Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-YdENlodFS_mGH3ZlDXSlBmQaV8.roa
File: 1-YdENlodFS_mGH3ZlDXSlBmQaV8.roa (raw, json)
Hash identifier: dAqHOZ3AU4teYYJkTMGI9HORFhNOxXXtokBSAzz4hGQ=
Subject key identifier: F9:87:44:36:5A:1D:15:2F:E6:18:7D:D9:94:35:D2:94:19:90:69:5F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0190E92970760A3441BEB09AB4AB9739CBD9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-YdENlodFS_mGH3ZlDXSlBmQaV8.roa
Signing time: Thu 25 Jul 2024 09:12:05 +0000
ROA not before: Thu 25 Jul 2024 09:12:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.58.95.0/24 maxlen: 24
45.8.92.0/24 maxlen: 24
45.84.222.0/24 maxlen: 24
45.88.90.0/24 maxlen: 24
45.128.96.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
84.54.48.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
93.123.24.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
94.156.10.0/24 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.79.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
147.78.103.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.35.18.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.42.32.0/23 maxlen: 24
193.222.96.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
195.178.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jul 2024 13:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e9:29:70:76:0a:34:41:be:b0:9a:b4:ab:97:39:cb:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 25 09:12:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f98744365a1d152fe6187dd99435d2941990695f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:98:52:a2:0c:be:23:1f:88:70:37:c3:48:6e:
a5:b3:d6:5a:01:5c:24:a5:f4:9e:44:61:87:74:b7:
19:28:c6:9c:bd:d2:97:73:7b:9f:7d:08:23:7a:68:
f4:22:ed:dc:1f:18:84:c6:f8:28:6e:1d:9e:86:c7:
41:93:d7:a6:b1:84:02:c7:b1:00:5f:b5:ba:57:57:
e8:94:b6:e0:75:b3:6b:8e:fc:e3:f0:2b:64:b8:53:
2d:41:df:03:71:90:cd:24:fa:87:9a:d9:86:02:b2:
53:94:ae:06:18:b3:f6:88:e4:3b:f5:fc:75:db:68:
4e:82:fe:4a:e8:cd:ef:0b:ec:ce:13:32:09:f6:0a:
c1:0b:0c:0a:59:c6:55:e7:1a:96:7f:2c:cf:e4:21:
02:46:14:58:4a:90:84:5f:f4:27:b6:59:77:3d:9e:
af:9b:67:2e:05:d8:1b:fd:e7:23:17:a4:b0:26:8c:
7f:e1:10:7d:07:9f:d0:e4:b0:ef:31:fb:97:88:d9:
2d:69:b3:ef:46:fb:e2:94:6e:9c:ef:73:21:19:a0:
52:11:fa:8d:ef:5b:87:35:87:69:ea:85:b1:6d:e4:
94:ce:34:90:be:b9:1c:c2:21:eb:6c:44:21:dd:17:
6c:2c:41:11:fd:bb:83:0d:e2:cf:81:5e:ae:df:76:
32:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:87:44:36:5A:1D:15:2F:E6:18:7D:D9:94:35:D2:94:19:90:69:5F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-YdENlodFS_mGH3ZlDXSlBmQaV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
45.8.92.0/24
45.84.222.0/24
45.88.90.0/24
45.128.96.0/24
45.128.232.0/24
45.144.154.0/24
45.151.89.0/24
80.76.51.0/24
81.161.238.0/24
83.219.97.0/24
84.21.174.0/23
84.54.48.0/24
84.54.51.0/24
85.31.47.0/24
87.120.87.0/24
87.121.38.0/24
87.121.45.0/24
87.121.58.0/24
87.121.69.0/24
87.121.221.0/24
91.92.16.0/24
92.119.196.0/23
93.123.24.0/24
93.123.39.0/24
94.103.124.0/24
94.154.160.0/22
94.156.2.0/24
94.156.8.0/24
94.156.10.0/23
94.156.79.0/24
141.98.1.0/24
141.98.4.0/24
147.78.102.0/23
171.22.72.0/22
178.215.224.0/24
185.216.70.0/24
185.216.84.0/22
185.218.84.0/22
193.35.18.0/24
193.37.41.0/24
193.37.44.0/24
193.42.32.0/23
193.222.96.0/24
194.48.251.0/24
194.55.224.0/24
195.178.110.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:85:07:23:2f:f0:c4:f0:ce:fb:37:f5:20:89:8b:17:59:d4:
b5:82:74:22:a0:52:2e:b3:e0:12:b3:36:24:3b:b8:fa:15:2e:
97:b7:7a:ed:2f:5c:da:d6:9c:2f:89:31:d3:4c:50:ed:61:d7:
0c:5c:7d:c9:77:59:cd:4a:28:fb:85:fa:ca:46:dd:f4:24:0e:
68:29:bd:a6:74:a2:84:ed:09:7a:5f:ae:cd:0b:8e:15:f2:2f:
54:88:4e:54:38:5d:ca:e1:84:92:dd:39:48:99:8a:00:b5:67:
65:65:81:1f:bf:92:0d:d7:7f:40:b7:8a:7e:12:5b:ab:e1:90:
43:a6:6d:49:25:9b:e5:40:b0:06:8b:49:63:31:56:04:28:25:
66:f7:fe:0e:28:ee:82:91:94:15:d1:04:5f:01:ab:15:25:ed:
d8:06:66:2c:c7:0b:5f:e2:ad:72:2a:df:ff:b0:16:1d:f3:be:
f0:5b:7f:21:da:c8:97:10:0d:fb:4c:45:99:da:48:bc:38:59:
b4:e5:ec:cb:5f:75:6d:db:59:9b:10:24:74:b4:0c:ed:85:12:
c5:a4:e5:20:5a:f4:d2:e4:e4:33:34:53:73:47:bd:63:30:96:
77:55:65:a1:a5:f6:8f:0a:76:0f:3f:f1:27:d3:8b:27:77:9e:
2f:2b:12:ed
-----BEGIN CERTIFICATE-----
MIIGHDCCBQSgAwIBAgISAZDpKXB2CjRBvrCatKuXOcvZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzI1MDkxMjA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTg3NDQzNjVhMWQxNTJmZTYxODdkZDk5NDM1ZDI5NDE5OTA2OTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmphSogy+Ix+IcDfDSG6ls9ZaAVwk
pfSeRGGHdLcZKMacvdKXc3uffQgjemj0Iu3cHxiExvgobh2ehsdBk9emsYQCx7EA
X7W6V1folLbgdbNrjvzj8CtkuFMtQd8DcZDNJPqHmtmGArJTlK4GGLP2iOQ79fx1
22hOgv5K6M3vC+zOEzIJ9grBCwwKWcZV5xqWfyzP5CECRhRYSpCEX/Qntll3PZ6v
m2cuBdgb/ecjF6SwJox/4RB9B5/Q5LDvMfuXiNktabPvRvvilG6c73MhGaBSEfqN
71uHNYdp6oWxbeSUzjSQvrkcwiHrbEQh3RdsLEER/buDDeLPgV6u33YyyQIDAQAB
o4IDKDCCAyQwHQYDVR0OBBYEFPmHRDZaHRUv5hh92ZQ10pQZkGlfMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS1ZZEVObG9kRlNfbUdIM1psRFhTbEJtUWFWOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCATsGCCsGAQUFBwEHAQH/BIIBKjCCASYwggEiBAIAATCC
ARoDBAACOl8DBAAtCFwDBAAtVN4DBAAtWFoDBAAtgGADBAAtgOgDBAAtkJoDBAAt
l1kDBABQTDMDBABRoe4DBABT22EDBAFUFa4DBABUNjADBABUNjMDBABVHy8DBABX
eFcDBABXeSYDBABXeS0DBABXeToDBABXeUUDBABXed0DBABbXBADBAFcd8QDBABd
exgDBABdeycDBABeZ3wDBAJemqADBABenAIDBABenAgDBAFenAoDBABenE8DBACN
YgEDBACNYgQDBAGTTmYDBAKrFkgDBACy1+ADBAC52EYDBAK52FQDBAK52lQDBADB
IxIDBADBJSkDBADBJSwDBAHBKiADBADB3mADBADCMPsDBADCN+ADBADDsm4wDQYJ
KoZIhvcNAQELBQADggEBAI2FByMv8MTwzvs39SCJixdZ1LWCdCKgUi6z4BKzNiQ7
uPoVLpe3eu0vXNrWnC+JMdNMUO1h1wxcfcl3Wc1KKPuF+spG3fQkDmgpvaZ0ooTt
CXpfrs0LjhXyL1SITlQ4XcrhhJLdOUiZigC1Z2VlgR+/kg3Xf0C3in4SW6vhkEOm
bUklm+VAsAaLSWMxVgQoJWb3/g4o7oKRlBXRBF8BqxUl7dgGZizHC1/irXIq3/+w
Fh3zvvBbfyHayJcQDftMRZnaSLw4WbTl7MtfdW3bWZsQJHS0DO2FEsWk5SBa9NLk
5DM0U3NHvWMwlndVZaGl9o8Kdg8/8SfTiyd3ni8rEu0=
-----END CERTIFICATE-----
Generated at Thu Jul 25 17:10:08 2024 by rpki-client on console-fra.rpki-client.org