Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Kif2qxR1jpVN_J2sx77Vt2HE8O4.roa
File: Kif2qxR1jpVN_J2sx77Vt2HE8O4.roa (raw, json)
Hash identifier: j7MFzjo5HwzJw30/uWidd7phALwn56eIlDYQqzmwAtI=
Subject key identifier: 2A:27:F6:AB:14:75:8E:95:4D:FC:9D:AC:C7:BE:D5:B7:61:C4:F0:EE
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019103CB5E427A4718CA7FD44A968DCD629A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Kif2qxR1jpVN_J2sx77Vt2HE8O4.roa
Signing time: Tue 30 Jul 2024 13:19:05 +0000
ROA not before: Tue 30 Jul 2024 13:19:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.58.95.0/24 maxlen: 24
45.8.92.0/24 maxlen: 24
45.88.90.0/24 maxlen: 24
45.128.96.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
84.54.48.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
93.123.39.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
94.156.10.0/24 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.79.0/24 maxlen: 24
109.206.237.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
147.78.103.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.35.18.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
195.178.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Aug 2024 08:56:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:03:cb:5e:42:7a:47:18:ca:7f:d4:4a:96:8d:cd:62:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 30 13:19:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a27f6ab14758e954dfc9dacc7bed5b761c4f0ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8d:12:2c:53:41:78:c0:d7:54:cc:71:2b:c7:
91:8c:b3:84:65:88:3c:b4:85:cc:5d:f4:4c:96:6a:
3a:40:6f:b8:85:db:58:8b:cf:9e:f6:0e:94:9d:8d:
70:4e:6b:f1:56:aa:8b:5e:17:46:d8:62:f0:d1:7f:
3d:98:ec:c5:4b:66:96:3f:d0:de:86:c0:36:7c:2a:
99:d1:cb:2a:c9:fe:d7:21:d7:81:88:ab:5c:ae:13:
62:2f:91:ed:e8:ab:2e:0b:df:66:28:a5:7b:ed:c3:
db:bd:69:26:00:08:93:be:51:d0:18:27:ac:9f:c3:
73:f1:42:05:4f:d2:37:79:76:dc:e0:f4:b3:d7:fa:
2f:df:e7:dd:55:dd:eb:5d:c2:cd:c1:cf:c3:fc:65:
4f:09:ae:b9:0e:c7:dd:1f:cf:2e:25:45:26:be:51:
c1:37:7b:16:6f:a5:c7:23:c8:1e:5e:c1:eb:59:d7:
ff:ed:02:06:a6:24:bd:c2:ef:58:e7:70:db:29:52:
f9:e9:14:66:a9:43:c7:d0:42:79:8d:26:04:3e:a3:
8b:1d:be:da:62:e1:ee:8c:7d:c9:97:ea:f2:24:49:
9d:ad:0d:1c:67:a1:51:c3:0a:95:eb:f0:b9:b1:ed:
eb:0a:b8:6c:24:ab:b3:15:dc:13:76:aa:4a:ba:44:
a6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:27:F6:AB:14:75:8E:95:4D:FC:9D:AC:C7:BE:D5:B7:61:C4:F0:EE
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Kif2qxR1jpVN_J2sx77Vt2HE8O4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
45.8.92.0/24
45.88.90.0/24
45.128.96.0/24
45.128.232.0/24
45.144.154.0/24
45.151.89.0/24
80.76.51.0/24
81.161.238.0/24
83.219.97.0/24
84.21.174.0/23
84.54.48.0/24
84.54.51.0/24
85.31.47.0/24
87.120.87.0/24
87.121.38.0/24
87.121.45.0/24
87.121.58.0/24
87.121.69.0/24
87.121.221.0/24
91.92.16.0/24
92.119.196.0/23
93.123.39.0/24
94.103.124.0/23
94.154.160.0/22
94.156.2.0/24
94.156.8.0/24
94.156.10.0/23
94.156.79.0/24
109.206.237.0/24
141.98.1.0/24
141.98.4.0/24
147.78.102.0/23
171.22.72.0/22
178.215.224.0/24
185.216.70.0/24
185.216.84.0/22
185.218.84.0/22
193.35.18.0/24
193.37.41.0/24
193.37.44.0/24
193.222.96.0/24
194.48.251.0/24
194.55.224.0/24
195.178.110.0/24
Signature Algorithm: sha256WithRSAEncryption
78:e2:1c:fd:3e:ac:f4:d4:95:b5:2b:4f:28:54:bc:0d:13:44:
0a:5b:c3:72:64:43:11:15:fc:ca:e9:09:7a:6d:c7:c4:c2:6a:
96:20:10:38:ed:e4:0e:32:33:3f:23:7d:c5:5f:4e:6c:9f:44:
37:81:37:02:37:58:f0:7e:fa:e9:30:c3:3f:a1:ab:9b:ff:42:
05:77:56:77:e8:cc:84:7d:b8:92:22:75:72:f3:f9:fa:54:bc:
ba:e1:7c:e0:c3:0b:6f:92:ec:10:27:1c:e2:48:94:b4:e5:b0:
82:d6:5e:e5:11:2b:bf:51:56:02:c4:40:e9:d1:cd:18:7d:3c:
df:86:7d:af:47:02:e6:71:81:98:d1:bd:e1:1e:98:b3:eb:78:
66:ad:66:34:2b:b1:da:a5:0f:a3:8e:cd:17:e6:9d:bd:8b:ad:
a3:a0:0c:bf:85:26:81:90:48:c9:1b:65:7d:4b:bd:2a:81:a4:
2f:e9:61:08:3f:7c:82:b6:67:79:04:0e:89:7c:31:25:ee:5d:
fa:72:fa:c0:7e:c5:89:0b:b3:cd:ce:d2:c8:db:3f:f3:b8:96:
27:4d:47:50:24:d3:0e:bb:b0:4e:39:e6:42:f4:3b:a0:76:b7:
fa:f7:c2:e3:1c:12:22:48:ee:a5:3d:c1:a2:5c:f3:ff:4c:ae:
82:2b:b4:1b
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAZEDy15CekcYyn/USpaNzWKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzMwMTMxOTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTI3ZjZhYjE0NzU4ZTk1NGRmYzlkYWNjN2JlZDViNzYxYzRmMGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvI0SLFNBeMDXVMxxK8eRjLOEZYg8
tIXMXfRMlmo6QG+4hdtYi8+e9g6UnY1wTmvxVqqLXhdG2GLw0X89mOzFS2aWP9De
hsA2fCqZ0csqyf7XIdeBiKtcrhNiL5Ht6KsuC99mKKV77cPbvWkmAAiTvlHQGCes
n8Nz8UIFT9I3eXbc4PSz1/ov3+fdVd3rXcLNwc/D/GVPCa65DsfdH88uJUUmvlHB
N3sWb6XHI8geXsHrWdf/7QIGpiS9wu9Y53DbKVL56RRmqUPH0EJ5jSYEPqOLHb7a
YuHujH3Jl+ryJEmdrQ0cZ6FRwwqV6/C5se3rCrhsJKuzFdwTdqpKukSmkwIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFCon9qsUdY6VTfydrMe+1bdhxPDuMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvS2lmMnF4UjFqcFZOX0oyc3g3N1Z0MkhFOE80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DgMEAAI6XwMEAC0IXAMEAC1YWgMEAC2AYAMEAC2A6AMEAC2QmgMEAC2XWQMEAFBM
MwMEAFGh7gMEAFPbYQMEAVQVrgMEAFQ2MAMEAFQ2MwMEAFUfLwMEAFd4VwMEAFd5
JgMEAFd5LQMEAFd5OgMEAFd5RQMEAFd53QMEAFtcEAMEAVx3xAMEAF17JwMEAV5n
fAMEAl6aoAMEAF6cAgMEAF6cCAMEAV6cCgMEAF6cTwMEAG3O7QMEAI1iAQMEAI1i
BAMEAZNOZgMEAqsWSAMEALLX4AMEALnYRgMEArnYVAMEArnaVAMEAMEjEgMEAMEl
KQMEAMElLAMEAMHeYAMEAMIw+wMEAMI34AMEAMOybjANBgkqhkiG9w0BAQsFAAOC
AQEAeOIc/T6s9NSVtStPKFS8DRNEClvDcmRDERX8yukJem3HxMJqliAQOO3kDjIz
PyN9xV9ObJ9EN4E3AjdY8H766TDDP6Grm/9CBXdWd+jMhH24kiJ1cvP5+lS8uuF8
4MMLb5LsECcc4kiUtOWwgtZe5RErv1FWAsRA6dHNGH0834Z9r0cC5nGBmNG94R6Y
s+t4Zq1mNCux2qUPo47NF+advYuto6AMv4UmgZBIyRtlfUu9KoGkL+lhCD98grZn
eQQOiXwxJe5d+nL6wH7FiQuzzc7SyNs/87iWJ01HUCTTDruwTjnmQvQ7oHa3+vfC
4xwSIkjupT3Bolzz/0yugiu0Gw==
-----END CERTIFICATE-----
Generated at Fri Aug 2 12:06:49 2024 by rpki-client on console-fra.rpki-client.org