Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Xo-aS_gmZE2iXwJQPZSz0P15QT0.roa
File: Xo-aS_gmZE2iXwJQPZSz0P15QT0.roa (raw, json)
Hash identifier: sup631z6lv6ifU44+SzGKHfKn4Q4qqw3EoXAoNG9OQo=
Subject key identifier: 5E:8F:9A:4B:F8:26:64:4D:A2:5F:02:50:3D:94:B3:D0:FD:79:41:3D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192C4799DB613D0E91C1E017EDE58587B5F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Xo-aS_gmZE2iXwJQPZSz0P15QT0.roa
Signing time: Fri 25 Oct 2024 16:19:17 +0000
ROA not before: Fri 25 Oct 2024 16:19:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214238
IP address blocks: 5.253.56.0/24 maxlen: 24
5.253.57.0/24 maxlen: 24
5.253.58.0/24 maxlen: 24
31.169.124.0/24 maxlen: 24
31.169.125.0/24 maxlen: 24
31.169.126.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.95.0.0/24 maxlen: 24
45.95.2.0/24 maxlen: 24
45.128.97.0/24 maxlen: 24
45.128.99.0/24 maxlen: 24
45.149.235.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
85.208.139.0/24 maxlen: 24
87.120.92.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
87.120.219.0/24 maxlen: 24
87.120.222.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
93.123.31.0/24 maxlen: 24
94.125.102.0/24 maxlen: 24
94.125.103.0/24 maxlen: 24
185.207.14.0/24 maxlen: 24
185.207.15.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.8.184.0/24 maxlen: 24
193.8.186.0/24 maxlen: 24
193.8.187.0/24 maxlen: 24
193.148.56.0/24 maxlen: 24
193.148.57.0/24 maxlen: 24
193.148.58.0/24 maxlen: 24
193.148.59.0/24 maxlen: 24
193.168.199.0/24 maxlen: 24
194.113.37.0/24 maxlen: 24
212.87.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 26 Oct 2024 14:07:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c4:79:9d:b6:13:d0:e9:1c:1e:01:7e:de:58:58:7b:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 25 16:19:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e8f9a4bf826644da25f02503d94b3d0fd79413d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f4:3d:ac:bb:9a:23:9f:a4:fb:5c:61:87:cf:
41:c8:b7:56:72:75:4c:6a:b4:7e:d8:90:3e:26:e0:
e6:1f:92:e5:06:27:99:5a:29:4f:ae:3d:5a:ce:d5:
35:95:c5:58:6f:27:97:80:d2:5b:e5:f9:b8:4f:20:
4c:61:6c:8a:96:6e:d0:85:21:1c:58:d5:65:35:24:
a0:63:d5:2a:e2:12:a1:5e:32:17:92:51:96:4d:0c:
11:44:5f:22:ee:b1:5a:47:d8:fa:50:62:ae:ca:30:
90:04:91:5b:08:51:70:0e:e4:fa:ab:12:f8:e7:60:
44:8f:c4:e7:e6:06:9d:01:51:a1:88:cd:42:b2:29:
12:5a:f2:27:e2:9f:ce:2b:0c:b4:da:17:48:cd:75:
9a:e9:eb:6b:b4:e4:ad:4b:fb:b5:7c:4f:f1:a3:6b:
48:24:fc:78:e8:fa:58:ad:99:da:8c:da:66:9b:78:
3a:09:7b:82:dd:16:a2:f6:8b:a8:6f:d4:0f:08:51:
fd:d8:25:87:7d:ff:dd:12:15:60:8a:93:35:85:6b:
b1:5d:d4:9c:05:2d:f1:ff:31:87:88:81:65:ab:91:
b0:64:e1:57:53:c6:e8:92:dc:73:92:5a:91:ec:43:
92:fb:4d:ab:5d:84:d5:33:c9:f3:7a:51:4b:0f:96:
ee:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:8F:9A:4B:F8:26:64:4D:A2:5F:02:50:3D:94:B3:D0:FD:79:41:3D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Xo-aS_gmZE2iXwJQPZSz0P15QT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0-5.253.58.255
31.169.124.0/22
45.88.66.0/24
45.95.0.0/24
45.95.2.0/24
45.128.97.0/24
45.128.99.0/24
45.149.235.0/24
83.143.113.0/24
85.208.139.0/24
87.120.92.0/24
87.120.108.0/24
87.120.196.0/24
87.120.205.0/24
87.120.216.0/24
87.120.219.0/24
87.120.222.0/24
87.121.47.0/24
93.123.31.0/24
94.125.102.0/23
185.207.14.0/23
185.252.179.0/24
193.8.184.0/24
193.8.186.0/23
193.148.56.0/22
193.168.199.0/24
194.113.37.0/24
212.87.222.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:01:f8:c9:dd:f8:45:e1:a2:6b:be:a3:76:c3:b3:aa:be:69:
94:39:15:90:94:04:c4:d6:86:b4:c0:e6:83:0b:2d:85:7d:32:
a3:c3:e0:90:59:5c:5a:d2:e8:1e:e7:b2:bb:e2:cd:5a:6c:a7:
07:08:6b:1d:2a:d2:a4:c9:5e:f7:08:3e:41:cd:d0:b4:85:73:
6a:2d:07:f5:3f:2c:fe:e4:10:54:66:df:e3:45:30:dd:37:38:
b9:e0:27:26:1e:d9:6b:a2:05:2d:9e:42:5d:74:9a:42:d1:b9:
cb:be:08:30:7b:0e:64:cd:ee:91:9d:a5:70:9f:ab:8d:5a:44:
41:23:66:bf:d3:aa:e2:d4:a4:8b:be:e6:2e:5e:3e:0e:e4:d3:
9d:7c:ff:93:19:86:d7:2f:17:57:4c:f6:f0:f9:55:b9:90:9a:
24:45:79:e3:e1:08:4a:8c:b9:2a:fd:05:40:fc:86:44:74:1b:
05:06:6b:87:10:76:ec:91:c1:65:72:a1:13:9c:f2:e0:d7:e9:
75:e6:47:fc:8d:cd:79:ee:e2:b1:5c:8c:52:06:c0:e0:35:05:
d4:aa:45:54:89:44:e9:af:0a:75:7f:f5:36:36:18:c6:b3:da:
1f:f2:8b:d3:6f:08:67:2b:14:3b:e4:f5:77:13:8a:64:b7:da:
bc:4d:93:56
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAZLEeZ22E9DpHB4Bft5YWHtfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDI1MTYxOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZThmOWE0YmY4MjY2NDRkYTI1ZjAyNTAzZDk0YjNkMGZkNzk0MTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPQ9rLuaI5+k+1xhh89ByLdWcnVM
arR+2JA+JuDmH5LlBieZWilPrj1aztU1lcVYbyeXgNJb5fm4TyBMYWyKlm7QhSEc
WNVlNSSgY9Uq4hKhXjIXklGWTQwRRF8i7rFaR9j6UGKuyjCQBJFbCFFwDuT6qxL4
52BEj8Tn5gadAVGhiM1CsikSWvIn4p/OKwy02hdIzXWa6etrtOStS/u1fE/xo2tI
JPx46PpYrZnajNpmm3g6CXuC3Rai9ouob9QPCFH92CWHff/dEhVgipM1hWuxXdSc
BS3x/zGHiIFlq5GwZOFXU8boktxzklqR7EOS+02rXYTVM8nzelFLD5bu8QIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFF6Pmkv4JmRNol8CUD2Us9D9eUE9MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWG8tYVNfZ21aRTJpWHdKUVBaU3owUDE1UVQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbAwDAME
AwX9OAMEAAX9OgMEAh+pfAMEAC1YQgMEAC1fAAMEAC1fAgMEAC2AYQMEAC2AYwME
AC2V6wMEAFOPcQMEAFXQiwMEAFd4XAMEAFd4bAMEAFd4xAMEAFd4zQMEAFd42AME
AFd42wMEAFd43gMEAFd5LwMEAF17HwMEAV59ZgMEAbnPDgMEALn8swMEAMEIuAME
AcEIugMEAsGUOAMEAMGoxwMEAMJxJQMEANRX3jANBgkqhkiG9w0BAQsFAAOCAQEA
TgH4yd34ReGia76jdsOzqr5plDkVkJQExNaGtMDmgwsthX0yo8PgkFlcWtLoHuey
u+LNWmynBwhrHSrSpMle9wg+Qc3QtIVzai0H9T8s/uQQVGbf40Uw3Tc4ueAnJh7Z
a6IFLZ5CXXSaQtG5y74IMHsOZM3ukZ2lcJ+rjVpEQSNmv9Oq4tSki77mLl4+DuTT
nXz/kxmG1y8XV0z28PlVuZCaJEV54+EISoy5Kv0FQPyGRHQbBQZrhxB27JHBZXKh
E5zy4NfpdeZH/I3Nee7isVyMUgbA4DUF1KpFVIlE6a8KdX/1NjYYxrPaH/KL028I
ZysUO+T1dxOKZLfavE2TVg==
-----END CERTIFICATE-----
Generated at Sat Oct 26 16:20:43 2024 by rpki-client on console-fra.rpki-client.org