Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5J2-aqu3GHCmT90SzsfyLtnjthI.roa
File: 5J2-aqu3GHCmT90SzsfyLtnjthI.roa (raw, json)
Hash identifier: oLHARAivRp7BrluzD/PvW/k6oBLnHlCl8V/H5Qrsflw=
Subject key identifier: E4:9D:BE:6A:AB:B7:18:70:A6:4F:DD:12:CE:C7:F2:2E:D9:E3:B6:12
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DCC91DF844B9C6472E808D9C23DED1D90
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5J2-aqu3GHCmT90SzsfyLtnjthI.roa
Signing time: Wed 21 Feb 2024 16:48:48 +0000
ROA not before: Wed 21 Feb 2024 16:48:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1
IP address blocks: 2.59.252.0/24 maxlen: 24
37.221.120.0/22 maxlen: 24
45.9.157.0/24 maxlen: 24
45.14.164.0/24 maxlen: 24
45.66.229.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
87.120.32.0/24 maxlen: 24
87.120.34.0/24 maxlen: 24
87.120.35.0/24 maxlen: 24
87.120.64.0/23 maxlen: 24
87.120.89.0/24 maxlen: 24
87.120.220.0/23 maxlen: 24
87.121.56.0/24 maxlen: 24
87.121.57.0/24 maxlen: 24
87.121.100.0/24 maxlen: 24
87.121.101.0/24 maxlen: 24
88.218.76.0/22 maxlen: 24
94.103.126.0/24 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.59.30.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 20:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cc:91:df:84:4b:9c:64:72:e8:08:d9:c2:3d:ed:1d:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 21 16:48:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e49dbe6aabb71870a64fdd12cec7f22ed9e3b612
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:41:b7:72:28:52:4e:87:da:8c:51:b8:6a:84:
2f:2e:d1:aa:94:a6:95:35:5d:4d:d2:56:92:0d:c6:
c3:1f:c2:f6:c1:5e:af:28:2b:d9:bc:e2:02:b0:00:
bd:58:78:09:71:1b:c8:bb:ef:29:c6:51:6a:4a:6d:
d6:79:10:9e:4b:be:69:2a:7a:6e:4c:64:92:9b:30:
1e:35:39:67:00:76:30:03:d7:78:3f:19:41:5e:90:
33:ef:89:79:65:90:45:11:44:4a:12:11:97:59:ed:
e9:1c:90:e8:cc:0e:cf:e4:85:2a:a7:bb:ae:e3:28:
40:a9:7a:b1:6c:76:93:50:8c:63:ac:e0:39:93:02:
6c:61:15:f3:e4:86:cc:ca:6a:2f:1b:98:6e:d4:f8:
a0:44:eb:12:14:b8:6f:f4:84:70:d6:55:bb:96:11:
35:d0:ef:c6:25:f2:d5:64:e7:c4:0a:31:9f:ac:00:
e8:0c:fe:ba:5f:34:4b:cc:bc:0a:cd:42:4f:20:2e:
f6:26:8a:a9:d5:9d:9e:83:67:a1:ba:9b:64:33:c3:
b7:20:59:90:ad:a3:58:c2:3c:da:e7:4c:9e:d0:df:
a3:8e:7a:a5:25:1b:9f:58:b2:9b:5d:ab:d5:5d:81:
fe:8e:21:fb:8f:d9:d0:d0:17:88:02:12:64:68:3b:
8c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:9D:BE:6A:AB:B7:18:70:A6:4F:DD:12:CE:C7:F2:2E:D9:E3:B6:12
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5J2-aqu3GHCmT90SzsfyLtnjthI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.252.0/24
37.221.120.0/22
45.9.157.0/24
45.14.164.0/24
45.66.229.0/24
45.81.241.0/24
45.144.152.0-45.144.154.255
45.149.233.0/24
45.151.88.0/24
84.21.173.0/24
87.120.32.0/24
87.120.34.0/23
87.120.64.0/23
87.120.89.0/24
87.120.220.0/23
87.121.56.0/23
87.121.100.0/23
88.218.76.0/22
94.103.126.0/24
94.156.11.0/24
94.156.78.0/24
141.98.1.0/24
193.149.2.0/23
194.59.30.0/24
194.169.174.0/24
Signature Algorithm: sha256WithRSAEncryption
60:65:02:13:94:8a:1f:ba:d6:a2:ca:de:c5:77:75:7a:15:ae:
23:c4:72:f0:82:44:9c:f7:29:c6:2d:5b:5a:db:db:09:a1:a6:
f4:0d:05:ef:84:8b:57:aa:43:3d:ae:b8:2a:4b:51:21:40:c3:
0a:c4:f7:3d:45:00:c4:5b:ff:9d:fc:0e:8b:82:24:61:9f:bc:
a6:ca:aa:04:64:c5:12:94:01:a9:14:c8:70:3f:2e:7b:73:60:
e7:a4:43:0c:67:83:6b:42:c2:7a:08:23:9e:6d:ed:d5:01:96:
1c:fc:91:10:26:0e:b8:1f:db:34:8b:d6:16:dd:df:b8:0e:ee:
aa:24:20:be:a5:93:41:3b:ea:db:96:2b:0d:13:51:e2:a8:d6:
73:ea:84:4b:94:56:59:3c:e3:2b:6f:7d:7a:82:49:29:3e:da:
91:6a:3b:11:48:ce:48:f0:3b:16:a5:66:61:de:3f:87:a8:3b:
b3:f6:07:f3:38:2d:c4:04:95:07:3c:3e:53:0b:c4:45:34:07:
c0:1c:73:61:37:c4:38:06:c4:cf:c7:f3:ef:6f:c5:1b:ae:72:
4a:f7:8c:95:ed:23:86:d0:3f:f5:44:12:01:44:1f:f4:9c:3f:
02:86:d1:80:7c:52:26:3c:18:49:17:a4:bf:fd:01:7f:1c:1c:
06:26:bf:ba
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAY3Mkd+ES5xkcugI2cI97R2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjIxMTY0ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDlkYmU2YWFiYjcxODcwYTY0ZmRkMTJjZWM3ZjIyZWQ5ZTNiNjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUG3cihSTofajFG4aoQvLtGqlKaV
NV1N0laSDcbDH8L2wV6vKCvZvOICsAC9WHgJcRvIu+8pxlFqSm3WeRCeS75pKnpu
TGSSmzAeNTlnAHYwA9d4PxlBXpAz74l5ZZBFEURKEhGXWe3pHJDozA7P5IUqp7uu
4yhAqXqxbHaTUIxjrOA5kwJsYRXz5IbMymovG5hu1PigROsSFLhv9IRw1lW7lhE1
0O/GJfLVZOfECjGfrADoDP66XzRLzLwKzUJPIC72Joqp1Z2eg2ehuptkM8O3IFmQ
raNYwjza50ye0N+jjnqlJRufWLKbXavVXYH+jiH7j9nQ0BeIAhJkaDuM1QIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFOSdvmqrtxhwpk/dEs7H8i7Z47YSMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNUoyLWFxdTNHSENtVDkwU3pzZnlMdG5qdGhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAAC
O/wDBAIl3XgDBAAtCZ0DBAAtDqQDBAAtQuUDBAAtUfEwDAMEAy2QmAMEAC2QmgME
AC2V6QMEAC2XWAMEAFQVrQMEAFd4IAMEAVd4IgMEAVd4QAMEAFd4WQMEAVd43AME
AVd5OAMEAVd5ZAMEAljaTAMEAF5nfgMEAF6cCwMEAF6cTgMEAI1iAQMEAcGVAgME
AMI7HgMEAMKprjANBgkqhkiG9w0BAQsFAAOCAQEAYGUCE5SKH7rWosrexXd1ehWu
I8Ry8IJEnPcpxi1bWtvbCaGm9A0F74SLV6pDPa64KktRIUDDCsT3PUUAxFv/nfwO
i4IkYZ+8psqqBGTFEpQBqRTIcD8ue3Ng56RDDGeDa0LCeggjnm3t1QGWHPyRECYO
uB/bNIvWFt3fuA7uqiQgvqWTQTvq25YrDRNR4qjWc+qES5RWWTzjK299eoJJKT7a
kWo7EUjOSPA7FqVmYd4/h6g7s/YH8zgtxASVBzw+UwvERTQHwBxzYTfEOAbEz8fz
72/FG65ySveMle0jhtA/9UQSAUQf9Jw/AobRgHxSJjwYSRekv/0BfxwcBia/ug==
-----END CERTIFICATE-----
Generated at Thu Feb 22 00:46:10 2024 by rpki-client on console-ams.rpki-client.org