Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bKp_1Yi3OkIBPtmvBVdYWhjEuag.roa
File: bKp_1Yi3OkIBPtmvBVdYWhjEuag.roa (raw, json)
Hash identifier: NjVbFEiceIpDQRADjzWddAVen/jfd0inH3ytudZEk0o=
Subject key identifier: 6C:AA:7F:D5:88:B7:3A:42:01:3E:D9:AF:05:57:58:5A:18:C4:B9:A8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F62DE2703C94339AD748B92E70A61EA40
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bKp_1Yi3OkIBPtmvBVdYWhjEuag.roa
Signing time: Fri 10 May 2024 14:17:57 +0000
ROA not before: Fri 10 May 2024 14:17:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.59.252.0/24 maxlen: 24
37.221.120.0/22 maxlen: 24
45.9.156.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.14.164.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.149.241.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.86.0/23 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.42.32.0/23 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 13:04:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:62:de:27:03:c9:43:39:ad:74:8b:92:e7:0a:61:ea:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 10 14:17:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6caa7fd588b73a42013ed9af0557585a18c4b9a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ff:52:f9:28:4e:b5:23:d6:22:6d:9e:40:0b:
2c:61:8b:9f:ed:69:e1:6e:97:a8:ed:18:83:94:d7:
6a:76:68:1a:27:c7:db:0f:33:e2:14:ec:a9:48:a5:
5c:a9:5c:01:4d:3c:b6:18:aa:19:4f:72:6e:79:74:
71:6b:e3:ba:e8:13:65:b7:a0:68:87:9b:af:b2:ba:
02:0a:c0:66:27:90:fb:bc:cc:d7:a2:79:5b:c8:30:
21:72:76:58:16:86:ed:69:fc:27:df:29:f5:cb:73:
c6:ca:45:7a:1e:ed:1b:89:ab:bb:4a:37:85:8b:04:
54:55:b3:22:4c:05:6f:7c:5c:87:d5:f8:63:5b:91:
d5:66:e4:60:1d:1c:b5:6e:54:b7:7a:19:a5:eb:1d:
5c:51:41:26:e1:7c:be:60:aa:47:8e:18:52:2f:8a:
71:f8:67:28:20:86:84:12:04:79:d1:bb:d6:8a:0f:
6f:8c:16:7f:ac:41:d4:dd:55:82:e1:66:e2:76:57:
cc:cf:2f:3c:5a:37:1a:44:21:d4:a2:28:4d:ed:70:
c5:fc:a9:f9:56:4b:64:4c:d6:53:3d:a9:d2:ed:fd:
a8:6c:0a:6a:cd:e5:f5:12:c7:b9:4b:98:6a:36:c6:
56:cb:1b:31:dd:e0:18:7d:ec:76:8b:ea:7d:b7:7c:
40:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:AA:7F:D5:88:B7:3A:42:01:3E:D9:AF:05:57:58:5A:18:C4:B9:A8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bKp_1Yi3OkIBPtmvBVdYWhjEuag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.252.0/24
37.221.120.0/22
45.9.156.0/23
45.14.164.0/24
45.81.241.0/24
45.88.88.0/24
45.144.152.0-45.144.154.255
45.149.233.0/24
45.149.241.0/24
45.151.88.0/23
83.219.97.0/24
84.21.174.0/23
87.120.87.0/24
87.121.45.0/24
87.121.86.0/23
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
95.214.25.0-95.214.26.255
141.98.1.0/24
147.78.102.0/24
171.22.17.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
193.42.32.0/23
193.149.2.0/23
194.48.248.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:bf:25:c6:c7:8e:3b:b6:9f:fd:a4:eb:4f:1a:db:e9:7f:2f:
18:47:be:5b:d9:33:a1:f5:0b:88:6b:e6:7f:0e:eb:57:8d:ff:
bd:fc:f6:0d:02:dd:d0:fa:ad:ad:05:b7:32:f3:3a:fb:b4:63:
00:a6:4a:c8:18:85:0d:1f:14:86:e3:d1:ab:0f:39:e5:6c:95:
a4:34:55:16:bb:ac:f8:b9:6a:14:06:ee:36:94:86:76:f1:cf:
8f:f8:e4:46:87:34:e1:76:ab:32:67:ab:0a:66:34:16:52:ac:
a2:68:e7:09:10:ff:d9:e6:03:ad:b8:65:32:c3:07:bc:f7:29:
dd:cf:ae:eb:dc:29:e6:7f:ba:78:1e:6a:05:31:de:48:c8:30:
c3:ba:3e:13:37:ea:ee:96:28:32:c8:25:a5:bc:13:9c:b3:5c:
74:2a:1e:79:11:f3:bc:11:e7:a5:12:d8:a3:a5:57:81:c8:a8:
f2:1b:03:c3:4b:d4:3e:a1:7a:ac:b6:38:95:27:49:3e:cd:64:
22:41:3d:24:79:ca:1a:df:a9:b7:36:47:81:ed:0b:62:4e:2f:
0b:a9:5c:a6:33:9d:b7:a2:b1:31:0d:fd:8b:b4:04:36:2e:2b:
6f:ee:af:9d:80:42:b9:f1:b5:6f:ed:99:b0:19:80:51:94:4b:
82:6a:88:dc
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAY9i3icDyUM5rXSLkucKYepAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNTEwMTQxNzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2FhN2ZkNTg4YjczYTQyMDEzZWQ5YWYwNTU3NTg1YTE4YzRiOWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApf9S+ShOtSPWIm2eQAssYYuf7Wnh
bpeo7RiDlNdqdmgaJ8fbDzPiFOypSKVcqVwBTTy2GKoZT3JueXRxa+O66BNlt6Bo
h5uvsroCCsBmJ5D7vMzXonlbyDAhcnZYFobtafwn3yn1y3PGykV6Hu0biau7SjeF
iwRUVbMiTAVvfFyH1fhjW5HVZuRgHRy1blS3ehml6x1cUUEm4Xy+YKpHjhhSL4px
+GcoIIaEEgR50bvWig9vjBZ/rEHU3VWC4WbidlfMzy88WjcaRCHUoihN7XDF/Kn5
VktkTNZTPanS7f2obApqzeX1Ese5S5hqNsZWyxsx3eAYfex2i+p9t3xAOQIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFGyqf9WItzpCAT7ZrwVXWFoYxLmoMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYktwXzFZaTNPa0lCUHRtdkJWZFlXaGpFdWFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBAAC
O/wDBAIl3XgDBAEtCZwDBAAtDqQDBAAtUfEDBAAtWFgwDAMEAy2QmAMEAC2QmgME
AC2V6QMEAC2V8QMEAS2XWAMEAFPbYQMEAVQVrgMEAFd4VwMEAFd5LQMEAVd5VgME
AFd53QMEAVx3xAMEAl6aoAMEAF6cCzAMAwQAX9YZAwQAX9YaAwQAjWIBAwQAk05m
AwQAqxYRAwQCqxZIAwQAstfgAwQCudhUAwQCudpUAwQBwSogAwQBwZUCAwQAwjD4
AwQAwjfgMA0GCSqGSIb3DQEBCwUAA4IBAQAOvyXGx447tp/9pOtPGtvpfy8YR75b
2TOh9QuIa+Z/DutXjf+9/PYNAt3Q+q2tBbcy8zr7tGMApkrIGIUNHxSG49GrDznl
bJWkNFUWu6z4uWoUBu42lIZ28c+P+ORGhzThdqsyZ6sKZjQWUqyiaOcJEP/Z5gOt
uGUywwe89yndz67r3Cnmf7p4HmoFMd5IyDDDuj4TN+ruligyyCWlvBOcs1x0Kh55
EfO8EeelEtijpVeByKjyGwPDS9Q+oXqstjiVJ0k+zWQiQT0kecoa36m3NkeB7Qti
Ti8LqVymM523orExDf2LtAQ2Litv7q+dgEK58bVv7ZmwGYBRlEuCaojc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:14 2024 by rpki-client on console-fra.rpki-client.org