Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oqjSMA81Rtyq8LlbpW33KiHSz-g.roa
File: oqjSMA81Rtyq8LlbpW33KiHSz-g.roa (raw, json)
Hash identifier: sNI0WhabI83MOBpRvQjFXES2OUEqiqawWTZke9wjnUg=
Subject key identifier: A2:A8:D2:30:0F:35:46:DC:AA:F0:B9:5B:A5:6D:F7:2A:21:D2:CF:E8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CF20D351F708D7FA73A44B71837DDA012
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oqjSMA81Rtyq8LlbpW33KiHSz-g.roa
Signing time: Wed 10 Jan 2024 06:26:40 +0000
ROA not before: Wed 10 Jan 2024 06:26:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.226.173.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
37.139.129.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
31.13.211.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
45.84.89.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
45.88.90.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 10:36:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f2:0d:35:1f:70:8d:7f:a7:3a:44:b7:18:37:dd:a0:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 10 06:26:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2a8d2300f3546dcaaf0b95ba56df72a21d2cfe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3d:a1:af:d9:e1:04:2e:af:f7:a9:22:5b:a5:
0b:0e:39:ed:84:93:fb:e8:fa:05:f0:4d:99:65:7a:
e4:1c:57:87:3a:f8:5d:bd:fb:5a:74:c2:ce:0e:da:
80:5a:95:e8:9d:e8:ab:ab:8b:45:9d:ee:98:bd:20:
f5:cc:97:85:22:f6:66:34:27:6a:63:33:bd:df:d2:
ec:d9:22:2a:b8:88:d5:36:7f:25:50:78:4f:bc:d5:
94:34:c1:ce:ef:5f:e7:83:7c:37:42:81:f9:69:18:
90:38:18:b4:a8:a2:81:68:71:a5:4b:68:85:51:1e:
79:4e:14:5c:b0:65:87:83:26:23:b6:5e:e0:11:c1:
ab:94:e2:24:d3:7d:ba:c4:3e:70:a6:3a:c5:cd:16:
cd:c2:e5:de:e9:75:ee:56:97:48:29:02:c1:09:61:
18:24:70:14:69:75:70:51:97:23:6a:11:b0:96:1d:
25:bc:47:db:d8:25:ab:0e:9a:2a:41:5b:40:c3:16:
5d:a3:ca:96:2c:2b:df:77:f1:14:eb:b1:a6:f3:9c:
3d:ff:98:dc:9e:5a:47:1d:6d:f2:74:53:a8:c2:dc:
33:52:27:0c:b0:a4:d2:65:0a:f6:0c:b9:c4:af:0e:
ab:52:b7:bc:a9:7d:95:a4:e8:5a:31:68:33:c3:7e:
84:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A8:D2:30:0F:35:46:DC:AA:F0:B9:5B:A5:6D:F7:2A:21:D2:CF:E8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oqjSMA81Rtyq8LlbpW33KiHSz-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.211.0/24
37.139.129.0/24
45.84.89.0/24
45.88.90.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.161.0-94.154.163.255
94.154.172.0/24
94.156.239.0/24
147.78.101.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.226.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.173.0/24
185.226.175.0/24
185.252.176.0/24
193.37.41.0/24
194.55.186.0/24
Signature Algorithm: sha256WithRSAEncryption
21:57:91:fc:1b:54:76:15:02:b5:10:13:47:02:d7:cf:cf:72:
7f:e6:ba:02:89:15:70:8e:b8:fb:d4:f8:59:7e:95:05:9b:d9:
c2:53:8a:c8:4d:b8:21:38:87:da:7d:14:39:3d:bf:35:40:5f:
d9:23:e2:c7:b4:cb:d9:7c:c5:d0:0f:b6:26:c2:6b:ad:69:96:
7a:f0:ec:d5:66:6c:75:e6:2e:78:38:54:82:ee:aa:7e:ca:24:
17:cc:bd:42:21:3b:a9:47:5e:3a:61:dc:18:25:b6:5d:5b:e8:
bc:dd:42:48:2b:7f:07:4d:e1:49:93:38:e6:91:44:81:41:b5:
b9:86:d7:c5:f8:37:58:6e:4f:55:48:ec:da:ca:31:06:68:22:
e0:26:c4:66:32:dc:0e:1d:4e:56:e6:13:80:4b:e8:91:69:03:
32:3d:fc:86:b9:b6:96:33:39:e4:02:e5:a2:5e:1d:a7:0c:14:
17:7b:c6:2b:27:76:2a:3d:6a:5c:68:f4:ce:74:ab:4e:08:e1:
4b:ea:5d:1e:f4:c3:81:16:97:84:bb:e8:98:78:06:8c:c0:8f:
77:ef:3d:85:8d:d4:4d:3b:78:67:f9:9a:41:18:50:2f:43:d9:
29:94:b2:2f:9c:63:ff:bf:b9:fb:2f:bc:59:97:11:76:22:6f:
b3:69:e1:2a
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYzyDTUfcI1/pzpEtxg33aASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTEwMDYyNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmE4ZDIzMDBmMzU0NmRjYWFmMGI5NWJhNTZkZjcyYTIxZDJjZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlz2hr9nhBC6v96kiW6ULDjnthJP7
6PoF8E2ZZXrkHFeHOvhdvftadMLODtqAWpXoneirq4tFne6YvSD1zJeFIvZmNCdq
YzO939Ls2SIquIjVNn8lUHhPvNWUNMHO71/ng3w3QoH5aRiQOBi0qKKBaHGlS2iF
UR55ThRcsGWHgyYjtl7gEcGrlOIk0326xD5wpjrFzRbNwuXe6XXuVpdIKQLBCWEY
JHAUaXVwUZcjahGwlh0lvEfb2CWrDpoqQVtAwxZdo8qWLCvfd/EU67Gm85w9/5jc
nlpHHW3ydFOowtwzUicMsKTSZQr2DLnErw6rUre8qX2VpOhaMWgzw36E0QIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFKKo0jAPNUbcqvC5W6Vt9yoh0s/oMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvb3FqU01BODFSdHlxOExsYnBXMzNLaUhTei1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBAAf
DdMDBAAli4EDBAAtVFkDBAAtWFoDBAAtl1kDBABXeFcDBABXeS0DBABXed0DBAFc
d8QwDAMEAF6aoQMEAl6aoAMEAF6arAMEAF6c7zAMAwQAk05lAwQAk05mAwQCqxZI
AwQAstfgAwQAstfiAwQAstfsAwQCudhUAwQCudpUAwQAueKtAwQAueKvAwQAufyw
AwQAwSUpAwQAwje6MA0GCSqGSIb3DQEBCwUAA4IBAQAhV5H8G1R2FQK1EBNHAtfP
z3J/5roCiRVwjrj71PhZfpUFm9nCU4rITbghOIfafRQ5Pb81QF/ZI+LHtMvZfMXQ
D7YmwmutaZZ68OzVZmx15i54OFSC7qp+yiQXzL1CITupR146YdwYJbZdW+i83UJI
K38HTeFJkzjmkUSBQbW5htfF+DdYbk9VSOzayjEGaCLgJsRmMtwOHU5W5hOAS+iR
aQMyPfyGubaWMznkAuWiXh2nDBQXe8YrJ3YqPWpcaPTOdKtOCOFL6l0e9MOBFpeE
u+iYeAaMwI937z2FjdRNO3hn+ZpBGFAvQ9kplLIvnGP/v7n7L7xZlxF2Im+zaeEq
-----END CERTIFICATE-----
Generated at Wed Jan 10 13:54:55 2024 by rpki-client on console-ams.rpki-client.org