24
31.57.188.0/24
31.57.221.0/24
31.57.252.0/23
31.58.88.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:fd:d3:5e:21:b1:8f:ed:fc:0e:5e:2d:32:20:bf:70:7e:c5:
4d:53:36:54:65:a4:de:6d:f7:ce:e4:53:cf:7c:c4:4a:bc:d0:
a3:61:f9:ce:a6:d4:bf:85:db:f1:c5:31:b6:ac:19:2b:03:3e:
54:b1:cf:27:cf:93:c3:3f:c8:6a:e3:5c:cd:23:2a:70:27:48:
d3:82:47:75:1d:23:93:5d:a3:d0:d5:88:d1:f2:d1:8d:55:20:
cb:8a:1b:40:42:54:73:7c:ea:37:79:93:e4:2a:85:97:e7:fb:
bd:10:57:e7:fb:9b:6f:72:41:d4:92:76:19:6a:e8:53:be:67:
0c:59:f4:35:36:78:2c:ce:a3:34:d5:5c:4c:07:23:a1:16:60:
10:10:31:71:b4:75:7c:b9:6c:e1:e2:dc:47:91:fa:93:d9:e2:
bc:58:70:26:c8:4e:79:84:12:6e:55:01:2a:87:71:5b:c2:f9:
83:60:34:c0:ed:b2:a2:1b:dd:84:43:4a:0f:d2:13:ca:ed:45:
42:69:ac:6d:ef:c4:fd:3a:1f:f0:70:81:52:36:41:4f:29:66:
9b:71:07:36:a4:ea:6a:64:2b:37:c5:46:e3:28:eb:87:af:15:
c9:7f:99:ff:ff:f0:9f:05:d7:83:8c:57:07:c0:22:0b:2c:ab:
d4:cc:fc:90
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZXrQcI5mJIamgaUTUelaXkJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzMxMDgxMTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDkyMmNlOWZjNjMyNDg0M2U0MjA2YTk3MmYwYTJkOGVhNTNiNTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCVbrCPDnxEC480YTpaOfwUeUm3h
aICC2H9T/rswbhkWkXUpn2ALpEIBEhZTWfUhZ06tqyXmT12Be/ICHlyCrCWoUdXa
kwvEihn9WhD7Ooc0et0T+BCQfkkTT7OeI8jhSyDw0vU0q2C/b/4sI/Slt1KyFTJi
29ieb57sYXjYFSBkvtKIeTJqirmzRRgMkfeu+TInQoTW/W3wu41ouJ0gl+t1YDrs
wKmtK+SKIJpTFmKSHh+M7v922FeyUmku5AzlMLW7viRHt64Uc6Pw2RSFM8jafyyl
kAE9cxCisPcG7Qo+RALHvWXPA8jD2vGbAkz11fQzC/enggZXlBnoX0cIlQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFD2SLOn8YySEPkIGqXLwotjqU7UlMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUFpJczZmeGpKSVEtUWdhcGN2Q2kyT3BUdFNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAHzhFAwQA
HzhIAwQAHzhUAwQAHzjKAwQAHzloAwQAHzm1AwQAHzm8AwQAHzndAwQBHzn8AwQB
HzpYMA0GCSqGSIb3DQEBCwUAA4IBAQCg/dNeIbGP7fwOXi0yIL9wfsVNUzZUZaTe
bffO5FPPfMRKvNCjYfnOptS/hdvxxTG2rBkrAz5Usc8nz5PDP8hq41zNIypwJ0jT
gkd1HSOTXaPQ1YjR8tGNVSDLihtAQlRzfOo3eZPkKoWX5/u9EFfn+5tvckHUknYZ
auhTvmcMWfQ1NngszqM01VxMByOhFmAQEDFxtHV8uWzh4txHkfqT2eK8WHAmyE55
hBJuVQEqh3FbwvmDYDTA7bKiG92EQ0oP0hPK7UVCaaxt78T9Oh/wcIFSNkFPKWab
cQc2pOpqZCs3xUbjKOuHrxXJf5n///CfBdeDjFcHwCILLKvUzPyQ
-----END CERTIFICATE-----
Generated at Mon Apr 28 09:04:22 2025 by rpki-client