Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/x95m8Lf4AggiUxpnLT7r5k67O40.roa
File: x95m8Lf4AggiUxpnLT7r5k67O40.roa (raw, json)
Hash identifier: pDccTdTPmHcIVOa9XIOoYcV/IJyRnAWLFQyeQlFhoCw=
Subject key identifier: C7:DE:66:F0:B7:F8:02:08:22:53:1A:67:2D:3E:EB:E6:4E:BB:3B:8D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192D6D3309DA8B2437930DA17B0FB50E0A3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/x95m8Lf4AggiUxpnLT7r5k67O40.roa
Signing time: Tue 29 Oct 2024 05:50:17 +0000
ROA not before: Tue 29 Oct 2024 05:50:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214238
IP address blocks: 5.253.56.0/24 maxlen: 24
5.253.57.0/24 maxlen: 24
5.253.58.0/24 maxlen: 24
31.169.124.0/24 maxlen: 24
31.169.125.0/24 maxlen: 24
31.169.126.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.95.0.0/24 maxlen: 24
45.95.2.0/24 maxlen: 24
45.128.99.0/24 maxlen: 24
87.120.92.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
87.120.219.0/24 maxlen: 24
87.120.222.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
87.121.216.0/24 maxlen: 24
94.125.102.0/24 maxlen: 24
94.125.103.0/24 maxlen: 24
185.207.14.0/24 maxlen: 24
185.207.15.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.8.184.0/24 maxlen: 24
193.8.186.0/24 maxlen: 24
193.8.187.0/24 maxlen: 24
193.148.56.0/24 maxlen: 24
193.148.57.0/24 maxlen: 24
193.148.58.0/24 maxlen: 24
193.148.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Oct 2024 14:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d6:d3:30:9d:a8:b2:43:79:30:da:17:b0:fb:50:e0:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 29 05:50:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7de66f0b7f8020822531a672d3eebe64ebb3b8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:02:47:e4:38:91:22:93:29:1e:c2:a2:2a:e5:
41:7c:28:04:8a:4c:24:27:1a:4e:5e:a3:c3:f0:0a:
85:0a:7b:b6:8b:e6:28:b8:cd:4c:53:80:38:ae:1c:
48:8f:9e:95:0c:56:28:30:34:81:24:fa:3f:fb:dc:
8b:99:87:ba:45:fa:6a:90:90:32:3e:86:cd:cc:73:
d5:ce:ba:24:3b:7e:a2:97:6f:13:bd:ee:01:80:dd:
6d:4a:d4:3d:47:62:34:09:1f:5d:c3:d4:bb:df:24:
42:b5:0e:a7:17:74:c7:c3:36:ef:e7:29:3d:f3:3c:
5f:42:b1:eb:4d:24:a2:97:2d:e3:f9:80:8f:29:9f:
38:3b:34:e2:1c:88:8b:98:96:53:4c:af:5e:bf:6c:
25:eb:02:1d:c8:14:57:ce:02:29:90:39:a6:03:8a:
b4:d4:da:59:a3:78:74:6b:d3:71:63:c3:d3:87:09:
11:01:a7:20:b4:86:31:99:52:1f:22:22:e5:b1:8f:
41:e9:00:a7:96:3c:05:06:5f:32:c5:a4:12:6a:64:
fa:0b:0c:b7:86:3b:10:6a:06:0b:96:e1:c4:4d:3d:
63:b2:d1:67:b6:9d:9c:14:dc:2b:68:69:5f:3a:39:
ce:26:89:ac:f7:37:94:dd:0e:28:f6:e2:b7:4c:0a:
1a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:DE:66:F0:B7:F8:02:08:22:53:1A:67:2D:3E:EB:E6:4E:BB:3B:8D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/x95m8Lf4AggiUxpnLT7r5k67O40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0-5.253.58.255
31.169.124.0/22
45.88.66.0/24
45.95.0.0/24
45.95.2.0/24
45.128.99.0/24
87.120.92.0/24
87.120.108.0/24
87.120.196.0/24
87.120.205.0/24
87.120.216.0/24
87.120.219.0/24
87.120.222.0/24
87.121.47.0/24
87.121.216.0/24
94.125.102.0/23
185.207.14.0/23
185.252.179.0/24
193.8.184.0/24
193.8.186.0/23
193.148.56.0/22
Signature Algorithm: sha256WithRSAEncryption
48:6d:32:04:63:03:bc:c7:df:34:92:fe:ef:22:1f:3c:0b:de:
42:d4:95:11:fa:ee:88:f4:f8:40:21:84:82:56:6c:8f:c8:4c:
8c:62:2f:c1:f5:5d:a0:19:06:5a:32:32:9c:91:0b:1a:89:5a:
fd:da:1f:82:86:f8:2d:45:ae:12:0f:19:79:ee:90:1e:44:d6:
56:93:93:19:ff:87:f0:39:45:c2:b2:21:d9:ca:1a:51:09:12:
df:00:1f:85:c1:2c:1b:f1:df:a0:79:84:6a:5b:d6:59:cd:aa:
dd:b9:8a:20:67:02:ac:9a:b1:2c:f1:ee:d2:e2:0b:48:6b:b0:
c5:a9:28:7e:21:7f:1c:46:e4:30:2f:32:cc:0c:99:1a:e4:71:
c4:45:9f:0b:73:b4:e1:9e:dc:8d:96:a3:55:a4:23:75:87:61:
dc:b8:70:12:6b:6e:08:e5:7d:7d:5c:d2:95:7b:67:6a:33:41:
f6:07:9f:a6:c2:38:37:49:ff:c4:e7:15:d9:67:ad:c5:4f:c0:
e4:39:82:f9:63:73:19:5b:45:d5:86:20:55:c1:39:69:65:76:
fd:b7:63:55:b4:63:5e:5b:7e:e9:23:3a:5c:4c:cf:bc:e5:3a:
35:d4:88:f3:17:99:3c:da:fb:25:67:cc:61:68:57:65:d3:b6:
7e:6a:d5:e7
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZLW0zCdqLJDeTDaF7D7UOCjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDI5MDU1MDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2RlNjZmMGI3ZjgwMjA4MjI1MzFhNjcyZDNlZWJlNjRlYmIzYjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowJH5DiRIpMpHsKiKuVBfCgEikwk
JxpOXqPD8AqFCnu2i+YouM1MU4A4rhxIj56VDFYoMDSBJPo/+9yLmYe6RfpqkJAy
PobNzHPVzrokO36il28Tve4BgN1tStQ9R2I0CR9dw9S73yRCtQ6nF3THwzbv5yk9
8zxfQrHrTSSily3j+YCPKZ84OzTiHIiLmJZTTK9ev2wl6wIdyBRXzgIpkDmmA4q0
1NpZo3h0a9NxY8PThwkRAacgtIYxmVIfIiLlsY9B6QCnljwFBl8yxaQSamT6Cwy3
hjsQagYLluHETT1jstFntp2cFNwraGlfOjnOJoms9zeU3Q4o9uK3TAoa2QIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFMfeZvC3+AIIIlMaZy0+6+ZOuzuNMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveDk1bThMZjRBZ2dpVXhwbkxUN3I1azY3TzQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYwDAME
AwX9OAMEAAX9OgMEAh+pfAMEAC1YQgMEAC1fAAMEAC1fAgMEAC2AYwMEAFd4XAME
AFd4bAMEAFd4xAMEAFd4zQMEAFd42AMEAFd42wMEAFd43gMEAFd5LwMEAFd52AME
AV59ZgMEAbnPDgMEALn8swMEAMEIuAMEAcEIugMEAsGUODANBgkqhkiG9w0BAQsF
AAOCAQEASG0yBGMDvMffNJL+7yIfPAveQtSVEfruiPT4QCGEglZsj8hMjGIvwfVd
oBkGWjIynJELGola/dofgob4LUWuEg8Zee6QHkTWVpOTGf+H8DlFwrIh2coaUQkS
3wAfhcEsG/HfoHmEalvWWc2q3bmKIGcCrJqxLPHu0uILSGuwxakofiF/HEbkMC8y
zAyZGuRxxEWfC3O04Z7cjZajVaQjdYdh3LhwEmtuCOV9fVzSlXtnajNB9gefpsI4
N0n/xOcV2WetxU/A5DmC+WNzGVtF1YYgVcE5aWV2/bdjVbRjXlt+6SM6XEzPvOU6
NdSI8xeZPNr7JWfMYWhXZdO2fmrV5w==
-----END CERTIFICATE-----
Generated at Wed Oct 30 16:45:47 2024 by rpki-client on console-ams.rpki-client.org