Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SIlbQ7YsQPyTtSGZtPPlNVK9nQo.roa
File: SIlbQ7YsQPyTtSGZtPPlNVK9nQo.roa (raw, json)
Hash identifier: JV2zypPRlikORnvvJdJ+ON7DmEFqXEtD6hit1WW0M8c=
Subject key identifier: 48:89:5B:43:B6:2C:40:FC:93:B5:21:99:B4:F3:E5:35:52:BD:9D:0A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01905FFA0410EBA2C323E28F252CB1C85535
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SIlbQ7YsQPyTtSGZtPPlNVK9nQo.roa
Signing time: Fri 28 Jun 2024 17:52:18 +0000
ROA not before: Fri 28 Jun 2024 17:52:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.221.120.0/22 maxlen: 24
45.12.255.0/24 maxlen: 24
45.66.229.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
45.81.242.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.33.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.42.32.0/23 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jul 2024 08:46:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5f:fa:04:10:eb:a2:c3:23:e2:8f:25:2c:b1:c8:55:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 28 17:52:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48895b43b62c40fc93b52199b4f3e53552bd9d0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:84:5b:c7:d2:fb:1c:c1:9a:35:a3:69:0a:0d:
b5:41:d2:f8:57:4f:51:bf:1f:4b:38:10:df:67:ee:
57:e7:8a:5c:e8:b9:8e:65:c1:b1:18:b9:b2:b6:52:
7d:ec:cf:7d:6b:97:ee:19:c0:fc:f4:22:4d:93:5f:
b1:da:6c:7c:cd:e0:b1:2f:fe:b9:f2:2a:95:ae:44:
2d:88:ad:f8:85:c8:b9:14:12:e8:87:8c:0c:ff:52:
b7:92:ca:65:a2:6b:1e:79:49:db:79:a5:71:70:ce:
fa:0c:91:4f:31:71:d0:26:14:9e:65:34:48:6a:b0:
ff:4e:46:a2:a1:7d:6e:3f:f1:f2:07:68:f6:a3:71:
a0:31:26:5b:23:4c:d1:de:8f:cf:4d:e5:09:c8:27:
c8:22:c2:42:3e:25:93:cc:3b:c3:c3:70:2f:6a:a9:
7e:0e:88:88:1f:37:29:95:a4:6e:7d:75:33:bf:83:
7c:12:f0:00:af:b1:ad:b9:97:5d:53:7b:6d:02:c8:
93:88:d4:45:7c:c8:c3:61:bf:4a:e1:08:f3:59:fd:
bb:5f:b9:bc:0b:f9:1f:9c:99:8c:97:43:e7:c0:c5:
1e:8f:01:47:8b:cc:c9:6b:85:f7:c1:71:7b:7f:c5:
47:bf:f7:78:88:7c:cf:77:35:5a:cc:3c:f8:28:0c:
73:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:89:5B:43:B6:2C:40:FC:93:B5:21:99:B4:F3:E5:35:52:BD:9D:0A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SIlbQ7YsQPyTtSGZtPPlNVK9nQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.12.255.0/24
45.66.229.0/24
45.81.241.0-45.81.242.255
45.88.64.0/24
45.88.88.0/24
45.144.152.0-45.144.154.255
45.149.233.0/24
45.151.88.0/23
83.219.97.0/24
84.21.174.0/23
87.120.33.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
94.156.78.0/24
95.214.25.0-95.214.26.255
141.98.1.0/24
147.78.102.0/24
171.22.17.0/24
171.22.31.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
193.42.32.0/23
193.149.2.0/23
194.48.248.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
00:84:cc:74:d4:9f:99:9b:02:5a:0f:0a:9f:65:72:f5:8d:2e:
43:20:a8:1b:b1:f7:cc:60:28:3e:27:44:e2:02:83:21:e3:53:
f2:92:72:4e:d6:67:49:65:5b:d2:04:4d:6d:67:57:84:7c:cb:
e0:72:38:cb:9f:d6:27:f5:54:0c:07:c2:f0:c6:67:9d:4a:37:
5c:9d:ce:3a:a9:e6:50:a3:6d:02:fc:ea:fe:6d:ff:7f:37:e7:
49:76:e8:0b:e8:be:ff:4c:eb:55:bc:cc:d9:e0:bc:40:11:e4:
ab:b4:31:a0:45:b6:09:e1:c7:62:29:86:32:96:9c:1e:b0:4d:
5b:67:80:c2:95:30:8b:9f:64:1a:77:b0:f0:82:fc:23:19:39:
0a:7f:ab:59:69:f3:a5:a6:44:aa:ae:7c:60:7d:d4:95:2f:c4:
47:00:53:84:f7:28:1b:97:79:f1:36:84:88:64:c6:ee:44:94:
70:4d:07:9c:aa:cb:d3:ff:ac:dc:19:04:4a:51:4e:14:52:ab:
de:f1:1a:f8:7c:e4:01:39:c8:0f:bd:99:5e:d5:42:73:79:3a:
12:d7:66:03:74:c0:f3:fe:bf:e1:22:ff:c8:6e:c2:70:d5:c5:
21:fc:fe:e4:6a:ef:1c:fb:ea:08:ac:6d:a1:99:6c:22:1b:a4:
9a:d6:15:05
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAZBf+gQQ66LDI+KPJSyxyFU1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjI4MTc1MjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODg5NWI0M2I2MmM0MGZjOTNiNTIxOTliNGYzZTUzNTUyYmQ5ZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4Rbx9L7HMGaNaNpCg21QdL4V09R
vx9LOBDfZ+5X54pc6LmOZcGxGLmytlJ97M99a5fuGcD89CJNk1+x2mx8zeCxL/65
8iqVrkQtiK34hci5FBLoh4wM/1K3ksplomseeUnbeaVxcM76DJFPMXHQJhSeZTRI
arD/TkaioX1uP/HyB2j2o3GgMSZbI0zR3o/PTeUJyCfIIsJCPiWTzDvDw3Avaql+
DoiIHzcplaRufXUzv4N8EvAAr7GtuZddU3ttAsiTiNRFfMjDYb9K4QjzWf27X7m8
C/kfnJmMl0PnwMUejwFHi8zJa4X3wXF7f8VHv/d4iHzPdzVazDz4KAxz/wIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFEiJW0O2LED8k7UhmbTz5TVSvZ0KMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvU0lsYlE3WXNRUHlUdFNHWnRQUGxOVks5blFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCB3wQCAAEwgdgDBAIl
3XgDBAAtDP8DBAAtQuUwDAMEAC1R8QMEAC1R8gMEAC1YQAMEAC1YWDAMAwQDLZCY
AwQALZCaAwQALZXpAwQBLZdYAwQAU9thAwQBVBWuAwQAV3ghAwQAV3hXAwQAV3kt
AwQAV3ndAwQBXHfEAwQCXpqgAwQAXpwLAwQAXpxOMAwDBABf1hkDBABf1hoDBACN
YgEDBACTTmYDBACrFhEDBACrFh8DBAKrFkgDBACy1+ADBAK52FQDBAK52lQDBAHB
KiADBAHBlQIDBADCMPgDBADCN+AwDQYJKoZIhvcNAQELBQADggEBAACEzHTUn5mb
AloPCp9lcvWNLkMgqBux98xgKD4nROICgyHjU/KSck7WZ0llW9IETW1nV4R8y+By
OMuf1if1VAwHwvDGZ51KN1ydzjqp5lCjbQL86v5t/38350l26Avovv9M61W8zNng
vEAR5Ku0MaBFtgnhx2IphjKWnB6wTVtngMKVMIufZBp3sPCC/CMZOQp/q1lp86Wm
RKqufGB91JUvxEcAU4T3KBuXefE2hIhkxu5ElHBNB5yqy9P/rNwZBEpRThRSq97x
Gvh85AE5yA+9mV7VQnN5OhLXZgN0wPP+v+Ei/8huwnDVxSH8/uRq7xz76gisbaGZ
bCIbpJrWFQU=
-----END CERTIFICATE-----
Generated at Mon Jul 1 10:53:26 2024 by rpki-client on console-ams.rpki-client.org