Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/l8JiOhmhUI6JnkUuzq9gTnCB_UA.roa
File: l8JiOhmhUI6JnkUuzq9gTnCB_UA.roa (raw, json)
Hash identifier: an3OBvjaJ/XgO8dq1ZzbG4o3Ef3tmiQdSqy+ijAkKTM=
Subject key identifier: 97:C2:62:3A:19:A1:50:8E:89:9E:45:2E:CE:AF:60:4E:70:81:FD:40
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018FDD1E17AC0495F47946FB773A7FDD4804
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/l8JiOhmhUI6JnkUuzq9gTnCB_UA.roa
Signing time: Mon 03 Jun 2024 08:01:27 +0000
ROA not before: Mon 03 Jun 2024 08:01:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.221.120.0/22 maxlen: 24
45.81.241.0/24 maxlen: 24
45.81.242.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.86.0/23 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.246.223.0/24 maxlen: 24
193.42.32.0/23 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Jun 2024 10:59:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dd:1e:17:ac:04:95:f4:79:46:fb:77:3a:7f:dd:48:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 3 08:01:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97c2623a19a1508e899e452eceaf604e7081fd40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4d:06:75:da:fc:86:6e:51:89:b7:58:5e:e8:
86:7d:e8:32:03:99:94:92:b9:de:26:4c:ba:45:31:
ea:38:79:8f:91:5a:a9:b2:4f:55:aa:04:b5:7e:8a:
b3:08:29:5f:75:a7:16:45:b4:00:24:4f:0e:b5:3e:
b9:06:d1:b9:4a:20:ae:fd:34:84:93:83:42:de:a9:
91:29:ce:00:4e:3b:9c:17:b2:ca:f0:0f:40:35:b4:
0d:3f:63:b7:9c:dc:b4:50:3b:dd:fe:e3:ca:93:2e:
38:b5:b9:1a:5c:cf:69:23:44:e4:ea:b4:eb:95:10:
f2:d6:2e:da:25:72:83:09:ab:0e:77:f2:03:a6:ee:
42:26:3a:13:86:a0:c9:24:05:d8:b9:9d:98:e6:c0:
65:41:8f:38:e0:62:22:d5:b7:35:7d:b4:e3:d1:25:
12:b2:6b:ca:b9:b2:56:94:38:da:36:f8:44:94:15:
a8:e8:2d:23:86:51:3c:f3:94:be:ff:a0:fd:e7:76:
ad:28:89:d2:7c:d0:59:64:b3:2a:74:4d:4a:a3:a0:
91:95:32:8b:9d:e2:a9:35:1b:ec:36:43:97:78:aa:
d8:12:21:fe:c0:2c:a3:01:a7:f2:dc:8e:4d:a0:f5:
72:70:37:84:54:a2:45:f8:f7:35:84:65:58:9d:e6:
f8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C2:62:3A:19:A1:50:8E:89:9E:45:2E:CE:AF:60:4E:70:81:FD:40
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/l8JiOhmhUI6JnkUuzq9gTnCB_UA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.81.241.0-45.81.242.255
45.88.88.0/24
45.144.152.0-45.144.154.255
45.149.233.0/24
45.151.88.0/23
83.219.97.0/24
84.21.174.0/23
87.120.87.0/24
87.120.166.0/24
87.121.45.0/24
87.121.86.0/23
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
95.214.25.0-95.214.26.255
141.98.1.0/24
147.78.102.0/24
171.22.17.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
185.246.223.0/24
193.42.32.0/23
193.149.2.0/23
194.48.248.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
50:1b:c9:02:07:df:30:1f:10:ea:7c:d1:f1:01:7d:d4:c3:7f:
75:b7:3b:3e:b6:54:49:79:39:2d:f9:f4:b1:15:86:8c:e7:b1:
19:cb:a1:c6:f1:bf:fa:1c:39:76:c7:cc:10:96:8e:cc:c4:6c:
cb:30:ea:ce:d7:af:11:61:e7:41:4d:76:c7:19:3d:f1:38:ab:
22:db:2b:93:e4:a8:d1:9a:4c:ff:f2:81:b6:83:12:30:cd:31:
7a:92:4b:90:ef:2c:db:42:04:94:bf:0d:cc:c0:ab:28:ad:f5:
ff:f5:f8:e8:09:c9:b1:f7:06:d7:b1:4e:c6:0e:f7:8c:34:42:
7a:0e:fd:54:cb:34:36:cb:fb:d5:4e:43:fb:df:8d:62:03:a2:
8f:d4:d4:32:d8:df:a7:f4:82:6a:7a:38:2c:41:30:df:b7:40:
9c:1f:b6:db:c4:88:4b:57:27:13:e2:bb:bb:e8:a1:c8:d4:3f:
f2:f0:8d:30:ca:39:05:bd:bb:2f:d1:e4:b2:9c:33:3d:ed:51:
08:92:d4:07:d2:5a:11:d5:55:d1:1c:f1:84:59:be:82:84:46:
27:18:98:fb:7b:9c:17:da:c9:6a:d2:29:10:1a:e9:1e:53:93:
15:89:cc:e8:21:d6:59:67:f5:b1:93:2e:2d:aa:e7:7b:2c:df:
72:58:1a:d7
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAY/dHhesBJX0eUb7dzp/3UgEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjAzMDgwMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2MyNjIzYTE5YTE1MDhlODk5ZTQ1MmVjZWFmNjA0ZTcwODFmZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq00Gddr8hm5RibdYXuiGfegyA5mU
krneJky6RTHqOHmPkVqpsk9VqgS1foqzCClfdacWRbQAJE8OtT65BtG5SiCu/TSE
k4NC3qmRKc4ATjucF7LK8A9ANbQNP2O3nNy0UDvd/uPKky44tbkaXM9pI0Tk6rTr
lRDy1i7aJXKDCasOd/IDpu5CJjoThqDJJAXYuZ2Y5sBlQY844GIi1bc1fbTj0SUS
smvKubJWlDjaNvhElBWo6C0jhlE885S+/6D953atKInSfNBZZLMqdE1Ko6CRlTKL
neKpNRvsNkOXeKrYEiH+wCyjAafy3I5NoPVycDeEVKJF+Pc1hGVYneb4rQIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFJfCYjoZoVCOiZ5FLs6vYE5wgf1AMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbDhKaU9obWhVSTZKbmtVdXpxOWdUbkNCX1VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBzQQCAAEwgcYDBAIl
3XgwDAMEAC1R8QMEAC1R8gMEAC1YWDAMAwQDLZCYAwQALZCaAwQALZXpAwQBLZdY
AwQAU9thAwQBVBWuAwQAV3hXAwQAV3imAwQAV3ktAwQBV3lWAwQAV3ndAwQBXHfE
AwQCXpqgAwQAXpwLMAwDBABf1hkDBABf1hoDBACNYgEDBACTTmYDBACrFhEDBAKr
FkgDBACy1+ADBAK52FQDBAK52lQDBAC59t8DBAHBKiADBAHBlQIDBADCMPgDBADC
N+AwDQYJKoZIhvcNAQELBQADggEBAFAbyQIH3zAfEOp80fEBfdTDf3W3Oz62VEl5
OS359LEVhoznsRnLocbxv/ocOXbHzBCWjszEbMsw6s7XrxFh50FNdscZPfE4qyLb
K5PkqNGaTP/ygbaDEjDNMXqSS5DvLNtCBJS/DczAqyit9f/1+OgJybH3BtexTsYO
94w0QnoO/VTLNDbL+9VOQ/vfjWIDoo/U1DLY36f0gmp6OCxBMN+3QJwfttvEiEtX
JxPiu7voocjUP/LwjTDKOQW9uy/R5LKcMz3tUQiS1AfSWhHVVdEc8YRZvoKERicY
mPt7nBfayWrSKRAa6R5TkxWJzOgh1lln9bGTLi2q53ss33JYGtc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:18 2024 by rpki-client on console-fra.rpki-client.org