Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/RwjB9H3QiSuSk31-S6UQKVEkIus.roa
File: RwjB9H3QiSuSk31-S6UQKVEkIus.roa (raw, json)
Hash identifier: FQFX/laeM40gjpoEAgvM08LNlej0+EUhCa7n7npDUKw=
Subject key identifier: 47:08:C1:F4:7D:D0:89:2B:92:93:7D:7E:4B:A5:10:29:51:24:22:EB
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194D724E486ADD18702E6EBFDD59C6E689C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/RwjB9H3QiSuSk31-S6UQKVEkIus.roa
Signing time: Wed 05 Feb 2025 17:25:06 +0000
ROA not before: Wed 05 Feb 2025 17:25:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.129.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.151.0/24 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.191.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.197.0/24 maxlen: 24
31.57.198.0/24 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.33.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.163.0/24 maxlen: 24
31.58.230.0/23 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.42.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.108.0/24 maxlen: 24
31.59.112.0/22 maxlen: 22
31.59.184.0/22 maxlen: 24
31.59.186.0/24 maxlen: 24
31.59.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Feb 2025 11:52:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d7:24:e4:86:ad:d1:87:02:e6:eb:fd:d5:9c:6e:68:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 5 17:25:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4708c1f47dd0892b92937d7e4ba51029512422eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f4:e9:ac:8e:28:6b:a7:a9:c4:a4:d8:b7:6d:
7e:02:47:c3:f9:7a:ae:25:26:34:e4:38:67:e6:13:
ab:99:61:60:fd:46:be:29:b2:fd:16:ab:1a:e5:09:
3f:25:9a:34:3a:90:50:56:c9:39:ac:c2:1e:59:c0:
b4:79:e3:fb:ce:3b:6c:ee:0e:c3:3f:0b:0b:ae:6d:
f9:3e:ce:84:ba:17:f2:86:3f:26:d7:bd:8d:70:a9:
ae:5b:3d:92:5a:66:6a:ba:5f:50:ce:fb:6d:a0:62:
e0:7a:9d:e4:4a:db:0d:1e:99:25:c2:4e:93:0d:1b:
b3:d0:80:9f:21:fd:d8:2d:0c:f9:ef:95:bf:c0:38:
bb:58:f0:56:da:3c:eb:fe:fa:26:22:2a:a1:a2:bd:
45:64:6b:45:14:a3:44:09:9e:d6:c7:d6:5c:1c:34:
f7:e7:e6:12:0a:41:5c:5a:69:f3:4e:03:a9:bc:ca:
38:83:c4:0b:71:83:73:be:7e:13:8c:1d:b8:75:74:
e4:7d:b4:ac:8e:ef:7e:36:36:0c:bc:67:61:3e:74:
18:3e:98:ac:44:09:ea:b0:40:ad:71:b7:ef:2f:34:
de:97:b0:dd:f9:44:d7:26:bd:d6:54:8d:b0:43:48:
dd:e2:04:eb:ef:93:1b:b3:0d:fa:c4:f7:27:56:85:
3f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:08:C1:F4:7D:D0:89:2B:92:93:7D:7E:4B:A5:10:29:51:24:22:EB
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/RwjB9H3QiSuSk31-S6UQKVEkIus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.90.0/23
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.104.0/21
31.57.129.0/24
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.151.0/24
31.57.176.0/21
31.57.191.0-31.57.195.255
31.57.197.0-31.57.198.255
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.33.0-31.58.35.255
31.58.152.0/22
31.58.163.0/24
31.58.230.0/23
31.59.41.0-31.59.42.255
31.59.57.0/24
31.59.96.0/22
31.59.108.0/24
31.59.112.0/22
31.59.184.0/22
31.59.228.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:3c:04:70:c0:7d:93:cd:76:9d:36:b4:e8:c0:c2:c5:3e:f5:
01:65:32:f6:97:d4:54:02:9e:ad:f3:53:68:92:2e:33:ab:01:
19:76:8f:06:5c:d9:48:17:07:80:7d:44:58:96:e6:c7:e7:f1:
91:d4:1d:df:5f:91:6d:d2:df:ad:1e:b3:d4:6e:55:4c:4b:95:
d6:7d:55:09:4a:83:7d:27:3a:c0:ec:f3:50:28:09:74:d7:af:
c9:67:88:a1:59:61:44:db:e5:1f:cc:86:04:69:51:49:5f:58:
e8:69:34:db:43:3d:94:cf:d7:b7:2b:b9:ae:88:a9:4b:69:4f:
48:e5:91:0b:9e:18:1b:aa:96:77:40:b7:a7:dd:ec:06:92:43:
cf:94:ff:93:93:a4:0f:de:2a:82:5e:02:3f:c7:c7:f2:08:7d:
2a:41:5c:d3:6e:54:0b:89:0c:9b:e0:ca:0d:89:3b:6a:2b:42:
5f:85:01:2c:79:92:b3:67:49:2a:11:df:42:e3:c6:a2:04:c2:
c1:c5:88:95:bd:57:b0:76:68:dc:61:89:f5:26:ec:6c:aa:4c:
49:66:8c:cc:8c:6c:54:fb:ad:3b:22:4b:0a:67:21:b5:3e:d8:
15:8e:cc:cd:28:64:7e:00:91:99:0e:2a:0f:14:86:1d:12:58:
5f:35:99:68
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgISAZTXJOSGrdGHAubr/dWcbmicMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjA1MTcyNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzA4YzFmNDdkZDA4OTJiOTI5MzdkN2U0YmE1MTAyOTUxMjQyMmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofTprI4oa6epxKTYt21+AkfD+Xqu
JSY05Dhn5hOrmWFg/Ua+KbL9Fqsa5Qk/JZo0OpBQVsk5rMIeWcC0eeP7zjts7g7D
PwsLrm35Ps6Euhfyhj8m172NcKmuWz2SWmZqul9QzvttoGLgep3kStsNHpklwk6T
DRuz0ICfIf3YLQz575W/wDi7WPBW2jzr/vomIiqhor1FZGtFFKNECZ7Wx9ZcHDT3
5+YSCkFcWmnzTgOpvMo4g8QLcYNzvn4TjB24dXTkfbSsju9+NjYMvGdhPnQYPpis
RAnqsECtcbfvLzTel7Dd+UTXJr3WVI2wQ0jd4gTr75Mbsw36xPcnVoU/kwIDAQAB
o4IDATCCAv0wHQYDVR0OBBYEFEcIwfR90IkrkpN9fkulEClRJCLrMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUndqQjlIM1FpU3VTazMxLVM2VVFLVkVrSXVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFQYIKwYBBQUHAQcBAf8EggEEMIIBADCB/QQCAAEwgfYD
BAEfOAQDBAAfOBgDBAEfOCoDBAAfODkDBAEfOFoDBAMfOGgDBAEfOHIwDAMEAR84
dgMEAh84eAMEAh84yAMEAx85aAMEAB85gQMEAR85hAMEAx85iAMEAR85kgMEAB85
lwMEAx85sDAMAwQAHzm/AwQCHznAMAwDBAAfOcUDBAAfOcYDBAEfOcgwDAMEBB85
0AMEAh854AMEAh856AMEAh85/DAMAwQAHzohAwQCHzogAwQCHzqYAwQAHzqjAwQB
HzrmMAwDBAAfOykDBAAfOyoDBAAfOzkDBAIfO2ADBAAfO2wDBAIfO3ADBAIfO7gD
BAAfO+QwDQYJKoZIhvcNAQELBQADggEBACs8BHDAfZPNdp02tOjAwsU+9QFlMvaX
1FQCnq3zU2iSLjOrARl2jwZc2UgXB4B9RFiW5sfn8ZHUHd9fkW3S360es9RuVUxL
ldZ9VQlKg30nOsDs81AoCXTXr8lniKFZYUTb5R/MhgRpUUlfWOhpNNtDPZTP17cr
ua6IqUtpT0jlkQueGBuqlndAt6fd7AaSQ8+U/5OTpA/eKoJeAj/Hx/IIfSpBXNNu
VAuJDJvgyg2JO2orQl+FASx5krNnSSoR30LjxqIEwsHFiJW9V7B2aNxhifUm7Gyq
TElmjMyMbFT7rTsiSwpnIbU+2BWOzM0oZH4AkZkOKg8Uhh0SWF81mWg=
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:51:56 2025 by rpki-client