Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LmlXm9y2Uz-Zl42TQostsG67ZWE.roa
File: LmlXm9y2Uz-Zl42TQostsG67ZWE.roa (raw, json)
Hash identifier: zvFysx1YbxiXPjXKV50hmUCX+lO6PuiDwXxfNUuwtrU=
Subject key identifier: 2E:69:57:9B:DC:B6:53:3F:99:97:8D:93:42:8B:2D:B0:6E:BB:65:61
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019049677412017020A180A33815D1144F99
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LmlXm9y2Uz-Zl42TQostsG67ZWE.roa
Signing time: Mon 24 Jun 2024 08:40:34 +0000
ROA not before: Mon 24 Jun 2024 08:40:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.221.120.0/22 maxlen: 24
45.66.229.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
45.81.242.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.149.242.0/24 maxlen: 24
45.149.243.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
82.115.211.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.33.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.86.0/23 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.42.32.0/23 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jun 2024 13:40:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:49:67:74:12:01:70:20:a1:80:a3:38:15:d1:14:4f:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 24 08:40:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e69579bdcb6533f99978d93428b2db06ebb6561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0b:57:10:30:f6:a8:46:e1:ee:5a:f8:af:ac:
7c:a5:31:9a:b1:71:27:1f:83:49:0b:99:83:48:19:
51:8e:c3:3a:03:ff:14:6c:62:38:25:64:e5:5e:74:
75:9a:91:8c:80:b1:6a:0f:18:97:67:86:16:99:a7:
9d:8e:62:d5:60:d2:d9:6d:ae:29:b0:76:9c:79:df:
ef:dd:82:17:ea:a9:98:ae:c6:d4:6c:70:75:4c:d6:
d7:61:92:de:db:01:8e:8e:c5:ef:f2:f4:92:32:32:
bc:c1:a0:47:08:04:88:fa:cc:ab:a4:30:8a:d5:8f:
e9:4b:30:ce:0a:83:fe:e1:7e:0b:c7:41:07:26:0b:
b0:90:9f:b2:f4:f7:e2:49:79:46:98:18:6a:56:f7:
8b:ee:b8:19:41:82:f3:96:ac:38:9a:5f:a6:db:94:
3f:46:25:af:d5:d3:d0:af:b0:dd:07:d8:47:30:b4:
a9:8a:33:85:95:44:5c:92:7c:98:c3:74:c6:e6:5c:
1d:7a:8e:e2:38:68:40:de:ce:d8:7c:49:2a:54:d7:
c7:88:4c:8f:ff:45:12:f7:4b:15:58:d8:41:36:a8:
3a:da:04:9c:e1:b5:02:6a:65:f3:d4:0a:c1:e7:54:
23:2c:07:bd:a2:33:32:e3:19:15:03:b0:ea:91:fa:
a7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:69:57:9B:DC:B6:53:3F:99:97:8D:93:42:8B:2D:B0:6E:BB:65:61
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LmlXm9y2Uz-Zl42TQostsG67ZWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.66.229.0/24
45.81.241.0-45.81.242.255
45.88.88.0/24
45.144.152.0-45.144.154.255
45.149.233.0/24
45.149.242.0/23
45.151.88.0/23
82.115.211.0/24
83.219.97.0/24
84.21.174.0/23
87.120.33.0/24
87.120.87.0/24
87.121.45.0/24
87.121.86.0/23
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
94.156.78.0/24
95.214.25.0-95.214.26.255
141.98.1.0/24
147.78.102.0/24
171.22.17.0/24
171.22.72.0/22
178.215.224.0/24
178.215.227.0/24
185.216.84.0/22
185.218.84.0/22
193.42.32.0/23
193.149.2.0/23
194.48.248.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
27:f3:60:cf:dd:70:cd:35:6c:89:f1:08:5b:c8:a5:be:52:b4:
1f:af:cc:20:10:d6:89:48:b9:7b:c6:c2:8d:e4:6d:63:51:2c:
da:f6:83:3a:42:75:3e:dc:f4:0c:85:42:46:02:77:a2:23:b0:
57:c7:33:d7:c2:89:80:91:70:fd:af:d5:39:61:5a:07:6f:71:
97:bf:34:eb:34:6c:91:49:0e:72:fa:be:10:ab:c8:f4:3a:07:
4e:f7:5e:b3:bb:5a:55:1b:cb:69:9c:fd:3f:b3:87:46:a7:ef:
b9:81:37:a1:0b:c1:21:30:cc:2e:ac:39:69:ca:2f:4c:4c:d3:
f4:3f:64:0c:46:6f:95:51:3e:f3:4f:49:24:4c:1f:54:1b:0f:
8c:42:4a:56:58:9b:15:6e:f3:8e:27:8d:73:8f:1e:dd:f2:76:
de:ca:3e:fc:c5:92:e7:dc:62:33:4a:cf:c1:a3:04:b1:af:96:
67:40:d0:58:89:9d:df:c3:b7:6e:5f:ee:c7:34:22:20:04:3f:
63:fa:14:66:e9:2c:15:66:fe:80:d6:24:44:c4:ee:3e:5b:a5:
13:8b:26:0d:72:98:f0:b7:b0:51:cf:cd:ca:35:06:d7:57:cd:
c3:63:8f:e9:98:33:f4:27:88:10:22:7f:c3:87:89:6a:2f:0d:
bf:bf:cc:38
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAZBJZ3QSAXAgoYCjOBXRFE+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjI0MDg0MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTY5NTc5YmRjYjY1MzNmOTk5NzhkOTM0MjhiMmRiMDZlYmI2NTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwtXEDD2qEbh7lr4r6x8pTGasXEn
H4NJC5mDSBlRjsM6A/8UbGI4JWTlXnR1mpGMgLFqDxiXZ4YWmaedjmLVYNLZba4p
sHaced/v3YIX6qmYrsbUbHB1TNbXYZLe2wGOjsXv8vSSMjK8waBHCASI+syrpDCK
1Y/pSzDOCoP+4X4Lx0EHJguwkJ+y9PfiSXlGmBhqVveL7rgZQYLzlqw4ml+m25Q/
RiWv1dPQr7DdB9hHMLSpijOFlURcknyYw3TG5lwdeo7iOGhA3s7YfEkqVNfHiEyP
/0US90sVWNhBNqg62gSc4bUCamXz1ArB51QjLAe9ojMy4xkVA7Dqkfqn3wIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFC5pV5vctlM/mZeNk0KLLbBuu2VhMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTG1sWG05eTJVei1abDQyVFFvc3RzRzY3WldFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCB5QQCAAEwgd4DBAIl
3XgDBAAtQuUwDAMEAC1R8QMEAC1R8gMEAC1YWDAMAwQDLZCYAwQALZCaAwQALZXp
AwQBLZXyAwQBLZdYAwQAUnPTAwQAU9thAwQBVBWuAwQAV3ghAwQAV3hXAwQAV3kt
AwQBV3lWAwQAV3ndAwQBXHfEAwQCXpqgAwQAXpwLAwQAXpxOMAwDBABf1hkDBABf
1hoDBACNYgEDBACTTmYDBACrFhEDBAKrFkgDBACy1+ADBACy1+MDBAK52FQDBAK5
2lQDBAHBKiADBAHBlQIDBADCMPgDBADCN+AwDQYJKoZIhvcNAQELBQADggEBACfz
YM/dcM01bInxCFvIpb5StB+vzCAQ1olIuXvGwo3kbWNRLNr2gzpCdT7c9AyFQkYC
d6IjsFfHM9fCiYCRcP2v1TlhWgdvcZe/NOs0bJFJDnL6vhCryPQ6B073XrO7WlUb
y2mc/T+zh0an77mBN6ELwSEwzC6sOWnKL0xM0/Q/ZAxGb5VRPvNPSSRMH1QbD4xC
SlZYmxVu844njXOPHt3ydt7KPvzFkufcYjNKz8GjBLGvlmdA0FiJnd/Dt25f7sc0
IiAEP2P6FGbpLBVm/oDWJETE7j5bpROLJg1ymPC3sFHPzco1BtdXzcNjj+mYM/Qn
iBAif8OHiWovDb+/zDg=
-----END CERTIFICATE-----
Generated at Mon Jun 24 17:46:38 2024 by rpki-client on console-fra.rpki-client.org