Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1l5EaefNxc07p5-1HmBfo7j42EY.roa
File: 1l5EaefNxc07p5-1HmBfo7j42EY.roa (raw, json)
Hash identifier: y3JO2zqTkcpRzwsX7H4W8oZaknMV2e3lk0xvY0XJvZU=
Subject key identifier: D6:5E:44:69:E7:CD:C5:CD:3B:A7:9F:B5:1E:60:5F:A3:B8:F8:D8:46
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01948841472A1C7B48560C61C217F34B324B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1l5EaefNxc07p5-1HmBfo7j42EY.roa
Signing time: Tue 21 Jan 2025 09:46:06 +0000
ROA not before: Tue 21 Jan 2025 09:46:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214238
IP address blocks: 5.253.56.0/24 maxlen: 24
5.253.57.0/24 maxlen: 24
5.253.58.0/24 maxlen: 24
31.169.124.0/24 maxlen: 24
31.169.125.0/24 maxlen: 24
31.169.126.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.95.0.0/24 maxlen: 24
45.95.2.0/24 maxlen: 24
45.128.234.0/24 maxlen: 24
45.128.235.0/24 maxlen: 24
87.120.92.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
87.120.219.0/24 maxlen: 24
87.120.222.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
87.121.216.0/24 maxlen: 24
93.123.31.0/24 maxlen: 24
94.125.102.0/24 maxlen: 24
94.125.103.0/24 maxlen: 24
185.207.14.0/24 maxlen: 24
185.207.15.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.8.184.0/24 maxlen: 24
193.8.186.0/24 maxlen: 24
193.8.187.0/24 maxlen: 24
193.148.56.0/24 maxlen: 24
193.148.57.0/24 maxlen: 24
193.148.58.0/24 maxlen: 24
193.148.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Jan 2025 10:09:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:88:41:47:2a:1c:7b:48:56:0c:61:c2:17:f3:4b:32:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 21 09:46:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d65e4469e7cdc5cd3ba79fb51e605fa3b8f8d846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:3b:f2:ff:71:72:1c:83:e5:28:21:5e:9a:1e:
0a:d1:e7:85:48:a6:9d:85:a2:36:05:22:58:25:c4:
cd:a8:78:de:e3:ab:bd:0d:0b:a7:c0:a4:65:20:a9:
a0:00:05:4c:ce:fa:aa:26:98:c1:ad:73:13:5c:1e:
df:7f:44:75:70:07:e2:6b:8d:b6:00:84:c4:60:b8:
d5:6d:04:89:93:b4:2e:4f:f4:2d:45:10:cc:3e:d5:
69:4f:f3:f0:c8:2d:87:1d:98:3b:9d:66:9d:fc:a0:
d6:fe:7f:00:30:9c:b8:a7:e8:95:19:d1:cb:13:92:
10:8a:8d:11:77:5e:04:38:be:4e:1b:2e:63:e4:db:
4b:e6:c8:2d:d5:77:c4:71:81:a1:85:61:cd:12:38:
2d:4e:fb:21:6a:7b:76:88:fe:cc:af:e9:f9:dd:16:
c8:db:e0:f8:67:a6:27:0c:7b:b1:e2:52:4e:bf:60:
eb:68:3f:45:92:ca:7d:f9:c5:43:6f:dc:66:a8:aa:
28:9c:0d:ca:d0:56:bd:55:85:91:0a:b3:10:1e:6f:
d1:22:37:e2:3b:8f:1c:d1:7d:e9:86:09:c7:b4:43:
94:59:ad:77:37:c8:55:e2:1b:35:fb:d6:a7:23:97:
07:ad:d6:07:2c:81:2e:a7:40:ea:f4:4a:3c:35:23:
65:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:5E:44:69:E7:CD:C5:CD:3B:A7:9F:B5:1E:60:5F:A3:B8:F8:D8:46
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1l5EaefNxc07p5-1HmBfo7j42EY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0-5.253.58.255
31.169.124.0/22
45.88.66.0/24
45.95.0.0/24
45.95.2.0/24
45.128.234.0/23
87.120.92.0/24
87.120.108.0/24
87.120.196.0/24
87.120.205.0/24
87.120.216.0/24
87.120.219.0/24
87.120.222.0/24
87.121.47.0/24
87.121.216.0/24
93.123.31.0/24
94.125.102.0/23
185.207.14.0/23
185.252.179.0/24
193.8.184.0/24
193.8.186.0/23
193.148.56.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:a6:24:a2:1b:2d:07:69:cf:8b:bc:89:bb:54:05:0f:5c:a3:
07:fd:5f:56:6a:a3:8d:ae:8e:3f:ea:59:3b:8f:bc:14:1c:40:
13:b2:e0:14:d6:bb:45:74:f5:37:85:7c:a3:43:a2:7b:25:dd:
4a:79:12:f1:be:54:08:5d:55:24:cb:ba:5a:6f:8e:07:9f:99:
1e:c0:38:f2:6f:d1:67:96:7e:f0:76:2e:b3:1d:85:f3:7d:6f:
85:5f:89:0e:34:f6:ed:fa:84:b3:b5:ec:34:fc:99:e6:b3:fb:
d3:46:d8:1a:5c:45:28:ba:20:d4:37:ab:ba:e1:95:5e:87:51:
df:c7:25:0c:10:c0:0d:13:88:78:11:af:96:49:1b:4a:f6:f1:
62:84:41:11:8c:b0:b6:56:d7:d6:2d:82:a3:22:99:e7:4c:44:
9a:97:b3:de:86:7e:13:4e:cb:f7:74:9a:20:28:e6:ba:05:70:
1f:f1:14:a0:4f:18:f4:c0:9b:87:d5:1c:73:41:ea:6f:68:93:
91:db:31:6b:43:f4:34:9b:3f:c0:0d:44:a8:3f:20:d1:84:e8:
2c:f5:a2:19:1a:c2:88:9a:4c:61:75:0c:ad:d6:5b:a2:e1:31:
f3:78:75:2a:62:de:e4:ba:e5:5f:ae:64:7f:51:a7:6a:75:73:
34:08:20:8f
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZSIQUcqHHtIVgxhwhfzSzJLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTIxMDk0NjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjVlNDQ2OWU3Y2RjNWNkM2JhNzlmYjUxZTYwNWZhM2I4ZjhkODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5zvy/3FyHIPlKCFemh4K0eeFSKad
haI2BSJYJcTNqHje46u9DQunwKRlIKmgAAVMzvqqJpjBrXMTXB7ff0R1cAfia422
AITEYLjVbQSJk7QuT/QtRRDMPtVpT/PwyC2HHZg7nWad/KDW/n8AMJy4p+iVGdHL
E5IQio0Rd14EOL5OGy5j5NtL5sgt1XfEcYGhhWHNEjgtTvshant2iP7Mr+n53RbI
2+D4Z6YnDHux4lJOv2DraD9Fksp9+cVDb9xmqKoonA3K0Fa9VYWRCrMQHm/RIjfi
O48c0X3phgnHtEOUWa13N8hV4hs1+9anI5cHrdYHLIEup0Dq9Eo8NSNlXwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFNZeRGnnzcXNO6eftR5gX6O4+NhGMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMWw1RWFlZk54YzA3cDUtMUhtQmZvN2o0MkVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwwDAME
AwX9OAMEAAX9OgMEAh+pfAMEAC1YQgMEAC1fAAMEAC1fAgMEAS2A6gMEAFd4XAME
AFd4bAMEAFd4xAMEAFd4zQMEAFd42AMEAFd42wMEAFd43gMEAFd5LwMEAFd52AME
AF17HwMEAV59ZgMEAbnPDgMEALn8swMEAMEIuAMEAcEIugMEAsGUODANBgkqhkiG
9w0BAQsFAAOCAQEAsqYkohstB2nPi7yJu1QFD1yjB/1fVmqjja6OP+pZO4+8FBxA
E7LgFNa7RXT1N4V8o0OieyXdSnkS8b5UCF1VJMu6Wm+OB5+ZHsA48m/RZ5Z+8HYu
sx2F831vhV+JDjT27fqEs7XsNPyZ5rP700bYGlxFKLog1DeruuGVXodR38clDBDA
DROIeBGvlkkbSvbxYoRBEYywtlbX1i2CoyKZ50xEmpez3oZ+E07L93SaICjmugVw
H/EUoE8Y9MCbh9Ucc0Hqb2iTkdsxa0P0NJs/wA1EqD8g0YToLPWiGRrCiJpMYXUM
rdZbouEx83h1KmLe5LrlX65kf1GnanVzNAggjw==
-----END CERTIFICATE-----
Generated at Tue May 13 16:45:11 2025 by rpki-client