Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2kIf9vqHbZbQhalbqusNTAOoR8I.roa
File: 2kIf9vqHbZbQhalbqusNTAOoR8I.roa (raw, json)
Hash identifier: lUfpSXEmd+ec2blNdmGIfLywcx/FohMyKuwhW1Yh/IM=
Subject key identifier: DA:42:1F:F6:FA:87:6D:96:D0:85:A9:5B:AA:EB:0D:4C:03:A8:47:C2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01904DF97EA37BFDB7FF243981DC1CE02B46
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2kIf9vqHbZbQhalbqusNTAOoR8I.roa
Signing time: Tue 25 Jun 2024 05:58:34 +0000
ROA not before: Tue 25 Jun 2024 05:58:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.221.120.0/22 maxlen: 24
45.66.229.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
45.81.242.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.149.242.0/24 maxlen: 24
45.149.243.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
82.115.211.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.33.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.162.0/24 maxlen: 24
193.42.32.0/23 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Jun 2024 10:55:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4d:f9:7e:a3:7b:fd:b7:ff:24:39:81:dc:1c:e0:2b:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 25 05:58:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da421ff6fa876d96d085a95baaeb0d4c03a847c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7c:39:77:e2:5d:a5:75:1d:da:ee:b5:ec:cb:
de:b3:d1:8d:b4:fa:5e:56:89:26:20:58:cc:77:09:
11:13:13:b1:0c:8d:6b:21:e8:d4:b1:70:47:44:b3:
f2:5e:9d:12:01:79:a8:c5:88:08:a9:6c:ba:b7:7e:
e4:f6:16:a5:6f:d3:30:da:60:c0:2b:f8:60:41:46:
0c:df:75:2e:82:01:b7:06:99:9c:d0:45:73:19:91:
18:ce:61:0c:97:07:59:86:1e:90:c9:b3:21:d0:36:
bf:9b:9b:70:3e:aa:2b:c9:ea:79:76:4c:71:5e:61:
6a:a1:9c:9c:a4:55:ff:fd:e3:26:77:f4:b5:8c:bc:
f5:47:09:84:4f:28:1f:b8:96:44:4a:97:70:96:d3:
41:f5:d8:b8:19:a2:2b:e1:d0:c3:52:0e:aa:9f:df:
19:6d:a9:58:23:c6:dc:77:c4:33:cd:ce:1f:68:0b:
2d:68:d5:4f:b2:a9:1d:c2:0b:a1:25:bc:f8:73:cf:
9e:a7:ef:8e:16:c1:b8:e6:5b:91:da:05:d4:c5:95:
9d:79:85:3d:19:d0:31:30:c7:b9:b6:83:ae:83:93:
8e:78:b1:cc:be:bc:4a:6c:a8:22:18:d4:2b:d1:48:
bf:25:83:90:d1:f3:f8:14:5b:57:4e:16:c6:69:eb:
42:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:42:1F:F6:FA:87:6D:96:D0:85:A9:5B:AA:EB:0D:4C:03:A8:47:C2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2kIf9vqHbZbQhalbqusNTAOoR8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.66.229.0/24
45.81.241.0-45.81.242.255
45.88.64.0/24
45.88.88.0/24
45.144.152.0-45.144.154.255
45.149.233.0/24
45.149.242.0/23
45.151.88.0/23
82.115.211.0/24
83.219.97.0/24
84.21.174.0/23
87.120.33.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
94.156.78.0/24
95.214.25.0-95.214.26.255
141.98.1.0/24
147.78.102.0/24
171.22.17.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
185.222.162.0/24
193.42.32.0/23
193.149.2.0/23
194.48.248.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
36:5b:84:23:b0:de:7e:9d:f0:67:e5:26:4a:7b:a1:cc:34:0d:
b3:a0:77:38:7f:88:de:67:50:4a:6e:8f:43:e0:40:ed:a2:97:
7f:80:72:e8:9e:47:0c:0b:24:50:e0:08:b5:33:5c:62:92:a9:
65:22:2d:18:a3:eb:c2:f6:6e:41:8a:4c:86:ce:f4:72:39:f5:
7b:6e:f8:ad:c2:c4:66:5e:90:fb:6f:70:8c:37:28:27:15:f1:
e0:af:76:a0:22:6f:f6:c0:2e:09:31:94:49:fa:21:35:da:ed:
8a:b9:cd:cf:ec:d4:74:56:60:d3:76:b1:e5:c6:34:a7:91:9c:
05:a5:a9:ea:07:46:e2:d7:96:7e:f6:2d:4e:38:0f:93:ce:fd:
5c:67:dd:5a:1c:4f:5a:a0:20:0d:d8:2b:04:aa:85:14:31:89:
b9:50:fc:53:61:d5:a0:fd:87:5a:5f:0b:f3:d9:97:94:66:93:
10:b4:9c:dd:72:e4:ce:d7:4d:27:19:96:fd:a9:01:32:b5:32:
17:a3:6f:61:f4:70:f6:aa:0c:6e:55:fe:18:5d:6a:12:5d:8b:
e0:95:29:a2:1a:1c:16:01:95:72:a1:cf:9c:16:df:dd:0e:71:
96:29:12:91:f2:c9:e5:40:f8:2e:47:19:11:91:a4:74:47:45:
50:7e:10:ac
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAZBN+X6je/23/yQ5gdwc4CtGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjI1MDU1ODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTQyMWZmNmZhODc2ZDk2ZDA4NWE5NWJhYWViMGQ0YzAzYTg0N2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHw5d+JdpXUd2u617Mves9GNtPpe
VokmIFjMdwkRExOxDI1rIejUsXBHRLPyXp0SAXmoxYgIqWy6t37k9halb9Mw2mDA
K/hgQUYM33UuggG3Bpmc0EVzGZEYzmEMlwdZhh6QybMh0Da/m5twPqoryep5dkxx
XmFqoZycpFX//eMmd/S1jLz1RwmETygfuJZESpdwltNB9di4GaIr4dDDUg6qn98Z
balYI8bcd8Qzzc4faAstaNVPsqkdwguhJbz4c8+ep++OFsG45luR2gXUxZWdeYU9
GdAxMMe5toOug5OOeLHMvrxKbKgiGNQr0Ui/JYOQ0fP4FFtXThbGaetCCwIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFNpCH/b6h22W0IWpW6rrDUwDqEfCMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMmtJZjl2cUhiWmJRaGFsYnF1c05UQU9vUjhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCB5QQCAAEwgd4DBAIl
3XgDBAAtQuUwDAMEAC1R8QMEAC1R8gMEAC1YQAMEAC1YWDAMAwQDLZCYAwQALZCa
AwQALZXpAwQBLZXyAwQBLZdYAwQAUnPTAwQAU9thAwQBVBWuAwQAV3ghAwQAV3hX
AwQAV3ktAwQAV3ndAwQBXHfEAwQCXpqgAwQAXpwLAwQAXpxOMAwDBABf1hkDBABf
1hoDBACNYgEDBACTTmYDBACrFhEDBAKrFkgDBACy1+ADBAK52FQDBAK52lQDBAC5
3qIDBAHBKiADBAHBlQIDBADCMPgDBADCN+AwDQYJKoZIhvcNAQELBQADggEBADZb
hCOw3n6d8GflJkp7ocw0DbOgdzh/iN5nUEpuj0PgQO2il3+AcuieRwwLJFDgCLUz
XGKSqWUiLRij68L2bkGKTIbO9HI59Xtu+K3CxGZekPtvcIw3KCcV8eCvdqAib/bA
LgkxlEn6ITXa7Yq5zc/s1HRWYNN2seXGNKeRnAWlqeoHRuLXln72LU44D5PO/Vxn
3VocT1qgIA3YKwSqhRQxiblQ/FNh1aD9h1pfC/PZl5RmkxC0nN1y5M7XTScZlv2p
ATK1Mhejb2H0cPaqDG5V/hhdahJdi+CVKaIaHBYBlXKhz5wW390OcZYpEpHyyeVA
+C5HGRGRpHRHRVB+EKw=
-----END CERTIFICATE-----
Generated at Tue Jun 25 15:11:14 2024 by rpki-client on console-fra.rpki-client.org