Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kK99S8uoFd1LjcowUR2jZ1Tl1hU.roa
File: kK99S8uoFd1LjcowUR2jZ1Tl1hU.roa (raw, json)
Hash identifier: G81NkcnPSKh4YftmowSaBqosw6ogdZ/K/msfoBriGjo=
Subject key identifier: 90:AF:7D:4B:CB:A8:15:DD:4B:8D:CA:30:51:1D:A3:67:54:E5:D6:15
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0190777648876A0C10EB5C51BDDF3300D40A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kK99S8uoFd1LjcowUR2jZ1Tl1hU.roa
Signing time: Wed 03 Jul 2024 07:19:18 +0000
ROA not before: Wed 03 Jul 2024 07:19:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.221.120.0/22 maxlen: 24
45.12.255.0/24 maxlen: 24
45.66.229.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
45.81.242.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.33.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.42.32.0/23 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jul 2024 14:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:77:76:48:87:6a:0c:10:eb:5c:51:bd:df:33:00:d4:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 3 07:19:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90af7d4bcba815dd4b8dca30511da36754e5d615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:54:bf:9c:7c:4e:23:6e:3d:8e:e5:3d:be:95:
90:7c:2c:1a:60:9d:ec:b4:82:7c:cf:bf:ae:87:11:
ae:ce:c8:f0:e6:c8:41:4d:c8:81:49:52:c9:6a:d5:
cd:ca:22:bf:7a:f9:bc:a2:4b:b4:59:8f:8b:fd:f6:
c9:b5:4b:b3:6e:06:df:04:5d:a8:0e:0d:91:69:23:
9e:3d:d9:4d:bf:5a:29:f0:7b:c9:d6:75:66:dd:dc:
f1:06:94:6d:a7:83:26:f1:eb:ab:46:c6:93:fc:8b:
ce:f5:50:d4:5a:1e:18:4e:0b:dd:09:97:d1:22:c7:
e2:14:62:63:1f:20:98:05:cf:42:0a:19:35:86:ad:
4f:41:b4:6b:35:a3:c6:d6:5c:95:c9:36:fa:ae:58:
9d:5a:24:eb:c4:3e:f1:d9:57:a0:1d:a4:cc:65:60:
b4:49:33:bb:5e:5b:c6:7f:7b:f9:3f:05:47:77:26:
f4:f2:8d:29:98:0f:08:55:dd:49:21:24:c7:0c:0c:
f9:6f:fc:e3:3c:7d:7d:40:d5:90:07:ba:a3:e5:89:
7b:a1:8a:72:b6:e7:48:00:1f:db:3c:e3:58:f4:2b:
56:05:35:f0:b0:7d:62:44:d3:f5:13:6f:6c:dd:2e:
72:5a:16:fd:d3:f9:be:4e:b7:78:d4:44:f6:35:e3:
b4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:AF:7D:4B:CB:A8:15:DD:4B:8D:CA:30:51:1D:A3:67:54:E5:D6:15
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kK99S8uoFd1LjcowUR2jZ1Tl1hU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.12.255.0/24
45.66.229.0/24
45.81.241.0-45.81.242.255
45.144.152.0-45.144.154.255
45.149.233.0/24
45.151.88.0/23
83.219.97.0/24
84.21.174.0/23
87.120.33.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
94.156.78.0/24
141.98.1.0/24
147.78.102.0/24
171.22.17.0/24
171.22.31.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
193.42.32.0/23
193.149.2.0/23
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:b1:b0:79:d5:56:ef:72:2e:fb:98:4d:f8:6d:6e:17:01:ab:
df:68:3e:7e:e3:d8:cf:76:8a:41:bf:44:51:d3:05:c5:bf:bf:
3b:d6:d2:cf:5e:08:1f:1b:91:92:5f:5b:9f:38:2e:c2:39:7e:
3b:63:96:77:75:20:3f:c9:81:62:eb:ec:2d:e0:ee:97:8d:f2:
de:64:ec:7f:c2:5e:1a:39:90:12:a2:5b:04:3c:a0:98:ad:82:
5e:9f:77:a6:89:fd:94:71:25:03:e4:54:8b:4a:5d:a1:42:3b:
d6:09:58:ca:3c:35:6b:ff:79:5b:f9:b3:75:58:ff:74:b3:5a:
27:25:8f:cf:ac:13:af:97:d6:a1:50:ab:17:2b:d3:25:99:52:
70:7d:9c:5a:62:b0:52:76:1c:d0:7b:d2:21:b6:74:90:10:ec:
f0:f8:22:d9:0e:e5:2e:c6:4d:2a:ad:20:1c:ba:ab:32:5e:c2:
58:4d:b8:d5:78:5c:09:7e:8d:85:e4:49:f0:f7:85:07:ce:5b:
73:96:34:04:85:21:7a:ac:9f:69:3b:29:2d:3a:dc:e6:3f:63:
82:67:50:8c:c1:db:53:94:94:05:3a:f4:1e:61:a9:95:1e:44:
b2:90:c1:d3:7d:94:a9:aa:67:00:71:12:2f:cc:c9:0b:cf:bd:
de:1c:bc:38
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAZB3dkiHagwQ61xRvd8zANQKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzAzMDcxOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGFmN2Q0YmNiYTgxNWRkNGI4ZGNhMzA1MTFkYTM2NzU0ZTVkNjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFS/nHxOI249juU9vpWQfCwaYJ3s
tIJ8z7+uhxGuzsjw5shBTciBSVLJatXNyiK/evm8oku0WY+L/fbJtUuzbgbfBF2o
Dg2RaSOePdlNv1op8HvJ1nVm3dzxBpRtp4Mm8eurRsaT/IvO9VDUWh4YTgvdCZfR
IsfiFGJjHyCYBc9CChk1hq1PQbRrNaPG1lyVyTb6rlidWiTrxD7x2VegHaTMZWC0
STO7XlvGf3v5PwVHdyb08o0pmA8IVd1JISTHDAz5b/zjPH19QNWQB7qj5Yl7oYpy
tudIAB/bPONY9CtWBTXwsH1iRNP1E29s3S5yWhb90/m+Trd41ET2NeO0ywIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFJCvfUvLqBXdS43KMFEdo2dU5dYVMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEva0s5OVM4dW9GZDFMamNvd1VSMmpaMVRsMWhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBAIl
3XgDBAAtDP8DBAAtQuUwDAMEAC1R8QMEAC1R8jAMAwQDLZCYAwQALZCaAwQALZXp
AwQBLZdYAwQAU9thAwQBVBWuAwQAV3ghAwQAV3hXAwQAV3ktAwQAV3ndAwQBXHfE
AwQCXpqgAwQAXpwLAwQAXpxOAwQAjWIBAwQAk05mAwQAqxYRAwQAqxYfAwQCqxZI
AwQAstfgAwQCudhUAwQCudpUAwQBwSogAwQBwZUCAwQAwjfgMA0GCSqGSIb3DQEB
CwUAA4IBAQB7sbB51Vbvci77mE34bW4XAavfaD5+49jPdopBv0RR0wXFv7871tLP
XggfG5GSX1ufOC7COX47Y5Z3dSA/yYFi6+wt4O6XjfLeZOx/wl4aOZASolsEPKCY
rYJen3emif2UcSUD5FSLSl2hQjvWCVjKPDVr/3lb+bN1WP90s1onJY/PrBOvl9ah
UKsXK9MlmVJwfZxaYrBSdhzQe9IhtnSQEOzw+CLZDuUuxk0qrSAcuqsyXsJYTbjV
eFwJfo2F5Enw94UHzltzljQEhSF6rJ9pOyktOtzmP2OCZ1CMwdtTlJQFOvQeYamV
HkSykMHTfZSpqmcAcRIvzMkLz73eHLw4
-----END CERTIFICATE-----
Generated at Wed Jul 3 16:42:01 2024 by rpki-client on console-ams.rpki-client.org