Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/cxm7ErwOpLEy-XOk_jakiPt1Mts.roa
File: cxm7ErwOpLEy-XOk_jakiPt1Mts.roa (raw, json)
Hash identifier: /6kAT/mdhK91NmKfMQTPegBNpvkeyRnDZw9MMj5ECW0=
Subject key identifier: 73:19:BB:12:BC:0E:A4:B1:32:F9:73:A4:FE:36:A4:88:FB:75:32:DB
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195CDBDE98F02C2423DE75072108ED5A98D
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/cxm7ErwOpLEy-XOk_jakiPt1Mts.roa
Signing time: Tue 25 Mar 2025 14:38:50 +0000
ROA not before: Tue 25 Mar 2025 14:38:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.87.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.103.0/24 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.113.0/24 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.116.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.143.0/24 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.168.0/22 maxlen: 24
31.57.168.0/23 maxlen: 23
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.214.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.40.0/24 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.76.0/24 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.172.0/22 maxlen: 24
31.58.224.0/22 maxlen: 24
31.59.76.0/22 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.120.0/22 maxlen: 24
31.59.136.0/21 maxlen: 24
31.59.144.0/21 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/21 maxlen: 24
31.59.168.0/21 maxlen: 24
31.59.224.0/22 maxlen: 22
31.59.232.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 26 Mar 2025 16:33:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cd:bd:e9:8f:02:c2:42:3d:e7:50:72:10:8e:d5:a9:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 25 14:38:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7319bb12bc0ea4b132f973a4fe36a488fb7532db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:77:10:82:cb:b4:e5:23:6f:e8:c8:af:06:84:
5a:3c:d6:e8:17:12:8e:95:f3:5f:3c:0f:c6:f2:9a:
02:52:d3:ff:a0:57:5d:9e:5b:07:32:98:cd:69:c7:
6f:57:ff:94:42:e8:78:2c:52:ae:82:b1:e9:b8:0a:
da:d7:cc:38:85:bc:c5:45:cf:53:38:89:5b:a4:b8:
ae:06:d3:41:6f:69:57:0f:91:c5:61:da:3d:81:17:
5d:46:d6:6f:e6:d4:e8:17:d9:93:e2:6b:fd:a3:6b:
b3:8a:1f:ac:5b:9f:4d:6a:98:36:6b:a0:ff:30:3c:
82:55:97:dc:66:82:df:0d:9b:ba:f2:30:99:59:68:
7d:42:3f:1c:f7:cb:ec:27:96:fe:7a:f2:1d:8a:de:
25:67:04:2e:9d:98:69:6f:8f:93:f0:e3:3d:7b:eb:
a6:47:7c:26:3b:d6:f0:10:da:1f:5e:ff:11:c8:36:
62:60:7c:b3:11:25:d2:7f:3d:41:d1:50:e9:e8:15:
3f:bc:bb:43:e4:28:72:18:41:66:fc:1e:bd:3c:25:
63:b7:70:88:88:0f:5f:dc:09:55:1f:c1:6a:b7:4f:
f9:a6:f8:c1:26:3d:bd:6b:91:a2:d9:0e:8f:3f:9a:
3c:dd:86:42:80:68:a1:a6:2c:93:f0:15:68:e8:2c:
fd:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:19:BB:12:BC:0E:A4:B1:32:F9:73:A4:FE:36:A4:88:FB:75:32:DB
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/cxm7ErwOpLEy-XOk_jakiPt1Mts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.57.0/24
31.56.71.0/24
31.56.87.0/24
31.56.90.0/23
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.103.0-31.57.111.255
31.57.113.0-31.57.114.255
31.57.116.0/24
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.168.0/22
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.40.0/24
31.58.50.0/23
31.58.68.0/22
31.58.76.0/24
31.58.84.0/22
31.58.152.0/22
31.58.172.0/22
31.58.224.0/22
31.59.76.0/22
31.59.96.0/22
31.59.112.0/22
31.59.120.0/22
31.59.136.0-31.59.175.255
31.59.224.0/22
31.59.232.0/22
Signature Algorithm: sha256WithRSAEncryption
48:1f:52:b2:9b:18:63:b9:1c:07:f2:64:bd:53:5c:6f:16:0a:
a3:7c:02:c9:e8:26:c0:17:80:c9:51:31:a5:6d:e2:99:81:e6:
fd:ed:53:68:b2:f2:0e:61:b6:12:bf:aa:bb:b5:20:04:84:5c:
0a:78:e4:78:15:35:68:50:59:b2:29:c4:10:43:cf:7d:48:82:
d8:3a:a5:29:59:60:1c:28:d4:17:a1:c8:a6:76:bb:af:e0:8e:
52:58:4d:37:30:f4:68:57:5c:95:fa:4b:38:42:e8:a5:34:e7:
cf:1c:62:36:7a:07:7a:b4:3a:87:f8:1e:84:aa:8e:d5:c6:de:
87:10:2b:4e:06:20:01:a7:71:eb:a0:9f:ca:77:f6:3c:78:fc:
09:d7:53:d0:a0:4e:0d:1c:92:8c:de:57:85:15:89:67:1e:5d:
41:99:3f:1d:6b:81:8d:94:e4:99:3a:f4:42:42:74:69:b2:4c:
95:aa:42:bd:9e:9a:0c:40:75:41:87:37:40:7d:33:4d:9c:90:
7a:3f:a4:1b:db:d9:7a:f9:d9:e4:d1:87:d0:2c:47:9a:32:f0:
aa:3f:09:8f:dd:10:ed:eb:c2:1c:8f:e5:4f:4c:c6:64:36:68:
37:aa:50:de:75:bc:93:1d:47:16:fe:84:7b:59:c7:8c:73:1d:
6f:7f:b9:35
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgISAZXNvemPAsJCPedQchCO1amNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzI1MTQzODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzE5YmIxMmJjMGVhNGIxMzJmOTczYTRmZTM2YTQ4OGZiNzUzMmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ncQgsu05SNv6MivBoRaPNboFxKO
lfNfPA/G8poCUtP/oFddnlsHMpjNacdvV/+UQuh4LFKugrHpuAra18w4hbzFRc9T
OIlbpLiuBtNBb2lXD5HFYdo9gRddRtZv5tToF9mT4mv9o2uzih+sW59Napg2a6D/
MDyCVZfcZoLfDZu68jCZWWh9Qj8c98vsJ5b+evIdit4lZwQunZhpb4+T8OM9e+um
R3wmO9bwENofXv8RyDZiYHyzESXSfz1B0VDp6BU/vLtD5ChyGEFm/B69PCVjt3CI
iA9f3AlVH8Fqt0/5pvjBJj29a5Gi2Q6PP5o83YZCgGihpiyT8BVo6Cz99QIDAQAB
o4IDHzCCAxswHQYDVR0OBBYEFHMZuxK8DqSxMvlzpP42pIj7dTLbMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvY3htN0Vyd09wTEV5LVhPa19qYWtpUHQxTXRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMwYIKwYBBQUHAQcBAf8EggEiMIIBHjCCARoEAgABMIIB
EgMEAR84BAMEAB84GAMEAB84OQMEAB84RwMEAB84VwMEAR84WgMEAx84aAMEAR84
cjAMAwQBHzh2AwQCHzh4AwQCHzjIMAwDBAAfOWcDBAQfOWAwDAMEAB85cQMEAB85
cgMEAB85dAMEAR85hAMEAx85iAMEAR85kgMEAh85qAMEAx85sAMEAh85wAMEAR85
yDAMAwQEHznQAwQCHzngAwQCHznoAwQCHzn8AwQBHzoiAwQAHzooAwQBHzoyAwQC
HzpEAwQAHzpMAwQCHzpUAwQCHzqYAwQCHzqsAwQCHzrgAwQCHztMAwQCHztgAwQC
HztwAwQCHzt4MAwDBAMfO4gDBAQfO6ADBAIfO+ADBAIfO+gwDQYJKoZIhvcNAQEL
BQADggEBAEgfUrKbGGO5HAfyZL1TXG8WCqN8AsnoJsAXgMlRMaVt4pmB5v3tU2iy
8g5hthK/qru1IASEXAp45HgVNWhQWbIpxBBDz31Igtg6pSlZYBwo1BehyKZ2u6/g
jlJYTTcw9GhXXJX6SzhC6KU0588cYjZ6B3q0Oof4HoSqjtXG3ocQK04GIAGnceug
n8p39jx4/AnXU9CgTg0ckozeV4UViWceXUGZPx1rgY2U5Jk69EJCdGmyTJWqQr2e
mgxAdUGHN0B9M02ckHo/pBvb2Xr52eTRh9AsR5oy8Ko/CY/dEO3rwhyP5U9MxmQ2
aDeqUN51vJMdRxb+hHtZx4xzHW9/uTU=
-----END CERTIFICATE-----
Generated at Sun Apr 27 18:58:42 2025 by rpki-client