Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oFXuSsOHUBQvBBaulaD9vM9a848.roa
File: oFXuSsOHUBQvBBaulaD9vM9a848.roa (raw, json)
Hash identifier: pAB/OcW0nh504F4wFBoVMmrj2HM9IGyr2qdwxzSpjPQ=
Subject key identifier: A0:55:EE:4A:C3:87:50:14:2F:04:16:AE:95:A0:FD:BC:CF:5A:F3:8F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D672334110C84078037B47EF7939A59C6
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oFXuSsOHUBQvBBaulaD9vM9a848.roa
Signing time: Fri 02 Feb 2024 00:06:16 +0000
ROA not before: Fri 02 Feb 2024 00:06:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 5.253.64.0/24 maxlen: 24
5.253.66.0/24 maxlen: 24
5.253.67.0/24 maxlen: 24
45.8.94.0/24 maxlen: 24
87.120.192.0/23 maxlen: 24
87.121.60.0/24 maxlen: 24
87.121.61.0/24 maxlen: 24
87.121.62.0/24 maxlen: 24
87.121.63.0/24 maxlen: 24
87.121.114.0/24 maxlen: 24
87.121.115.0/24 maxlen: 24
93.123.75.0/24 maxlen: 24
93.123.80.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 Feb 2024 00:36:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:67:23:34:11:0c:84:07:80:37:b4:7e:f7:93:9a:59:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 2 00:06:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a055ee4ac38750142f0416ae95a0fdbccf5af38f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ba:a0:93:46:12:0b:e2:fc:ce:04:97:c5:45:
5b:5a:08:54:f5:e3:8b:e0:80:d3:8e:03:79:b6:70:
92:bd:6c:c7:0f:0f:fe:6a:0a:a5:9f:9d:51:7e:0d:
9a:07:77:6d:49:df:93:6d:2c:3b:33:a5:b6:71:f1:
1e:34:fd:11:4d:8e:6d:09:31:75:a5:f3:db:70:87:
68:69:15:f1:42:f2:e1:94:9a:e4:52:01:c5:49:b0:
9e:4a:ba:be:ba:24:ea:b9:e4:a9:38:df:9c:73:d0:
29:a2:b1:e5:a1:f2:8f:0a:cd:af:b3:ca:b1:dd:ff:
1e:d8:1d:27:e0:63:5f:e0:39:3d:0b:65:f2:2c:55:
f8:bf:31:93:62:83:e9:77:66:ef:34:54:05:da:9f:
69:db:ea:0d:65:9e:b9:72:40:96:f8:42:6e:4d:d4:
cf:70:28:9f:69:e8:34:a2:a4:a7:04:11:19:63:ce:
b1:76:92:c0:63:09:59:84:6b:5b:de:95:a1:15:43:
fd:31:8b:42:9f:13:e8:27:0d:09:fc:d1:40:6a:bf:
18:3f:41:75:34:9e:b3:aa:2a:d2:fb:ad:95:7b:e9:
32:21:08:4c:d7:15:97:79:f3:8c:53:c6:f1:7b:e7:
d6:8c:de:83:fb:45:f2:72:f2:b5:ce:92:15:27:34:
2e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:55:EE:4A:C3:87:50:14:2F:04:16:AE:95:A0:FD:BC:CF:5A:F3:8F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oFXuSsOHUBQvBBaulaD9vM9a848.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.64.0/24
5.253.66.0/23
45.8.94.0/24
87.120.192.0/23
87.121.60.0/22
87.121.114.0/23
93.123.75.0/24
93.123.80.0/24
93.123.119.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:90:70:67:39:26:79:5c:50:db:c1:b7:0c:42:8d:4f:bc:54:
43:c7:0a:46:10:9a:50:f3:4a:48:24:0b:ec:ad:c0:ad:85:7a:
d2:df:31:97:95:64:52:bd:b8:7c:2d:b9:11:8e:fd:3a:0e:11:
9a:a3:7d:0f:dc:6b:b9:20:70:93:73:74:a8:d8:19:14:57:35:
68:1b:d7:14:08:39:1a:35:dc:e7:c9:7e:9c:f3:ea:70:ab:df:
74:29:ee:17:fa:87:0a:21:25:12:b9:12:d7:fc:10:6e:bd:37:
c3:6f:74:00:6d:01:57:f0:d3:fa:ef:40:2b:38:44:ae:3b:6a:
89:2c:c9:cf:14:3e:70:e4:e6:0e:9c:5b:78:a1:48:e4:f9:16:
f8:b7:53:ec:d6:eb:3d:1a:d8:8b:18:05:18:f7:31:54:f5:12:
31:97:5c:b1:57:c6:06:d1:81:4e:4f:3b:48:27:65:b5:c8:bb:
cd:ee:63:c0:64:82:db:3a:29:c4:8f:29:d2:fa:59:ec:9c:84:
3a:a5:18:86:97:df:a2:fc:98:14:ad:de:89:5f:73:87:c9:6a:
20:26:0b:d0:3e:ff:8f:21:ff:04:c4:08:08:e3:bc:a7:a0:22:
5f:29:81:e8:1a:0e:7d:c5:f7:4c:02:2c:5d:d2:89:02:52:c5:
43:8f:66:78
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY1nIzQRDIQHgDe0fveTmlnGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjAyMDAwNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDU1ZWU0YWMzODc1MDE0MmYwNDE2YWU5NWEwZmRiY2NmNWFmMzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7qgk0YSC+L8zgSXxUVbWghU9eOL
4IDTjgN5tnCSvWzHDw/+agqln51Rfg2aB3dtSd+TbSw7M6W2cfEeNP0RTY5tCTF1
pfPbcIdoaRXxQvLhlJrkUgHFSbCeSrq+uiTqueSpON+cc9AporHlofKPCs2vs8qx
3f8e2B0n4GNf4Dk9C2XyLFX4vzGTYoPpd2bvNFQF2p9p2+oNZZ65ckCW+EJuTdTP
cCifaeg0oqSnBBEZY86xdpLAYwlZhGtb3pWhFUP9MYtCnxPoJw0J/NFAar8YP0F1
NJ6zqirS+62Ve+kyIQhM1xWXefOMU8bxe+fWjN6D+0XycvK1zpIVJzQu6QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFKBV7krDh1AULwQWrpWg/bzPWvOPMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvb0ZYdVNzT0hVQlF2QkJhdWxhRDl2TTlhODQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABf1AAwQB
Bf1CAwQALQheAwQBV3jAAwQCV3k8AwQBV3lyAwQAXXtLAwQAXXtQAwQAXXt3MA0G
CSqGSIb3DQEBCwUAA4IBAQALkHBnOSZ5XFDbwbcMQo1PvFRDxwpGEJpQ80pIJAvs
rcCthXrS3zGXlWRSvbh8LbkRjv06DhGao30P3Gu5IHCTc3So2BkUVzVoG9cUCDka
NdznyX6c8+pwq990Ke4X+ocKISUSuRLX/BBuvTfDb3QAbQFX8NP670ArOESuO2qJ
LMnPFD5w5OYOnFt4oUjk+Rb4t1Ps1us9GtiLGAUY9zFU9RIxl1yxV8YG0YFOTztI
J2W1yLvN7mPAZILbOinEjynS+lnsnIQ6pRiGl9+i/JgUrd6JX3OHyWogJgvQPv+P
If8ExAgI47ynoCJfKYHoGg59xfdMAixd0okCUsVDj2Z4
-----END CERTIFICATE-----
Generated at Sat Feb 3 05:03:24 2024 by rpki-client on console-ams.rpki-client.org