Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NxwHmH4BKMD_MY3YcEGcG9jQ6uc.roa
File: NxwHmH4BKMD_MY3YcEGcG9jQ6uc.roa (raw, json)
Hash identifier: Fq2a3a5Jk3bRDuhUYid5CpcI+XIohEkg30jKcvs3PB8=
Subject key identifier: 37:1C:07:98:7E:01:28:C0:FF:31:8D:D8:70:41:9C:1B:D8:D0:EA:E7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01928FC6058460759E3EBAAEB63E57609B99
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NxwHmH4BKMD_MY3YcEGcG9jQ6uc.roa
Signing time: Tue 15 Oct 2024 10:42:52 +0000
ROA not before: Tue 15 Oct 2024 10:42:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 5.253.56.0/22 maxlen: 24
31.13.247.0/24 maxlen: 24
31.169.124.0/22 maxlen: 24
37.139.128.0/24 maxlen: 24
45.84.88.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.89.244.0/24 maxlen: 24
45.91.193.0/24 maxlen: 24
45.95.0.0/22 maxlen: 24
45.128.97.0/24 maxlen: 24
45.128.99.0/24 maxlen: 24
45.128.234.0/24 maxlen: 24
45.128.235.0/24 maxlen: 24
45.149.235.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
85.208.136.0/24 maxlen: 24
85.208.139.0/24 maxlen: 24
87.120.36.0/24 maxlen: 24
87.120.88.0/24 maxlen: 24
87.120.92.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
87.120.219.0/24 maxlen: 24
87.120.222.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
87.121.98.0/24 maxlen: 24
87.121.216.0/22 maxlen: 24
91.92.21.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
94.125.100.0/22 maxlen: 24
94.156.236.0/24 maxlen: 24
109.206.236.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
109.206.242.0/24 maxlen: 24
109.206.243.0/24 maxlen: 24
171.22.16.0/24 maxlen: 24
171.22.19.0/24 maxlen: 24
171.22.30.0/24 maxlen: 24
185.207.14.0/23 maxlen: 24
185.218.137.0/24 maxlen: 24
185.218.138.0/24 maxlen: 24
185.246.220.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.246.222.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.8.184.0/22 maxlen: 24
193.47.60.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
193.148.56.0/22 maxlen: 24
193.168.196.0/22 maxlen: 24
194.113.36.0/22 maxlen: 24
212.87.220.0/22 maxlen: 24
212.87.222.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Oct 2024 11:13:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8f:c6:05:84:60:75:9e:3e:ba:ae:b6:3e:57:60:9b:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 15 10:42:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=371c07987e0128c0ff318dd870419c1bd8d0eae7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3b:f9:24:21:22:22:56:32:1b:8c:40:a9:28:
8c:42:8b:23:df:c4:f9:b7:b9:f6:5b:51:ea:52:7f:
ae:b4:5e:de:1f:ad:05:cc:14:6c:bb:35:aa:87:97:
a4:a6:6f:8f:43:33:b5:7e:34:95:55:51:f1:d8:59:
8d:22:61:07:b5:57:d3:73:6e:67:7c:8b:65:4a:d6:
aa:57:5d:e9:f6:c9:f4:e7:67:55:6c:3f:e3:19:c8:
0e:d1:7f:69:79:3a:ea:f5:dc:4f:bb:11:ac:ef:08:
75:08:b5:03:b3:15:a7:1f:e0:13:b2:4e:0d:01:21:
48:7e:7e:6e:f9:52:ce:22:f5:6d:e8:ad:b4:9f:30:
e8:b5:cd:ed:13:7d:e3:60:43:31:4f:d2:1c:75:d1:
1e:c7:31:a7:43:3f:d5:82:2a:1f:00:22:8a:41:7f:
2f:fb:da:08:e8:39:76:56:9d:fd:c5:63:96:9f:2a:
21:95:0a:65:bc:fc:d3:f7:27:2c:0e:50:e6:79:8b:
6c:f7:05:e0:40:57:8f:be:d1:f4:d8:f0:c9:18:55:
11:89:76:e8:a8:72:10:87:6e:e8:12:34:83:02:c5:
af:41:a2:61:00:92:f2:7d:4c:59:7b:83:ed:40:d2:
36:01:ba:67:0a:6d:9e:29:e8:ec:95:73:d4:d8:ba:
26:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:1C:07:98:7E:01:28:C0:FF:31:8D:D8:70:41:9C:1B:D8:D0:EA:E7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NxwHmH4BKMD_MY3YcEGcG9jQ6uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0/22
31.13.247.0/24
31.169.124.0/22
37.139.128.0/24
45.84.88.0/24
45.88.66.0/24
45.89.244.0/24
45.91.193.0/24
45.95.0.0/22
45.128.97.0/24
45.128.99.0/24
45.128.234.0/23
45.149.235.0/24
79.110.63.0/24
83.143.113.0/24
85.31.44.0/24
85.31.46.0/24
85.208.136.0/24
85.208.139.0/24
87.120.36.0/24
87.120.88.0/24
87.120.92.0/24
87.120.108.0/24
87.120.196.0/24
87.120.205.0/24
87.120.216.0/24
87.120.219.0/24
87.120.222.0/24
87.121.47.0/24
87.121.98.0/24
87.121.216.0/22
91.92.21.0/24
93.123.30.0/23
94.125.100.0/22
94.156.236.0/24
109.206.236.0/24
109.206.240.0/24
109.206.242.0/23
171.22.16.0/24
171.22.19.0/24
171.22.30.0/24
185.207.14.0/23
185.218.137.0-185.218.138.255
185.246.220.0-185.246.222.255
185.252.179.0/24
193.8.184.0/22
193.47.60.0/23
193.148.56.0/22
193.168.196.0/22
194.113.36.0/22
212.87.220.0/22
Signature Algorithm: sha256WithRSAEncryption
63:37:0a:02:0e:92:45:d8:87:3c:38:0d:20:f5:3f:87:d1:f0:
9a:e6:9e:c3:6a:ed:0d:12:46:91:7b:f9:83:61:2d:9a:fa:1a:
e7:29:20:e8:d5:7e:77:f2:16:93:ec:ac:c4:34:50:a6:9b:e7:
1a:b1:c9:59:bb:ef:98:b1:e1:05:60:9d:3c:b8:ff:8f:16:50:
41:cc:8d:db:07:55:ff:a2:59:4f:64:d7:23:62:49:87:d8:18:
f7:f9:cc:09:34:5e:b0:da:32:79:ae:8b:57:fd:84:c1:bf:e0:
bc:2d:41:db:55:78:c1:24:31:b7:dd:b7:ea:31:e9:c9:b6:34:
54:75:db:fb:69:3d:05:44:7f:aa:67:78:7e:3d:a5:26:2a:4c:
7e:db:ff:b8:b3:91:1a:cb:73:07:48:b2:2f:18:00:3d:8e:c0:
5c:49:ea:c2:d7:2b:4b:b6:a9:39:18:8f:e7:f0:44:7e:69:83:
2e:15:02:78:36:56:da:25:9e:2e:f4:36:07:e5:ed:73:91:fa:
12:3d:a2:a6:29:07:09:1a:bc:ce:c8:da:0b:ad:c0:be:ff:2c:
49:b5:35:e9:d4:6f:db:fe:c9:24:56:c2:39:5e:6c:38:9e:20:
59:1c:3a:7f:6a:85:c2:2e:be:9f:3e:c9:fa:13:df:f0:3b:99:
e9:c3:54:9e
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgISAZKPxgWEYHWePrqutj5XYJuZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDE1MTA0MjUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzFjMDc5ODdlMDEyOGMwZmYzMThkZDg3MDQxOWMxYmQ4ZDBlYWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozv5JCEiIlYyG4xAqSiMQosj38T5
t7n2W1HqUn+utF7eH60FzBRsuzWqh5ekpm+PQzO1fjSVVVHx2FmNImEHtVfTc25n
fItlStaqV13p9sn052dVbD/jGcgO0X9peTrq9dxPuxGs7wh1CLUDsxWnH+ATsk4N
ASFIfn5u+VLOIvVt6K20nzDotc3tE33jYEMxT9IcddEexzGnQz/VgiofACKKQX8v
+9oI6Dl2Vp39xWOWnyohlQplvPzT9ycsDlDmeYts9wXgQFePvtH02PDJGFURiXbo
qHIQh27oEjSDAsWvQaJhAJLyfUxZe4PtQNI2AbpnCm2eKejslXPU2LomFQIDAQAB
o4IDTzCCA0swHQYDVR0OBBYEFDccB5h+ASjA/zGN2HBBnBvY0OrnMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTnh3SG1INEJLTURfTVkzWWNFR2NHOWpRNnVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYwYIKwYBBQUHAQcBAf8EggFSMIIBTjCCAUoEAgABMIIB
QgMEAgX9OAMEAB8N9wMEAh+pfAMEACWLgAMEAC1UWAMEAC1YQgMEAC1Z9AMEAC1b
wQMEAi1fAAMEAC2AYQMEAC2AYwMEAS2A6gMEAC2V6wMEAE9uPwMEAFOPcQMEAFUf
LAMEAFUfLgMEAFXQiAMEAFXQiwMEAFd4JAMEAFd4WAMEAFd4XAMEAFd4bAMEAFd4
xAMEAFd4zQMEAFd42AMEAFd42wMEAFd43gMEAFd5LwMEAFd5YgMEAld52AMEAFtc
FQMEAV17HgMEAl59ZAMEAF6c7AMEAG3O7AMEAG3O8AMEAW3O8gMEAKsWEAMEAKsW
EwMEAKsWHgMEAbnPDjAMAwQAudqJAwQAudqKMAwDBAK59twDBAC59t4DBAC5/LMD
BALBCLgDBAHBLzwDBALBlDgDBALBqMQDBALCcSQDBALUV9wwDQYJKoZIhvcNAQEL
BQADggEBAGM3CgIOkkXYhzw4DSD1P4fR8JrmnsNq7Q0SRpF7+YNhLZr6GucpIOjV
fnfyFpPsrMQ0UKab5xqxyVm775ix4QVgnTy4/48WUEHMjdsHVf+iWU9k1yNiSYfY
GPf5zAk0XrDaMnmui1f9hMG/4LwtQdtVeMEkMbfdt+ox6cm2NFR12/tpPQVEf6pn
eH49pSYqTH7b/7izkRrLcwdIsi8YAD2OwFxJ6sLXK0u2qTkYj+fwRH5pgy4VAng2
Vtolni70Ngfl7XOR+hI9oqYpBwkavM7I2gutwL7/LEm1NenUb9v+ySRWwjlebDie
IFkcOn9qhcIuvp8+yfoT3/A7menDVJ4=
-----END CERTIFICATE-----
Generated at Wed Oct 23 14:05:12 2024 by rpki-client on console-fra.rpki-client.org