Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TLYWbeBHssrfGMZSKvHiMFGVTD4.roa
File: TLYWbeBHssrfGMZSKvHiMFGVTD4.roa (raw, json)
Hash identifier: Uhb/nib/eWFxKigktDsE6n1RjICN9Gf9ll5t0WyMa0g=
Subject key identifier: 4C:B6:16:6D:E0:47:B2:CA:DF:18:C6:52:2A:F1:E2:30:51:95:4C:3E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018FDDC3CE124AA46674680B0A9A4FC4A215
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TLYWbeBHssrfGMZSKvHiMFGVTD4.roa
Signing time: Mon 03 Jun 2024 11:02:27 +0000
ROA not before: Mon 03 Jun 2024 11:02:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.221.120.0/22 maxlen: 24
45.81.241.0/24 maxlen: 24
45.81.242.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.86.0/23 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.42.32.0/23 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Jun 2024 07:35:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dd:c3:ce:12:4a:a4:66:74:68:0b:0a:9a:4f:c4:a2:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 3 11:02:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cb6166de047b2cadf18c6522af1e23051954c3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:63:b7:b2:6b:20:ac:38:a3:db:6f:0f:b0:44:
2a:08:f9:e7:4d:7f:ee:b4:11:cf:3a:fc:94:06:0c:
71:1a:3d:96:72:f7:65:cf:b3:cb:c3:f5:51:66:ab:
ba:2d:4c:22:38:80:12:3b:33:34:3d:e0:a3:63:21:
92:df:67:c1:40:92:07:71:e9:d0:4f:4c:06:fc:22:
1c:fc:4a:e9:59:2b:9b:3c:c4:1e:02:be:50:a1:0f:
9f:4c:ec:02:52:24:2c:23:54:7b:ba:27:17:19:2d:
32:28:97:fa:b7:f0:5d:67:d3:60:97:45:6b:59:0b:
52:f2:5d:1a:ce:c2:6d:31:3c:08:3a:64:8f:69:e3:
14:fe:68:3d:3e:58:ff:87:40:98:a6:2b:7d:2a:2d:
13:c2:e1:99:93:92:8a:83:e5:c3:00:42:c0:ed:c8:
85:46:be:2c:79:77:9b:a5:f0:5c:91:04:54:12:a3:
d8:85:4a:e3:dd:bb:1f:9f:f1:50:d5:29:2d:3a:de:
7b:2c:4f:3f:60:c2:f1:93:df:ec:4c:1a:1f:53:6e:
8c:c8:d8:bc:3c:53:0b:c4:0d:84:0e:e6:77:ad:82:
c1:a8:3c:ff:ea:fa:b1:5f:68:4e:8e:70:41:ec:8f:
57:14:88:1b:8f:a2:b0:77:a6:6e:ef:51:87:27:8f:
a6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:B6:16:6D:E0:47:B2:CA:DF:18:C6:52:2A:F1:E2:30:51:95:4C:3E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TLYWbeBHssrfGMZSKvHiMFGVTD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.81.241.0-45.81.242.255
45.88.88.0/24
45.144.152.0-45.144.154.255
45.149.233.0/24
45.151.88.0/23
83.219.97.0/24
84.21.174.0/23
87.120.87.0/24
87.121.45.0/24
87.121.86.0/23
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
95.214.25.0-95.214.26.255
141.98.1.0/24
147.78.102.0/24
171.22.17.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
193.42.32.0/23
193.149.2.0/23
194.48.248.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:2d:64:9b:c0:0f:53:8a:de:76:3a:f1:a3:3a:15:df:f5:3e:
ab:a4:7e:70:a8:df:fe:96:fa:02:fc:4b:70:64:3f:8e:cc:ec:
ba:4b:8e:ce:46:f9:23:7c:4d:b5:f4:49:2a:81:74:b2:12:20:
f7:97:36:f8:9e:43:a1:f8:00:e5:70:4a:da:60:e1:cc:17:91:
67:96:b9:f9:e9:f7:2b:a7:45:bc:77:d6:fe:3a:cc:4f:68:6f:
51:10:db:cd:4d:e5:01:c4:6b:78:88:39:9a:7c:2c:97:dc:67:
02:99:0f:cf:89:a3:e0:04:22:ed:92:82:17:84:c3:7e:7c:da:
97:2f:48:9b:e4:3d:2f:17:2d:7b:1a:63:fb:63:12:90:87:fb:
90:18:c5:b8:5b:13:e4:fe:9e:55:09:27:b6:22:0c:1e:ea:43:
66:47:9b:67:8b:09:c0:49:d4:7f:73:f5:89:75:dd:80:65:b9:
8a:a4:27:74:28:64:68:53:9c:12:52:36:9c:68:83:c4:95:49:
af:ee:fe:36:e1:e6:f4:11:76:6d:e5:29:79:be:41:7a:c2:d0:
61:31:ac:96:2b:97:35:46:1e:b9:0c:45:fc:d4:7f:9e:4e:42:
fe:8d:c8:3a:4d:6e:f7:11:1a:f7:b9:d4:2e:69:c6:a5:e5:d7:
e6:9d:d3:c2
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAY/dw84SSqRmdGgLCppPxKIVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjAzMTEwMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2I2MTY2ZGUwNDdiMmNhZGYxOGM2NTIyYWYxZTIzMDUxOTU0YzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32O3smsgrDij228PsEQqCPnnTX/u
tBHPOvyUBgxxGj2Wcvdlz7PLw/VRZqu6LUwiOIASOzM0PeCjYyGS32fBQJIHcenQ
T0wG/CIc/ErpWSubPMQeAr5QoQ+fTOwCUiQsI1R7uicXGS0yKJf6t/BdZ9Ngl0Vr
WQtS8l0azsJtMTwIOmSPaeMU/mg9Plj/h0CYpit9Ki0TwuGZk5KKg+XDAELA7ciF
Rr4seXebpfBckQRUEqPYhUrj3bsfn/FQ1SktOt57LE8/YMLxk9/sTBofU26MyNi8
PFMLxA2EDuZ3rYLBqDz/6vqxX2hOjnBB7I9XFIgbj6Kwd6Zu71GHJ4+muQIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFEy2Fm3gR7LK3xjGUirx4jBRlUw+MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVExZV2JlQkhzc3JmR01aU0t2SGlNRkdWVEQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBwQQCAAEwgboDBAIl
3XgwDAMEAC1R8QMEAC1R8gMEAC1YWDAMAwQDLZCYAwQALZCaAwQALZXpAwQBLZdY
AwQAU9thAwQBVBWuAwQAV3hXAwQAV3ktAwQBV3lWAwQAV3ndAwQBXHfEAwQCXpqg
AwQAXpwLMAwDBABf1hkDBABf1hoDBACNYgEDBACTTmYDBACrFhEDBAKrFkgDBACy
1+ADBAK52FQDBAK52lQDBAHBKiADBAHBlQIDBADCMPgDBADCN+AwDQYJKoZIhvcN
AQELBQADggEBACotZJvAD1OK3nY68aM6Fd/1PqukfnCo3/6W+gL8S3BkP47M7LpL
js5G+SN8TbX0SSqBdLISIPeXNvieQ6H4AOVwStpg4cwXkWeWufnp9yunRbx31v46
zE9ob1EQ281N5QHEa3iIOZp8LJfcZwKZD8+Jo+AEIu2SgheEw3582pcvSJvkPS8X
LXsaY/tjEpCH+5AYxbhbE+T+nlUJJ7YiDB7qQ2ZHm2eLCcBJ1H9z9Yl13YBluYqk
J3QoZGhTnBJSNpxog8SVSa/u/jbh5vQRdm3lKXm+QXrC0GExrJYrlzVGHrkMRfzU
f55OQv6NyDpNbvcRGve51C5pxqXl1+ad08I=
-----END CERTIFICATE-----
Generated at Fri Jun 7 11:40:20 2024 by rpki-client on console-ams.rpki-client.org