Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NsK14iKxxUBmpKHJD69sYPyeZGg.roa
File: NsK14iKxxUBmpKHJD69sYPyeZGg.roa (raw, json)
Hash identifier: nvqmirwpI0BHKJ9Gib7Z7LoclUtad6IDiBAziShMhg8=
Subject key identifier: 36:C2:B5:E2:22:B1:C5:40:66:A4:A1:C9:0F:AF:6C:60:FC:9E:64:68
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0190833A5DEAA0B9FE07A06023F27B0F8F03
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NsK14iKxxUBmpKHJD69sYPyeZGg.roa
Signing time: Fri 05 Jul 2024 14:09:18 +0000
ROA not before: Fri 05 Jul 2024 14:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.221.120.0/22 maxlen: 24
45.66.229.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
45.81.242.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.5.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.161.0/24 maxlen: 24
193.42.32.0/23 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Jul 2024 23:15:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:83:3a:5d:ea:a0:b9:fe:07:a0:60:23:f2:7b:0f:8f:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 5 14:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36c2b5e222b1c54066a4a1c90faf6c60fc9e6468
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5e:5b:8c:7c:ef:b9:98:bd:b5:42:6a:46:ac:
8e:31:ab:1e:01:d0:1c:16:cb:9c:6d:0a:13:12:bb:
54:11:93:c5:d4:74:6a:3f:e7:6d:0a:52:cd:e0:4c:
99:ad:f8:d3:1a:2a:47:59:70:63:83:ad:f7:e7:7f:
0a:7e:d6:58:75:a3:9a:96:4a:07:42:a2:58:ed:92:
39:eb:51:eb:3b:86:04:94:3a:7a:91:7e:b8:de:d5:
8c:54:23:22:5d:ec:c4:3d:77:30:93:2a:a6:0f:24:
0d:bd:b0:5d:6c:6d:6e:4f:7d:b1:26:e4:78:34:40:
4a:ae:2d:33:a8:33:35:ad:38:5a:bf:cd:c2:0c:2b:
c4:bb:92:4b:04:c2:af:77:c1:a4:94:36:ff:d0:1a:
7f:ff:50:52:c8:be:f1:b8:30:0a:72:ea:1a:6d:8c:
6a:99:32:14:fc:5b:69:fd:60:7e:56:88:f3:73:1d:
bd:68:e0:59:3a:22:55:2e:cd:f7:88:55:5c:46:81:
9f:b2:1d:25:77:62:c3:1c:90:0c:a7:23:da:99:23:
51:ba:d1:91:c6:5d:53:a7:1e:b7:e2:85:ee:6f:35:
2d:03:fb:d3:1d:1c:3c:8c:3b:80:99:f4:69:50:20:
2f:9d:d8:53:fc:ca:fc:5c:4d:5e:20:e4:4a:e3:2d:
b0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:C2:B5:E2:22:B1:C5:40:66:A4:A1:C9:0F:AF:6C:60:FC:9E:64:68
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NsK14iKxxUBmpKHJD69sYPyeZGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.66.229.0/24
45.81.241.0-45.81.242.255
45.144.152.0-45.144.154.255
45.149.233.0/24
45.151.88.0/23
83.219.97.0/24
84.21.174.0/23
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
94.156.78.0/24
141.98.1.0/24
141.98.5.0/24
147.78.102.0/24
171.22.17.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
185.222.161.0/24
193.42.32.0/23
193.149.2.0/23
194.55.224.0/23
Signature Algorithm: sha256WithRSAEncryption
82:e7:83:06:02:d8:e8:c5:e4:85:e7:0f:f0:27:81:97:fd:76:
8a:c8:c3:f5:08:7b:b4:8f:79:c6:e3:6f:32:c6:c9:1a:2d:8d:
6d:23:fc:ac:8e:e0:93:84:3b:f0:fc:21:2e:62:ef:d4:33:ee:
13:01:3d:80:29:e9:fa:a4:5e:fb:2b:b1:a5:df:20:f9:e2:33:
06:86:43:ac:49:70:17:a8:1c:f0:78:46:a5:18:d5:16:61:0e:
8f:3b:dd:d9:91:fb:a7:57:be:ac:88:da:74:55:8c:92:df:5d:
76:84:1c:df:81:c4:fb:c6:1d:58:3f:d8:a3:c3:b2:f6:26:53:
1b:91:2e:73:bc:cf:1b:19:96:80:59:e4:53:df:5b:ec:ab:ad:
0f:52:47:48:d2:c5:b0:b6:e4:43:86:d1:81:01:4c:ff:99:ff:
d5:63:71:48:9e:c6:07:f9:04:27:b5:71:14:d3:a3:af:33:8f:
9c:af:bb:63:ea:49:ea:20:e5:5c:cb:bb:01:ff:4d:5f:23:8a:
cf:de:8d:5e:ea:e1:06:21:f6:5f:dc:b5:68:d0:06:ea:b4:47:
e9:6f:41:dc:a7:a9:9d:1b:15:f7:e8:c4:2b:27:a5:d2:fa:37:
a6:26:0f:0e:3d:67:f6:8f:ef:5f:8f:60:fd:e4:3a:dd:fd:bf:
83:67:ad:52
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAZCDOl3qoLn+B6BgI/J7D48DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzA1MTQwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmMyYjVlMjIyYjFjNTQwNjZhNGExYzkwZmFmNmM2MGZjOWU2NDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArl5bjHzvuZi9tUJqRqyOMaseAdAc
FsucbQoTErtUEZPF1HRqP+dtClLN4EyZrfjTGipHWXBjg633538KftZYdaOalkoH
QqJY7ZI561HrO4YElDp6kX643tWMVCMiXezEPXcwkyqmDyQNvbBdbG1uT32xJuR4
NEBKri0zqDM1rThav83CDCvEu5JLBMKvd8GklDb/0Bp//1BSyL7xuDAKcuoabYxq
mTIU/Ftp/WB+Vojzcx29aOBZOiJVLs33iFVcRoGfsh0ld2LDHJAMpyPamSNRutGR
xl1Tpx634oXubzUtA/vTHRw8jDuAmfRpUCAvndhT/Mr8XE1eIORK4y2wvQIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFDbCteIiscVAZqShyQ+vbGD8nmRoMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTnNLMTRpS3h4VUJtcEtISkQ2OXNZUHllWkdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBAIl
3XgDBAAtQuUwDAMEAC1R8QMEAC1R8jAMAwQDLZCYAwQALZCaAwQALZXpAwQBLZdY
AwQAU9thAwQBVBWuAwQAV3hXAwQAV3ktAwQAV3ndAwQBXHfEAwQCXpqgAwQAXpwL
AwQAXpxOAwQAjWIBAwQAjWIFAwQAk05mAwQAqxYRAwQCqxZIAwQAstfgAwQCudhU
AwQCudpUAwQAud6hAwQBwSogAwQBwZUCAwQBwjfgMA0GCSqGSIb3DQEBCwUAA4IB
AQCC54MGAtjoxeSF5w/wJ4GX/XaKyMP1CHu0j3nG428yxskaLY1tI/ysjuCThDvw
/CEuYu/UM+4TAT2AKen6pF77K7Gl3yD54jMGhkOsSXAXqBzweEalGNUWYQ6PO93Z
kfunV76siNp0VYyS3112hBzfgcT7xh1YP9ijw7L2JlMbkS5zvM8bGZaAWeRT31vs
q60PUkdI0sWwtuRDhtGBAUz/mf/VY3FInsYH+QQntXEU06OvM4+cr7tj6knqIOVc
y7sB/01fI4rP3o1e6uEGIfZf3LVo0AbqtEfpb0Hcp6mdGxX36MQrJ6XS+jemJg8O
PWf2j+9fj2D95Drd/b+DZ61S
-----END CERTIFICATE-----
Generated at Sat Jul 6 00:16:28 2024 by rpki-client on console-ams.rpki-client.org