Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iGN5xxDbmhOkqu3EZh5am28iwLg.roa
File: iGN5xxDbmhOkqu3EZh5am28iwLg.roa (raw, json)
Hash identifier: anyxOLvtbOV2ajYoeJXM0DDYTWzsQc31KEuZ+xWAXTg=
Subject key identifier: 88:63:79:C7:10:DB:9A:13:A4:AA:ED:C4:66:1E:5A:9B:6F:22:C0:B8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0190E86EA9DE936338A9071BE9F3B3145EA9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iGN5xxDbmhOkqu3EZh5am28iwLg.roa
Signing time: Thu 25 Jul 2024 05:48:04 +0000
ROA not before: Thu 25 Jul 2024 05:48:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.58.95.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
84.54.48.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
93.123.24.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.11.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.35.18.0/24 maxlen: 24
193.42.32.0/23 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jul 2024 05:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e8:6e:a9:de:93:63:38:a9:07:1b:e9:f3:b3:14:5e:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 25 05:48:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=886379c710db9a13a4aaedc4661e5a9b6f22c0b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:00:8b:05:4b:7b:d0:04:c5:c0:fd:8e:00:05:
4e:13:ae:20:24:63:03:29:06:cb:3e:f7:b6:83:15:
99:f8:c1:1e:71:70:be:10:d4:f4:9f:2a:39:8f:b0:
7b:2e:f5:e0:fc:3c:a9:f3:98:65:1d:38:2f:13:d5:
24:a8:52:e0:27:2d:47:ea:4e:41:a5:61:cb:a0:b1:
fd:e7:51:d7:29:00:bd:c9:7b:14:66:67:f2:5c:47:
6f:bc:a7:2f:d2:41:fd:a0:38:6c:b9:a8:ee:e0:2e:
b2:53:c6:a3:37:57:19:b9:d6:9d:7f:10:b0:7b:e6:
50:74:97:ff:0a:d3:f2:ac:38:5a:d7:77:e1:7b:7d:
36:0b:82:b3:be:18:f4:4e:29:65:d9:42:8b:07:57:
6c:aa:d3:14:51:00:48:4e:97:89:18:0c:19:69:d9:
53:56:56:fd:21:14:3c:3c:32:e4:d0:cb:56:7e:2e:
e0:84:16:eb:fb:8d:93:bd:65:60:c3:21:e4:48:5c:
30:ff:8c:45:a8:5d:1d:7a:37:30:ff:27:a7:a6:9c:
39:74:1d:2a:13:20:45:99:d9:86:34:94:5c:af:04:
55:27:58:1e:cd:4d:0e:ed:79:9f:ed:ef:e7:14:92:
29:5c:22:a9:d9:bc:d2:7c:54:a1:92:79:61:2d:e8:
6c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:63:79:C7:10:DB:9A:13:A4:AA:ED:C4:66:1E:5A:9B:6F:22:C0:B8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iGN5xxDbmhOkqu3EZh5am28iwLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
45.128.232.0/24
45.144.154.0/24
45.151.89.0/24
81.161.238.0/24
83.219.97.0/24
84.21.174.0/23
84.54.48.0/24
84.54.51.0/24
85.31.47.0/24
87.120.87.0/24
87.121.38.0/24
87.121.45.0/24
87.121.221.0/24
91.92.16.0/24
92.119.196.0/23
93.123.24.0/24
94.103.124.0/24
94.154.160.0/22
94.156.2.0/24
94.156.11.0/24
141.98.1.0/24
141.98.4.0/24
147.78.102.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
193.35.18.0/24
193.42.32.0/23
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
74:0e:f9:24:bc:55:db:c6:84:33:8c:27:91:7a:33:07:11:38:
eb:9f:cf:d8:23:ad:b2:bd:ac:cb:78:5b:c7:25:b4:17:57:07:
55:a5:c0:a6:aa:a0:82:cf:90:8a:6e:71:b8:49:ec:e8:3e:5c:
54:64:42:a0:c1:f6:02:f7:92:67:94:29:16:4f:3a:b6:61:53:
d4:0f:40:b5:ba:1c:99:b8:92:ef:db:7d:72:63:2e:bd:6c:89:
a3:02:30:7e:2d:90:88:3d:4f:b0:f6:3c:73:6d:4c:8b:b4:99:
00:76:9c:4a:5f:4b:b2:bb:df:8c:f3:d8:e0:c6:f2:db:8a:c3:
10:0c:65:0d:ac:41:04:c6:41:06:4a:da:ed:e3:95:a6:c9:df:
9e:50:86:e5:6e:ea:2f:6b:5e:08:13:8b:00:a8:ea:d3:20:a0:
b3:89:a5:50:f7:6b:fb:81:b8:19:ae:23:7a:8a:d0:12:b6:cb:
99:c4:11:2e:81:8d:73:c5:dd:7b:80:d2:60:18:99:95:81:e5:
ad:02:45:c1:83:d7:96:2a:1d:be:68:1e:a9:b4:34:3d:39:7c:
21:4f:52:34:1c:61:90:ac:00:58:d6:bd:a3:5c:c3:19:7a:bb:
4a:58:a9:8a:71:25:8c:f2:6c:01:b8:22:94:99:42:db:23:57:
1a:fe:84:f9
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAZDobqnek2M4qQcb6fOzFF6pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzI1MDU0ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODYzNzljNzEwZGI5YTEzYTRhYWVkYzQ2NjFlNWE5YjZmMjJjMGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gCLBUt70ATFwP2OAAVOE64gJGMD
KQbLPve2gxWZ+MEecXC+ENT0nyo5j7B7LvXg/Dyp85hlHTgvE9UkqFLgJy1H6k5B
pWHLoLH951HXKQC9yXsUZmfyXEdvvKcv0kH9oDhsuaju4C6yU8ajN1cZudadfxCw
e+ZQdJf/CtPyrDha13fhe302C4Kzvhj0Till2UKLB1dsqtMUUQBITpeJGAwZadlT
Vlb9IRQ8PDLk0MtWfi7ghBbr+42TvWVgwyHkSFww/4xFqF0dejcw/yenppw5dB0q
EyBFmdmGNJRcrwRVJ1gezU0O7Xmf7e/nFJIpXCKp2bzSfFShknlhLehsdQIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFIhjeccQ25oTpKrtxGYeWptvIsC4MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaUdONXh4RGJtaE9rcXUzRVpoNWFtMjhpd0xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBwQQCAAEwgboDBAAC
Ol8DBAAtgOgDBAAtkJoDBAAtl1kDBABRoe4DBABT22EDBAFUFa4DBABUNjADBABU
NjMDBABVHy8DBABXeFcDBABXeSYDBABXeS0DBABXed0DBABbXBADBAFcd8QDBABd
exgDBABeZ3wDBAJemqADBABenAIDBABenAsDBACNYgEDBACNYgQDBACTTmYDBAKr
FkgDBACy1+ADBAK52FQDBAK52lQDBADBIxIDBAHBKiADBADCN+AwDQYJKoZIhvcN
AQELBQADggEBAHQO+SS8VdvGhDOMJ5F6MwcROOufz9gjrbK9rMt4W8cltBdXB1Wl
wKaqoILPkIpucbhJ7Og+XFRkQqDB9gL3kmeUKRZPOrZhU9QPQLW6HJm4ku/bfXJj
Lr1siaMCMH4tkIg9T7D2PHNtTIu0mQB2nEpfS7K734zz2ODG8tuKwxAMZQ2sQQTG
QQZK2u3jlabJ355QhuVu6i9rXggTiwCo6tMgoLOJpVD3a/uBuBmuI3qK0BK2y5nE
ES6BjXPF3XuA0mAYmZWB5a0CRcGD15YqHb5oHqm0ND05fCFPUjQcYZCsAFjWvaNc
wxl6u0pYqYpxJYzybAG4IpSZQtsjVxr+hPk=
-----END CERTIFICATE-----
Generated at Thu Jul 25 08:30:32 2024 by rpki-client on console-fra.rpki-client.org