Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IwavzzvKtyKRgvfU2P5snVgq0KE.roa
File: IwavzzvKtyKRgvfU2P5snVgq0KE.roa (raw, json)
Hash identifier: EzLNGfdBDutc8vU+MlK9fGyfLeNYdk+hXec9hEkz9/k=
Subject key identifier: 23:06:AF:CF:3B:CA:B7:22:91:82:F7:D4:D8:FE:6C:9D:58:2A:D0:A1
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01920FD7BB2A7DC13F5ACC7B8E2AA2ABF7DA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IwavzzvKtyKRgvfU2P5snVgq0KE.roa
Signing time: Fri 20 Sep 2024 14:30:49 +0000
ROA not before: Fri 20 Sep 2024 14:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214238
IP address blocks: 5.253.56.0/24 maxlen: 24
5.253.57.0/24 maxlen: 24
5.253.58.0/24 maxlen: 24
5.253.59.0/24 maxlen: 24
31.13.247.0/24 maxlen: 24
31.169.124.0/24 maxlen: 24
31.169.125.0/24 maxlen: 24
31.169.126.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
45.84.88.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.89.244.0/24 maxlen: 24
45.91.193.0/24 maxlen: 24
45.95.0.0/24 maxlen: 24
45.95.1.0/24 maxlen: 24
45.95.2.0/24 maxlen: 24
45.95.3.0/24 maxlen: 24
45.128.97.0/24 maxlen: 24
45.128.99.0/24 maxlen: 24
45.149.235.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
85.208.139.0/24 maxlen: 24
87.120.36.0/24 maxlen: 24
87.120.88.0/24 maxlen: 24
87.120.92.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
87.120.219.0/24 maxlen: 24
87.120.222.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
87.121.98.0/24 maxlen: 24
87.121.217.0/24 maxlen: 24
87.121.218.0/24 maxlen: 24
87.121.219.0/24 maxlen: 24
93.123.30.0/24 maxlen: 24
93.123.31.0/24 maxlen: 24
94.125.100.0/24 maxlen: 24
94.125.101.0/24 maxlen: 24
94.125.102.0/24 maxlen: 24
94.125.103.0/24 maxlen: 24
109.206.236.0/24 maxlen: 24
109.206.242.0/24 maxlen: 24
185.207.14.0/24 maxlen: 24
185.207.15.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
185.246.222.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.8.184.0/24 maxlen: 24
193.8.185.0/24 maxlen: 24
193.8.186.0/24 maxlen: 24
193.8.187.0/24 maxlen: 24
193.148.56.0/24 maxlen: 24
193.148.57.0/24 maxlen: 24
193.148.58.0/24 maxlen: 24
193.148.59.0/24 maxlen: 24
193.168.196.0/24 maxlen: 24
193.168.197.0/24 maxlen: 24
193.168.198.0/24 maxlen: 24
193.168.199.0/24 maxlen: 24
194.113.36.0/24 maxlen: 24
194.113.37.0/24 maxlen: 24
194.113.38.0/24 maxlen: 24
194.113.39.0/24 maxlen: 24
212.87.220.0/24 maxlen: 24
212.87.221.0/24 maxlen: 24
212.87.222.0/24 maxlen: 24
212.87.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Oct 2024 11:13:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0f:d7:bb:2a:7d:c1:3f:5a:cc:7b:8e:2a:a2:ab:f7:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 20 14:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2306afcf3bcab7229182f7d4d8fe6c9d582ad0a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:24:36:64:94:c2:fc:5f:4c:62:81:f1:a2:d6:
7e:7d:7c:b9:51:40:43:bd:02:b5:66:bb:94:63:61:
e8:de:cb:d5:f2:d9:05:90:a2:c2:2e:ce:2a:84:51:
5c:1c:b2:da:9b:1d:c9:59:4d:83:84:42:08:ac:fc:
fb:84:d2:87:13:c7:37:c9:6e:f5:bc:ff:39:40:59:
03:b1:7e:c1:46:33:3f:c0:4e:7d:ae:f9:1f:86:93:
15:d8:94:8c:dc:80:93:6a:bc:6a:9b:de:fa:0c:9a:
3a:be:f8:0b:97:1b:9e:9d:f5:c1:1f:c7:15:bf:e1:
1a:aa:4e:74:30:f4:c9:7a:79:de:4b:48:e2:76:c0:
4c:6e:7f:6f:be:ea:ee:8e:68:d3:23:ed:4b:40:ee:
8b:d5:ae:df:e3:fa:64:92:30:8b:ec:ca:5c:95:e9:
e6:43:c4:2a:79:f4:59:c1:52:e6:7f:97:8d:b7:18:
88:13:b3:13:09:e7:5d:ff:d5:6b:92:df:1b:10:fa:
25:45:dc:5a:bf:b2:45:57:0d:25:f2:31:48:af:f0:
a7:de:a8:b9:69:0c:c9:b5:3e:bb:11:ef:4a:ef:8d:
06:d5:4b:d1:48:b0:e7:b4:ab:a7:8d:35:9e:b9:b2:
f4:dc:80:61:96:83:90:b5:81:d6:ef:e0:54:5e:99:
45:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:06:AF:CF:3B:CA:B7:22:91:82:F7:D4:D8:FE:6C:9D:58:2A:D0:A1
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IwavzzvKtyKRgvfU2P5snVgq0KE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0/22
31.13.247.0/24
31.169.124.0/22
45.84.88.0/24
45.88.66.0/24
45.89.244.0/24
45.91.193.0/24
45.95.0.0/22
45.128.97.0/24
45.128.99.0/24
45.149.235.0/24
83.143.113.0/24
85.208.139.0/24
87.120.36.0/24
87.120.88.0/24
87.120.92.0/24
87.120.108.0/24
87.120.196.0/24
87.120.205.0/24
87.120.216.0/24
87.120.219.0/24
87.120.222.0/24
87.121.47.0/24
87.121.98.0/24
87.121.217.0-87.121.219.255
93.123.30.0/23
94.125.100.0/22
109.206.236.0/24
109.206.242.0/24
185.207.14.0/23
185.218.137.0/24
185.246.222.0/24
185.252.179.0/24
193.8.184.0/22
193.148.56.0/22
193.168.196.0/22
194.113.36.0/22
212.87.220.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:f2:e4:44:72:83:3b:80:a7:73:07:80:c6:1e:e4:f7:06:6c:
eb:79:28:d2:7b:b6:dc:bd:d5:67:6e:f6:40:41:db:ca:89:09:
8c:6c:5a:f5:1a:ad:45:fc:33:1c:56:4d:86:38:d9:39:48:63:
9c:12:47:80:d3:2a:6c:6a:76:77:e5:67:af:86:78:09:29:d8:
91:3d:67:d9:35:a9:47:03:81:94:66:e0:89:3f:f9:e5:da:39:
60:f2:74:ac:7b:05:a4:ea:cd:83:45:26:04:87:3f:51:b9:82:
37:bb:9f:4c:5b:3f:cc:83:dc:c4:95:e1:1f:33:cb:0b:f5:c6:
9b:8f:6d:ae:70:12:33:77:30:74:75:5f:7c:8d:ab:48:2b:d1:
a7:cd:53:65:fa:cd:50:9d:c3:b5:d9:71:64:85:ff:f6:c8:40:
3b:cf:1b:5f:2f:cb:47:1a:a3:21:ae:0d:15:b0:92:d9:40:98:
74:05:be:be:83:7d:9b:fd:a1:f6:db:af:06:81:d9:75:25:3f:
7c:6a:be:ca:47:0f:3d:7f:55:24:45:36:df:8e:98:cd:e7:94:
8d:45:73:38:d3:5c:64:99:a5:05:78:36:e5:1f:c1:bf:d5:56:
e6:fe:bb:33:fd:e6:d5:4e:c7:da:5b:29:43:c3:e8:ca:c1:45:
a8:d9:c7:54
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAZIP17sqfcE/Wsx7jiqiq/faMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwOTIwMTQzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzA2YWZjZjNiY2FiNzIyOTE4MmY3ZDRkOGZlNmM5ZDU4MmFkMGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCQ2ZJTC/F9MYoHxotZ+fXy5UUBD
vQK1ZruUY2Ho3svV8tkFkKLCLs4qhFFcHLLamx3JWU2DhEIIrPz7hNKHE8c3yW71
vP85QFkDsX7BRjM/wE59rvkfhpMV2JSM3ICTarxqm976DJo6vvgLlxuenfXBH8cV
v+Eaqk50MPTJenneS0jidsBMbn9vvurujmjTI+1LQO6L1a7f4/pkkjCL7Mpclenm
Q8QqefRZwVLmf5eNtxiIE7MTCedd/9Vrkt8bEPolRdxav7JFVw0l8jFIr/Cn3qi5
aQzJtT67Ee9K740G1UvRSLDntKunjTWeubL03IBhloOQtYHW7+BUXplF5QIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFCMGr887yrcikYL31Nj+bJ1YKtChMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSXdhdnp6dkt0eUtSZ3ZmVTJQNXNuVmdxMEtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgfMEAgABMIHsAwQC
Bf04AwQAHw33AwQCH6l8AwQALVRYAwQALVhCAwQALVn0AwQALVvBAwQCLV8AAwQA
LYBhAwQALYBjAwQALZXrAwQAU49xAwQAVdCLAwQAV3gkAwQAV3hYAwQAV3hcAwQA
V3hsAwQAV3jEAwQAV3jNAwQAV3jYAwQAV3jbAwQAV3jeAwQAV3kvAwQAV3liMAwD
BABXedkDBAJXedgDBAFdex4DBAJefWQDBABtzuwDBABtzvIDBAG5zw4DBAC52okD
BAC59t4DBAC5/LMDBALBCLgDBALBlDgDBALBqMQDBALCcSQDBALUV9wwDQYJKoZI
hvcNAQELBQADggEBAGvy5ERygzuAp3MHgMYe5PcGbOt5KNJ7tty91Wdu9kBB28qJ
CYxsWvUarUX8MxxWTYY42TlIY5wSR4DTKmxqdnflZ6+GeAkp2JE9Z9k1qUcDgZRm
4Ik/+eXaOWDydKx7BaTqzYNFJgSHP1G5gje7n0xbP8yD3MSV4R8zywv1xpuPba5w
EjN3MHR1X3yNq0gr0afNU2X6zVCdw7XZcWSF//bIQDvPG18vy0caoyGuDRWwktlA
mHQFvr6DfZv9ofbbrwaB2XUlP3xqvspHDz1/VSRFNt+OmM3nlI1FczjTXGSZpQV4
NuUfwb/VVub+uzP95tVOx9pbKUPD6MrBRajZx1Q=
-----END CERTIFICATE-----
Generated at Wed Oct 23 14:05:12 2024 by rpki-client on console-fra.rpki-client.org