Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/oBOpZ9lrslXzEe5-mWKo5MOWhCU.roa
File: oBOpZ9lrslXzEe5-mWKo5MOWhCU.roa (raw, json)
Hash identifier: f6fCbxZCDm3s96KikRpCNLAjRxl9//4cPfbl0uLWxE0=
Subject key identifier: A0:13:A9:67:D9:6B:B2:55:F3:11:EE:7E:99:62:A8:E4:C3:96:84:25
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195AD51BD5861EFD2C5E5493E6A0D1857E3
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/oBOpZ9lrslXzEe5-mWKo5MOWhCU.roa
Signing time: Wed 19 Mar 2025 07:32:49 +0000
ROA not before: Wed 19 Mar 2025 07:32:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.42.0/23 maxlen: 24
31.56.42.0/24 maxlen: 24
31.56.43.0/24 maxlen: 24
31.56.47.0/24 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.57.103.0/24 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.113.0/24 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.115.0/24 maxlen: 24
31.57.116.0/24 maxlen: 24
31.57.117.0/24 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.143.0/24 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.168.0/22 maxlen: 24
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.200.0/24 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.212.0/24 maxlen: 24
31.57.213.0/24 maxlen: 24
31.57.214.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.57.254.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.40.0/24 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.76.0/24 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.172.0/22 maxlen: 24
31.58.224.0/22 maxlen: 24
31.59.76.0/22 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.120.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Mar 2025 10:16:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ad:51:bd:58:61:ef:d2:c5:e5:49:3e:6a:0d:18:57:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 19 07:32:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a013a967d96bb255f311ee7e9962a8e4c3968425
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:c7:fe:86:be:9a:cf:7b:eb:cf:43:7e:16:65:
30:2b:15:16:01:d4:fc:c2:58:40:ae:ee:65:60:ac:
58:b0:1b:fd:21:af:56:ab:03:3f:32:7e:f7:1b:c6:
af:a2:8b:af:47:8b:9b:5b:fb:13:3c:94:15:e8:92:
3e:09:d5:99:6e:47:d6:7c:44:fe:20:21:47:7f:34:
46:84:d5:10:ee:44:96:63:bd:1c:05:11:8b:ee:00:
4c:89:32:bb:68:77:13:da:63:69:94:6a:c0:ab:d5:
3f:d6:1b:48:08:90:8b:e0:71:7f:da:fe:18:71:2d:
0f:95:8c:d6:fe:13:08:6e:37:7e:e4:87:73:f7:e9:
ba:90:05:60:b7:7b:a9:8f:bc:60:7e:cb:60:7b:26:
9d:9b:a2:b3:6a:9c:dc:7c:51:61:b1:56:b8:78:7f:
b2:11:3b:af:f4:67:32:66:85:09:11:95:9a:1f:40:
49:3e:e8:e8:bc:6e:79:e5:de:b9:70:52:b8:38:9e:
17:b9:0c:a5:7f:af:6c:0e:6c:c1:0f:82:e7:2c:ea:
f3:42:82:90:1b:48:55:87:0b:a6:9b:6a:f4:f0:3f:
f1:77:06:d2:f1:26:25:7e:0e:11:19:8f:09:b4:a1:
5d:a2:17:0f:96:c9:3f:0b:e4:a5:9a:e7:82:00:c8:
4f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:13:A9:67:D9:6B:B2:55:F3:11:EE:7E:99:62:A8:E4:C3:96:84:25
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/oBOpZ9lrslXzEe5-mWKo5MOWhCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.42.0/23
31.56.47.0/24
31.56.57.0/24
31.56.71.0/24
31.56.90.0/23
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/22
31.57.103.0-31.57.111.255
31.57.113.0-31.57.117.255
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.168.0/22
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.40.0/24
31.58.50.0/23
31.58.68.0/22
31.58.76.0/24
31.58.84.0/22
31.58.152.0/22
31.58.172.0/22
31.58.224.0/22
31.59.76.0/22
31.59.96.0/22
31.59.112.0/22
31.59.120.0/22
Signature Algorithm: sha256WithRSAEncryption
79:9f:19:78:8a:3a:fc:39:7f:a7:d0:d6:20:25:a0:78:ae:b0:
48:38:73:3c:eb:53:23:7b:34:c4:e0:a0:f1:6b:49:69:4a:86:
0c:0d:45:4a:c6:fe:ab:42:08:af:db:d8:e9:99:5f:06:55:0b:
8c:53:fe:82:8b:06:84:8e:26:75:ed:67:92:43:21:2d:f4:b1:
49:28:4e:54:71:aa:da:74:ae:be:62:c6:ad:a7:15:92:39:33:
bc:de:df:a5:68:b1:a4:42:87:9b:5e:88:c0:07:07:b0:f8:66:
69:f9:96:e3:c7:ba:2f:fd:22:5f:45:1a:6d:34:d3:cf:90:31:
2a:a9:7a:0d:7d:57:cc:26:c2:32:f3:f3:bd:e3:27:f8:21:f7:
93:69:0a:41:62:b2:74:40:78:30:21:9c:4a:54:43:07:db:27:
99:15:cb:78:4c:2f:4a:d2:4a:0b:b3:b4:94:d4:5d:34:ac:e4:
cc:eb:73:3d:c3:96:d8:7c:5a:a3:c2:4d:34:07:c6:bd:90:6b:
00:1b:9a:c5:31:8a:34:60:6a:f5:c3:0f:d5:19:68:ff:39:b9:
d1:7c:2e:9d:07:71:e8:f3:e3:ff:22:85:4c:19:32:69:ab:77:
42:ec:c1:cd:05:99:1b:01:5c:bb:1c:97:a3:fa:9d:3b:0e:5a:
81:6d:fd:02
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgISAZWtUb1YYe/SxeVJPmoNGFfjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzE5MDczMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDEzYTk2N2Q5NmJiMjU1ZjMxMWVlN2U5OTYyYThlNGMzOTY4NDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6cf+hr6az3vrz0N+FmUwKxUWAdT8
wlhAru5lYKxYsBv9Ia9WqwM/Mn73G8avoouvR4ubW/sTPJQV6JI+CdWZbkfWfET+
ICFHfzRGhNUQ7kSWY70cBRGL7gBMiTK7aHcT2mNplGrAq9U/1htICJCL4HF/2v4Y
cS0PlYzW/hMIbjd+5Idz9+m6kAVgt3upj7xgfstgeyadm6KzapzcfFFhsVa4eH+y
ETuv9GcyZoUJEZWaH0BJPujovG555d65cFK4OJ4XuQylf69sDmzBD4LnLOrzQoKQ
G0hVhwumm2r08D/xdwbS8SYlfg4RGY8JtKFdohcPlsk/C+SlmueCAMhP8wIDAQAB
o4IDAzCCAv8wHQYDVR0OBBYEFKATqWfZa7JV8xHufpliqOTDloQlMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvb0JPcFo5bHJzbFh6RWU1LW1XS281TU9XaENVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFwYIKwYBBQUHAQcBAf8EggEGMIIBAjCB/wQCAAEwgfgD
BAEfOAQDBAAfOBgDBAEfOCoDBAAfOC8DBAAfODkDBAAfOEcDBAEfOFoDBAMfOGgD
BAEfOHIwDAMEAR84dgMEAh84eAMEAh84yDAMAwQAHzlnAwQEHzlgMAwDBAAfOXED
BAEfOXQDBAEfOYQDBAMfOYgDBAEfOZIDBAIfOagDBAMfObADBAIfOcADBAEfOcgw
DAMEBB850AMEAh854AMEAh856AMEAh85/AMEAR86IgMEAB86KAMEAR86MgMEAh86
RAMEAB86TAMEAh86VAMEAh86mAMEAh86rAMEAh864AMEAh87TAMEAh87YAMEAh87
cAMEAh87eDANBgkqhkiG9w0BAQsFAAOCAQEAeZ8ZeIo6/Dl/p9DWICWgeK6wSDhz
POtTI3s0xOCg8WtJaUqGDA1FSsb+q0IIr9vY6ZlfBlULjFP+gosGhI4mde1nkkMh
LfSxSShOVHGq2nSuvmLGracVkjkzvN7fpWixpEKHm16IwAcHsPhmafmW48e6L/0i
X0UabTTTz5AxKql6DX1XzCbCMvPzveMn+CH3k2kKQWKydEB4MCGcSlRDB9snmRXL
eEwvStJKC7O0lNRdNKzkzOtzPcOW2Hxao8JNNAfGvZBrABuaxTGKNGBq9cMP1Rlo
/zm50XwunQdx6PPj/yKFTBkyaat3QuzBzQWZGwFcuxyXo/qdOw5agW39Ag==
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:09:07 2025 by rpki-client