Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CL3UZebSWbyBv6JjKDnT0QeKG4o.roa
File: CL3UZebSWbyBv6JjKDnT0QeKG4o.roa (raw, json)
Hash identifier: 2RYU4huSK7kQUHQUexJyCjNSoYxca2ltT3/D6YRlst4=
Subject key identifier: 08:BD:D4:65:E6:D2:59:BC:81:BF:A2:63:28:39:D3:D1:07:8A:1B:8A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018FBDFCA9DCCDE34082D7224B0C7C2FEABE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CL3UZebSWbyBv6JjKDnT0QeKG4o.roa
Signing time: Tue 28 May 2024 06:56:43 +0000
ROA not before: Tue 28 May 2024 06:56:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.221.120.0/22 maxlen: 24
45.9.157.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.86.0/23 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.42.32.0/23 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 May 2024 09:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bd:fc:a9:dc:cd:e3:40:82:d7:22:4b:0c:7c:2f:ea:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 28 06:56:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08bdd465e6d259bc81bfa2632839d3d1078a1b8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:4e:c9:a7:33:44:e5:d9:54:48:60:ed:78:da:
21:26:66:54:e3:6f:e8:40:32:ec:37:52:40:8e:43:
aa:35:6b:2b:74:94:08:c5:1e:87:be:f0:a8:fb:e7:
9d:c2:43:29:f4:00:56:6b:06:46:8f:51:ef:b4:c1:
d4:07:76:4e:d2:04:32:bf:fc:5a:e2:45:af:8c:e0:
24:c0:2e:e6:17:b9:d4:7c:15:3d:25:e2:48:83:bd:
01:d7:67:8f:b0:24:c5:d4:44:c1:b6:b2:5b:1f:12:
f3:98:f4:2d:5e:4b:95:bb:64:67:cd:07:e5:02:95:
91:f5:bc:78:81:dd:f0:69:92:b4:8b:6b:29:d3:49:
e2:f9:a7:ae:f2:3b:dd:4b:26:5e:57:3e:c9:22:93:
23:dc:62:96:9f:52:f9:0a:77:89:6b:92:37:9f:4f:
72:db:4d:e6:d7:4c:c9:4a:a9:65:93:76:c3:08:e6:
74:c5:2b:b8:84:06:2a:4c:dc:c0:bb:55:26:9c:a7:
d8:18:08:3a:a8:f8:4e:7b:65:db:44:65:59:bc:b4:
3f:09:74:be:91:5e:29:da:45:35:94:72:ba:ba:ba:
77:9d:17:a1:bb:63:ee:87:fa:63:54:78:82:d7:99:
f7:69:56:f7:6a:3e:98:78:84:52:c0:22:4d:63:0a:
1e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:BD:D4:65:E6:D2:59:BC:81:BF:A2:63:28:39:D3:D1:07:8A:1B:8A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CL3UZebSWbyBv6JjKDnT0QeKG4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.9.157.0/24
45.81.241.0/24
45.88.88.0/24
45.144.152.0-45.144.154.255
45.149.233.0/24
45.151.88.0/23
83.219.97.0/24
84.21.174.0/23
87.120.87.0/24
87.121.45.0/24
87.121.86.0/23
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
95.214.25.0-95.214.26.255
141.98.1.0/24
147.78.102.0/24
171.22.17.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
193.42.32.0/23
193.149.2.0/23
194.48.248.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
82:93:15:24:d2:17:11:71:bb:0a:d3:f0:47:00:12:f5:02:d6:
c6:c0:3f:76:c2:42:85:78:8b:97:ca:1e:92:f5:48:66:c0:35:
f0:46:f1:90:71:89:29:91:1c:89:2f:38:eb:2f:40:ea:46:a9:
75:8b:fc:4d:64:17:e2:c5:28:11:37:6c:6f:c0:1c:72:67:bb:
a1:ec:d6:09:79:a1:7e:1b:8b:8a:79:85:bc:56:2b:f0:b6:02:
d9:91:7c:28:bb:8b:1c:7b:d1:c2:27:00:78:5c:74:c4:b0:bf:
05:66:2a:88:7d:07:f1:14:ba:13:44:7b:0f:04:4e:1f:9e:51:
f2:1a:40:cc:c5:db:2d:6f:4b:ce:7e:f2:3a:65:31:56:fe:72:
c4:9e:43:25:1f:e6:d2:76:9a:f1:d3:2a:4c:0c:1e:7b:3c:02:
7d:89:6d:05:65:5f:3a:1e:56:f1:81:75:ae:9d:cc:47:aa:80:
99:47:f1:df:87:26:0b:e2:16:b9:23:88:64:84:1e:90:7c:0f:
89:03:cc:33:80:1e:40:34:a3:01:ae:a7:43:3b:9b:df:dd:20:
47:bc:74:c8:eb:ed:7d:f0:83:10:8d:a7:8c:f6:48:95:11:6f:
21:42:33:8a:b7:19:7f:bb:3f:26:00:64:48:c2:e8:aa:88:6d:
9c:66:84:06
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAY+9/KnczeNAgtciSwx8L+q+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNTI4MDY1NjQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGJkZDQ2NWU2ZDI1OWJjODFiZmEyNjMyODM5ZDNkMTA3OGExYjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhE7JpzNE5dlUSGDteNohJmZU42/o
QDLsN1JAjkOqNWsrdJQIxR6HvvCo++edwkMp9ABWawZGj1HvtMHUB3ZO0gQyv/xa
4kWvjOAkwC7mF7nUfBU9JeJIg70B12ePsCTF1ETBtrJbHxLzmPQtXkuVu2RnzQfl
ApWR9bx4gd3waZK0i2sp00ni+aeu8jvdSyZeVz7JIpMj3GKWn1L5CneJa5I3n09y
203m10zJSqllk3bDCOZ0xSu4hAYqTNzAu1UmnKfYGAg6qPhOe2XbRGVZvLQ/CXS+
kV4p2kU1lHK6urp3nRehu2Puh/pjVHiC15n3aVb3aj6YeIRSwCJNYwoenwIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFAi91GXm0lm8gb+iYyg509EHihuKMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQ0wzVVplYlNXYnlCdjZKaktEblQwUWVLRzRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBAIl
3XgDBAAtCZ0DBAAtUfEDBAAtWFgwDAMEAy2QmAMEAC2QmgMEAC2V6QMEAS2XWAME
AFPbYQMEAVQVrgMEAFd4VwMEAFd5LQMEAVd5VgMEAFd53QMEAVx3xAMEAl6aoAME
AF6cCzAMAwQAX9YZAwQAX9YaAwQAjWIBAwQAk05mAwQAqxYRAwQCqxZIAwQAstfg
AwQCudhUAwQCudpUAwQBwSogAwQBwZUCAwQAwjD4AwQAwjfgMA0GCSqGSIb3DQEB
CwUAA4IBAQCCkxUk0hcRcbsK0/BHABL1AtbGwD92wkKFeIuXyh6S9UhmwDXwRvGQ
cYkpkRyJLzjrL0DqRql1i/xNZBfixSgRN2xvwBxyZ7uh7NYJeaF+G4uKeYW8Vivw
tgLZkXwou4sce9HCJwB4XHTEsL8FZiqIfQfxFLoTRHsPBE4fnlHyGkDMxdstb0vO
fvI6ZTFW/nLEnkMlH+bSdprx0ypMDB57PAJ9iW0FZV86HlbxgXWuncxHqoCZR/Hf
hyYL4ha5I4hkhB6QfA+JA8wzgB5ANKMBrqdDO5vf3SBHvHTI6+198IMQjaeM9kiV
EW8hQjOKtxl/uz8mAGRIwuiqiG2cZoQG
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:27 2024 by rpki-client on console-ams.rpki-client.org