Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5_4Lwtza2eNHiirGxmBXS4BH2Tg.roa
File: 5_4Lwtza2eNHiirGxmBXS4BH2Tg.roa (raw, json)
Hash identifier: BbDBnmr+fFOsKDww5pCSF67udxFGlaNp2As6zW9+WTU=
Subject key identifier: E7:FE:0B:C2:DC:DA:D9:E3:47:8A:2A:C6:C6:60:57:4B:80:47:D9:38
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018FBE7002CBFE8977107C89F6E85407BE5B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5_4Lwtza2eNHiirGxmBXS4BH2Tg.roa
Signing time: Tue 28 May 2024 09:02:42 +0000
ROA not before: Tue 28 May 2024 09:02:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.221.120.0/22 maxlen: 24
45.9.157.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
45.81.242.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.86.0/23 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.42.32.0/23 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 May 2024 13:30:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:be:70:02:cb:fe:89:77:10:7c:89:f6:e8:54:07:be:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 28 09:02:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7fe0bc2dcdad9e3478a2ac6c660574b8047d938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0a:e4:ed:17:76:e3:e4:5c:e4:a7:db:04:1e:
e3:6e:76:99:db:5d:1b:bd:92:89:a0:96:e8:1e:db:
54:cb:c2:c5:b6:c0:5a:6a:36:d1:53:4f:04:82:b0:
95:a0:a4:54:19:4b:f4:0b:88:13:ea:41:44:f9:c6:
2d:ae:d8:1b:20:6a:c8:7e:ab:05:3e:aa:45:41:4e:
b4:2a:15:f4:21:91:ee:67:44:e2:90:76:16:3f:c6:
d5:7a:c6:52:2e:60:e5:47:a1:87:ac:cf:50:12:83:
e7:3a:2a:ec:9a:01:cb:b7:75:0c:1f:c4:a0:08:c3:
a5:9d:13:04:f6:49:62:66:12:12:46:c2:ce:f8:1f:
03:8f:25:c1:8f:dc:cb:94:ba:04:4b:b6:39:19:d4:
9f:64:7d:93:0a:da:a9:7a:e0:8b:1d:3b:59:44:a8:
59:bc:6f:7d:84:ac:cb:96:c7:4a:4d:f3:f6:99:aa:
fe:8e:05:b3:5d:af:cb:5b:b6:40:6f:95:19:9c:88:
84:f9:b4:b6:95:0d:73:c0:06:32:4d:40:56:60:8f:
e4:74:07:67:5b:52:5c:35:90:dc:1a:de:8e:8f:02:
27:4a:cd:90:59:29:a1:7b:66:42:d2:73:f7:9d:49:
3e:1f:bd:1b:cb:d0:7f:97:91:6b:85:c3:b3:f7:2a:
d8:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:FE:0B:C2:DC:DA:D9:E3:47:8A:2A:C6:C6:60:57:4B:80:47:D9:38
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5_4Lwtza2eNHiirGxmBXS4BH2Tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.9.157.0/24
45.81.241.0-45.81.242.255
45.88.88.0/24
45.144.152.0-45.144.154.255
45.149.233.0/24
45.151.88.0/23
83.219.97.0/24
84.21.174.0/23
87.120.87.0/24
87.121.45.0/24
87.121.86.0/23
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
95.214.25.0-95.214.26.255
141.98.1.0/24
147.78.102.0/24
171.22.17.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
193.42.32.0/23
193.149.2.0/23
194.48.248.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
67:d5:ea:a9:9a:03:35:fc:34:ab:ba:37:c9:71:b5:fb:88:33:
59:1c:56:19:36:ee:0d:82:bf:4d:cc:53:b3:1f:3b:1b:1d:b5:
45:2b:5a:0e:d1:54:2c:a5:9e:61:5b:51:a6:41:4c:e9:af:5f:
aa:6b:17:f9:2f:12:89:f6:33:5c:2f:d0:96:7f:aa:e1:86:73:
8c:6d:28:50:91:de:45:fb:01:67:2a:9e:a9:d7:73:76:c9:c9:
c8:2b:b5:a7:83:38:8b:cd:49:60:3a:ee:63:73:a6:5a:1c:7c:
51:f6:73:18:21:28:2f:2e:15:92:ea:9a:a8:8b:36:b2:e3:d9:
c8:24:25:8a:de:20:7a:77:d7:ce:8b:ea:07:e2:c2:2f:ee:00:
92:41:67:a9:b4:f6:25:70:f0:4b:dc:28:f5:5d:af:9c:5c:78:
58:79:d2:ed:f4:cc:62:19:74:65:16:8a:53:a4:75:0e:0f:d9:
20:28:4a:b7:35:bc:e5:65:38:f7:e6:f0:15:f2:f7:d4:33:04:
20:26:10:a3:3c:1b:79:78:fd:8a:ec:07:1f:d6:4f:d2:e3:8d:
49:92:54:0e:c7:9e:d0:68:cd:1d:e7:74:c9:5d:a9:f1:43:bc:
19:b0:99:61:ad:4c:ee:69:fe:b7:89:fd:17:81:c7:14:0c:5e:
fd:48:f0:65
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAY++cALL/ol3EHyJ9uhUB75bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNTI4MDkwMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2ZlMGJjMmRjZGFkOWUzNDc4YTJhYzZjNjYwNTc0YjgwNDdkOTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgrk7Rd24+Rc5KfbBB7jbnaZ210b
vZKJoJboHttUy8LFtsBaajbRU08EgrCVoKRUGUv0C4gT6kFE+cYtrtgbIGrIfqsF
PqpFQU60KhX0IZHuZ0TikHYWP8bVesZSLmDlR6GHrM9QEoPnOirsmgHLt3UMH8Sg
CMOlnRME9kliZhISRsLO+B8DjyXBj9zLlLoES7Y5GdSfZH2TCtqpeuCLHTtZRKhZ
vG99hKzLlsdKTfP2mar+jgWzXa/LW7ZAb5UZnIiE+bS2lQ1zwAYyTUBWYI/kdAdn
W1JcNZDcGt6OjwInSs2QWSmhe2ZC0nP3nUk+H70by9B/l5FrhcOz9yrYHwIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFOf+C8Lc2tnjR4oqxsZgV0uAR9k4MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNV80THd0emEyZU5IaWlyR3htQlhTNEJIMlRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBxwQCAAEwgcADBAIl
3XgDBAAtCZ0wDAMEAC1R8QMEAC1R8gMEAC1YWDAMAwQDLZCYAwQALZCaAwQALZXp
AwQBLZdYAwQAU9thAwQBVBWuAwQAV3hXAwQAV3ktAwQBV3lWAwQAV3ndAwQBXHfE
AwQCXpqgAwQAXpwLMAwDBABf1hkDBABf1hoDBACNYgEDBACTTmYDBACrFhEDBAKr
FkgDBACy1+ADBAK52FQDBAK52lQDBAHBKiADBAHBlQIDBADCMPgDBADCN+AwDQYJ
KoZIhvcNAQELBQADggEBAGfV6qmaAzX8NKu6N8lxtfuIM1kcVhk27g2Cv03MU7Mf
OxsdtUUrWg7RVCylnmFbUaZBTOmvX6prF/kvEon2M1wv0JZ/quGGc4xtKFCR3kX7
AWcqnqnXc3bJycgrtaeDOIvNSWA67mNzplocfFH2cxghKC8uFZLqmqiLNrLj2cgk
JYreIHp3186L6gfiwi/uAJJBZ6m09iVw8EvcKPVdr5xceFh50u30zGIZdGUWilOk
dQ4P2SAoSrc1vOVlOPfm8BXy99QzBCAmEKM8G3l4/YrsBx/WT9LjjUmSVA7HntBo
zR3ndMldqfFDvBmwmWGtTO5p/reJ/ReBxxQMXv1I8GU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:24 2024 by rpki-client on console-ams.rpki-client.org