Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/G8tqyevX5hO0QHWjLh2TdegMvtI.roa
File: G8tqyevX5hO0QHWjLh2TdegMvtI.roa (raw, json)
Hash identifier: b/c/UAb7M8vxDNMYkhuJuXR8EsF7q5jdgwR9TMLAd+0=
Subject key identifier: 1B:CB:6A:C9:EB:D7:E6:13:B4:40:75:A3:2E:1D:93:75:E8:0C:BE:D2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DC567ABC3AA97C2BBAA61B9158536EF51
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/G8tqyevX5hO0QHWjLh2TdegMvtI.roa
Signing time: Tue 20 Feb 2024 07:25:22 +0000
ROA not before: Tue 20 Feb 2024 07:25:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 37.221.120.0/22 maxlen: 24
85.209.132.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
192.145.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 16:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c5:67:ab:c3:aa:97:c2:bb:aa:61:b9:15:85:36:ef:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 20 07:25:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bcb6ac9ebd7e613b44075a32e1d9375e80cbed2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a2:f1:5a:a5:d5:f3:91:31:b8:be:8e:9e:f6:
e1:28:f2:0d:56:a8:67:43:90:1a:60:3a:d7:ce:87:
f7:12:5f:98:38:60:b2:ab:dc:91:01:57:50:5c:f3:
53:29:66:2c:ef:9d:b1:ae:04:7f:da:bc:fd:ef:a9:
27:4d:b2:5b:4a:c7:37:5c:6a:9c:fb:53:5c:38:cd:
f8:ab:44:c7:1e:e8:84:c4:68:ee:e8:10:9b:4e:de:
12:37:db:a5:41:38:ac:95:b2:f0:55:72:d1:07:ee:
a2:ca:14:fe:4d:5e:28:78:d3:c7:8c:39:1b:9d:bf:
ca:8d:e7:f1:b5:f8:62:4e:08:0f:4e:c7:76:09:a4:
a8:d3:b5:ae:0f:1a:20:c3:8d:71:c5:2d:ee:7a:86:
24:46:30:af:60:97:61:a5:69:e2:14:ba:cb:49:5b:
85:02:ce:76:16:56:2d:6d:fe:90:62:89:86:19:2e:
cc:d7:59:96:d2:e2:83:40:6f:3d:d2:db:b1:64:bb:
b7:30:3b:c1:99:66:41:b1:dc:1c:b4:97:b7:56:92:
cf:ac:3e:5f:19:97:da:ba:5e:a9:d7:43:d5:72:45:
5e:e2:d2:58:07:42:5a:4b:f6:d1:cb:cf:cb:06:da:
29:d4:7d:6a:6b:e9:a6:99:d6:10:5d:16:06:fc:e3:
f4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:CB:6A:C9:EB:D7:E6:13:B4:40:75:A3:2E:1D:93:75:E8:0C:BE:D2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/G8tqyevX5hO0QHWjLh2TdegMvtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
85.209.132.0/24
178.215.226.0/24
185.225.73.0/24
192.145.28.0/22
Signature Algorithm: sha256WithRSAEncryption
09:4c:a7:aa:be:b8:73:19:62:fa:41:e6:e6:66:94:b0:8f:fa:
69:ab:43:0e:55:6d:44:bd:ae:71:0b:39:e4:8f:7f:8b:b4:55:
bb:bd:80:ac:81:27:00:e2:1f:64:ac:2b:a3:9c:63:5f:94:e2:
a7:dc:fd:03:64:13:a0:74:85:ab:c0:2b:fb:c9:1f:94:73:35:
98:97:5f:1c:21:c1:3a:ae:a4:9a:49:3f:3c:e6:70:0c:79:cf:
40:e6:ac:6d:eb:d7:52:22:c6:5a:e3:f8:4f:39:f6:da:df:b0:
f2:8c:6c:25:9c:92:05:fe:8b:99:bd:51:ba:d6:fd:59:5d:b3:
9b:7c:3f:6b:50:ff:64:9f:7b:e2:b2:7e:95:d0:f8:d0:7d:46:
5a:13:17:e2:cb:d3:18:58:76:c5:84:62:2d:9f:13:4f:7d:81:
1e:f0:74:aa:d5:da:64:32:1a:49:96:ab:e4:a5:14:75:6f:71:
a6:e6:a0:45:cd:4e:fc:cd:1a:d3:44:b1:4e:0f:68:de:45:86:
b5:cb:e4:87:e5:0e:95:a0:90:a6:b5:b6:65:10:8d:ac:aa:84:
38:01:c1:1a:24:57:c6:bd:10:c7:04:25:66:a1:29:6b:df:36:
ca:ec:c6:f4:bf:0a:0b:b1:bb:5b:16:72:99:d8:cd:ab:f4:a7:
19:fb:cb:31
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY3FZ6vDqpfCu6phuRWFNu9RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjIwMDcyNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmNiNmFjOWViZDdlNjEzYjQ0MDc1YTMyZTFkOTM3NWU4MGNiZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqLxWqXV85ExuL6OnvbhKPINVqhn
Q5AaYDrXzof3El+YOGCyq9yRAVdQXPNTKWYs752xrgR/2rz976knTbJbSsc3XGqc
+1NcOM34q0THHuiExGju6BCbTt4SN9ulQTislbLwVXLRB+6iyhT+TV4oeNPHjDkb
nb/KjefxtfhiTggPTsd2CaSo07WuDxogw41xxS3ueoYkRjCvYJdhpWniFLrLSVuF
As52FlYtbf6QYomGGS7M11mW0uKDQG890tuxZLu3MDvBmWZBsdwctJe3VpLPrD5f
GZfaul6p10PVckVe4tJYB0JaS/bRy8/LBtop1H1qa+mmmdYQXRYG/OP0mwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBvLasnr1+YTtEB1oy4dk3XoDL7SMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRzh0cXlldlg1aE8wUUhXakxoMlRkZWdNdnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCJd14AwQA
VdGEAwQAstfiAwQAueFJAwQCwJEcMA0GCSqGSIb3DQEBCwUAA4IBAQAJTKeqvrhz
GWL6QebmZpSwj/ppq0MOVW1Eva5xCznkj3+LtFW7vYCsgScA4h9krCujnGNflOKn
3P0DZBOgdIWrwCv7yR+UczWYl18cIcE6rqSaST885nAMec9A5qxt69dSIsZa4/hP
Ofba37DyjGwlnJIF/ouZvVG61v1ZXbObfD9rUP9kn3visn6V0PjQfUZaExfiy9MY
WHbFhGItnxNPfYEe8HSq1dpkMhpJlqvkpRR1b3Gm5qBFzU78zRrTRLFOD2jeRYa1
y+SH5Q6VoJCmtbZlEI2sqoQ4AcEaJFfGvRDHBCVmoSlr3zbK7Mb0vwoLsbtbFnKZ
2M2r9KcZ+8sx
-----END CERTIFICATE-----
Generated at Wed Feb 21 21:59:54 2024 by rpki-client on console-ams.rpki-client.org