Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XKxj-0u6GXHrGvnKxR1DN5G2m4w.roa
File: XKxj-0u6GXHrGvnKxR1DN5G2m4w.roa (raw, json)
Hash identifier: ilIBzF5dELvH5n5Otvacz/CQZYwscQikKgyzS+Xk+lw=
Subject key identifier: 5C:AC:63:FB:4B:BA:19:71:EB:1A:F9:CA:C5:1D:43:37:91:B6:9B:8C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0190974AB79FA30975150491F898B2149EE0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XKxj-0u6GXHrGvnKxR1DN5G2m4w.roa
Signing time: Tue 09 Jul 2024 11:39:34 +0000
ROA not before: Tue 09 Jul 2024 11:39:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.221.120.0/22 maxlen: 24
45.66.229.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
45.81.242.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.161.0/24 maxlen: 24
193.42.32.0/23 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jul 2024 06:56:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:97:4a:b7:9f:a3:09:75:15:04:91:f8:98:b2:14:9e:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 9 11:39:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cac63fb4bba1971eb1af9cac51d433791b69b8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:2d:96:05:4e:28:8b:19:aa:3b:57:82:97:64:
6a:c0:91:17:c2:7c:90:d7:a7:3e:cd:c8:cc:a3:6b:
52:75:01:c4:f4:87:39:d1:d1:50:65:b1:88:96:d0:
e8:db:76:09:c5:e9:ff:30:64:c0:32:89:6a:86:27:
f6:d7:d6:c6:f9:b6:49:76:d3:7c:e4:08:fe:76:89:
00:7a:95:73:86:63:70:cf:e0:aa:7a:13:34:1a:a6:
eb:11:f1:1e:af:b6:fa:0d:ef:9c:35:cf:26:4d:2e:
94:b3:64:fe:f4:01:e2:ae:15:37:94:67:99:0f:c3:
74:e1:21:c5:8d:e4:12:ad:ce:6f:50:49:54:82:9c:
94:b4:89:9e:83:48:b2:2d:2d:2a:d6:06:7d:4e:8a:
d1:84:f9:89:92:c7:33:d1:82:51:ea:f0:2c:92:dd:
02:b7:94:58:0f:59:7b:11:a0:fe:78:bc:9c:d6:38:
e1:44:59:37:39:aa:fa:ca:e2:e5:a7:4a:04:43:c8:
55:ba:cd:20:0a:b8:98:5e:34:92:65:26:37:2a:ee:
3a:ec:ab:55:d7:a1:45:27:5f:b6:98:13:58:49:ff:
43:5d:6d:61:53:1b:fd:8f:63:1c:14:7a:42:7a:44:
d0:10:30:14:f4:43:59:a6:dc:9d:d7:71:b2:cb:b6:
a9:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:AC:63:FB:4B:BA:19:71:EB:1A:F9:CA:C5:1D:43:37:91:B6:9B:8C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XKxj-0u6GXHrGvnKxR1DN5G2m4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.66.229.0/24
45.81.241.0-45.81.242.255
45.144.152.0-45.144.154.255
45.149.233.0/24
45.151.88.0/23
83.219.97.0/24
84.21.174.0/23
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
94.156.78.0/24
141.98.1.0/24
147.78.102.0/24
171.22.17.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
185.222.161.0/24
193.42.32.0/23
193.149.2.0/23
194.55.224.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:30:aa:68:e3:6a:62:13:36:c7:e3:fa:59:64:2e:f5:c4:11:
bb:bd:52:3d:37:5d:e7:54:64:54:60:dd:3c:9c:3b:24:07:0b:
09:12:c9:c7:b6:9c:83:39:f1:74:69:20:33:e8:2d:3c:5e:54:
68:85:e0:eb:42:99:e7:69:af:42:76:14:5c:8a:24:d6:17:56:
44:43:a6:1c:a3:48:38:a6:83:50:b5:8c:95:fa:a1:76:c4:df:
2e:48:0f:da:89:cc:d1:4a:3b:cb:e5:ef:2f:c4:39:97:39:53:
41:97:0b:48:bf:a7:fc:f7:20:7a:d5:26:de:d3:04:f7:03:c4:
c7:1f:e4:7f:78:91:a3:8c:67:6c:1a:2b:4a:b2:7d:a5:3a:23:
6c:bb:ae:51:04:ee:e5:d4:54:44:89:7d:e2:4e:39:92:e9:de:
bc:7f:d7:f9:19:73:54:ba:f6:26:b2:95:c2:23:ee:6c:55:33:
87:43:f0:ad:c2:47:df:a7:d8:89:43:b3:e1:73:20:3a:c2:bb:
51:56:15:fa:ba:42:3e:10:4b:0d:4c:54:5f:b6:ef:17:41:14:
54:1f:2c:7d:9f:30:2c:cb:56:a5:65:10:e2:b9:66:09:1b:2a:
52:c1:68:bc:91:bd:0f:46:c4:4f:f2:f4:32:49:7d:ee:22:47:
cc:2f:d1:9e
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZCXSrefowl1FQSR+JiyFJ7gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzA5MTEzOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2FjNjNmYjRiYmExOTcxZWIxYWY5Y2FjNTFkNDMzNzkxYjY5YjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3i2WBU4oixmqO1eCl2RqwJEXwnyQ
16c+zcjMo2tSdQHE9Ic50dFQZbGIltDo23YJxen/MGTAMolqhif219bG+bZJdtN8
5Aj+dokAepVzhmNwz+CqehM0GqbrEfEer7b6De+cNc8mTS6Us2T+9AHirhU3lGeZ
D8N04SHFjeQSrc5vUElUgpyUtImeg0iyLS0q1gZ9TorRhPmJkscz0YJR6vAskt0C
t5RYD1l7EaD+eLyc1jjhRFk3Oar6yuLlp0oEQ8hVus0gCriYXjSSZSY3Ku467KtV
16FFJ1+2mBNYSf9DXW1hUxv9j2McFHpCekTQEDAU9ENZptyd13Gyy7apsQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFFysY/tLuhlx6xr5ysUdQzeRtpuMMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWEt4ai0wdTZHWEhyR3ZuS3hSMURONUcybTR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAIl
3XgDBAAtQuUwDAMEAC1R8QMEAC1R8jAMAwQDLZCYAwQALZCaAwQALZXpAwQBLZdY
AwQAU9thAwQBVBWuAwQAV3hXAwQAV3ktAwQAV3ndAwQBXHfEAwQCXpqgAwQAXpwL
AwQAXpxOAwQAjWIBAwQAk05mAwQAqxYRAwQCqxZIAwQAstfgAwQCudhUAwQCudpU
AwQAud6hAwQBwSogAwQBwZUCAwQBwjfgMA0GCSqGSIb3DQEBCwUAA4IBAQBOMKpo
42piEzbH4/pZZC71xBG7vVI9N13nVGRUYN08nDskBwsJEsnHtpyDOfF0aSAz6C08
XlRoheDrQpnnaa9CdhRciiTWF1ZEQ6Yco0g4poNQtYyV+qF2xN8uSA/aiczRSjvL
5e8vxDmXOVNBlwtIv6f89yB61Sbe0wT3A8THH+R/eJGjjGdsGitKsn2lOiNsu65R
BO7l1FREiX3iTjmS6d68f9f5GXNUuvYmspXCI+5sVTOHQ/Ctwkffp9iJQ7PhcyA6
wrtRVhX6ukI+EEsNTFRftu8XQRRUHyx9nzAsy1alZRDiuWYJGypSwWi8kb0PRsRP
8vQySX3uIkfML9Ge
-----END CERTIFICATE-----
Generated at Wed Jul 10 08:57:53 2024 by rpki-client on console-ams.rpki-client.org