Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a4em0nG4VtRlkOBCAgwjcZ86828.roa
File: a4em0nG4VtRlkOBCAgwjcZ86828.roa (raw, json)
Hash identifier: J6z76jMCvd5qe95b0YdqQG1YXM+BfaBwKE4ZNl+stHs=
Subject key identifier: 6B:87:A6:D2:71:B8:56:D4:65:90:E0:42:02:0C:23:71:9F:3A:F3:6F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824C30683A7BB8F01E5DDBA3689B565
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a4em0nG4VtRlkOBCAgwjcZ86828.roa
Signing time: Thu 02 Jan 2025 17:51:25 +0000
ROA not before: Thu 02 Jan 2025 17:51:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214238
IP address blocks: 5.253.56.0/24 maxlen: 24
5.253.57.0/24 maxlen: 24
5.253.58.0/24 maxlen: 24
31.169.124.0/24 maxlen: 24
31.169.125.0/24 maxlen: 24
31.169.126.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.95.0.0/24 maxlen: 24
45.95.2.0/24 maxlen: 24
87.120.92.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
87.120.219.0/24 maxlen: 24
87.120.222.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
87.121.216.0/24 maxlen: 24
93.123.31.0/24 maxlen: 24
94.125.102.0/24 maxlen: 24
94.125.103.0/24 maxlen: 24
185.207.14.0/24 maxlen: 24
185.207.15.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.8.184.0/24 maxlen: 24
193.8.186.0/24 maxlen: 24
193.8.187.0/24 maxlen: 24
193.148.56.0/24 maxlen: 24
193.148.57.0/24 maxlen: 24
193.148.58.0/24 maxlen: 24
193.148.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Jan 2025 09:35:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:c3:06:83:a7:bb:8f:01:e5:dd:ba:36:89:b5:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b87a6d271b856d46590e042020c23719f3af36f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:09:55:88:e1:fe:c4:fd:0a:54:dd:9c:63:24:
0d:9c:86:a2:36:aa:80:24:0c:0b:2a:66:4d:bb:e4:
45:18:39:a8:c1:8f:c2:8a:49:40:a4:b4:e7:e7:fe:
7b:c1:35:9a:7b:08:11:b9:de:42:53:96:f0:52:df:
95:4f:9c:18:83:4a:ab:96:f7:47:5e:27:01:7f:f8:
8b:5d:95:30:87:62:1c:8e:f2:f6:a5:45:09:7d:50:
18:02:36:29:9e:01:5b:44:b4:14:b2:d7:da:6b:d7:
1c:9b:20:31:61:35:60:82:e1:a5:45:df:79:c4:36:
d6:27:2b:f2:99:69:5b:5c:12:37:ea:f5:24:61:e7:
84:75:e0:8b:d0:61:16:e3:1d:c3:cd:ba:b4:65:9a:
67:1e:8f:46:16:35:18:ee:0e:ec:8a:18:16:79:7b:
ab:26:a2:dc:77:31:24:a1:46:f2:a7:16:00:1e:d8:
59:f6:8e:de:19:6b:b5:aa:27:52:8d:12:07:19:a4:
5d:8b:cf:69:36:85:23:2f:33:b7:95:05:41:4a:1f:
cf:96:f2:e6:ee:71:02:3f:c2:3f:e9:48:45:be:1e:
32:f6:0f:64:d1:0b:ec:a0:b8:04:58:e9:c0:21:64:
91:d9:30:7c:4f:d1:57:c6:63:a8:2b:d9:82:eb:3c:
74:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:87:A6:D2:71:B8:56:D4:65:90:E0:42:02:0C:23:71:9F:3A:F3:6F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a4em0nG4VtRlkOBCAgwjcZ86828.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0-5.253.58.255
31.169.124.0/22
45.88.66.0/24
45.95.0.0/24
45.95.2.0/24
87.120.92.0/24
87.120.108.0/24
87.120.196.0/24
87.120.205.0/24
87.120.216.0/24
87.120.219.0/24
87.120.222.0/24
87.121.47.0/24
87.121.216.0/24
93.123.31.0/24
94.125.102.0/23
185.207.14.0/23
185.252.179.0/24
193.8.184.0/24
193.8.186.0/23
193.148.56.0/22
Signature Algorithm: sha256WithRSAEncryption
56:d3:fb:fb:2c:9c:3e:2d:d0:22:d8:98:4a:4c:8b:c9:74:bf:
b9:82:75:5a:f2:94:a8:20:fe:6f:32:51:b7:9a:10:1d:96:ea:
45:ed:02:c6:14:9e:d5:19:62:56:19:e8:98:89:97:68:52:70:
e6:01:7c:c3:6f:b9:26:d3:ab:92:52:9f:80:e5:22:21:25:90:
6f:2a:12:ab:9d:ca:9f:f8:2d:ad:51:06:ba:40:34:9f:2b:81:
73:c6:38:77:5a:0d:80:59:36:d6:88:66:b4:b5:c4:c9:b8:6d:
f9:a5:b6:b5:2f:db:a7:4a:06:12:66:15:49:84:9f:77:b9:9b:
cd:22:08:b6:47:20:f0:38:6f:ec:49:bc:e5:7f:8e:af:25:d8:
4e:68:42:e9:bc:e3:87:3c:fd:f8:b9:75:39:31:c3:d6:8b:be:
01:1c:87:5a:1d:bf:f9:18:34:39:8c:fa:13:ad:74:b1:de:e6:
db:a3:c4:83:ff:47:50:e3:55:88:13:32:19:1a:b6:d9:90:7a:
b6:bb:1e:d6:69:1d:38:a5:fb:c0:53:c1:60:46:22:48:04:f2:
b3:bf:18:f1:53:3b:6b:03:31:67:52:0e:66:46:fd:70:72:ca:
77:13:2b:4c:ce:81:94:6f:c9:44:1b:6f:ec:3e:b9:c2:98:33:
34:23:98:fd
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZQoJMMGg6e7jwHl3bo2ibVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yjg3YTZkMjcxYjg1NmQ0NjU5MGUwNDIwMjBjMjM3MTlmM2FmMzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQlViOH+xP0KVN2cYyQNnIaiNqqA
JAwLKmZNu+RFGDmowY/CiklApLTn5/57wTWaewgRud5CU5bwUt+VT5wYg0qrlvdH
XicBf/iLXZUwh2IcjvL2pUUJfVAYAjYpngFbRLQUstfaa9ccmyAxYTVgguGlRd95
xDbWJyvymWlbXBI36vUkYeeEdeCL0GEW4x3Dzbq0ZZpnHo9GFjUY7g7sihgWeXur
JqLcdzEkoUbypxYAHthZ9o7eGWu1qidSjRIHGaRdi89pNoUjLzO3lQVBSh/PlvLm
7nECP8I/6UhFvh4y9g9k0QvsoLgEWOnAIWSR2TB8T9FXxmOoK9mC6zx07wIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFGuHptJxuFbUZZDgQgIMI3GfOvNvMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYTRlbTBuRzRWdFJsa09CQ0Fnd2pjWjg2ODI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYwDAME
AwX9OAMEAAX9OgMEAh+pfAMEAC1YQgMEAC1fAAMEAC1fAgMEAFd4XAMEAFd4bAME
AFd4xAMEAFd4zQMEAFd42AMEAFd42wMEAFd43gMEAFd5LwMEAFd52AMEAF17HwME
AV59ZgMEAbnPDgMEALn8swMEAMEIuAMEAcEIugMEAsGUODANBgkqhkiG9w0BAQsF
AAOCAQEAVtP7+yycPi3QItiYSkyLyXS/uYJ1WvKUqCD+bzJRt5oQHZbqRe0CxhSe
1RliVhnomImXaFJw5gF8w2+5JtOrklKfgOUiISWQbyoSq53Kn/gtrVEGukA0nyuB
c8Y4d1oNgFk21ohmtLXEybht+aW2tS/bp0oGEmYVSYSfd7mbzSIItkcg8Dhv7Em8
5X+OryXYTmhC6bzjhzz9+Ll1OTHD1ou+ARyHWh2/+Rg0OYz6E610sd7m26PEg/9H
UONViBMyGRq22ZB6trse1mkdOKX7wFPBYEYiSATys78Y8VM7awMxZ1IOZkb9cHLK
dxMrTM6BlG/JRBtv7D65wpgzNCOY/Q==
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:33:27 2025 by rpki-client