Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/i-rVvBy8SCP9l9OrDG4VwviDxaw.roa
File: i-rVvBy8SCP9l9OrDG4VwviDxaw.roa (raw, json)
Hash identifier: /hMYVa7nLmG45Zfi4SNmrdgNjBKOQnv+UKYmOME3yug=
Subject key identifier: 8B:EA:D5:BC:1C:BC:48:23:FD:97:D3:AB:0C:6E:15:C2:F8:83:C5:AC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01917E0FB03B20A09952D4F861B5956F275F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/i-rVvBy8SCP9l9OrDG4VwviDxaw.roa
Signing time: Fri 23 Aug 2024 07:07:22 +0000
ROA not before: Fri 23 Aug 2024 07:07:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 5.253.56.0/22 maxlen: 24
31.13.247.0/24 maxlen: 24
31.169.124.0/22 maxlen: 24
37.139.128.0/24 maxlen: 24
45.12.254.0/24 maxlen: 24
45.84.88.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.89.244.0/24 maxlen: 24
45.91.193.0/24 maxlen: 24
45.95.0.0/22 maxlen: 24
45.128.97.0/24 maxlen: 24
45.128.99.0/24 maxlen: 24
45.128.234.0/24 maxlen: 24
45.128.235.0/24 maxlen: 24
45.149.235.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
84.21.172.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
85.208.136.0/24 maxlen: 24
85.208.139.0/24 maxlen: 24
87.120.36.0/24 maxlen: 24
87.120.88.0/24 maxlen: 24
87.120.92.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
87.120.219.0/24 maxlen: 24
87.120.222.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
87.121.98.0/24 maxlen: 24
87.121.216.0/22 maxlen: 24
91.92.21.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
94.125.100.0/22 maxlen: 24
94.156.236.0/24 maxlen: 24
109.206.236.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
109.206.242.0/24 maxlen: 24
109.206.243.0/24 maxlen: 24
171.22.16.0/24 maxlen: 24
171.22.19.0/24 maxlen: 24
171.22.30.0/24 maxlen: 24
185.207.14.0/23 maxlen: 24
185.218.137.0/24 maxlen: 24
185.218.138.0/24 maxlen: 24
185.246.220.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.246.222.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.8.184.0/22 maxlen: 24
193.47.60.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
193.148.56.0/22 maxlen: 24
193.168.196.0/22 maxlen: 24
194.113.36.0/22 maxlen: 24
212.87.220.0/22 maxlen: 24
212.87.222.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 07:16:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7e:0f:b0:3b:20:a0:99:52:d4:f8:61:b5:95:6f:27:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 23 07:07:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bead5bc1cbc4823fd97d3ab0c6e15c2f883c5ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:43:dd:6b:87:a9:05:6d:87:fc:33:45:b6:71:
6f:9a:e8:1a:05:3a:1c:16:e0:d0:01:de:d1:99:b0:
ad:b1:a9:db:db:a2:e1:37:99:2c:98:04:fd:0f:c5:
09:de:36:d0:ce:21:35:ad:b9:e9:53:99:65:29:bb:
2a:ea:ca:97:2d:c1:19:af:6e:be:0d:8b:16:5a:3c:
5b:57:03:ed:c6:b7:70:f6:6b:00:1e:0d:e3:f0:c1:
47:c9:77:91:99:cb:08:15:dc:77:1a:3c:44:39:42:
91:ae:77:f0:22:3f:2f:09:40:4b:d2:77:a0:8b:cc:
3f:ed:35:41:80:90:2f:1e:c5:a3:a6:7f:ef:29:9b:
17:08:33:a2:36:c7:97:48:6d:4c:ce:e7:bc:b5:98:
8e:92:5d:65:2a:18:de:9c:c2:a4:16:6d:3c:7a:e8:
88:06:ee:dd:3e:27:f1:ed:ef:5f:36:2d:c1:a8:9f:
e5:c2:0c:69:44:a6:59:44:1a:fe:57:10:db:45:e8:
c3:24:46:d5:18:9a:5d:4a:76:db:10:16:f3:7b:9f:
5a:72:46:0e:b7:11:72:6a:03:85:0f:66:f2:38:d0:
88:ab:7d:d8:0a:c9:db:2c:28:b4:3b:3e:d5:4f:4f:
0b:a2:55:d5:ad:86:9b:8f:6c:5a:08:41:3e:84:10:
e6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:EA:D5:BC:1C:BC:48:23:FD:97:D3:AB:0C:6E:15:C2:F8:83:C5:AC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/i-rVvBy8SCP9l9OrDG4VwviDxaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0/22
31.13.247.0/24
31.169.124.0/22
37.139.128.0/24
45.12.254.0/24
45.84.88.0/24
45.88.66.0/24
45.89.244.0/24
45.91.193.0/24
45.95.0.0/22
45.128.97.0/24
45.128.99.0/24
45.128.234.0/23
45.149.235.0/24
79.110.63.0/24
83.143.113.0/24
84.21.172.0/24
85.31.44.0/24
85.31.46.0/24
85.208.136.0/24
85.208.139.0/24
87.120.36.0/24
87.120.88.0/24
87.120.92.0/24
87.120.108.0/24
87.120.196.0/24
87.120.205.0/24
87.120.216.0/24
87.120.219.0/24
87.120.222.0/24
87.121.47.0/24
87.121.98.0/24
87.121.216.0/22
91.92.21.0/24
93.123.30.0/23
94.125.100.0/22
94.156.236.0/24
109.206.236.0/24
109.206.240.0/24
109.206.242.0/23
171.22.16.0/24
171.22.19.0/24
171.22.30.0/24
185.207.14.0/23
185.218.137.0-185.218.138.255
185.246.220.0-185.246.222.255
185.252.179.0/24
193.8.184.0/22
193.47.60.0/23
193.148.56.0/22
193.168.196.0/22
194.113.36.0/22
212.87.220.0/22
Signature Algorithm: sha256WithRSAEncryption
67:2b:88:88:72:9a:42:83:f2:40:f4:fe:fa:be:32:87:25:9f:
70:43:47:ac:c8:61:cc:f0:ec:69:c2:b3:3d:41:96:c6:f0:4a:
1d:64:64:db:64:93:fb:46:ed:88:4f:d2:3a:22:e8:25:7c:bb:
88:b8:70:3f:6c:65:55:47:8d:77:b8:05:4f:f6:a3:de:a2:df:
4c:71:6e:87:30:58:59:5f:e2:fb:9f:c6:9c:75:83:4b:9f:16:
30:1c:7c:b9:18:f7:f1:d7:ae:b7:9c:a0:bf:98:45:23:6d:28:
5d:1d:8d:c5:7c:f8:9a:39:d6:f4:db:40:a6:b5:27:a0:eb:0a:
0c:6b:12:49:0b:72:e8:1d:d0:3a:a9:52:6e:a7:01:55:4f:56:
4d:ac:ff:3f:fd:0d:b1:3b:f5:d4:8d:29:fc:64:cf:1f:2e:a4:
91:ec:5f:83:85:6d:98:67:3c:b7:6d:33:a7:bc:7e:fd:59:be:
e0:79:04:5d:70:ae:71:2d:a8:6b:e5:b3:21:8e:3a:05:8f:69:
bb:a6:a1:d6:27:97:24:f3:bf:fe:94:6c:23:3e:b9:11:ef:f1:
fd:ed:c0:05:16:cd:b1:92:fe:3d:6c:47:04:e1:dd:b8:d5:39:
0c:f8:83:1e:36:24:50:99:a8:de:43:6f:70:c2:59:55:ed:9e:
e6:e0:35:06
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgISAZF+D7A7IKCZUtT4YbWVbydfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODIzMDcwNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmVhZDViYzFjYmM0ODIzZmQ5N2QzYWIwYzZlMTVjMmY4ODNjNWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kPda4epBW2H/DNFtnFvmugaBToc
FuDQAd7RmbCtsanb26LhN5ksmAT9D8UJ3jbQziE1rbnpU5llKbsq6sqXLcEZr26+
DYsWWjxbVwPtxrdw9msAHg3j8MFHyXeRmcsIFdx3GjxEOUKRrnfwIj8vCUBL0neg
i8w/7TVBgJAvHsWjpn/vKZsXCDOiNseXSG1Mzue8tZiOkl1lKhjenMKkFm08euiI
Bu7dPifx7e9fNi3BqJ/lwgxpRKZZRBr+VxDbRejDJEbVGJpdSnbbEBbze59ackYO
txFyagOFD2byONCIq33YCsnbLCi0Oz7VT08LolXVrYabj2xaCEE+hBDmlQIDAQAB
o4IDWzCCA1cwHQYDVR0OBBYEFIvq1bwcvEgj/ZfTqwxuFcL4g8WsMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaS1yVnZCeThTQ1A5bDlPckRHNFZ3dmlEeGF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbwYIKwYBBQUHAQcBAf8EggFeMIIBWjCCAVYEAgABMIIB
TgMEAgX9OAMEAB8N9wMEAh+pfAMEACWLgAMEAC0M/gMEAC1UWAMEAC1YQgMEAC1Z
9AMEAC1bwQMEAi1fAAMEAC2AYQMEAC2AYwMEAS2A6gMEAC2V6wMEAE9uPwMEAFOP
cQMEAFQVrAMEAFUfLAMEAFUfLgMEAFXQiAMEAFXQiwMEAFd4JAMEAFd4WAMEAFd4
XAMEAFd4bAMEAFd4xAMEAFd4zQMEAFd42AMEAFd42wMEAFd43gMEAFd5LwMEAFd5
YgMEAld52AMEAFtcFQMEAV17HgMEAl59ZAMEAF6c7AMEAG3O7AMEAG3O8AMEAW3O
8gMEAKsWEAMEAKsWEwMEAKsWHgMEAbnPDjAMAwQAudqJAwQAudqKMAwDBAK59twD
BAC59t4DBAC5/LMDBALBCLgDBAHBLzwDBALBlDgDBALBqMQDBALCcSQDBALUV9ww
DQYJKoZIhvcNAQELBQADggEBAGcriIhymkKD8kD0/vq+Mocln3BDR6zIYczw7GnC
sz1BlsbwSh1kZNtkk/tG7YhP0joi6CV8u4i4cD9sZVVHjXe4BU/2o96i30xxbocw
WFlf4vufxpx1g0ufFjAcfLkY9/HXrrecoL+YRSNtKF0djcV8+Jo51vTbQKa1J6Dr
CgxrEkkLcugd0DqpUm6nAVVPVk2s/z/9DbE79dSNKfxkzx8upJHsX4OFbZhnPLdt
M6e8fv1ZvuB5BF1wrnEtqGvlsyGOOgWPabumodYnlyTzv/6UbCM+uRHv8f3twAUW
zbGS/j1sRwTh3bjVOQz4gx42JFCZqN5Db3DCWVXtnubgNQY=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:09 2024 by rpki-client on console-ams.rpki-client.org