Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VTHt52TfNN7aOPqUoDzLnkvZO6o.roa
File: VTHt52TfNN7aOPqUoDzLnkvZO6o.roa (raw, json)
Hash identifier: +FYugkqV00cpWP1BSUfG9oh1s/fZx2rTcig5hVRsPjg=
Subject key identifier: 55:31:ED:E7:64:DF:34:DE:DA:38:FA:94:A0:3C:CB:9E:4B:D9:3B:AA
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01913180B8C8F55F93B388A72AFA0F9D74B4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VTHt52TfNN7aOPqUoDzLnkvZO6o.roa
Signing time: Thu 08 Aug 2024 10:20:04 +0000
ROA not before: Thu 08 Aug 2024 10:20:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.58.95.0/24 maxlen: 24
45.8.92.0/24 maxlen: 24
45.88.90.0/24 maxlen: 24
45.128.96.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
84.54.48.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.93.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
93.123.39.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.8.0/24 maxlen: 24
94.156.10.0/24 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.79.0/24 maxlen: 24
109.206.237.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
147.78.103.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.246.223.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Aug 2024 08:56:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:31:80:b8:c8:f5:5f:93:b3:88:a7:2a:fa:0f:9d:74:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 8 10:20:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5531ede764df34deda38fa94a03ccb9e4bd93baa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:25:58:0d:24:57:c8:4c:25:70:b3:f3:4d:9f:
73:96:6a:03:7b:52:b4:66:98:74:00:92:e7:a1:95:
a6:e1:01:43:e2:f4:26:ba:39:b9:11:86:ec:91:3b:
27:c6:4c:6b:9d:f3:85:1c:73:7d:85:65:6a:56:48:
94:67:ff:a1:54:98:3a:1a:73:40:78:32:9e:64:74:
e9:21:2a:4b:d9:66:cd:64:e6:13:4d:9f:5d:0c:7c:
b5:d6:37:2e:71:c6:a6:ff:6d:65:93:4d:f2:51:e6:
58:70:71:bb:0f:7a:09:76:3e:09:0f:10:78:18:83:
18:4c:2e:7d:5d:1a:47:ee:72:34:8e:91:db:72:05:
72:e0:4f:55:b1:73:4c:29:4b:ab:e3:72:2b:6c:01:
8a:5a:00:03:c3:86:55:bf:b5:67:98:0b:05:24:8f:
23:0b:8e:87:70:a7:1b:92:52:55:b7:d1:20:f4:54:
73:df:8a:58:20:0a:3b:7d:1f:32:97:c4:8e:e7:fe:
8b:af:bc:ed:b3:1a:4a:92:a0:00:64:a1:eb:cc:cf:
9c:57:f6:d3:e7:1b:05:d3:c1:f7:8a:ed:d0:ca:38:
63:c7:1f:1d:7f:e2:37:f9:35:2a:93:fb:8c:5d:79:
c1:e3:cc:89:21:2a:27:94:08:a5:04:8f:ff:88:3c:
fe:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:31:ED:E7:64:DF:34:DE:DA:38:FA:94:A0:3C:CB:9E:4B:D9:3B:AA
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VTHt52TfNN7aOPqUoDzLnkvZO6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
45.8.92.0/24
45.88.90.0/24
45.128.96.0/24
45.128.232.0/24
45.144.154.0/24
45.151.89.0/24
80.76.51.0/24
81.161.238.0/24
83.219.97.0/24
84.21.174.0/23
84.54.48.0/24
84.54.51.0/24
85.31.47.0/24
87.120.87.0/24
87.120.93.0/24
87.121.45.0/24
87.121.58.0/24
87.121.69.0/24
87.121.221.0/24
92.119.196.0/23
93.123.39.0/24
94.103.124.0/23
94.154.160.0/22
94.156.8.0/24
94.156.10.0/23
94.156.79.0/24
109.206.237.0/24
141.98.1.0/24
141.98.4.0/24
147.78.102.0/23
171.22.72.0/22
178.215.224.0/24
185.216.70.0/24
185.216.84.0/22
185.218.84.0/22
185.246.223.0/24
193.35.18.0/24
193.37.41.0/24
193.37.44.0/24
193.222.96.0/24
194.48.251.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
55:cc:3a:c4:c1:c6:04:bc:78:aa:a8:7a:bc:d8:51:96:35:e1:
f7:60:45:01:81:4b:fc:ef:1c:18:3f:25:b6:c4:5e:ef:19:c3:
ab:85:24:54:47:a2:cf:1e:0b:60:6d:c3:8f:67:de:4d:50:86:
dc:fd:73:4a:38:c5:ca:cb:42:9d:21:cf:08:f4:3f:7a:84:9b:
53:27:73:d3:51:41:63:55:14:f0:34:21:89:bf:e3:35:e3:6b:
18:fd:07:e3:62:6e:f5:0a:08:8f:36:57:36:d7:b8:15:7c:d8:
f5:69:3c:f6:1e:b1:76:fc:ba:fd:45:ec:09:1e:ec:c4:75:e1:
c9:fa:b7:88:36:61:8e:ad:ca:99:c1:2f:f5:10:ce:89:83:b2:
b1:84:7e:fc:40:17:7e:6f:f3:85:65:10:9a:b9:99:53:31:12:
e5:79:c1:bd:b0:95:68:6c:2a:b8:1f:92:ce:1e:68:54:40:62:
3d:78:37:85:47:b6:ed:67:34:93:e7:1e:9c:3e:95:91:78:1b:
cb:57:88:05:7c:05:c4:16:d4:15:7d:d1:9f:4d:9c:95:a9:ec:
f6:ac:89:42:09:9c:86:de:40:2a:3a:6b:99:33:34:61:bd:3e:
15:7b:39:b2:06:85:a3:32:11:8e:d7:fa:7d:8e:47:3b:dd:ab:
02:bc:95:7e
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAZExgLjI9V+Ts4inKvoPnXS0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODA4MTAyMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTMxZWRlNzY0ZGYzNGRlZGEzOGZhOTRhMDNjY2I5ZTRiZDkzYmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7SVYDSRXyEwlcLPzTZ9zlmoDe1K0
Zph0AJLnoZWm4QFD4vQmujm5EYbskTsnxkxrnfOFHHN9hWVqVkiUZ/+hVJg6GnNA
eDKeZHTpISpL2WbNZOYTTZ9dDHy11jcuccam/21lk03yUeZYcHG7D3oJdj4JDxB4
GIMYTC59XRpH7nI0jpHbcgVy4E9VsXNMKUur43IrbAGKWgADw4ZVv7VnmAsFJI8j
C46HcKcbklJVt9Eg9FRz34pYIAo7fR8yl8SO5/6Lr7ztsxpKkqAAZKHrzM+cV/bT
5xsF08H3iu3Qyjhjxx8df+I3+TUqk/uMXXnB48yJISonlAilBI//iDz+7QIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFFUx7edk3zTe2jj6lKA8y55L2TuqMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVlRIdDUyVGZOTjdhT1BxVW9Eekxua3ZaTzZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCCAQoEAgABMIIB
AgMEAAI6XwMEAC0IXAMEAC1YWgMEAC2AYAMEAC2A6AMEAC2QmgMEAC2XWQMEAFBM
MwMEAFGh7gMEAFPbYQMEAVQVrgMEAFQ2MAMEAFQ2MwMEAFUfLwMEAFd4VwMEAFd4
XQMEAFd5LQMEAFd5OgMEAFd5RQMEAFd53QMEAVx3xAMEAF17JwMEAV5nfAMEAl6a
oAMEAF6cCAMEAV6cCgMEAF6cTwMEAG3O7QMEAI1iAQMEAI1iBAMEAZNOZgMEAqsW
SAMEALLX4AMEALnYRgMEArnYVAMEArnaVAMEALn23wMEAMEjEgMEAMElKQMEAMEl
LAMEAMHeYAMEAMIw+wMEAMI34DANBgkqhkiG9w0BAQsFAAOCAQEAVcw6xMHGBLx4
qqh6vNhRljXh92BFAYFL/O8cGD8ltsRe7xnDq4UkVEeizx4LYG3Dj2feTVCG3P1z
SjjFystCnSHPCPQ/eoSbUydz01FBY1UU8DQhib/jNeNrGP0H42Ju9QoIjzZXNte4
FXzY9Wk89h6xdvy6/UXsCR7sxHXhyfq3iDZhjq3KmcEv9RDOiYOysYR+/EAXfm/z
hWUQmrmZUzES5XnBvbCVaGwquB+Szh5oVEBiPXg3hUe27Wc0k+cenD6VkXgby1eI
BXwFxBbUFX3Rn02clans9qyJQgmcht5AKjprmTM0Yb0+FXs5sgaFozIRjtf6fY5H
O92rAryVfg==
-----END CERTIFICATE-----
Generated at Fri Aug 9 12:13:07 2024 by rpki-client on console-fra.rpki-client.org