Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/buURLehTgQIoG0n0YsVZRYBhu4I.roa
File: buURLehTgQIoG0n0YsVZRYBhu4I.roa (raw, json)
Hash identifier: L6OIhXturpGAw/ancSwt4JoBUmyYIm7E5NgJpTPsQhQ=
Subject key identifier: 6E:E5:11:2D:E8:53:81:02:28:1B:49:F4:62:C5:59:45:80:61:BB:82
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195718694A52F3C0AF7F79D7469CBD2D3FF
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/buURLehTgQIoG0n0YsVZRYBhu4I.roa
Signing time: Fri 07 Mar 2025 16:53:20 +0000
ROA not before: Fri 07 Mar 2025 16:53:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.85.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.92.0/22 maxlen: 24
31.57.96.0/22 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.188.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.200.0/24 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.208.0/24 maxlen: 24
31.57.209.0/24 maxlen: 24
31.57.210.0/24 maxlen: 24
31.57.211.0/24 maxlen: 24
31.57.212.0/24 maxlen: 24
31.57.213.0/24 maxlen: 24
31.57.214.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.57.254.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.76.0/22 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.91.0/24 maxlen: 24
31.58.100.0/22 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.224.0/22 maxlen: 24
31.59.41.0/24 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.120.0/22 maxlen: 24
31.59.184.0/22 maxlen: 24
31.59.186.0/24 maxlen: 24
31.59.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 09 Mar 2025 16:55:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:71:86:94:a5:2f:3c:0a:f7:f7:9d:74:69:cb:d2:d3:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 7 16:53:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ee5112de8538102281b49f462c559458061bb82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e2:64:a1:aa:40:58:6a:6e:09:dd:ea:f2:80:
87:9f:10:a3:84:0a:d3:69:5c:1c:b2:f0:30:41:89:
a0:49:2a:83:05:7a:78:7b:d3:23:37:32:ff:56:d6:
e2:34:a0:0c:e2:59:22:f0:5e:33:bb:e0:6e:0a:21:
c7:ae:77:ec:7a:f2:01:82:ab:6b:c6:ac:0f:6c:fe:
19:f3:56:35:33:cb:0d:19:03:26:ff:9d:d7:0a:4f:
8b:f2:74:9b:83:e3:d0:4c:ac:4e:ba:4a:4f:40:00:
91:5c:f2:e5:85:f2:4b:c9:e3:0b:19:38:96:9a:08:
88:fc:e3:cf:7f:2a:10:aa:14:47:b1:bb:60:01:9b:
1d:d2:75:85:4c:fc:c2:fa:f5:1b:36:6e:78:2b:8f:
7b:8c:de:66:87:f4:9b:12:1d:10:25:be:6b:e5:a2:
e6:ff:7e:52:c2:19:b7:af:ab:aa:5c:16:ab:7f:1f:
41:40:ae:f8:7d:8b:10:22:41:dd:a9:2d:08:b8:37:
14:63:ba:f0:65:42:0f:b5:20:05:b3:5a:46:47:0e:
3c:71:61:05:0a:22:24:0e:2d:54:b2:94:32:ab:13:
0e:a8:85:bf:3a:ff:18:4e:63:e6:9a:96:67:3d:f4:
bb:64:16:de:78:fe:4d:29:ae:03:2c:18:13:92:a0:
a9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:E5:11:2D:E8:53:81:02:28:1B:49:F4:62:C5:59:45:80:61:BB:82
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/buURLehTgQIoG0n0YsVZRYBhu4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.57.0/24
31.56.71.0/24
31.56.85.0/24
31.56.89.0-31.56.91.255
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.92.0-31.57.99.255
31.57.104.0/21
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.176.0/21
31.57.188.0/24
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.50.0/23
31.58.68.0/22
31.58.76.0/22
31.58.84.0/22
31.58.91.0/24
31.58.100.0/22
31.58.152.0/22
31.58.224.0/22
31.59.41.0/24
31.59.96.0/22
31.59.112.0/22
31.59.120.0/22
31.59.184.0/22
31.59.230.0/24
Signature Algorithm: sha256WithRSAEncryption
10:39:b6:61:29:7f:58:92:2b:89:3f:00:ee:1c:6a:d9:89:b6:
c6:82:47:7e:b9:3f:ee:00:fd:f1:64:63:e3:23:45:98:39:c8:
f4:29:78:05:39:bd:d6:1d:2a:3c:93:4e:8e:e7:e2:58:ec:c8:
79:d8:5d:b3:3b:7f:f1:ed:6d:f9:b4:90:ca:91:34:89:a3:bf:
c3:a3:9b:e2:e5:9b:ad:cf:50:fd:e9:07:77:7a:af:67:7b:d3:
8d:9b:cb:5d:31:4d:8a:d7:53:16:d8:8a:87:f7:03:c6:9a:19:
7b:03:17:4d:cf:64:f6:cd:9c:6e:c0:36:44:bd:3a:f7:f6:37:
9c:6a:d4:cb:2a:ed:57:66:ab:55:dd:06:eb:f8:f2:40:48:fc:
15:a4:a6:c1:0e:0a:bd:6c:ee:c5:52:aa:8d:1e:25:98:4d:45:
31:b2:a7:c0:d4:d3:29:f5:b7:75:e3:46:58:8e:f8:f3:54:b7:
03:f1:bf:90:3a:5f:7e:b7:97:fa:4e:c8:ae:9c:1d:f1:cb:a5:
f7:7b:9e:86:77:f5:5c:aa:26:d1:cd:95:11:85:ac:bc:9c:7c:
4f:27:38:57:78:3f:9d:03:87:24:49:2b:fb:c6:b7:4d:2f:77:
5f:e4:6b:0b:f3:53:8a:f9:bc:84:aa:ca:1f:5c:28:38:49:42:
cf:54:08:3f
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgISAZVxhpSlLzwK9/eddGnL0tP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzA3MTY1MzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWU1MTEyZGU4NTM4MTAyMjgxYjQ5ZjQ2MmM1NTk0NTgwNjFiYjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOJkoapAWGpuCd3q8oCHnxCjhArT
aVwcsvAwQYmgSSqDBXp4e9MjNzL/VtbiNKAM4lki8F4zu+BuCiHHrnfsevIBgqtr
xqwPbP4Z81Y1M8sNGQMm/53XCk+L8nSbg+PQTKxOukpPQACRXPLlhfJLyeMLGTiW
mgiI/OPPfyoQqhRHsbtgAZsd0nWFTPzC+vUbNm54K497jN5mh/SbEh0QJb5r5aLm
/35Swhm3r6uqXBarfx9BQK74fYsQIkHdqS0IuDcUY7rwZUIPtSAFs1pGRw48cWEF
CiIkDi1UspQyqxMOqIW/Ov8YTmPmmpZnPfS7ZBbeeP5NKa4DLBgTkqCpnQIDAQAB
o4IDETCCAw0wHQYDVR0OBBYEFG7lES3oU4ECKBtJ9GLFWUWAYbuCMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvYnVVUkxlaFRnUUlvRzBuMFlzVlpSWUJodTRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJQYIKwYBBQUHAQcBAf8EggEUMIIBEDCCAQwEAgABMIIB
BAMEAR84BAMEAB84GAMEAR84KgMEAB84OQMEAB84RwMEAB84VTAMAwQAHzhZAwQC
HzhYAwQDHzhoAwQBHzhyMAwDBAEfOHYDBAIfOHgDBAIfOMgwDAMEAh85XAMEAh85
YAMEAx85aAMEAR85hAMEAx85iAMEAR85kgMEAx85sAMEAB85vAMEAh85wAMEAR85
yDAMAwQEHznQAwQCHzngAwQCHznoAwQCHzn8AwQBHzoiAwQBHzoyAwQCHzpEAwQC
HzpMAwQCHzpUAwQAHzpbAwQCHzpkAwQCHzqYAwQCHzrgAwQAHzspAwQCHztgAwQC
HztwAwQCHzt4AwQCHzu4AwQAHzvmMA0GCSqGSIb3DQEBCwUAA4IBAQAQObZhKX9Y
kiuJPwDuHGrZibbGgkd+uT/uAP3xZGPjI0WYOcj0KXgFOb3WHSo8k06O5+JY7Mh5
2F2zO3/x7W35tJDKkTSJo7/Do5vi5Zutz1D96Qd3eq9ne9ONm8tdMU2K11MW2IqH
9wPGmhl7AxdNz2T2zZxuwDZEvTr39jecatTLKu1XZqtV3Qbr+PJASPwVpKbBDgq9
bO7FUqqNHiWYTUUxsqfA1NMp9bd140ZYjvjzVLcD8b+QOl9+t5f6TsiunB3xy6X3
e56Gd/VcqibRzZURhay8nHxPJzhXeD+dA4ckSSv7xrdNL3df5GsL81OK+byEqsof
XCg4SULPVAg/
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:10:20 2025 by rpki-client