Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IFA3MD5eYGQ3eEQQTdxBhKsPBPU.roa
File: IFA3MD5eYGQ3eEQQTdxBhKsPBPU.roa (raw, json)
Hash identifier: m95A9K9Jnv+WNvZb/Io4gI6HTlxIqNtWfxLYVvD/Oxw=
Subject key identifier: 20:50:37:30:3E:5E:60:64:37:78:44:10:4D:DC:41:84:AB:0F:04:F5
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0190344B8121D924B5EB07B76EBDF6A9AD26
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IFA3MD5eYGQ3eEQQTdxBhKsPBPU.roa
Signing time: Thu 20 Jun 2024 06:18:01 +0000
ROA not before: Thu 20 Jun 2024 06:18:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.221.120.0/22 maxlen: 24
45.66.229.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
45.81.242.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.149.242.0/24 maxlen: 24
45.149.243.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
82.115.211.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.33.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.86.0/23 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.42.32.0/23 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Jun 2024 10:34:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:34:4b:81:21:d9:24:b5:eb:07:b7:6e:bd:f6:a9:ad:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 20 06:18:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=205037303e5e6064377844104ddc4184ab0f04f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:51:3b:c0:e6:64:fc:62:ac:9f:5f:3b:5b:75:
cd:5e:54:80:fd:78:30:26:56:68:09:ca:d9:5d:c8:
5f:b6:7f:ff:70:47:cc:74:85:b1:d8:36:6d:30:dd:
d5:54:e5:bd:58:5f:ff:5b:6b:5b:0b:b5:77:1d:4b:
a1:3c:77:2a:a0:0e:b5:8d:eb:25:bf:5c:ab:70:46:
2e:a3:b8:5b:9b:3e:ef:7f:53:d8:53:af:ce:28:7f:
d8:36:16:c0:11:a7:6a:1c:32:5a:59:a5:c6:71:d4:
a4:33:a0:b5:dc:ec:b0:f3:30:d3:eb:93:7e:2a:ac:
80:8f:18:22:3b:9e:b9:cf:29:60:1f:3a:a2:b4:db:
3a:a9:73:ce:8a:19:3f:dc:3a:57:a9:30:5c:f7:47:
45:20:e4:54:9c:9b:5a:ef:d0:51:1e:c1:e4:6b:1b:
d3:96:41:e7:ba:69:3f:4f:cc:b7:29:41:33:24:21:
aa:fc:44:87:ba:c5:4c:47:bd:93:22:82:38:45:25:
9f:3a:ba:e5:92:4c:bb:2b:d6:f1:2a:f0:9b:95:df:
7d:3c:d4:61:eb:24:51:cf:ba:ba:07:f7:27:33:0c:
c2:47:fd:e7:53:7e:51:b7:26:6d:39:4b:26:bc:a8:
97:4d:4d:fa:93:c4:b1:cc:03:90:86:f3:6c:79:e3:
3a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:50:37:30:3E:5E:60:64:37:78:44:10:4D:DC:41:84:AB:0F:04:F5
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IFA3MD5eYGQ3eEQQTdxBhKsPBPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.66.229.0/24
45.81.241.0-45.81.242.255
45.88.88.0/24
45.144.152.0-45.144.154.255
45.149.233.0/24
45.149.242.0/23
45.151.88.0/23
82.115.211.0/24
83.219.97.0/24
84.21.174.0/23
87.120.33.0/24
87.120.87.0/24
87.121.45.0/24
87.121.86.0/23
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
94.156.78.0/24
95.214.25.0-95.214.26.255
141.98.1.0/24
141.98.7.0/24
147.78.102.0/24
171.22.17.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
193.42.32.0/23
193.149.2.0/23
194.48.248.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
30:00:b5:66:2a:ac:62:19:47:7d:c9:77:a3:01:b9:18:f5:46:
42:72:73:ce:0e:dd:14:d7:0f:10:6b:75:a2:4c:b1:86:f2:fc:
45:97:81:84:9b:4e:f4:1c:45:bc:db:fd:49:79:ff:2c:1e:e4:
d5:53:bf:87:9c:b4:31:55:9b:54:c7:da:04:1f:dc:de:ef:cd:
5f:b7:09:56:93:d6:5c:dd:b7:3e:fd:41:0d:3d:30:2a:b8:15:
6b:d0:c1:5f:fb:b3:7e:3e:68:10:a8:a9:8c:a2:58:39:fc:c1:
d3:0d:32:d1:9f:01:17:43:b8:91:46:45:23:fa:d1:2a:a8:e1:
1d:cf:15:69:a0:06:db:9a:bb:91:38:3d:6e:7f:80:5d:be:92:
7a:1d:22:ee:e0:8a:4f:25:dc:8c:68:a1:3b:22:60:c5:2d:27:
af:22:9d:9c:6a:d9:d9:ef:76:ed:61:4a:b8:af:d7:94:9b:cd:
e2:1a:da:ae:af:05:3b:3d:ad:32:a0:f6:1e:99:a3:26:53:81:
2b:a9:87:e7:fd:c9:90:17:27:3f:59:c5:17:f7:6f:79:a6:6c:
5e:13:9e:39:60:fa:48:cc:39:c2:12:58:72:f2:65:b5:e9:79:
b8:d5:1b:dc:12:0a:3e:f3:c6:dd:30:a4:bb:dc:73:a4:fb:65:
5d:92:20:2c
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAZA0S4Eh2SS16we3br32qa0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjIwMDYxODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDUwMzczMDNlNWU2MDY0Mzc3ODQ0MTA0ZGRjNDE4NGFiMGYwNGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FE7wOZk/GKsn187W3XNXlSA/Xgw
JlZoCcrZXchftn//cEfMdIWx2DZtMN3VVOW9WF//W2tbC7V3HUuhPHcqoA61jesl
v1yrcEYuo7hbmz7vf1PYU6/OKH/YNhbAEadqHDJaWaXGcdSkM6C13Oyw8zDT65N+
KqyAjxgiO565zylgHzqitNs6qXPOihk/3DpXqTBc90dFIORUnJta79BRHsHkaxvT
lkHnumk/T8y3KUEzJCGq/ESHusVMR72TIoI4RSWfOrrlkky7K9bxKvCbld99PNRh
6yRRz7q6B/cnMwzCR/3nU35RtyZtOUsmvKiXTU36k8SxzAOQhvNseeM6zQIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFCBQNzA+XmBkN3hEEE3cQYSrDwT1MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSUZBM01ENWVZR1EzZUVRUVRkeEJoS3NQQlBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCB5QQCAAEwgd4DBAIl
3XgDBAAtQuUwDAMEAC1R8QMEAC1R8gMEAC1YWDAMAwQDLZCYAwQALZCaAwQALZXp
AwQBLZXyAwQBLZdYAwQAUnPTAwQAU9thAwQBVBWuAwQAV3ghAwQAV3hXAwQAV3kt
AwQBV3lWAwQAV3ndAwQBXHfEAwQCXpqgAwQAXpwLAwQAXpxOMAwDBABf1hkDBABf
1hoDBACNYgEDBACNYgcDBACTTmYDBACrFhEDBAKrFkgDBACy1+ADBAK52FQDBAK5
2lQDBAHBKiADBAHBlQIDBADCMPgDBADCN+AwDQYJKoZIhvcNAQELBQADggEBADAA
tWYqrGIZR33Jd6MBuRj1RkJyc84O3RTXDxBrdaJMsYby/EWXgYSbTvQcRbzb/Ul5
/ywe5NVTv4ectDFVm1TH2gQf3N7vzV+3CVaT1lzdtz79QQ09MCq4FWvQwV/7s34+
aBCoqYyiWDn8wdMNMtGfARdDuJFGRSP60Sqo4R3PFWmgBtuau5E4PW5/gF2+knod
Iu7gik8l3IxooTsiYMUtJ68inZxq2dnvdu1hSriv15SbzeIa2q6vBTs9rTKg9h6Z
oyZTgSuph+f9yZAXJz9ZxRf3b3mmbF4Tnjlg+kjMOcISWHLyZbXpebjVG9wSCj7z
xt0wpLvcc6T7ZV2SICw=
-----END CERTIFICATE-----
Generated at Thu Jun 20 14:44:46 2024 by rpki-client on console-fra.rpki-client.org