Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dCYuFDWcRo803uQ4wl8GE816-BQ.roa
File: dCYuFDWcRo803uQ4wl8GE816-BQ.roa (raw, json)
Hash identifier: XWRKpL/l29JBYgQQNvScanMeNGt02D2sP0dKy1/UlL8=
Subject key identifier: 74:26:2E:14:35:9C:46:8F:34:DE:E4:38:C2:5F:06:13:CD:7A:F8:14
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019029FF85A16DDF585F45890AEF4E92578A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dCYuFDWcRo803uQ4wl8GE816-BQ.roa
Signing time: Tue 18 Jun 2024 06:18:50 +0000
ROA not before: Tue 18 Jun 2024 06:18:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.221.120.0/22 maxlen: 24
45.66.229.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
45.81.242.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.149.242.0/24 maxlen: 24
45.149.243.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
82.115.211.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.86.0/23 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.42.32.0/23 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Jun 2024 10:42:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:29:ff:85:a1:6d:df:58:5f:45:89:0a:ef:4e:92:57:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 18 06:18:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74262e14359c468f34dee438c25f0613cd7af814
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ab:e2:af:53:67:19:fc:5d:2c:e5:b0:45:3b:
8e:5b:89:bb:b6:d2:98:fc:33:b7:5b:54:2f:c3:e4:
ae:a5:22:2d:e4:f6:b8:fa:f6:21:d2:7f:cb:66:8e:
b0:56:57:fe:3c:b9:55:fa:a6:c9:5c:6b:0c:b6:07:
a9:9e:7e:fa:37:39:fd:2b:b1:27:2e:47:aa:a0:f4:
67:69:6f:d8:a2:08:39:d3:e9:35:7b:c8:b8:7d:e8:
6d:8c:f1:01:f5:c3:c3:e7:ac:ad:68:dd:25:7d:ff:
ab:e1:85:a6:8d:19:e6:fb:19:f1:f0:7a:81:ba:e7:
35:4f:0d:0d:69:2f:e2:53:8e:c6:6f:3e:d5:67:a8:
f9:e9:db:41:40:bd:69:9f:80:a1:2c:2f:4b:de:79:
77:c6:01:fc:e5:57:bc:51:70:77:4c:42:45:2c:8c:
85:2f:66:b4:64:fa:3b:d8:a1:78:02:be:14:86:ef:
3e:e1:3e:6e:d4:30:57:c6:cf:4e:c2:96:7f:bf:81:
2e:48:7f:b7:20:63:d7:1e:c1:f3:38:40:ac:41:9b:
64:40:d7:e9:57:9b:90:fa:d7:13:58:51:14:1f:57:
4c:4f:22:e4:b3:6c:ff:2c:14:3f:cd:65:c7:c7:63:
58:68:85:41:92:ed:3b:e9:9d:60:e0:f1:f9:4c:fe:
f9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:26:2E:14:35:9C:46:8F:34:DE:E4:38:C2:5F:06:13:CD:7A:F8:14
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dCYuFDWcRo803uQ4wl8GE816-BQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.66.229.0/24
45.81.241.0-45.81.242.255
45.88.88.0/24
45.144.152.0-45.144.154.255
45.149.233.0/24
45.149.242.0/23
45.151.88.0/23
82.115.211.0/24
83.219.97.0/24
84.21.174.0/23
87.120.87.0/24
87.121.45.0/24
87.121.86.0/23
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
94.156.78.0/24
95.214.25.0-95.214.26.255
141.98.1.0/24
147.78.102.0/24
171.22.17.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
193.42.32.0/23
193.149.2.0/23
194.48.248.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
04:68:7f:45:ec:aa:ff:6e:01:50:97:8f:28:cf:93:bc:d1:97:
d1:f0:4c:07:fe:58:c5:1f:ab:97:f6:5c:1f:6b:60:75:b8:27:
3f:db:3b:c2:d0:78:2f:43:05:b7:a1:ac:7b:d6:7e:e8:51:b5:
30:1e:68:24:b3:16:28:f7:0d:ef:91:81:e4:15:c2:c0:e9:18:
4c:4f:43:02:bd:56:74:dc:58:9f:f3:15:2b:e6:68:c4:f8:6e:
c5:3c:f9:d0:51:4e:bd:26:92:e0:77:c1:e0:f4:e3:55:c9:67:
16:cb:ae:3c:e8:48:59:2f:52:54:ef:38:04:ca:50:0e:e2:ec:
45:f6:0e:d1:21:25:76:f3:25:4d:a4:64:66:7f:c6:66:dc:2b:
43:eb:d0:74:72:30:a1:96:48:31:41:5e:30:4e:f9:45:a3:51:
be:62:ae:b4:80:96:35:b7:c5:be:8b:20:5d:0f:22:81:62:3f:
95:66:25:2d:ee:0f:47:26:a8:84:b8:0c:a7:89:12:ff:b8:a4:
3d:c9:80:18:96:d8:06:21:aa:46:5c:be:27:7e:38:4b:79:39:
1d:f2:bd:ed:ec:fd:9d:c5:cb:4f:1c:d0:fb:c1:7d:74:37:80:
30:1f:7c:ae:87:6a:93:14:38:ab:5a:2e:db:55:64:d6:06:fd:
f3:8e:c8:8b
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAZAp/4Whbd9YX0WJCu9OkleKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjE4MDYxODUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDI2MmUxNDM1OWM0NjhmMzRkZWU0MzhjMjVmMDYxM2NkN2FmODE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqvir1NnGfxdLOWwRTuOW4m7ttKY
/DO3W1Qvw+SupSIt5Pa4+vYh0n/LZo6wVlf+PLlV+qbJXGsMtgepnn76Nzn9K7En
LkeqoPRnaW/Yogg50+k1e8i4fehtjPEB9cPD56ytaN0lff+r4YWmjRnm+xnx8HqB
uuc1Tw0NaS/iU47Gbz7VZ6j56dtBQL1pn4ChLC9L3nl3xgH85Ve8UXB3TEJFLIyF
L2a0ZPo72KF4Ar4Uhu8+4T5u1DBXxs9OwpZ/v4EuSH+3IGPXHsHzOECsQZtkQNfp
V5uQ+tcTWFEUH1dMTyLks2z/LBQ/zWXHx2NYaIVBku076Z1g4PH5TP75YwIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFHQmLhQ1nEaPNN7kOMJfBhPNevgUMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZENZdUZEV2NSbzgwM3VRNHdsOEdFODE2LUJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAEwgdIDBAIl
3XgDBAAtQuUwDAMEAC1R8QMEAC1R8gMEAC1YWDAMAwQDLZCYAwQALZCaAwQALZXp
AwQBLZXyAwQBLZdYAwQAUnPTAwQAU9thAwQBVBWuAwQAV3hXAwQAV3ktAwQBV3lW
AwQAV3ndAwQBXHfEAwQCXpqgAwQAXpwLAwQAXpxOMAwDBABf1hkDBABf1hoDBACN
YgEDBACTTmYDBACrFhEDBAKrFkgDBACy1+ADBAK52FQDBAK52lQDBAHBKiADBAHB
lQIDBADCMPgDBADCN+AwDQYJKoZIhvcNAQELBQADggEBAARof0Xsqv9uAVCXjyjP
k7zRl9HwTAf+WMUfq5f2XB9rYHW4Jz/bO8LQeC9DBbehrHvWfuhRtTAeaCSzFij3
De+RgeQVwsDpGExPQwK9VnTcWJ/zFSvmaMT4bsU8+dBRTr0mkuB3weD041XJZxbL
rjzoSFkvUlTvOATKUA7i7EX2DtEhJXbzJU2kZGZ/xmbcK0Pr0HRyMKGWSDFBXjBO
+UWjUb5irrSAljW3xb6LIF0PIoFiP5VmJS3uD0cmqIS4DKeJEv+4pD3JgBiW2AYh
qkZcvid+OEt5OR3yve3s/Z3Fy08c0PvBfXQ3gDAffK6HapMUOKtaLttVZNYG/fOO
yIs=
-----END CERTIFICATE-----
Generated at Tue Jun 18 16:21:49 2024 by rpki-client on console-ams.rpki-client.org