Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PicZAW60lREnUKggrAaMKV-Zfh4.roa
File: PicZAW60lREnUKggrAaMKV-Zfh4.roa (raw, json)
Hash identifier: YZ9dnDKWTZ+HQKPNbUgNSQiqu1unyprWzzxoV4SX4A0=
Subject key identifier: 3E:27:19:01:6E:B4:95:11:27:50:A8:20:AC:06:8C:29:5F:99:7E:1E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192DDBA2E2A2E340B13FA2D92E2D164BA5E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PicZAW60lREnUKggrAaMKV-Zfh4.roa
Signing time: Wed 30 Oct 2024 14:00:19 +0000
ROA not before: Wed 30 Oct 2024 14:00:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214238
IP address blocks: 5.253.56.0/24 maxlen: 24
5.253.57.0/24 maxlen: 24
5.253.58.0/24 maxlen: 24
31.169.124.0/24 maxlen: 24
31.169.125.0/24 maxlen: 24
31.169.126.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.95.0.0/24 maxlen: 24
45.95.2.0/24 maxlen: 24
45.128.99.0/24 maxlen: 24
87.120.92.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
87.120.219.0/24 maxlen: 24
87.120.222.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
87.121.216.0/24 maxlen: 24
93.123.31.0/24 maxlen: 24
94.125.102.0/24 maxlen: 24
94.125.103.0/24 maxlen: 24
185.207.14.0/24 maxlen: 24
185.207.15.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.8.184.0/24 maxlen: 24
193.8.186.0/24 maxlen: 24
193.8.187.0/24 maxlen: 24
193.148.56.0/24 maxlen: 24
193.148.57.0/24 maxlen: 24
193.148.58.0/24 maxlen: 24
193.148.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Nov 2024 07:03:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dd:ba:2e:2a:2e:34:0b:13:fa:2d:92:e2:d1:64:ba:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 30 14:00:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e2719016eb495112750a820ac068c295f997e1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:05:af:17:96:74:54:e9:77:47:1d:52:ea:63:
1a:25:cd:c2:e3:91:12:4c:ea:01:7c:89:d5:7c:db:
08:30:92:c0:53:d8:45:a4:c0:df:0f:6f:ce:dd:28:
ce:5b:ef:fe:6d:59:bb:7b:5e:56:63:81:91:f6:74:
dd:62:51:a3:b9:cc:96:0d:16:53:53:88:00:e5:a0:
1a:33:ab:0b:c8:97:67:f4:e0:f6:70:65:66:86:7b:
5b:b8:d2:cd:de:31:e6:ba:19:20:00:b2:53:3e:f9:
7f:f0:e5:bb:d6:31:54:42:5e:1e:af:12:f8:95:f7:
78:59:af:7a:f2:ce:df:d6:75:e4:2a:5c:27:43:d1:
48:69:1a:76:3f:aa:02:e7:41:88:54:54:f3:17:dc:
1b:27:c0:6d:de:82:69:68:ef:03:23:53:f2:b4:13:
40:f0:a1:b1:28:99:ba:8c:cb:d3:08:0c:f5:d5:e4:
c0:e7:05:1e:06:bc:4e:8c:1f:a6:f9:f3:0c:e2:28:
74:0c:3f:27:d5:a0:1b:0a:43:4b:a6:2d:fa:38:e7:
d2:4d:a1:af:00:df:5b:6f:ee:70:41:a5:b3:c1:3c:
3c:ae:ec:a2:3e:4b:3b:17:8a:a0:49:b7:a6:b9:57:
fa:e6:5f:61:5e:12:9c:63:3f:3a:28:2a:93:3b:64:
c4:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:27:19:01:6E:B4:95:11:27:50:A8:20:AC:06:8C:29:5F:99:7E:1E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PicZAW60lREnUKggrAaMKV-Zfh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0-5.253.58.255
31.169.124.0/22
45.88.66.0/24
45.95.0.0/24
45.95.2.0/24
45.128.99.0/24
87.120.92.0/24
87.120.108.0/24
87.120.196.0/24
87.120.205.0/24
87.120.216.0/24
87.120.219.0/24
87.120.222.0/24
87.121.47.0/24
87.121.216.0/24
93.123.31.0/24
94.125.102.0/23
185.207.14.0/23
185.252.179.0/24
193.8.184.0/24
193.8.186.0/23
193.148.56.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:47:f3:f6:6d:95:98:5f:2d:5d:aa:50:99:f6:bb:69:a2:e4:
fa:00:2c:a6:99:15:c1:4f:bf:39:0c:af:32:1e:28:d0:23:e8:
4a:af:b7:f7:71:5f:e6:16:b4:ae:79:2f:be:b3:44:45:8d:b3:
68:f6:8b:64:aa:a3:8f:aa:3d:94:20:2d:e4:e7:87:84:70:ff:
40:2b:3b:86:08:90:c1:cc:8d:50:cd:ab:0e:58:5f:46:b1:cc:
89:37:70:e7:f0:7e:4a:d0:75:90:24:0a:91:e7:3e:7b:79:66:
09:16:8a:2a:ef:72:ba:16:e1:2f:c7:11:aa:2f:2e:be:fa:2e:
3e:09:fc:11:a8:02:9f:82:11:ef:d8:f0:b2:46:4f:4c:d6:c0:
ff:d0:01:41:90:38:dd:32:c9:ef:ba:0b:6d:71:17:99:43:a0:
1f:0a:0c:ba:ff:56:15:e6:c2:67:7c:e0:39:4b:19:1a:24:17:
0c:45:2d:25:e8:35:ad:94:72:c2:ca:7c:dd:bb:6b:64:67:ed:
ce:a9:a7:cf:15:43:77:9a:83:a3:49:a0:4b:de:cf:30:c6:1a:
0e:33:39:b1:aa:94:92:68:d8:14:e8:78:ec:9a:d6:45:df:c8:
7f:c7:86:85:5e:69:b9:b6:19:05:fd:50:42:9f:a1:ba:90:b1:
14:81:e7:61
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZLdui4qLjQLE/otkuLRZLpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDMwMTQwMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTI3MTkwMTZlYjQ5NTExMjc1MGE4MjBhYzA2OGMyOTVmOTk3ZTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgWvF5Z0VOl3Rx1S6mMaJc3C45ES
TOoBfInVfNsIMJLAU9hFpMDfD2/O3SjOW+/+bVm7e15WY4GR9nTdYlGjucyWDRZT
U4gA5aAaM6sLyJdn9OD2cGVmhntbuNLN3jHmuhkgALJTPvl/8OW71jFUQl4erxL4
lfd4Wa968s7f1nXkKlwnQ9FIaRp2P6oC50GIVFTzF9wbJ8Bt3oJpaO8DI1PytBNA
8KGxKJm6jMvTCAz11eTA5wUeBrxOjB+m+fMM4ih0DD8n1aAbCkNLpi36OOfSTaGv
AN9bb+5wQaWzwTw8ruyiPks7F4qgSbemuVf65l9hXhKcYz86KCqTO2TEOQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFD4nGQFutJURJ1CoIKwGjClfmX4eMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUGljWkFXNjBsUkVuVUtnZ3JBYU1LVi1aZmg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwwDAME
AwX9OAMEAAX9OgMEAh+pfAMEAC1YQgMEAC1fAAMEAC1fAgMEAC2AYwMEAFd4XAME
AFd4bAMEAFd4xAMEAFd4zQMEAFd42AMEAFd42wMEAFd43gMEAFd5LwMEAFd52AME
AF17HwMEAV59ZgMEAbnPDgMEALn8swMEAMEIuAMEAcEIugMEAsGUODANBgkqhkiG
9w0BAQsFAAOCAQEArUfz9m2VmF8tXapQmfa7aaLk+gAsppkVwU+/OQyvMh4o0CPo
Sq+393Ff5ha0rnkvvrNERY2zaPaLZKqjj6o9lCAt5OeHhHD/QCs7hgiQwcyNUM2r
DlhfRrHMiTdw5/B+StB1kCQKkec+e3lmCRaKKu9yuhbhL8cRqi8uvvouPgn8EagC
n4IR79jwskZPTNbA/9ABQZA43TLJ77oLbXEXmUOgHwoMuv9WFebCZ3zgOUsZGiQX
DEUtJeg1rZRywsp83btrZGftzqmnzxVDd5qDo0mgS97PMMYaDjM5saqUkmjYFOh4
7JrWRd/If8eGhV5pubYZBf1QQp+hupCxFIHnYQ==
-----END CERTIFICATE-----
Generated at Thu Nov 14 08:42:07 2024 by rpki-client on console-ams.rpki-client.org