Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/isXDjvv6U0yfxaCjFDAPhJvBPN8.roa
File: isXDjvv6U0yfxaCjFDAPhJvBPN8.roa (raw, json)
Hash identifier: o1pefXjWM6i95oQBY+a8CIcehI+auEFlszYC6jM1n7Q=
Subject key identifier: 8A:C5:C3:8E:FB:FA:53:4C:9F:C5:A0:A3:14:30:0F:84:9B:C1:3C:DF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D12BBF36165BE0FC5C71906E9870BC88B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/isXDjvv6U0yfxaCjFDAPhJvBPN8.roa
Signing time: Tue 16 Jan 2024 14:45:23 +0000
ROA not before: Tue 16 Jan 2024 14:45:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 5.253.64.0/24 maxlen: 24
5.253.66.0/24 maxlen: 24
5.253.67.0/24 maxlen: 24
45.8.94.0/24 maxlen: 24
87.120.192.0/23 maxlen: 24
91.92.26.0/24 maxlen: 24
93.123.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 14:41:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:12:bb:f3:61:65:be:0f:c5:c7:19:06:e9:87:0b:c8:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 16 14:45:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ac5c38efbfa534c9fc5a0a314300f849bc13cdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c0:13:1f:6f:87:df:2e:16:f3:00:81:18:4b:
d8:0d:c2:f5:64:ee:f5:42:26:a6:31:37:54:a6:1e:
6b:2e:45:4f:44:8d:41:d3:de:dd:5b:a2:9b:7c:4b:
15:e4:53:8b:13:80:eb:d9:c3:2e:b4:b2:0a:f7:4d:
c7:84:31:d4:51:87:09:ea:97:22:cd:2b:58:de:96:
11:42:18:ce:6e:ad:07:7f:f2:b6:e4:92:c2:4c:b9:
da:58:cc:c5:b5:32:91:f0:5c:63:0c:80:ef:35:a3:
b8:74:95:39:87:49:dc:13:84:ce:44:ae:c5:4c:2d:
57:2e:8d:d3:38:b4:83:e5:f6:97:40:6e:1e:5d:4c:
4d:a0:bf:f8:00:63:38:b3:1b:83:74:c0:66:22:36:
78:6a:a7:7f:7b:d3:da:a2:1b:ed:f1:98:6d:aa:61:
2d:10:35:06:d1:2a:94:8b:a0:4b:05:22:d6:4d:d1:
a2:d9:a6:88:18:7d:00:95:f7:8d:7a:66:f6:a6:f8:
57:ff:04:ec:f7:65:ba:80:c5:03:48:f4:67:cb:ad:
6f:ed:13:1e:a8:93:09:73:09:17:44:aa:6f:6f:3f:
d6:b7:a1:03:92:e9:c2:11:6e:75:65:72:9d:86:a7:
35:1c:eb:bb:99:47:f0:ae:2e:a5:19:e0:93:d4:ba:
4e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:C5:C3:8E:FB:FA:53:4C:9F:C5:A0:A3:14:30:0F:84:9B:C1:3C:DF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/isXDjvv6U0yfxaCjFDAPhJvBPN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.64.0/24
5.253.66.0/23
45.8.94.0/24
87.120.192.0/23
91.92.26.0/24
93.123.75.0/24
Signature Algorithm: sha256WithRSAEncryption
91:3c:22:3b:3c:4c:0f:60:67:42:bf:7d:e6:29:4b:5a:e8:05:
d6:94:c0:bb:41:0a:cb:dc:a7:cb:36:05:8a:82:de:81:cc:d6:
30:29:10:2c:1d:fb:a9:96:c2:29:7e:e7:5f:f6:09:62:b2:a3:
e1:01:0a:23:68:ea:f5:28:6a:d9:b5:ed:ce:5b:2f:49:4f:d8:
cb:de:de:00:4a:cb:20:d6:c3:e6:7c:c9:53:2e:3c:0c:5f:dd:
30:54:0a:55:16:5f:15:53:0a:f4:ca:27:c7:79:c3:78:ae:8b:
9b:fd:34:4b:63:a7:e5:ed:61:26:c5:6b:54:40:33:09:f6:d5:
8a:36:d4:c4:83:da:ca:d4:5c:bb:39:36:82:75:be:00:8c:c6:
50:34:15:dd:a0:f1:95:86:4f:7b:91:cb:f3:e8:03:40:c5:fa:
91:27:e6:45:8a:ea:52:cc:7c:2e:19:c2:8f:2b:48:81:1c:9c:
a4:cd:da:e8:99:2f:fe:32:7b:79:cd:98:fa:3f:95:31:af:2b:
17:df:ce:46:b4:2f:d2:31:fc:dc:37:0d:d8:7c:d5:18:ab:db:
bd:a8:1a:45:2d:83:61:1e:2f:81:1f:fa:8f:3c:65:ab:0b:30:
47:e6:40:49:fb:60:b9:b1:d6:57:b0:90:12:c8:c5:85:11:ab:
27:5e:b5:0f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY0Su/NhZb4PxccZBumHC8iLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTE2MTQ0NTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWM1YzM4ZWZiZmE1MzRjOWZjNWEwYTMxNDMwMGY4NDliYzEzY2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMATH2+H3y4W8wCBGEvYDcL1ZO71
QiamMTdUph5rLkVPRI1B097dW6KbfEsV5FOLE4Dr2cMutLIK903HhDHUUYcJ6pci
zStY3pYRQhjObq0Hf/K25JLCTLnaWMzFtTKR8FxjDIDvNaO4dJU5h0ncE4TORK7F
TC1XLo3TOLSD5faXQG4eXUxNoL/4AGM4sxuDdMBmIjZ4aqd/e9Paohvt8ZhtqmEt
EDUG0SqUi6BLBSLWTdGi2aaIGH0AlfeNemb2pvhX/wTs92W6gMUDSPRny61v7RMe
qJMJcwkXRKpvbz/Wt6EDkunCEW51ZXKdhqc1HOu7mUfwri6lGeCT1LpOIwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIrFw477+lNMn8WgoxQwD4SbwTzfMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaXNYRGp2djZVMHlmeGFDakZEQVBoSnZCUE44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABf1AAwQB
Bf1CAwQALQheAwQBV3jAAwQAW1waAwQAXXtLMA0GCSqGSIb3DQEBCwUAA4IBAQCR
PCI7PEwPYGdCv33mKUta6AXWlMC7QQrL3KfLNgWKgt6BzNYwKRAsHfuplsIpfudf
9glisqPhAQojaOr1KGrZte3OWy9JT9jL3t4ASssg1sPmfMlTLjwMX90wVApVFl8V
Uwr0yifHecN4roub/TRLY6fl7WEmxWtUQDMJ9tWKNtTEg9rK1Fy7OTaCdb4AjMZQ
NBXdoPGVhk97kcvz6ANAxfqRJ+ZFiupSzHwuGcKPK0iBHJykzdromS/+Mnt5zZj6
P5UxrysX385GtC/SMfzcNw3YfNUYq9u9qBpFLYNhHi+BH/qPPGWrCzBH5kBJ+2C5
sdZXsJASyMWFEasnXrUP
-----END CERTIFICATE-----
Generated at Mon Jan 22 19:25:29 2024 by rpki-client on console-ams.rpki-client.org