Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/q6tOHCjQLz1urp_IV5-8kNa1p7E.roa
File: q6tOHCjQLz1urp_IV5-8kNa1p7E.roa (raw, json)
Hash identifier: +SmCmyiOK8ZGvr9vd0acsEhkFVdzGBOcSEo+C4RjEso=
Subject key identifier: AB:AB:4E:1C:28:D0:2F:3D:6E:AE:9F:C8:57:9F:BC:90:D6:B5:A7:B1
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019112A67781D8D215BDEF781BFB2F443D06
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/q6tOHCjQLz1urp_IV5-8kNa1p7E.roa
Signing time: Fri 02 Aug 2024 10:33:05 +0000
ROA not before: Fri 02 Aug 2024 10:33:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.58.95.0/24 maxlen: 24
45.8.92.0/24 maxlen: 24
45.88.90.0/24 maxlen: 24
45.128.96.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
84.54.48.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.93.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
93.123.39.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.8.0/24 maxlen: 24
94.156.10.0/24 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.79.0/24 maxlen: 24
109.206.237.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
147.78.103.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.35.18.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
195.178.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Aug 2024 14:47:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:a6:77:81:d8:d2:15:bd:ef:78:1b:fb:2f:44:3d:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 2 10:33:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abab4e1c28d02f3d6eae9fc8579fbc90d6b5a7b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9e:c9:76:ca:da:19:17:f2:b9:3a:48:fa:c5:
8d:b2:cb:34:f7:37:c9:a5:5b:bc:20:e2:10:94:29:
c5:c4:cd:8a:7f:a9:b4:73:1c:54:fa:75:9b:a1:cd:
a4:63:b5:65:fe:d8:c9:46:ac:1a:03:d5:30:c9:bb:
5b:3a:6b:d8:6f:5c:7d:e6:1a:c9:3b:78:92:35:11:
d6:06:62:17:9a:59:ca:89:5e:2e:e9:0d:09:4f:27:
a8:f8:e8:da:3c:4f:cc:c6:dc:e3:5c:10:5a:04:9c:
ed:37:d4:2a:ef:00:59:e8:7f:24:a7:b0:bf:1d:ae:
5c:f3:61:13:c3:03:b0:a0:60:7c:d6:d8:49:fc:18:
1c:58:c2:71:ad:cf:76:38:12:d3:d0:37:56:89:18:
e3:a2:e5:63:2d:49:08:21:3b:94:b0:5a:3b:6e:21:
1d:f3:8e:e7:7b:41:eb:a0:15:f8:4b:a2:50:e5:31:
d4:b0:4d:19:d4:7c:f2:20:25:93:92:9c:c4:db:75:
e8:92:0e:39:4c:e8:7e:80:79:25:a9:6c:15:4e:1e:
5c:4e:61:3a:31:21:5c:57:25:87:73:55:0b:3e:d1:
df:04:be:8c:e8:99:14:9a:70:87:d7:fc:a4:70:df:
84:0f:20:46:26:40:57:5a:86:21:f6:0c:6b:52:3b:
50:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:AB:4E:1C:28:D0:2F:3D:6E:AE:9F:C8:57:9F:BC:90:D6:B5:A7:B1
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/q6tOHCjQLz1urp_IV5-8kNa1p7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
45.8.92.0/24
45.88.90.0/24
45.128.96.0/24
45.128.232.0/24
45.144.154.0/24
45.151.89.0/24
80.76.51.0/24
81.161.238.0/24
83.219.97.0/24
84.21.174.0/23
84.54.48.0/24
84.54.51.0/24
85.31.47.0/24
87.120.87.0/24
87.120.93.0/24
87.121.45.0/24
87.121.58.0/24
87.121.69.0/24
87.121.221.0/24
92.119.196.0/23
93.123.39.0/24
94.103.124.0/23
94.154.160.0/22
94.156.8.0/24
94.156.10.0/23
94.156.79.0/24
109.206.237.0/24
141.98.1.0/24
141.98.4.0/24
147.78.102.0/23
171.22.72.0/22
178.215.224.0/24
185.216.70.0/24
185.216.84.0/22
185.218.84.0/22
193.35.18.0/24
193.37.41.0/24
193.37.44.0/24
193.222.96.0/24
194.48.251.0/24
194.55.224.0/24
195.178.110.0/24
Signature Algorithm: sha256WithRSAEncryption
11:f3:38:24:c1:1e:79:93:0e:6e:81:89:78:59:9d:71:bb:a2:
55:cf:0d:0d:fd:a9:15:35:ed:c7:5e:37:20:69:02:50:70:34:
12:ee:4a:95:5e:97:1d:73:6c:87:bd:70:71:b4:b6:15:cf:42:
30:4b:99:a9:fe:55:26:d0:d7:db:3f:41:63:ae:16:9b:c7:92:
d4:ce:e4:74:1f:e0:0e:eb:52:b9:50:5a:51:78:33:0a:08:c9:
5d:95:b2:18:b1:a4:76:81:da:b0:e3:21:8c:78:46:1e:d7:47:
7c:78:dd:d3:39:56:c9:b7:24:72:66:ed:43:21:f0:95:60:26:
8f:06:d4:4b:cc:43:0b:41:f3:dc:99:e9:17:1d:78:85:2d:5f:
4f:59:9e:f3:3a:83:4d:4b:cb:13:19:d1:4c:6b:55:ea:30:5d:
68:ad:05:02:fe:f8:d2:2e:9f:85:89:ba:eb:8e:c2:3c:21:73:
99:76:a8:30:97:67:e4:c5:1d:f7:8e:1d:85:23:d7:f6:4e:85:
d7:d7:f9:a7:3a:3d:0c:55:02:83:77:ba:9e:04:00:87:3e:1f:
30:d5:5b:43:62:e6:9d:f2:8c:6c:a9:dc:2a:57:b0:68:55:13:
c6:e9:cc:73:b9:c2:b6:44:28:d7:c5:3a:2b:7f:2b:fd:e7:9c:
6d:62:fb:f2
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAZESpneB2NIVve94G/svRD0GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODAyMTAzMzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmFiNGUxYzI4ZDAyZjNkNmVhZTlmYzg1NzlmYmM5MGQ2YjVhN2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu57JdsraGRfyuTpI+sWNsss09zfJ
pVu8IOIQlCnFxM2Kf6m0cxxU+nWboc2kY7Vl/tjJRqwaA9UwybtbOmvYb1x95hrJ
O3iSNRHWBmIXmlnKiV4u6Q0JTyeo+OjaPE/MxtzjXBBaBJztN9Qq7wBZ6H8kp7C/
Ha5c82ETwwOwoGB81thJ/BgcWMJxrc92OBLT0DdWiRjjouVjLUkIITuUsFo7biEd
847ne0HroBX4S6JQ5THUsE0Z1HzyICWTkpzE23Xokg45TOh+gHklqWwVTh5cTmE6
MSFcVyWHc1ULPtHfBL6M6JkUmnCH1/ykcN+EDyBGJkBXWoYh9gxrUjtQ5wIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFKurThwo0C89bq6fyFefvJDWtaexMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcTZ0T0hDalFMejF1cnBfSVY1LThrTmExcDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCCAQoEAgABMIIB
AgMEAAI6XwMEAC0IXAMEAC1YWgMEAC2AYAMEAC2A6AMEAC2QmgMEAC2XWQMEAFBM
MwMEAFGh7gMEAFPbYQMEAVQVrgMEAFQ2MAMEAFQ2MwMEAFUfLwMEAFd4VwMEAFd4
XQMEAFd5LQMEAFd5OgMEAFd5RQMEAFd53QMEAVx3xAMEAF17JwMEAV5nfAMEAl6a
oAMEAF6cCAMEAV6cCgMEAF6cTwMEAG3O7QMEAI1iAQMEAI1iBAMEAZNOZgMEAqsW
SAMEALLX4AMEALnYRgMEArnYVAMEArnaVAMEAMEjEgMEAMElKQMEAMElLAMEAMHe
YAMEAMIw+wMEAMI34AMEAMOybjANBgkqhkiG9w0BAQsFAAOCAQEAEfM4JMEeeZMO
boGJeFmdcbuiVc8NDf2pFTXtx143IGkCUHA0Eu5KlV6XHXNsh71wcbS2Fc9CMEuZ
qf5VJtDX2z9BY64Wm8eS1M7kdB/gDutSuVBaUXgzCgjJXZWyGLGkdoHasOMhjHhG
HtdHfHjd0zlWybckcmbtQyHwlWAmjwbUS8xDC0Hz3JnpFx14hS1fT1me8zqDTUvL
ExnRTGtV6jBdaK0FAv740i6fhYm6647CPCFzmXaoMJdn5MUd944dhSPX9k6F19f5
pzo9DFUCg3e6ngQAhz4fMNVbQ2LmnfKMbKncKlewaFUTxunMc7nCtkQo18U6K38r
/eecbWL78g==
-----END CERTIFICATE-----
Generated at Mon Aug 5 17:11:46 2024 by rpki-client on console-fra.rpki-client.org