Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MMTl6z4Yn2tpZRntRu6D5nwZyiE.roa
File: MMTl6z4Yn2tpZRntRu6D5nwZyiE.roa (raw, json)
Hash identifier: QMy8CwlxLQt+dqfFJr062yKgppo9RsEv697TqxH0KNA=
Subject key identifier: 30:C4:E5:EB:3E:18:9F:6B:69:65:19:ED:46:EE:83:E6:7C:19:CA:21
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019082FECA52BAA41DB3693F17D69CAD273E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MMTl6z4Yn2tpZRntRu6D5nwZyiE.roa
Signing time: Fri 05 Jul 2024 13:04:14 +0000
ROA not before: Fri 05 Jul 2024 13:04:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.221.120.0/22 maxlen: 24
45.66.229.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
45.81.242.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.5.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.161.0/24 maxlen: 24
193.42.32.0/23 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Jul 2024 14:09:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:82:fe:ca:52:ba:a4:1d:b3:69:3f:17:d6:9c:ad:27:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 5 13:04:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30c4e5eb3e189f6b696519ed46ee83e67c19ca21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:53:7a:19:6a:d0:6c:43:d9:f5:e9:51:d8:fe:
b3:2b:3d:30:12:ad:ef:0c:1a:b9:d6:4a:97:fa:55:
8e:c9:9e:3d:d7:04:9e:75:50:77:50:01:27:ce:bb:
1b:20:b0:39:c9:94:85:df:64:57:31:81:70:89:3a:
fc:79:6a:9e:7b:b2:de:f4:03:5a:ee:69:ee:74:3b:
6a:a7:00:ed:13:f9:b1:cc:36:8d:17:c4:01:9f:8e:
12:b7:87:56:18:ef:5d:f4:17:3f:c2:42:68:30:f7:
85:21:e4:b2:08:af:32:f5:05:7a:f4:45:e9:10:07:
94:6f:74:73:9f:58:be:76:02:80:96:a5:44:2b:2c:
0f:2a:b6:51:6e:97:2c:28:5d:63:6c:a2:ca:f8:af:
bb:8d:28:a0:57:d3:bf:60:7e:6b:1f:74:d9:b4:b9:
e2:c0:cc:64:60:b1:dd:c4:c1:04:22:0d:ef:29:2b:
bd:b5:10:ad:e3:fd:01:88:00:97:24:01:7c:ed:af:
62:56:48:31:06:5e:03:b6:61:73:04:69:68:ce:9c:
33:cb:b3:43:8e:f9:f6:99:82:0c:c3:e9:ef:e1:b2:
27:2c:97:23:66:f4:43:59:77:ef:c7:ad:87:72:4e:
d9:0f:ce:5e:81:60:87:4f:ef:8c:8c:57:35:c7:7d:
42:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:C4:E5:EB:3E:18:9F:6B:69:65:19:ED:46:EE:83:E6:7C:19:CA:21
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MMTl6z4Yn2tpZRntRu6D5nwZyiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.66.229.0/24
45.81.241.0-45.81.242.255
45.144.152.0-45.144.154.255
45.149.233.0/24
45.151.88.0/23
83.219.97.0/24
84.21.174.0/23
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
94.156.78.0/24
141.98.1.0/24
141.98.5.0/24
147.78.102.0/24
171.22.17.0/24
171.22.31.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
185.222.161.0/24
193.42.32.0/23
193.149.2.0/23
194.55.224.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:5d:9e:c7:d0:63:2e:60:ea:9e:ef:ba:78:ab:2e:9a:e9:3d:
70:05:9d:4f:d3:ed:a6:72:72:9a:3c:7a:ac:6b:88:18:e8:66:
6d:eb:d4:04:a5:a9:3c:33:1d:84:70:35:aa:8a:d6:38:c5:f1:
03:e0:c0:97:7e:a4:18:ef:a7:b7:57:0b:50:dd:7f:29:8b:c3:
1c:98:e4:f1:2b:00:71:60:fe:c2:43:94:ce:6b:4d:f8:dc:6b:
38:64:31:ad:38:85:ee:74:27:3e:3f:f9:8f:e2:78:14:bd:46:
19:32:06:b5:49:35:98:18:76:19:6e:e6:39:20:8f:7c:81:89:
9a:a8:eb:b7:2e:e6:fc:f4:6c:e8:eb:91:df:bf:49:fb:1e:58:
a5:9a:d2:5f:bd:39:47:32:71:55:06:c7:49:e7:3d:57:38:1c:
ac:9e:27:e7:4d:85:56:99:ad:89:20:44:96:1e:2d:f0:f0:f7:
47:66:04:31:95:15:d3:6a:7f:ac:c3:b4:de:bd:96:45:1e:46:
a5:d5:f8:2d:e2:02:29:f1:b1:75:5a:09:63:f1:22:6c:84:96:
9d:b7:be:55:45:b6:82:79:7f:39:31:3e:72:0a:b6:56:60:0c:
46:89:00:2d:33:93:f3:f2:d9:8b:83:0d:84:40:92:72:79:e7:
2d:8f:be:d6
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAZCC/spSuqQds2k/F9acrSc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzA1MTMwNDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGM0ZTVlYjNlMTg5ZjZiNjk2NTE5ZWQ0NmVlODNlNjdjMTljYTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFN6GWrQbEPZ9elR2P6zKz0wEq3v
DBq51kqX+lWOyZ491wSedVB3UAEnzrsbILA5yZSF32RXMYFwiTr8eWqee7Le9ANa
7mnudDtqpwDtE/mxzDaNF8QBn44St4dWGO9d9Bc/wkJoMPeFIeSyCK8y9QV69EXp
EAeUb3Rzn1i+dgKAlqVEKywPKrZRbpcsKF1jbKLK+K+7jSigV9O/YH5rH3TZtLni
wMxkYLHdxMEEIg3vKSu9tRCt4/0BiACXJAF87a9iVkgxBl4DtmFzBGlozpwzy7ND
jvn2mYIMw+nv4bInLJcjZvRDWXfvx62Hck7ZD85egWCHT++MjFc1x31COQIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFDDE5es+GJ9raWUZ7Ubug+Z8GcohMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTU1UbDZ6NFluMnRwWlJudFJ1NkQ1bndaeWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBAIl
3XgDBAAtQuUwDAMEAC1R8QMEAC1R8jAMAwQDLZCYAwQALZCaAwQALZXpAwQBLZdY
AwQAU9thAwQBVBWuAwQAV3hXAwQAV3ktAwQAV3ndAwQBXHfEAwQCXpqgAwQAXpwL
AwQAXpxOAwQAjWIBAwQAjWIFAwQAk05mAwQAqxYRAwQAqxYfAwQCqxZIAwQAstfg
AwQCudhUAwQCudpUAwQAud6hAwQBwSogAwQBwZUCAwQBwjfgMA0GCSqGSIb3DQEB
CwUAA4IBAQBMXZ7H0GMuYOqe77p4qy6a6T1wBZ1P0+2mcnKaPHqsa4gY6GZt69QE
pak8Mx2EcDWqitY4xfED4MCXfqQY76e3VwtQ3X8pi8McmOTxKwBxYP7CQ5TOa034
3Gs4ZDGtOIXudCc+P/mP4ngUvUYZMga1STWYGHYZbuY5II98gYmaqOu3Lub89Gzo
65Hfv0n7HlilmtJfvTlHMnFVBsdJ5z1XOBysnifnTYVWma2JIESWHi3w8PdHZgQx
lRXTan+sw7TevZZFHkal1fgt4gIp8bF1Wglj8SJshJadt75VRbaCeX85MT5yCrZW
YAxGiQAtM5Pz8tmLgw2EQJJyeectj77W
-----END CERTIFICATE-----
Generated at Fri Jul 5 16:10:30 2024 by rpki-client on console-fra.rpki-client.org