Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kSqrUFJOaoJLm21fHkPDjM7wKzc.roa
File: kSqrUFJOaoJLm21fHkPDjM7wKzc.roa (raw, json)
Hash identifier: +cchNjEyFqL6HR52cJsv57piCHHwGfKGr1CRCQmrVWI=
Subject key identifier: 91:2A:AB:50:52:4E:6A:82:4B:9B:6D:5F:1E:43:C3:8C:CE:F0:2B:37
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193B09211B65040FF7FD3B7C520973D07F6
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kSqrUFJOaoJLm21fHkPDjM7wKzc.roa
Signing time: Tue 10 Dec 2024 12:36:22 +0000
ROA not before: Tue 10 Dec 2024 12:36:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8100
IP address blocks: 5.253.56.0/23 maxlen: 24
45.139.123.0/24 maxlen: 24
91.92.67.0/24 maxlen: 24
93.123.76.0/22 maxlen: 24
94.156.152.0/24 maxlen: 24
94.156.154.0/23 maxlen: 24
94.156.180.0/23 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b0:92:11:b6:50:40:ff:7f:d3:b7:c5:20:97:3d:07:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 10 12:36:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=912aab50524e6a824b9b6d5f1e43c38ccef02b37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:46:0b:7e:10:48:3c:ed:52:14:af:5c:21:83:
30:af:03:3f:03:38:59:08:61:b8:fe:1a:91:fb:08:
96:7e:07:09:d3:7a:c8:10:ca:e2:69:bc:32:f8:7d:
05:7e:99:75:de:bb:37:22:77:5c:ba:8b:b8:9c:ba:
bc:af:5d:ac:87:8d:f5:a8:09:c1:f3:b7:93:76:12:
6a:71:db:4f:46:d1:df:00:12:7d:55:e0:27:6f:f9:
2b:05:9b:0e:f1:a2:22:da:ec:d3:60:26:79:7c:ef:
05:f2:6f:d8:bf:c9:35:66:02:bf:48:18:e1:09:99:
b2:83:69:86:65:70:d1:07:f5:59:78:2a:89:fe:4d:
84:b9:a4:7d:9f:14:2c:54:f0:c8:f4:2b:66:b7:76:
6c:48:1a:9a:39:4f:20:8f:4d:de:41:c2:e3:f9:68:
50:97:cf:17:f2:01:b1:1c:5c:44:c3:f0:d7:d8:c2:
48:63:ff:a9:46:37:13:c4:53:4f:fa:31:04:9f:eb:
76:76:05:40:e1:31:53:2f:88:e8:04:5a:2b:27:0e:
e2:f8:7d:6f:73:f9:bf:30:29:8d:2e:5c:15:d7:b3:
1e:5a:1f:ff:9d:b3:c0:91:ca:1d:f9:5f:53:79:ee:
2a:38:1a:42:44:04:6e:a4:60:0e:84:50:ad:fe:07:
4a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:2A:AB:50:52:4E:6A:82:4B:9B:6D:5F:1E:43:C3:8C:CE:F0:2B:37
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kSqrUFJOaoJLm21fHkPDjM7wKzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0/23
45.139.123.0/24
91.92.67.0/24
93.123.76.0/22
94.156.152.0/24
94.156.154.0/23
94.156.180.0/23
185.252.177.0/24
193.47.62.0/24
193.58.123.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:c9:a1:60:fe:38:5f:1e:80:f1:a4:9f:35:f1:84:e2:ef:19:
19:aa:7e:04:a5:6e:40:cb:5a:d3:c6:ff:57:37:44:09:6c:e4:
6e:f7:e8:25:db:d4:f7:df:a4:c2:20:8d:c6:88:03:90:4b:d7:
d6:8e:21:db:ec:7c:8d:b5:20:d1:af:60:99:54:87:de:12:c6:
b6:0b:6f:7d:c6:d8:68:5e:58:b6:3a:76:96:92:33:63:0d:3c:
af:c9:09:f7:8a:99:90:42:55:20:09:04:cb:ad:ef:77:65:7d:
2a:24:46:a0:f8:b6:f5:4b:f2:0b:5b:92:28:bc:0d:4a:4e:bb:
76:0c:a8:10:2e:cc:92:26:47:57:36:a8:bc:3d:4e:60:70:6a:
c5:45:7f:9b:71:89:15:da:06:c6:06:42:4e:e3:4d:b3:7c:e7:
57:7b:5e:a9:95:e1:18:d9:1d:e1:84:b7:69:58:47:1a:74:33:
35:10:fc:fe:f8:83:38:88:72:ad:cd:d4:ef:b4:75:f9:37:14:
fc:64:be:5d:64:c5:63:62:7c:ff:f3:6f:86:78:10:e2:ac:ab:
a9:0f:56:3a:90:c2:72:0f:81:74:8c:e4:f8:3f:e3:31:6e:3f:
83:11:49:61:3d:48:1f:d5:97:3f:73:4b:d8:41:00:7f:99:32:
5c:e9:6a:b4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZOwkhG2UED/f9O3xSCXPQf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjEwMTIzNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTJhYWI1MDUyNGU2YTgyNGI5YjZkNWYxZTQzYzM4Y2NlZjAyYjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUYLfhBIPO1SFK9cIYMwrwM/AzhZ
CGG4/hqR+wiWfgcJ03rIEMriabwy+H0Ffpl13rs3Indcuou4nLq8r12sh431qAnB
87eTdhJqcdtPRtHfABJ9VeAnb/krBZsO8aIi2uzTYCZ5fO8F8m/Yv8k1ZgK/SBjh
CZmyg2mGZXDRB/VZeCqJ/k2EuaR9nxQsVPDI9Ctmt3ZsSBqaOU8gj03eQcLj+WhQ
l88X8gGxHFxEw/DX2MJIY/+pRjcTxFNP+jEEn+t2dgVA4TFTL4joBForJw7i+H1v
c/m/MCmNLlwV17MeWh//nbPAkcod+V9Tee4qOBpCRARupGAOhFCt/gdKMwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJEqq1BSTmqCS5ttXx5Dw4zO8Cs3MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEva1NxclVGSk9hb0pMbTIxZkhrUERqTTd3S3pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBBf04AwQA
LYt7AwQAW1xDAwQCXXtMAwQAXpyYAwQBXpyaAwQBXpy0AwQAufyxAwQAwS8+AwQA
wTp7MA0GCSqGSIb3DQEBCwUAA4IBAQCNyaFg/jhfHoDxpJ818YTi7xkZqn4EpW5A
y1rTxv9XN0QJbORu9+gl29T336TCII3GiAOQS9fWjiHb7HyNtSDRr2CZVIfeEsa2
C299xthoXli2OnaWkjNjDTyvyQn3ipmQQlUgCQTLre93ZX0qJEag+Lb1S/ILW5Io
vA1KTrt2DKgQLsySJkdXNqi8PU5gcGrFRX+bcYkV2gbGBkJO402zfOdXe16pleEY
2R3hhLdpWEcadDM1EPz++IM4iHKtzdTvtHX5NxT8ZL5dZMVjYnz/82+GeBDirKup
D1Y6kMJyD4F0jOT4P+Mxbj+DEUlhPUgf1Zc/c0vYQQB/mTJc6Wq0
-----END CERTIFICATE-----
Generated at Wed Apr 16 20:03:53 2025 by rpki-client