Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HS5oavV57zvU5GFvw2VH6169gC8.roa
File: HS5oavV57zvU5GFvw2VH6169gC8.roa (raw, json)
Hash identifier: mbgZhwBIE9vottPuK+8evPa8xkTjFZx6u3TWdyQpOvw=
Subject key identifier: 1D:2E:68:6A:F5:79:EF:3B:D4:E4:61:6F:C3:65:47:EB:5E:BD:80:2F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01931F783154BC48F4C4583801CC3BF75AF9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HS5oavV57zvU5GFvw2VH6169gC8.roa
Signing time: Tue 12 Nov 2024 08:23:10 +0000
ROA not before: Tue 12 Nov 2024 08:23:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215439
IP address blocks: 31.13.208.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.133.251.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
87.120.165.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.120.186.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
193.58.121.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 09:15:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1f:78:31:54:bc:48:f4:c4:58:38:01:cc:3b:f7:5a:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 12 08:23:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d2e686af579ef3bd4e4616fc36547eb5ebd802f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:36:da:0c:bb:11:e8:d3:f0:2c:e1:cd:38:82:
2b:55:1c:1d:a2:8a:3f:91:78:9f:eb:be:f2:e8:01:
3d:65:7d:30:7c:2a:ef:53:af:61:f2:a7:c1:9e:4b:
db:24:93:19:1b:17:7b:c3:72:fb:32:ff:42:0b:d5:
62:ab:88:16:22:e1:cd:47:34:1c:88:47:7b:6c:0f:
49:b7:03:03:50:0a:9a:3a:d8:04:d6:e8:0f:d1:e3:
7a:19:d0:e2:3b:7f:e8:c7:ce:f1:88:d0:6a:96:f9:
92:04:92:24:93:74:2c:c2:02:ba:83:f5:15:bc:2c:
80:34:a0:d6:ef:25:f9:13:8f:e2:eb:93:d6:89:fb:
12:f0:de:61:07:1e:77:9b:d3:21:d1:db:21:db:bc:
10:15:02:3e:d5:f9:02:53:b7:da:01:58:3d:21:77:
94:6a:e8:ba:76:e5:92:40:c7:57:99:22:e8:4b:03:
c6:d6:fe:9b:48:37:dd:1e:33:15:c6:25:9d:e3:f3:
b4:ad:02:d7:c0:11:92:5b:fa:1c:3a:a7:4b:90:bc:
66:62:de:52:67:fa:21:1f:33:0b:1a:72:b5:fc:cf:
70:ef:c7:c3:4e:6f:d8:c4:fe:16:5d:87:75:d6:b3:
4a:60:ed:52:27:00:dd:57:17:f9:cf:58:80:6c:23:
f3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:2E:68:6A:F5:79:EF:3B:D4:E4:61:6F:C3:65:47:EB:5E:BD:80:2F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HS5oavV57zvU5GFvw2VH6169gC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.208.0/24
45.66.228.0/24
45.133.251.0/24
84.21.173.0/24
87.120.165.0-87.120.166.255
87.120.186.0/24
171.22.31.0/24
185.246.223.0/24
193.58.121.0/24
193.222.99.0/24
Signature Algorithm: sha256WithRSAEncryption
67:4f:4d:58:2f:2a:07:51:d9:bf:ac:31:20:d4:41:69:e6:5d:
73:3c:ff:b6:6b:71:aa:b8:74:57:d0:d7:3f:49:7f:19:8f:e5:
f5:c2:1a:78:9a:21:9e:91:83:01:02:67:b6:10:bc:76:44:62:
5b:82:b0:8d:ab:ce:67:35:e5:e3:d2:5a:ce:8f:a6:04:86:89:
4b:2f:4e:cf:2e:ec:12:bb:f9:92:f7:99:e1:84:be:47:43:d4:
1d:bf:76:f1:02:67:e9:98:d6:47:a6:08:84:c7:2a:28:60:72:
29:a4:b5:a8:1c:4c:24:b4:34:77:b8:e7:4e:90:b5:bf:32:a7:
3b:f2:12:0e:6f:b4:93:4c:7d:23:29:ab:e3:fd:36:7c:4a:81:
73:90:5d:1a:a9:01:31:d8:50:e2:16:93:e6:75:81:6f:be:ce:
2a:b3:e9:a2:36:41:8b:db:a9:fc:d9:b0:5d:8c:0e:c2:e2:2a:
ac:ca:81:02:66:fe:36:6b:da:d4:7f:dc:99:65:02:ac:6f:fe:
99:6e:7a:42:57:56:2a:30:42:43:76:ef:e0:db:54:29:f5:97:
29:86:d8:b3:e9:62:30:b3:b9:ef:43:8e:aa:b4:59:b4:69:92:
f9:ba:7f:76:ca:34:76:96:d8:32:e9:fb:27:e6:ed:28:11:f6:
1d:a2:1e:6c
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZMfeDFUvEj0xFg4Acw791r5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMTEyMDgyMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDJlNjg2YWY1NzllZjNiZDRlNDYxNmZjMzY1NDdlYjVlYmQ4MDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzbaDLsR6NPwLOHNOIIrVRwdooo/
kXif677y6AE9ZX0wfCrvU69h8qfBnkvbJJMZGxd7w3L7Mv9CC9Viq4gWIuHNRzQc
iEd7bA9JtwMDUAqaOtgE1ugP0eN6GdDiO3/ox87xiNBqlvmSBJIkk3QswgK6g/UV
vCyANKDW7yX5E4/i65PWifsS8N5hBx53m9Mh0dsh27wQFQI+1fkCU7faAVg9IXeU
aui6duWSQMdXmSLoSwPG1v6bSDfdHjMVxiWd4/O0rQLXwBGSW/ocOqdLkLxmYt5S
Z/ohHzMLGnK1/M9w78fDTm/YxP4WXYd11rNKYO1SJwDdVxf5z1iAbCPzNwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFB0uaGr1ee871ORhb8NlR+tevYAvMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSFM1b2F2VjU3enZVNUdGdncyVkg2MTY5Z0M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAHw3QAwQA
LULkAwQALYX7AwQAVBWtMAwDBABXeKUDBABXeKYDBABXeLoDBACrFh8DBAC59t8D
BADBOnkDBADB3mMwDQYJKoZIhvcNAQELBQADggEBAGdPTVgvKgdR2b+sMSDUQWnm
XXM8/7Zrcaq4dFfQ1z9JfxmP5fXCGniaIZ6RgwECZ7YQvHZEYluCsI2rzmc15ePS
Ws6PpgSGiUsvTs8u7BK7+ZL3meGEvkdD1B2/dvECZ+mY1kemCITHKihgcimktagc
TCS0NHe4506Qtb8ypzvyEg5vtJNMfSMpq+P9NnxKgXOQXRqpATHYUOIWk+Z1gW++
ziqz6aI2QYvbqfzZsF2MDsLiKqzKgQJm/jZr2tR/3JllAqxv/pluekJXViowQkN2
7+DbVCn1lymG2LPpYjCzue9Djqq0WbRpkvm6f3bKNHaW2DLp+yfm7SgR9h2iHmw=
-----END CERTIFICATE-----
Generated at Mon Nov 18 11:03:26 2024 by rpki-client on console-ams.rpki-client.org