Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/It2sxRVmsFXh8xmaxNAXa23IM5c.roa
File: It2sxRVmsFXh8xmaxNAXa23IM5c.roa (raw, json)
Hash identifier: UaTW4rPfAJuw9YzixGBq8JfcSWtR+GYNiez460cWb28=
Subject key identifier: 22:DD:AC:C5:15:66:B0:55:E1:F3:19:9A:C4:D0:17:6B:6D:C8:33:97
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0191526D019FC8462D633807255A5DB4F68E
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/It2sxRVmsFXh8xmaxNAXa23IM5c.roa
Signing time: Wed 14 Aug 2024 19:46:01 +0000
ROA not before: Wed 14 Aug 2024 19:46:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 5.42.218.0/24 maxlen: 24
31.41.253.0/24 maxlen: 24
45.87.124.0/24 maxlen: 24
45.87.125.0/24 maxlen: 24
45.87.127.0/24 maxlen: 24
45.128.124.0/24 maxlen: 24
45.128.128.0/24 maxlen: 24
45.129.198.0/24 maxlen: 24
62.3.7.0/24 maxlen: 24
62.3.31.0/24 maxlen: 24
77.72.83.0/24 maxlen: 24
77.72.84.0/24 maxlen: 24
84.252.69.0/24 maxlen: 24
88.151.11.0/24 maxlen: 24
88.151.112.0/24 maxlen: 24
88.151.115.0/24 maxlen: 24
88.218.184.0/24 maxlen: 24
88.218.185.0/24 maxlen: 24
88.218.186.0/24 maxlen: 24
88.218.187.0/24 maxlen: 24
91.190.158.0/24 maxlen: 24
91.209.31.0/24 maxlen: 24
91.210.68.0/24 maxlen: 24
91.210.71.0/24 maxlen: 24
91.212.169.0/24 maxlen: 24
91.228.215.0/24 maxlen: 24
91.239.212.0/24 maxlen: 24
91.239.213.0/24 maxlen: 24
94.143.230.0/24 maxlen: 24
109.205.62.0/24 maxlen: 24
146.19.111.0/24 maxlen: 24
146.19.120.0/24 maxlen: 24
146.255.186.0/24 maxlen: 24
176.116.17.0/24 maxlen: 24
176.118.38.0/24 maxlen: 24
176.126.98.0/24 maxlen: 24
176.126.102.0/24 maxlen: 24
185.109.236.0/24 maxlen: 24
185.109.237.0/24 maxlen: 24
185.109.239.0/24 maxlen: 24
185.128.42.0/24 maxlen: 24
185.128.224.0/24 maxlen: 24
185.209.50.0/24 maxlen: 24
185.211.168.0/24 maxlen: 24
185.211.169.0/24 maxlen: 24
185.211.171.0/24 maxlen: 24
185.214.164.0/24 maxlen: 24
185.214.165.0/24 maxlen: 24
185.214.167.0/24 maxlen: 24
193.0.62.0/24 maxlen: 24
193.17.65.0/24 maxlen: 24
193.33.188.0/24 maxlen: 24
193.104.177.0/24 maxlen: 24
193.200.61.0/24 maxlen: 24
193.228.129.0/24 maxlen: 24
193.228.131.0/24 maxlen: 24
194.59.222.0/24 maxlen: 24
194.60.76.0/24 maxlen: 24
194.110.251.0/24 maxlen: 24
195.35.105.0/24 maxlen: 24
195.64.103.0/24 maxlen: 24
195.69.161.0/24 maxlen: 24
195.69.162.0/24 maxlen: 24
195.211.164.0/24 maxlen: 24
212.107.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Aug 2024 19:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:52:6d:01:9f:c8:46:2d:63:38:07:25:5a:5d:b4:f6:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 14 19:46:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22ddacc51566b055e1f3199ac4d0176b6dc83397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:18:83:de:12:1f:43:b0:41:fe:40:fb:0c:2a:
07:bf:3b:82:bc:1d:e8:ac:fe:7f:87:94:ad:26:cd:
bd:da:6e:f5:4d:d5:f7:64:04:e2:0d:f3:dc:4e:3f:
18:cf:7d:f4:09:6c:47:77:e7:e3:a1:1d:80:2e:4b:
42:be:73:cc:41:83:83:36:e2:5b:72:4c:ea:33:e7:
6d:c9:35:f3:ef:f7:a7:57:be:cd:1a:fd:85:cb:44:
96:18:b0:95:e7:3f:d5:92:c9:ac:e8:78:10:5e:a1:
75:d9:47:42:6f:6b:b9:b6:a2:39:cb:ba:7b:c6:9e:
13:31:36:b1:ef:25:5e:92:01:22:05:91:25:17:98:
32:4e:81:1f:21:a3:e5:ac:f3:1b:52:d7:64:49:cb:
ce:37:c8:89:a8:ab:97:98:6f:44:ed:25:2e:07:e5:
d9:7b:f8:82:14:35:49:64:43:83:76:ed:78:fc:8f:
0e:12:d5:71:84:78:7c:cc:2d:21:c9:1a:39:34:89:
d9:05:0e:b1:99:f4:3f:60:09:92:b8:5e:c3:71:98:
8a:6a:eb:24:c6:8f:bb:54:64:4e:d2:b1:82:34:5a:
7e:ad:c4:80:a4:12:ef:39:84:d0:03:f7:f1:c3:3c:
24:89:01:f4:e1:c7:da:42:3c:f1:c1:c0:35:e4:95:
5f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:DD:AC:C5:15:66:B0:55:E1:F3:19:9A:C4:D0:17:6B:6D:C8:33:97
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/It2sxRVmsFXh8xmaxNAXa23IM5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.218.0/24
31.41.253.0/24
45.87.124.0/23
45.87.127.0/24
45.128.124.0/24
45.128.128.0/24
45.129.198.0/24
62.3.7.0/24
62.3.31.0/24
77.72.83.0-77.72.84.255
84.252.69.0/24
88.151.11.0/24
88.151.112.0/24
88.151.115.0/24
88.218.184.0/22
91.190.158.0/24
91.209.31.0/24
91.210.68.0/24
91.210.71.0/24
91.212.169.0/24
91.228.215.0/24
91.239.212.0/23
94.143.230.0/24
109.205.62.0/24
146.19.111.0/24
146.19.120.0/24
146.255.186.0/24
176.116.17.0/24
176.118.38.0/24
176.126.98.0/24
176.126.102.0/24
185.109.236.0/23
185.109.239.0/24
185.128.42.0/24
185.128.224.0/24
185.209.50.0/24
185.211.168.0/23
185.211.171.0/24
185.214.164.0/23
185.214.167.0/24
193.0.62.0/24
193.17.65.0/24
193.33.188.0/24
193.104.177.0/24
193.200.61.0/24
193.228.129.0/24
193.228.131.0/24
194.59.222.0/24
194.60.76.0/24
194.110.251.0/24
195.35.105.0/24
195.64.103.0/24
195.69.161.0-195.69.162.255
195.211.164.0/24
212.107.25.0/24
Signature Algorithm: sha256WithRSAEncryption
27:fa:c3:77:02:e2:54:d5:63:58:2b:39:0c:22:f7:fb:2a:08:
96:00:4c:29:f8:13:a5:12:96:fb:fc:b1:78:74:d0:25:09:69:
48:9f:19:ce:da:78:bf:20:27:ff:ee:6d:4b:da:81:25:06:a6:
6c:61:09:b2:29:b0:64:32:e8:fd:ee:97:72:65:3f:19:fd:37:
18:56:be:2c:6f:c1:37:b3:2d:a3:c9:57:89:e3:7b:11:da:d9:
9f:ff:af:86:25:47:17:31:e3:9e:c4:ca:26:df:3c:2e:bd:f8:
17:50:4b:35:e8:aa:b0:02:31:c2:da:50:be:f2:5b:2a:89:d6:
e3:c2:05:fb:8f:52:a5:18:77:f5:33:0a:3c:9a:88:c4:98:9c:
bb:e2:b1:d7:d3:43:a5:1b:d6:65:1f:5e:94:68:ae:a8:3c:c0:
78:a8:f2:3d:a9:65:fe:b4:7d:0d:5a:4f:b7:2e:a1:02:d8:58:
46:b4:86:87:f9:51:62:63:92:f5:10:4f:d2:31:b9:d8:6c:a9:
94:33:d4:83:db:25:fd:f1:53:4e:11:d8:08:fd:f9:f0:4d:0d:
c1:20:c5:36:93:b7:03:14:8a:97:fc:0f:d2:fd:c8:40:08:f4:
19:54:2b:d6:e9:d3:3b:f5:4b:55:92:0d:98:f3:36:3f:af:21:
66:88:b6:d6
-----BEGIN CERTIFICATE-----
MIIGWzCCBUOgAwIBAgISAZFSbQGfyEYtYzgHJVpdtPaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODE0MTk0NjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmRkYWNjNTE1NjZiMDU1ZTFmMzE5OWFjNGQwMTc2YjZkYzgzMzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRiD3hIfQ7BB/kD7DCoHvzuCvB3o
rP5/h5StJs292m71TdX3ZATiDfPcTj8Yz330CWxHd+fjoR2ALktCvnPMQYODNuJb
ckzqM+dtyTXz7/enV77NGv2Fy0SWGLCV5z/Vksms6HgQXqF12UdCb2u5tqI5y7p7
xp4TMTax7yVekgEiBZElF5gyToEfIaPlrPMbUtdkScvON8iJqKuXmG9E7SUuB+XZ
e/iCFDVJZEODdu14/I8OEtVxhHh8zC0hyRo5NInZBQ6xmfQ/YAmSuF7DcZiKausk
xo+7VGRO0rGCNFp+rcSApBLvOYTQA/fxwzwkiQH04cfaQjzxwcA15JVfcwIDAQAB
o4IDZzCCA2MwHQYDVR0OBBYEFCLdrMUVZrBV4fMZmsTQF2ttyDOXMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvSXQyc3hSVm1zRlhoOHhtYXhOQVhhMjNJTTVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBewYIKwYBBQUHAQcBAf8EggFqMIIBZjCCAWIEAgABMIIB
WgMEAAUq2gMEAB8p/QMEAS1XfAMEAC1XfwMEAC2AfAMEAC2AgAMEAC2BxgMEAD4D
BwMEAD4DHzAMAwQATUhTAwQATUhUAwQAVPxFAwQAWJcLAwQAWJdwAwQAWJdzAwQC
WNq4AwQAW76eAwQAW9EfAwQAW9JEAwQAW9JHAwQAW9SpAwQAW+TXAwQBW+/UAwQA
Xo/mAwQAbc0+AwQAkhNvAwQAkhN4AwQAkv+6AwQAsHQRAwQAsHYmAwQAsH5iAwQA
sH5mAwQBuW3sAwQAuW3vAwQAuYAqAwQAuYDgAwQAudEyAwQBudOoAwQAudOrAwQB
udakAwQAudanAwQAwQA+AwQAwRFBAwQAwSG8AwQAwWixAwQAwcg9AwQAweSBAwQA
weSDAwQAwjveAwQAwjxMAwQAwm77AwQAwyNpAwQAw0BnMAwDBADDRaEDBADDRaID
BADD06QDBADUaxkwDQYJKoZIhvcNAQELBQADggEBACf6w3cC4lTVY1grOQwi9/sq
CJYATCn4E6USlvv8sXh00CUJaUifGc7aeL8gJ//ubUvagSUGpmxhCbIpsGQy6P3u
l3JlPxn9NxhWvixvwTezLaPJV4njexHa2Z//r4YlRxcx457EyibfPC69+BdQSzXo
qrACMcLaUL7yWyqJ1uPCBfuPUqUYd/UzCjyaiMSYnLvisdfTQ6Ub1mUfXpRorqg8
wHio8j2pZf60fQ1aT7cuoQLYWEa0hof5UWJjkvUQT9IxudhsqZQz1IPbJf3xU04R
2Aj9+fBNDcEgxTaTtwMUipf8D9L9yEAI9BlUK9bp0zv1S1WSDZjzNj+vIWaIttY=
-----END CERTIFICATE-----
Generated at Mon Aug 19 20:43:45 2024 by rpki-client on console-fra.rpki-client.org