Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xmOFatWxznYoGz1YYIP8x00ulbU.roa
File: xmOFatWxznYoGz1YYIP8x00ulbU.roa (raw, json)
Hash identifier: 3BCeSoQazec18FzvmIERsei8hE6lM6oEDbM6hXOGfb8=
Subject key identifier: C6:63:85:6A:D5:B1:CE:76:28:1B:3D:58:60:83:FC:C7:4D:2E:95:B5
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0194D5795AC421170855D0A659223F740493
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xmOFatWxznYoGz1YYIP8x00ulbU.roa
Signing time: Wed 05 Feb 2025 09:38:07 +0000
ROA not before: Wed 05 Feb 2025 09:38:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 5.253.64.0/24 maxlen: 24
45.12.253.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.121.60.0/24 maxlen: 24
93.123.74.0/23 maxlen: 24
147.78.102.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Feb 2025 00:06:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:79:5a:c4:21:17:08:55:d0:a6:59:22:3f:74:04:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 5 09:38:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c663856ad5b1ce76281b3d586083fcc74d2e95b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:65:fa:8e:d2:ad:62:79:f8:14:85:70:f8:f4:
2f:f4:a8:81:4f:53:9b:d0:58:0e:d9:7f:50:13:97:
98:e3:ad:9f:e7:9a:10:c9:7f:d5:b1:15:60:a7:9e:
b7:27:5e:dc:95:cf:5d:aa:a5:25:88:0f:0f:8e:34:
d2:40:6b:9f:bf:e0:3d:88:e6:82:d8:ad:c5:73:aa:
d4:34:54:0d:2b:2c:21:7e:44:19:80:36:2c:04:89:
26:cd:0b:f8:03:63:03:19:37:a4:1e:b0:0e:da:22:
ae:92:4f:ab:e7:af:47:df:a6:87:cf:fc:b6:d6:e0:
fb:2b:82:0d:d1:6f:c6:ee:18:8e:be:38:d4:aa:78:
9e:ff:79:c4:2c:e1:b8:91:cd:31:2a:bf:bd:8c:45:
87:2b:db:b3:5e:70:fb:dc:f6:98:18:5a:07:93:6f:
77:bf:20:e6:52:50:19:87:36:21:60:b1:52:62:7d:
9a:54:34:de:63:db:ce:38:0d:54:65:6e:4b:40:9b:
2b:7b:a9:fc:80:ad:b5:ac:9e:3e:b4:49:a2:4e:b2:
76:bc:f5:88:c3:1f:0d:b5:53:83:c5:5c:b4:ee:64:
a9:9e:d4:cb:b8:ac:ef:ba:22:89:43:1c:d3:6e:2c:
ff:70:9c:a0:b4:19:e7:bb:24:dd:2a:13:fe:42:73:
b0:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:63:85:6A:D5:B1:CE:76:28:1B:3D:58:60:83:FC:C7:4D:2E:95:B5
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xmOFatWxznYoGz1YYIP8x00ulbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.64.0/24
45.12.253.0/24
87.120.68.0/23
87.121.60.0/24
93.123.74.0/23
147.78.102.0/24
178.215.227.0/24
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
03:07:d2:01:8e:9e:0d:c9:79:25:6a:5b:f2:c7:58:39:9e:fe:
0f:28:02:43:cc:a0:8b:02:0f:96:37:5c:9a:37:8d:16:e6:69:
4e:91:6f:36:56:b1:c4:96:16:47:cb:ba:b7:37:84:b0:63:b5:
20:fb:3d:6f:63:2a:7f:19:84:ef:9c:64:18:80:63:c8:f1:a8:
7b:5c:48:c2:6a:a5:84:11:72:20:98:08:8c:2c:e4:4b:4a:85:
37:24:bf:c5:63:ec:70:5d:08:45:d4:15:62:5b:aa:aa:5e:38:
d3:49:91:a8:5a:29:10:e1:84:d1:f0:e2:d2:30:3a:28:a5:5f:
f3:e1:3d:eb:60:e4:c6:90:8a:51:62:de:8d:d2:be:ba:93:e4:
1b:9a:c6:36:1f:e8:ed:de:91:51:cf:a3:6b:47:7d:62:8b:0e:
b5:07:5b:d7:64:39:3a:bc:fc:7d:dd:d5:6c:42:f7:d5:40:a3:
70:00:9c:52:5d:32:4f:a0:2a:93:64:90:fe:ee:b4:7e:fc:97:
6e:5f:55:8e:29:14:ce:a6:5b:f1:60:99:67:40:03:69:b5:a2:
ee:86:77:30:78:02:96:01:3d:35:c7:d2:31:36:9f:9d:11:50:
2e:6e:1c:fc:f4:5f:76:5a:73:fa:02:e2:7b:57:fe:45:a5:1e:
65:e2:4d:50
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZTVeVrEIRcIVdCmWSI/dASTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMjA1MDkzODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjYzODU2YWQ1YjFjZTc2MjgxYjNkNTg2MDgzZmNjNzRkMmU5NWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GX6jtKtYnn4FIVw+PQv9KiBT1Ob
0FgO2X9QE5eY462f55oQyX/VsRVgp563J17clc9dqqUliA8PjjTSQGufv+A9iOaC
2K3Fc6rUNFQNKywhfkQZgDYsBIkmzQv4A2MDGTekHrAO2iKukk+r569H36aHz/y2
1uD7K4IN0W/G7hiOvjjUqnie/3nELOG4kc0xKr+9jEWHK9uzXnD73PaYGFoHk293
vyDmUlAZhzYhYLFSYn2aVDTeY9vOOA1UZW5LQJsre6n8gK21rJ4+tEmiTrJ2vPWI
wx8NtVODxVy07mSpntTLuKzvuiKJQxzTbiz/cJygtBnnuyTdKhP+QnOwoQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFMZjhWrVsc52KBs9WGCD/MdNLpW1MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveG1PRmF0V3h6bllvR3oxWVlJUDh4MDB1bGJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABf1AAwQA
LQz9AwQBV3hEAwQAV3k8AwQBXXtKAwQAk05mAwQAstfjAwQBufygMA0GCSqGSIb3
DQEBCwUAA4IBAQADB9IBjp4NyXklalvyx1g5nv4PKAJDzKCLAg+WN1yaN40W5mlO
kW82VrHElhZHy7q3N4SwY7Ug+z1vYyp/GYTvnGQYgGPI8ah7XEjCaqWEEXIgmAiM
LORLSoU3JL/FY+xwXQhF1BViW6qqXjjTSZGoWikQ4YTR8OLSMDoopV/z4T3rYOTG
kIpRYt6N0r66k+QbmsY2H+jt3pFRz6NrR31iiw61B1vXZDk6vPx93dVsQvfVQKNw
AJxSXTJPoCqTZJD+7rR+/JduX1WOKRTOplvxYJlnQANptaLuhncweAKWAT01x9Ix
Np+dEVAubhz89F92WnP6AuJ7V/5FpR5l4k1Q
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:31:02 2025 by rpki-client