Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Nns0ZpDA0dWcjMUPjod5GddVde0.roa
File: Nns0ZpDA0dWcjMUPjod5GddVde0.roa (raw, json)
Hash identifier: QITRjXpvjgkBGti/qe1ViGYjkt8DidLX2eLL193UhNw=
Subject key identifier: 36:7B:34:66:90:C0:D1:D5:9C:8C:C5:0F:8E:87:79:19:D7:55:75:ED
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192B956AA8AF07BA12A436794ABF496CEBC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Nns0ZpDA0dWcjMUPjod5GddVde0.roa
Signing time: Wed 23 Oct 2024 12:25:17 +0000
ROA not before: Wed 23 Oct 2024 12:25:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214238
IP address blocks: 5.253.56.0/24 maxlen: 24
5.253.57.0/24 maxlen: 24
5.253.58.0/24 maxlen: 24
31.169.124.0/24 maxlen: 24
31.169.125.0/24 maxlen: 24
31.169.126.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.95.0.0/24 maxlen: 24
45.95.1.0/24 maxlen: 24
45.95.2.0/24 maxlen: 24
45.95.3.0/24 maxlen: 24
45.128.97.0/24 maxlen: 24
45.128.99.0/24 maxlen: 24
45.149.235.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
85.208.139.0/24 maxlen: 24
87.120.92.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
87.120.219.0/24 maxlen: 24
87.120.222.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
93.123.31.0/24 maxlen: 24
94.125.102.0/24 maxlen: 24
94.125.103.0/24 maxlen: 24
185.207.14.0/24 maxlen: 24
185.207.15.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.8.184.0/24 maxlen: 24
193.8.186.0/24 maxlen: 24
193.8.187.0/24 maxlen: 24
193.148.56.0/24 maxlen: 24
193.148.57.0/24 maxlen: 24
193.148.58.0/24 maxlen: 24
193.148.59.0/24 maxlen: 24
193.168.199.0/24 maxlen: 24
194.113.36.0/24 maxlen: 24
194.113.37.0/24 maxlen: 24
212.87.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Oct 2024 16:16:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:56:aa:8a:f0:7b:a1:2a:43:67:94:ab:f4:96:ce:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 23 12:25:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=367b346690c0d1d59c8cc50f8e877919d75575ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:dd:12:13:b8:3e:f1:9f:21:08:c1:19:ee:7e:
75:30:80:29:d3:44:a1:fb:28:51:08:d2:dc:da:9c:
a3:d8:26:4c:52:51:72:91:a6:17:29:65:4c:ce:d1:
28:ba:28:13:7c:4c:a0:9f:1c:d3:ee:a4:b0:9b:ab:
f5:85:f5:b2:8c:16:61:29:39:07:22:de:11:58:26:
f3:0b:9b:df:6e:87:9a:f4:05:c1:5b:d8:1d:85:45:
55:a7:ad:26:0f:a1:3e:cc:f4:10:1d:2c:33:bc:de:
c1:7f:6f:ff:fd:f8:c2:64:15:60:a4:4b:a0:d6:7f:
6e:4a:1a:ff:e4:bb:ea:13:1c:92:62:72:bd:0b:f5:
5e:d4:6b:44:06:65:cb:88:09:5f:f2:e2:26:9c:98:
6b:e7:12:da:20:aa:01:e9:86:bf:64:fc:c6:14:57:
c5:2e:db:ed:f1:88:c4:d1:23:2d:30:df:33:04:fd:
ee:bc:aa:26:eb:8c:71:e3:8d:0c:63:5c:c9:6b:09:
7b:a2:84:1f:72:0e:ad:2a:1b:c9:7d:60:58:c0:40:
5c:15:a2:a3:9a:1d:44:02:e6:8f:51:07:c9:8e:40:
70:83:51:2c:0f:ad:aa:ca:90:2d:db:53:3e:26:19:
1c:db:22:43:20:27:8d:c1:6c:08:dd:81:1e:21:f6:
d4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:7B:34:66:90:C0:D1:D5:9C:8C:C5:0F:8E:87:79:19:D7:55:75:ED
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Nns0ZpDA0dWcjMUPjod5GddVde0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0-5.253.58.255
31.169.124.0/22
45.88.66.0/24
45.95.0.0/22
45.128.97.0/24
45.128.99.0/24
45.149.235.0/24
83.143.113.0/24
85.208.139.0/24
87.120.92.0/24
87.120.108.0/24
87.120.196.0/24
87.120.205.0/24
87.120.216.0/24
87.120.219.0/24
87.120.222.0/24
87.121.47.0/24
93.123.31.0/24
94.125.102.0/23
185.207.14.0/23
185.252.179.0/24
193.8.184.0/24
193.8.186.0/23
193.148.56.0/22
193.168.199.0/24
194.113.36.0/23
212.87.222.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:40:7b:a1:71:99:30:f6:3e:ad:5d:0e:d2:df:b7:cb:a7:cd:
a4:a8:50:bd:7d:d1:26:7b:6d:2d:8b:8e:9c:9e:ed:76:8d:1b:
31:93:10:96:95:b4:7d:27:1b:fa:be:d9:50:ae:cf:a2:69:75:
45:37:b3:68:37:2d:7f:08:fe:4d:04:7a:26:78:39:86:19:5e:
89:b9:74:87:2b:d6:4f:ae:9e:02:27:f5:69:da:bd:c0:be:1a:
14:d7:e5:5c:75:fb:9c:49:b0:ad:39:04:18:ea:1b:e0:14:91:
cb:7c:1c:c2:e8:7f:48:70:42:d8:e0:0e:81:dc:e1:af:94:2c:
28:e5:1f:b9:de:c0:fb:74:a4:6c:1f:63:97:23:da:07:51:e8:
8e:66:c8:24:85:7f:e6:18:47:a2:65:29:bd:e8:97:f0:25:6c:
b0:ff:31:fc:f9:90:f2:35:ab:e1:6b:46:d8:f3:7b:9e:e8:ed:
7b:7e:af:38:54:4c:00:df:f6:9e:3b:0d:95:93:6f:17:a6:9d:
cd:d5:05:55:87:0c:d0:60:bb:1b:cf:91:25:5c:27:c4:22:4f:
3b:d9:33:35:1c:57:3a:86:be:b8:ca:ff:bc:1e:ae:de:19:e1:
db:55:47:b2:6e:2e:b9:05:62:d2:e5:d1:83:3d:9b:d2:f4:15:
84:e6:22:b8
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAZK5VqqK8HuhKkNnlKv0ls68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDIzMTIyNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjdiMzQ2NjkwYzBkMWQ1OWM4Y2M1MGY4ZTg3NzkxOWQ3NTU3NWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA090SE7g+8Z8hCMEZ7n51MIAp00Sh
+yhRCNLc2pyj2CZMUlFykaYXKWVMztEouigTfEygnxzT7qSwm6v1hfWyjBZhKTkH
It4RWCbzC5vfboea9AXBW9gdhUVVp60mD6E+zPQQHSwzvN7Bf2///fjCZBVgpEug
1n9uShr/5LvqExySYnK9C/Ve1GtEBmXLiAlf8uImnJhr5xLaIKoB6Ya/ZPzGFFfF
Ltvt8YjE0SMtMN8zBP3uvKom64xx440MY1zJawl7ooQfcg6tKhvJfWBYwEBcFaKj
mh1EAuaPUQfJjkBwg1EsD62qypAt21M+Jhkc2yJDICeNwWwI3YEeIfbU7QIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFDZ7NGaQwNHVnIzFD46HeRnXVXXtMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTm5zMFpwREEwZFdjak1VUGpvZDVHZGRWZGUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaowDAME
AwX9OAMEAAX9OgMEAh+pfAMEAC1YQgMEAi1fAAMEAC2AYQMEAC2AYwMEAC2V6wME
AFOPcQMEAFXQiwMEAFd4XAMEAFd4bAMEAFd4xAMEAFd4zQMEAFd42AMEAFd42wME
AFd43gMEAFd5LwMEAF17HwMEAV59ZgMEAbnPDgMEALn8swMEAMEIuAMEAcEIugME
AsGUOAMEAMGoxwMEAcJxJAMEANRX3jANBgkqhkiG9w0BAQsFAAOCAQEAfkB7oXGZ
MPY+rV0O0t+3y6fNpKhQvX3RJnttLYuOnJ7tdo0bMZMQlpW0fScb+r7ZUK7Poml1
RTezaDctfwj+TQR6Jng5hhleibl0hyvWT66eAif1adq9wL4aFNflXHX7nEmwrTkE
GOob4BSRy3wcwuh/SHBC2OAOgdzhr5QsKOUfud7A+3SkbB9jlyPaB1HojmbIJIV/
5hhHomUpveiX8CVssP8x/PmQ8jWr4WtG2PN7nujte36vOFRMAN/2njsNlZNvF6ad
zdUFVYcM0GC7G8+RJVwnxCJPO9kzNRxXOoa+uMr/vB6u3hnh21VHsm4uuQVi0uXR
gz2b0vQVhOYiuA==
-----END CERTIFICATE-----
Generated at Fri Oct 25 20:38:12 2024 by rpki-client on console-ams.rpki-client.org