Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/R0_yNpGKmbXDX5HwojE1QEY_joU.roa
File: R0_yNpGKmbXDX5HwojE1QEY_joU.roa (raw, json)
Hash identifier: CsXA9QLloUWPC9yC6Q80ZbsGJq+vL+xpDm82NsEQUuY=
Subject key identifier: 47:4F:F2:36:91:8A:99:B5:C3:5F:91:F0:A2:31:35:40:46:3F:8E:85
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0188478D9005ABCC9D6F558ECA9D173D8B51
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/R0_yNpGKmbXDX5HwojE1QEY_joU.roa
Signing time: Tue 23 May 2023 07:40:39 +0000
ROA not before: Tue 23 May 2023 07:40:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 94.156.11.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
94.156.236.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
37.221.121.0/24 maxlen: 24
37.221.122.0/24 maxlen: 24
37.221.123.0/24 maxlen: 24
37.221.120.0/24 maxlen: 24
94.156.176.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Jul 2023 13:19:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:47:8d:90:05:ab:cc:9d:6f:55:8e:ca:9d:17:3d:8b:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 23 07:40:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=474ff236918a99b5c35f91f0a2313540463f8e85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1a:02:bf:0e:25:4f:fd:34:f8:ee:c2:90:c7:
fe:7e:ba:33:fe:a1:47:b1:58:2c:ef:47:76:ba:a0:
c1:79:61:c7:c0:e4:08:52:d8:62:e1:c0:d7:2f:9c:
12:e5:82:ad:38:46:f0:41:d7:4a:4a:cb:38:f3:f6:
3e:c6:71:f4:f4:8c:18:45:5a:7c:fe:88:ae:c9:0f:
80:59:45:80:24:2e:aa:9b:37:5a:35:3e:51:e3:91:
3a:3a:c2:78:c0:6a:fc:fe:61:71:e9:da:3c:f6:82:
0a:72:fa:ba:1d:7c:a2:f1:a8:bd:a0:04:9f:05:67:
3d:ff:09:8e:06:1f:4c:40:0d:2b:10:9b:33:43:45:
02:54:80:f8:52:c2:ce:93:c2:ba:2f:b3:a2:15:7c:
b6:ed:f8:75:82:9d:b8:d3:d2:b4:74:5f:66:20:3a:
e8:3c:52:23:84:8d:8a:3c:55:fe:8c:76:a5:2d:d2:
8a:67:17:49:2d:28:44:aa:08:5d:9e:65:2a:f8:2d:
bf:9a:9b:3f:4d:bd:de:6b:73:6f:3b:9c:61:e3:b1:
0d:86:b4:a4:a9:27:ca:e0:9e:7f:78:ed:e0:46:8a:
4e:ae:d4:1d:50:bd:1b:e1:83:03:e9:02:3a:6b:45:
db:e3:77:8f:eb:4a:f9:13:1e:18:89:aa:d5:3f:ee:
ce:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:4F:F2:36:91:8A:99:B5:C3:5F:91:F0:A2:31:35:40:46:3F:8E:85
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/R0_yNpGKmbXDX5HwojE1QEY_joU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.81.241.0/24
45.144.153.0/24
94.156.11.0/24
94.156.176.0/24
94.156.236.0/24
141.98.1.0/24
193.149.2.0/23
Signature Algorithm: sha256WithRSAEncryption
b4:0e:ba:77:70:fa:ae:3c:e9:71:c0:82:84:84:69:64:62:99:
36:79:ab:39:c7:ae:57:f3:06:47:5b:63:db:d3:32:b3:b6:a7:
ea:65:cb:6f:16:71:c9:fd:fc:4f:60:92:81:f3:4e:aa:9a:a8:
98:58:fa:3f:72:9c:df:60:da:45:73:81:c5:94:ac:2e:2e:35:
ee:94:df:31:ae:7c:8b:c3:f9:9f:85:7b:70:e5:1c:b2:30:6e:
b0:7e:ac:d6:3c:44:ed:ea:9a:92:90:12:fe:c1:ba:56:ac:62:
46:fa:a6:ee:ad:b9:1a:5d:ce:db:15:64:5e:84:04:74:c2:42:
44:ac:1c:84:34:1d:11:72:a1:be:c0:62:29:a9:94:df:a1:fd:
cc:3a:7e:5e:1a:a2:a8:8f:d9:a8:2b:20:fa:fa:75:27:a8:e0:
40:ee:c7:1b:9a:85:eb:5d:bf:ba:7a:63:1a:5c:11:be:3b:ea:
74:69:66:3f:b4:40:b8:82:70:c6:1c:b6:04:98:ae:d5:f6:e8:
c1:e0:a7:fb:84:bc:b0:44:bd:32:05:7a:8d:b7:c0:e2:26:86:
7d:6b:38:ae:37:20:b2:49:f0:37:33:36:8c:52:03:9c:33:b8:
0e:2d:25:a9:f7:66:f3:a3:5c:65:b3:bc:2b:f3:47:65:a3:f5:
8a:4a:1b:13
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYhHjZAFq8ydb1WOyp0XPYtRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTIzMDc0MDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzRmZjIzNjkxOGE5OWI1YzM1ZjkxZjBhMjMxMzU0MDQ2M2Y4ZTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxoCvw4lT/00+O7CkMf+froz/qFH
sVgs70d2uqDBeWHHwOQIUthi4cDXL5wS5YKtOEbwQddKSss48/Y+xnH09IwYRVp8
/oiuyQ+AWUWAJC6qmzdaNT5R45E6OsJ4wGr8/mFx6do89oIKcvq6HXyi8ai9oASf
BWc9/wmOBh9MQA0rEJszQ0UCVID4UsLOk8K6L7OiFXy27fh1gp2409K0dF9mIDro
PFIjhI2KPFX+jHalLdKKZxdJLShEqghdnmUq+C2/mps/Tb3ea3NvO5xh47ENhrSk
qSfK4J5/eO3gRopOrtQdUL0b4YMD6QI6a0Xb43eP60r5Ex4YiarVP+7OJwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEdP8jaRipm1w1+R8KIxNUBGP46FMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUjBfeU5wR0ttYlhEWDVId29qRTFRRVlfam9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCJd14AwQA
LVHxAwQALZCZAwQAXpwLAwQAXpywAwQAXpzsAwQAjWIBAwQBwZUCMA0GCSqGSIb3
DQEBCwUAA4IBAQC0Drp3cPquPOlxwIKEhGlkYpk2eas5x65X8wZHW2Pb0zKztqfq
ZctvFnHJ/fxPYJKB806qmqiYWPo/cpzfYNpFc4HFlKwuLjXulN8xrnyLw/mfhXtw
5RyyMG6wfqzWPETt6pqSkBL+wbpWrGJG+qburbkaXc7bFWRehAR0wkJErByENB0R
cqG+wGIpqZTfof3MOn5eGqKoj9moKyD6+nUnqOBA7scbmoXrXb+6emMaXBG+O+p0
aWY/tEC4gnDGHLYEmK7V9ujB4Kf7hLywRL0yBXqNt8DiJoZ9aziuNyCySfA3MzaM
UgOcM7gOLSWp92bzo1xls7wr80dlo/WKShsT
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:33 2024 by rpki-client on console-ams.rpki-client.org