Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/duBp7WjqltEI_rm5JDMsuUuvp9g.roa
File: duBp7WjqltEI_rm5JDMsuUuvp9g.roa (raw, json)
Hash identifier: ID7MjGpO/OoMjFqA9f3VKL3APu9AIan9+bsxozjvj4c=
Subject key identifier: 76:E0:69:ED:68:EA:96:D1:08:FE:B9:B9:24:33:2C:B9:4B:AF:A7:D8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019144D65DC1380094B8A79D6C5ABB10BA3A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/duBp7WjqltEI_rm5JDMsuUuvp9g.roa
Signing time: Mon 12 Aug 2024 04:26:24 +0000
ROA not before: Mon 12 Aug 2024 04:26:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.58.95.0/24 maxlen: 24
45.8.92.0/24 maxlen: 24
45.88.90.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
84.54.48.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.93.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
93.123.39.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.8.0/24 maxlen: 24
94.156.10.0/24 maxlen: 24
94.156.11.0/24 maxlen: 24
109.206.237.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
147.78.103.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.246.223.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 11:02:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:44:d6:5d:c1:38:00:94:b8:a7:9d:6c:5a:bb:10:ba:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 12 04:26:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76e069ed68ea96d108feb9b924332cb94bafa7d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:33:5d:5b:20:89:58:b9:40:0f:3b:52:ae:db:
a6:57:d9:4d:9a:ac:87:e3:d1:1b:45:9a:2f:61:ca:
44:5a:f3:93:66:a5:f4:2e:ad:65:91:a2:20:45:0a:
16:f5:eb:9f:6e:34:59:75:c2:d0:41:b5:f9:4b:dc:
53:b9:ab:2e:d7:3f:c6:d5:d2:a5:22:c4:7a:f1:41:
75:be:d0:47:e0:b8:6c:22:22:78:01:35:4a:2f:b6:
ad:ca:51:c6:c1:12:cc:28:33:fb:c5:8d:5f:59:06:
8b:29:45:90:7e:9f:5b:ee:d5:59:0f:32:d6:df:25:
e9:4e:9c:fb:f9:a5:c9:0f:f1:10:b6:80:86:7f:61:
4c:06:f0:fb:81:91:28:6a:4c:df:0b:08:0b:5b:1d:
41:a4:1a:96:ba:45:a7:12:35:80:77:65:35:cb:a9:
ff:a4:5f:58:25:af:82:7b:ef:d2:6c:d6:b2:ab:1a:
70:93:bf:ce:62:a3:5a:af:91:40:55:4b:0a:bd:43:
5a:c4:8b:a2:0a:ed:70:26:ab:a8:2b:ca:96:3c:35:
6f:3b:b3:d2:ec:af:2d:d9:96:c3:b0:83:17:ca:f9:
f0:71:51:eb:a6:df:9f:e4:29:fd:dd:9d:9d:bf:cc:
1e:a9:83:e4:b6:18:05:bf:3e:65:95:36:83:37:b4:
d7:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E0:69:ED:68:EA:96:D1:08:FE:B9:B9:24:33:2C:B9:4B:AF:A7:D8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/duBp7WjqltEI_rm5JDMsuUuvp9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
45.8.92.0/24
45.88.90.0/24
45.128.232.0/24
45.144.154.0/24
45.151.89.0/24
80.76.51.0/24
81.161.238.0/24
83.219.97.0/24
84.21.174.0/23
84.54.48.0/24
85.31.47.0/24
87.120.87.0/24
87.120.93.0/24
87.121.45.0/24
87.121.69.0/24
87.121.221.0/24
92.119.196.0/23
93.123.39.0/24
94.103.124.0/23
94.154.160.0/22
94.156.8.0/24
94.156.10.0/23
109.206.237.0/24
141.98.1.0/24
147.78.102.0/23
171.22.72.0/22
178.215.224.0/24
185.216.70.0/24
185.216.84.0/22
185.218.84.0/22
185.246.223.0/24
193.35.18.0/24
193.37.41.0/24
193.37.44.0/24
193.222.96.0/24
194.48.251.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:7b:a8:3a:f8:0d:8a:ad:90:db:94:b6:23:35:02:8a:73:73:
b8:34:28:3e:87:e8:14:75:6f:34:54:20:c3:8d:5a:09:7e:74:
83:d5:d0:f3:2f:96:d6:7a:02:b1:72:c6:b1:56:36:8a:85:9e:
51:a2:72:90:53:bb:0a:22:36:84:7c:7f:9c:ba:70:b5:f6:31:
9d:f2:2c:32:f0:a6:42:dc:21:87:a6:3f:a2:6f:83:ae:e2:6e:
08:43:82:42:2d:59:ef:00:97:b5:20:eb:54:8b:ce:db:89:39:
93:36:27:bd:7e:57:0f:28:7c:a0:ff:1a:a6:88:45:b6:51:07:
bc:0d:00:79:4b:e2:11:2e:86:d0:39:1b:34:b2:ec:19:9e:a5:
f5:b5:b0:26:ba:e4:2c:38:ac:3c:2f:7a:cb:43:fd:01:ad:a2:
26:3c:95:f1:39:3f:13:d4:20:34:7e:ea:4d:33:e6:f2:4a:f9:
12:50:8f:1f:cf:49:1c:0b:3b:94:22:a9:f9:68:5b:cf:2d:57:
fd:3d:97:c8:b8:10:bf:60:6f:e5:5a:3e:bc:64:17:83:be:12:
60:17:ad:e4:8d:6f:4e:8a:79:c4:da:5c:32:c1:74:ac:61:04:
da:b7:40:51:44:0d:86:af:94:d8:e4:00:e3:4a:b4:a1:46:c2:
1e:50:7c:d5
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAZFE1l3BOACUuKedbFq7ELo6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODEyMDQyNjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmUwNjllZDY4ZWE5NmQxMDhmZWI5YjkyNDMzMmNiOTRiYWZhN2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTNdWyCJWLlADztSrtumV9lNmqyH
49EbRZovYcpEWvOTZqX0Lq1lkaIgRQoW9eufbjRZdcLQQbX5S9xTuasu1z/G1dKl
IsR68UF1vtBH4LhsIiJ4ATVKL7atylHGwRLMKDP7xY1fWQaLKUWQfp9b7tVZDzLW
3yXpTpz7+aXJD/EQtoCGf2FMBvD7gZEoakzfCwgLWx1BpBqWukWnEjWAd2U1y6n/
pF9YJa+Ce+/SbNayqxpwk7/OYqNar5FAVUsKvUNaxIuiCu1wJquoK8qWPDVvO7PS
7K8t2ZbDsIMXyvnwcVHrpt+f5Cn93Z2dv8weqYPkthgFvz5llTaDN7TX5wIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFHbgae1o6pbRCP65uSQzLLlLr6fYMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZHVCcDdXanFsdEVJX3JtNUpETXN1VXV2cDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkAwQA
AjpfAwQALQhcAwQALVhaAwQALYDoAwQALZCaAwQALZdZAwQAUEwzAwQAUaHuAwQA
U9thAwQBVBWuAwQAVDYwAwQAVR8vAwQAV3hXAwQAV3hdAwQAV3ktAwQAV3lFAwQA
V3ndAwQBXHfEAwQAXXsnAwQBXmd8AwQCXpqgAwQAXpwIAwQBXpwKAwQAbc7tAwQA
jWIBAwQBk05mAwQCqxZIAwQAstfgAwQAudhGAwQCudhUAwQCudpUAwQAufbfAwQA
wSMSAwQAwSUpAwQAwSUsAwQAwd5gAwQAwjD7AwQAwjfgMA0GCSqGSIb3DQEBCwUA
A4IBAQCNe6g6+A2KrZDblLYjNQKKc3O4NCg+h+gUdW80VCDDjVoJfnSD1dDzL5bW
egKxcsaxVjaKhZ5RonKQU7sKIjaEfH+cunC19jGd8iwy8KZC3CGHpj+ib4Ou4m4I
Q4JCLVnvAJe1IOtUi87biTmTNie9flcPKHyg/xqmiEW2UQe8DQB5S+IRLobQORs0
suwZnqX1tbAmuuQsOKw8L3rLQ/0BraImPJXxOT8T1CA0fupNM+bySvkSUI8fz0kc
CzuUIqn5aFvPLVf9PZfIuBC/YG/lWj68ZBeDvhJgF63kjW9OinnE2lwywXSsYQTa
t0BRRA2Gr5TY5ADjSrShRsIeUHzV
-----END CERTIFICATE-----
Generated at Mon Aug 12 14:38:24 2024 by rpki-client on console-ams.rpki-client.org