Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/y9SmVWLuw9eqTTYxCXYww_XeJ7Q.roa
File: y9SmVWLuw9eqTTYxCXYww_XeJ7Q.roa (raw, json)
Hash identifier: OoUcFqdH05Cqk/GoealBXJQxs4ll+ZMvQXTHd+Fhd30=
Subject key identifier: CB:D4:A6:55:62:EE:C3:D7:AA:4D:36:31:09:76:30:C3:F5:DE:27:B4
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195EAA18A192ED0D55CB127D9C85558BA54
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/y9SmVWLuw9eqTTYxCXYww_XeJ7Q.roa
Signing time: Mon 31 Mar 2025 05:16:50 +0000
ROA not before: Mon 31 Mar 2025 05:16:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.24.0/24 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.56.204.0/22 maxlen: 24
31.57.103.0/24 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.113.0/24 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.120.0/22 maxlen: 24
31.57.124.0/22 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.143.0/24 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.168.0/22 maxlen: 24
31.57.168.0/23 maxlen: 23
31.57.176.0/21 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.214.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.40.0/24 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.76.0/24 maxlen: 24
31.58.77.0/24 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.172.0/22 maxlen: 24
31.58.224.0/22 maxlen: 24
31.59.76.0/22 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.120.0/22 maxlen: 24
31.59.136.0/21 maxlen: 24
31.59.144.0/21 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/21 maxlen: 24
31.59.168.0/21 maxlen: 24
31.59.224.0/22 maxlen: 22
31.59.232.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 31 Mar 2025 08:01:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ea:a1:8a:19:2e:d0:d5:5c:b1:27:d9:c8:55:58:ba:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 31 05:16:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cbd4a65562eec3d7aa4d3631097630c3f5de27b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:94:c6:3c:96:b1:bb:e5:7a:05:84:a7:8a:8d:
32:9a:57:7d:07:5f:35:a7:dc:cd:1c:39:d4:21:a6:
d9:53:bc:43:13:1e:e9:f0:6e:40:b7:58:ec:91:d5:
86:cb:34:c3:47:86:0e:4f:d4:f4:5a:96:b0:6c:78:
fa:f4:ea:41:01:f1:80:18:dc:16:b3:42:49:23:31:
50:a7:5c:f2:19:41:44:a0:c2:ee:86:fc:5d:53:f3:
2f:dd:dc:70:c1:1c:71:c5:00:da:bf:a8:f2:b7:88:
fb:0f:e3:8b:e7:9d:52:74:16:43:f9:87:ab:81:83:
d7:b0:63:12:72:69:bb:66:6e:29:13:c8:be:f6:3d:
93:aa:80:6d:0d:0e:71:78:72:3e:0d:42:5c:62:6c:
54:99:27:b4:55:80:b7:34:ec:f9:1a:6b:43:a7:3e:
f3:c3:fc:6a:d7:b6:01:fb:3b:2f:b4:21:9e:72:ff:
f3:27:a6:c1:27:fd:13:6d:97:94:79:e3:6f:23:c5:
60:15:e0:c9:c9:2f:67:94:0a:a4:30:71:6c:2b:bd:
19:43:53:05:05:ff:9b:d2:b5:4f:89:bb:de:c7:4f:
7d:67:6b:52:80:05:ff:04:de:76:fc:79:ff:89:0e:
55:62:05:f9:20:8d:be:87:be:b3:a5:77:87:1f:7b:
b0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:D4:A6:55:62:EE:C3:D7:AA:4D:36:31:09:76:30:C3:F5:DE:27:B4
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/y9SmVWLuw9eqTTYxCXYww_XeJ7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.24.0/24
31.56.57.0/24
31.56.71.0/24
31.56.90.0/23
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/21
31.57.103.0-31.57.111.255
31.57.113.0-31.57.114.255
31.57.120.0/21
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.168.0/22
31.57.176.0/21
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.40.0/24
31.58.50.0/23
31.58.68.0/22
31.58.76.0/23
31.58.84.0/22
31.58.152.0/22
31.58.172.0/22
31.58.224.0/22
31.59.76.0/22
31.59.96.0/22
31.59.112.0/22
31.59.120.0/22
31.59.136.0-31.59.175.255
31.59.224.0/22
31.59.232.0/22
Signature Algorithm: sha256WithRSAEncryption
89:4a:d5:3d:f5:27:11:62:40:f7:13:fd:20:94:9c:75:2a:33:
56:4e:7e:6e:9d:9f:fa:69:cd:fb:14:28:f0:19:40:cb:39:d3:
77:0f:ab:9d:86:73:ef:32:54:c3:35:e0:22:0b:b0:11:fc:6b:
67:28:3a:cf:4d:a2:a7:dd:28:aa:e9:43:5a:0b:86:34:b8:5a:
71:75:24:b0:f9:17:57:d1:1c:58:dd:42:6c:7d:af:a7:dd:1b:
62:ab:18:f4:57:41:a0:76:39:79:ed:ba:51:34:24:b2:88:ec:
7b:37:2b:b5:46:c8:78:6c:14:8f:ab:eb:b4:d3:3b:99:fc:4e:
4f:0f:82:aa:55:fe:c5:64:e8:e5:4b:ab:62:83:61:c2:82:ef:
01:76:29:11:1a:83:f9:aa:55:e3:46:c2:1f:98:1c:22:83:18:
0b:16:45:63:ea:74:34:86:af:f2:98:80:d2:43:7e:ea:db:f4:
23:67:bb:65:fa:c0:38:61:5c:e6:73:80:ff:80:14:24:db:4b:
ab:c0:a5:ce:cc:99:1a:f0:2e:1c:4e:94:d4:c5:1b:db:d5:e3:
bf:c9:7a:61:02:ac:76:dc:37:fc:ae:44:2d:82:11:eb:ca:f3:
22:92:61:73:ae:5e:53:c5:a1:0f:8f:32:78:4b:dc:d4:dd:68:
3e:c9:1e:f2
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAZXqoYoZLtDVXLEn2chVWLpUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzMxMDUxNjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmQ0YTY1NTYyZWVjM2Q3YWE0ZDM2MzEwOTc2MzBjM2Y1ZGUyN2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZTGPJaxu+V6BYSnio0ymld9B181
p9zNHDnUIabZU7xDEx7p8G5At1jskdWGyzTDR4YOT9T0WpawbHj69OpBAfGAGNwW
s0JJIzFQp1zyGUFEoMLuhvxdU/Mv3dxwwRxxxQDav6jyt4j7D+OL551SdBZD+Yer
gYPXsGMScmm7Zm4pE8i+9j2TqoBtDQ5xeHI+DUJcYmxUmSe0VYC3NOz5GmtDpz7z
w/xq17YB+zsvtCGecv/zJ6bBJ/0TbZeUeeNvI8VgFeDJyS9nlAqkMHFsK70ZQ1MF
Bf+b0rVPibvex099Z2tSgAX/BN52/Hn/iQ5VYgX5II2+h76zpXeHH3uwvQIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFMvUplVi7sPXqk02MQl2MMP13ie0MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEveTlTbVZXTHV3OWVxVFRZeENYWXd3X1hlSjdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCCARQEAgABMIIB
DAMEAR84BAMEAB84GAMEAB84OQMEAB84RwMEAR84WgMEAx84aAMEAR84cjAMAwQB
Hzh2AwQCHzh4AwQDHzjIMAwDBAAfOWcDBAQfOWAwDAMEAB85cQMEAB85cgMEAx85
eAMEAR85hAMEAx85iAMEAR85kgMEAh85qAMEAx85sAMEAh85wAMEAR85yDAMAwQE
HznQAwQCHzngAwQCHznoAwQCHzn8AwQBHzoiAwQAHzooAwQBHzoyAwQCHzpEAwQB
HzpMAwQCHzpUAwQCHzqYAwQCHzqsAwQCHzrgAwQCHztMAwQCHztgAwQCHztwAwQC
Hzt4MAwDBAMfO4gDBAQfO6ADBAIfO+ADBAIfO+gwDQYJKoZIhvcNAQELBQADggEB
AIlK1T31JxFiQPcT/SCUnHUqM1ZOfm6dn/ppzfsUKPAZQMs503cPq52Gc+8yVMM1
4CILsBH8a2coOs9NoqfdKKrpQ1oLhjS4WnF1JLD5F1fRHFjdQmx9r6fdG2KrGPRX
QaB2OXntulE0JLKI7Hs3K7VGyHhsFI+r67TTO5n8Tk8PgqpV/sVk6OVLq2KDYcKC
7wF2KREag/mqVeNGwh+YHCKDGAsWRWPqdDSGr/KYgNJDfurb9CNnu2X6wDhhXOZz
gP+AFCTbS6vApc7MmRrwLhxOlNTFG9vV47/JemECrHbcN/yuRC2CEevK8yKSYXOu
XlPFoQ+PMnhL3NTdaD7JHvI=
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:52:20 2025 by rpki-client