Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dcCRJtMX8EQE0n1b8nR5nlhHrVc.roa
File: dcCRJtMX8EQE0n1b8nR5nlhHrVc.roa (raw, json)
Hash identifier: uOy03KhEIF15Lz3ftj1yHwEMwTuIIdFa7GF6IO5pei8=
Subject key identifier: 75:C0:91:26:D3:17:F0:44:04:D2:7D:5B:F2:74:79:9E:58:47:AD:57
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019488CC7067D6E81D322F14DA5DBF9D68A9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dcCRJtMX8EQE0n1b8nR5nlhHrVc.roa
Signing time: Tue 21 Jan 2025 12:18:07 +0000
ROA not before: Tue 21 Jan 2025 12:18:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214238
IP address blocks: 5.253.56.0/24 maxlen: 24
5.253.57.0/24 maxlen: 24
5.253.58.0/24 maxlen: 24
31.169.124.0/24 maxlen: 24
31.169.125.0/24 maxlen: 24
31.169.126.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.95.0.0/24 maxlen: 24
45.95.2.0/24 maxlen: 24
45.128.234.0/24 maxlen: 24
45.128.235.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
85.208.136.0/24 maxlen: 24
87.120.92.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
87.120.219.0/24 maxlen: 24
87.120.222.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
87.121.216.0/24 maxlen: 24
93.123.31.0/24 maxlen: 24
94.125.102.0/24 maxlen: 24
94.125.103.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
185.207.14.0/24 maxlen: 24
185.207.15.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.8.184.0/24 maxlen: 24
193.8.186.0/24 maxlen: 24
193.8.187.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
193.148.56.0/24 maxlen: 24
193.148.57.0/24 maxlen: 24
193.148.58.0/24 maxlen: 24
193.148.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Jan 2025 13:05:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:88:cc:70:67:d6:e8:1d:32:2f:14:da:5d:bf:9d:68:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 21 12:18:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75c09126d317f04404d27d5bf274799e5847ad57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ab:91:60:64:6b:1f:c1:ef:65:d4:1a:0a:5d:
1d:e6:99:7e:e2:ae:b8:6d:2d:42:56:81:5f:88:6b:
5b:9c:2b:0d:42:f6:6f:fd:e7:e9:fb:4b:c0:76:82:
2f:43:06:85:83:eb:62:af:2d:4f:1e:2f:db:e0:5e:
36:05:fc:a1:8b:98:cf:ea:13:2f:56:86:5e:75:a1:
6b:1b:2e:80:8e:ea:87:ff:05:9d:b6:a6:a2:98:fc:
26:d5:43:26:38:b9:73:d9:e9:27:d4:2b:d0:7a:07:
56:ec:34:7b:93:aa:a8:ac:89:6e:b6:72:67:b2:16:
7d:16:d9:dc:ac:14:55:aa:6c:f0:7f:e4:6c:de:82:
66:cd:3e:ca:5e:f9:ca:76:63:e4:3d:85:b4:f4:3b:
c0:3b:36:df:41:3c:f1:1b:7e:42:fb:a2:66:5e:b2:
2b:23:05:5c:22:13:17:2e:51:a2:d6:8d:2d:7b:a3:
80:36:6d:b5:d6:95:ec:8d:27:90:38:5b:88:5d:21:
e7:98:eb:18:9c:f0:46:ae:d1:de:0a:c1:c0:0c:de:
1c:71:d2:de:97:47:1c:12:42:e3:54:8c:a5:0c:a3:
2b:6d:8b:1e:57:55:c6:16:5f:e1:44:c4:9b:4a:0d:
76:54:ad:24:5d:64:ed:24:0b:b9:9c:17:b3:1d:4b:
de:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:C0:91:26:D3:17:F0:44:04:D2:7D:5B:F2:74:79:9E:58:47:AD:57
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dcCRJtMX8EQE0n1b8nR5nlhHrVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0-5.253.58.255
31.169.124.0/22
37.139.128.0/24
45.88.66.0/24
45.95.0.0/24
45.95.2.0/24
45.128.234.0/23
79.110.63.0/24
85.31.44.0/24
85.31.46.0/24
85.208.136.0/24
87.120.92.0/24
87.120.108.0/24
87.120.196.0/24
87.120.205.0/24
87.120.216.0/24
87.120.219.0/24
87.120.222.0/24
87.121.47.0/24
87.121.216.0/24
93.123.31.0/24
94.125.102.0/23
109.206.240.0/24
185.207.14.0/23
185.246.221.0/24
185.252.179.0/24
193.8.184.0/24
193.8.186.0/23
193.47.60.0/23
193.148.56.0/22
Signature Algorithm: sha256WithRSAEncryption
46:da:1e:82:02:e3:1b:6d:49:6e:7e:42:9d:56:01:a6:20:38:
99:d8:42:76:40:55:e6:9f:63:cc:dd:ad:fe:0b:ab:cb:da:59:
3a:d3:25:a3:8c:1d:75:8d:3e:67:4e:bd:e6:1e:6a:cb:a2:b7:
57:94:16:6e:e5:17:86:45:e8:1a:3c:d2:de:e2:87:87:a3:b2:
98:f6:73:a8:9b:45:2d:f2:9b:3c:d6:77:4c:b6:89:5f:29:7a:
c9:fa:eb:c3:3f:b9:d3:ce:33:4a:03:96:69:15:5b:73:b4:75:
fd:7c:46:68:d9:69:fa:05:a2:ce:f2:73:a5:a9:34:03:ab:5b:
ab:e5:c0:85:68:c8:ea:6e:14:db:2a:60:cc:f3:33:50:a7:bf:
00:57:58:e5:1b:83:d5:19:ed:77:2d:70:7e:26:12:2c:f9:ee:
54:f4:a0:20:4a:f4:cf:a2:7c:27:39:55:45:ef:ee:3f:e9:88:
d4:dc:57:a8:21:48:a3:47:a6:92:e2:5f:dd:89:93:fe:e8:23:
30:d9:eb:70:4a:75:2f:bb:5f:97:d4:6d:09:2d:eb:c5:d6:44:
fb:36:69:f4:a1:c6:68:30:80:5a:5b:97:f8:c2:f6:f5:1f:9a:
99:db:8a:22:8a:72:58:02:6a:6f:90:36:fc:eb:a9:2a:b4:50:
fc:16:c4:b9
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAZSIzHBn1ugdMi8U2l2/nWipMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTIxMTIxODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWMwOTEyNmQzMTdmMDQ0MDRkMjdkNWJmMjc0Nzk5ZTU4NDdhZDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6uRYGRrH8HvZdQaCl0d5pl+4q64
bS1CVoFfiGtbnCsNQvZv/efp+0vAdoIvQwaFg+tiry1PHi/b4F42Bfyhi5jP6hMv
VoZedaFrGy6AjuqH/wWdtqaimPwm1UMmOLlz2ekn1CvQegdW7DR7k6qorIlutnJn
shZ9FtncrBRVqmzwf+Rs3oJmzT7KXvnKdmPkPYW09DvAOzbfQTzxG35C+6JmXrIr
IwVcIhMXLlGi1o0te6OANm211pXsjSeQOFuIXSHnmOsYnPBGrtHeCsHADN4ccdLe
l0ccEkLjVIylDKMrbYseV1XGFl/hRMSbSg12VK0kXWTtJAu5nBezHUveUQIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFHXAkSbTF/BEBNJ9W/J0eZ5YR61XMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZGNDUkp0TVg4RVFFMG4xYjhuUjVubGhIclZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwwDAME
AwX9OAMEAAX9OgMEAh+pfAMEACWLgAMEAC1YQgMEAC1fAAMEAC1fAgMEAS2A6gME
AE9uPwMEAFUfLAMEAFUfLgMEAFXQiAMEAFd4XAMEAFd4bAMEAFd4xAMEAFd4zQME
AFd42AMEAFd42wMEAFd43gMEAFd5LwMEAFd52AMEAF17HwMEAV59ZgMEAG3O8AME
AbnPDgMEALn23QMEALn8swMEAMEIuAMEAcEIugMEAcEvPAMEAsGUODANBgkqhkiG
9w0BAQsFAAOCAQEARtoeggLjG21Jbn5CnVYBpiA4mdhCdkBV5p9jzN2t/gury9pZ
OtMlo4wddY0+Z0695h5qy6K3V5QWbuUXhkXoGjzS3uKHh6OymPZzqJtFLfKbPNZ3
TLaJXyl6yfrrwz+5084zSgOWaRVbc7R1/XxGaNlp+gWizvJzpak0A6tbq+XAhWjI
6m4U2ypgzPMzUKe/AFdY5RuD1Rntdy1wfiYSLPnuVPSgIEr0z6J8JzlVRe/uP+mI
1NxXqCFIo0emkuJf3YmT/ugjMNnrcEp1L7tfl9RtCS3rxdZE+zZp9KHGaDCAWluX
+ML29R+amduKIopyWAJqb5A2/OupKrRQ/BbEuQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 20:15:36 2025 by rpki-client