Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sQBvkLlGXJI-KZxrve0Pe2KKslI.roa
File: sQBvkLlGXJI-KZxrve0Pe2KKslI.roa (raw, json)
Hash identifier: D8PjrR2CK/VNy5tKrh4CzelUTpLwkNhXuAIZgE3SeqA=
Subject key identifier: B1:00:6F:90:B9:46:5C:92:3E:29:9C:6B:BD:ED:0F:7B:62:8A:B2:52
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01900D162AA69672E12198C532712BE786CD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sQBvkLlGXJI-KZxrve0Pe2KKslI.roa
Signing time: Wed 12 Jun 2024 15:34:34 +0000
ROA not before: Wed 12 Jun 2024 15:34:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.221.120.0/22 maxlen: 24
45.66.229.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
45.81.242.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.149.242.0/24 maxlen: 24
45.149.243.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.86.0/23 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.42.32.0/23 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Jun 2024 05:17:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0d:16:2a:a6:96:72:e1:21:98:c5:32:71:2b:e7:86:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 12 15:34:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1006f90b9465c923e299c6bbded0f7b628ab252
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4e:41:b4:47:67:85:b4:37:4f:18:e4:25:e2:
fc:b1:ea:e9:88:3a:b8:c1:59:7b:a1:d4:fa:b0:85:
40:ca:6a:66:a5:db:c9:62:dd:14:37:74:af:68:33:
ef:8b:fc:30:e6:83:a9:f9:2f:0d:fd:61:6b:74:f8:
ba:23:db:72:3d:60:88:13:31:c3:1d:e8:c9:1b:4e:
69:cc:8b:51:6e:75:cf:f9:68:f1:37:ab:c2:05:d0:
dd:55:1b:1f:57:6b:1c:28:62:cc:e1:5b:c3:ac:fe:
f2:92:c0:37:c4:d8:c5:32:d4:2d:a1:1f:97:fd:b9:
4e:94:de:1e:f4:cd:88:ba:83:29:fd:9c:f5:a5:c0:
ab:44:c0:64:b1:a7:53:a9:5c:58:a0:51:8f:b6:50:
b6:91:40:7b:a1:7c:06:8b:85:4a:49:cb:f7:0c:ac:
16:be:24:18:5f:56:c0:a4:ff:48:f0:48:76:1b:a7:
a8:f7:e5:b2:32:ae:0f:32:f9:14:9a:3e:db:e2:98:
64:f8:93:b4:77:aa:a8:d1:10:36:1b:ad:4f:73:4c:
e9:ec:9f:fd:49:40:92:9a:23:56:ed:6a:bc:f0:26:
e0:5d:21:60:74:a3:fa:2e:73:d8:18:a8:b0:92:a7:
5a:79:2a:3f:24:86:41:4f:65:c8:7e:36:c4:7e:76:
55:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:00:6F:90:B9:46:5C:92:3E:29:9C:6B:BD:ED:0F:7B:62:8A:B2:52
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sQBvkLlGXJI-KZxrve0Pe2KKslI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.66.229.0/24
45.81.241.0-45.81.242.255
45.88.88.0/24
45.144.152.0-45.144.154.255
45.149.233.0/24
45.149.242.0/23
45.151.88.0/23
83.219.97.0/24
84.21.174.0/23
87.120.87.0/24
87.121.45.0/24
87.121.86.0/23
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
95.214.25.0-95.214.26.255
141.98.1.0/24
147.78.102.0/24
171.22.17.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
193.42.32.0/23
193.149.2.0/23
194.48.248.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:06:1c:97:aa:d3:32:57:d4:ec:1d:79:bb:cd:8b:2f:aa:26:
54:d2:3f:5a:aa:9d:92:ec:69:28:a3:2e:a0:d3:26:d6:d5:44:
3c:03:3f:7e:82:9e:5b:6a:b1:f4:af:2b:d5:9c:9f:50:49:7a:
1d:6f:ec:b9:fa:94:07:42:2c:db:02:7a:06:3f:20:c3:bc:9c:
fe:b2:a9:ff:8a:ec:64:e7:d7:52:ee:6e:2b:33:a5:a2:42:c7:
a9:26:bf:57:53:a0:b0:69:56:eb:50:d2:bd:a4:41:38:5a:09:
42:f0:f2:bc:54:a9:6b:c3:d4:e5:f5:ca:5f:65:33:85:7b:45:
6a:df:7d:f5:eb:c1:2e:9f:46:db:e3:af:fc:cd:5a:c9:e8:f0:
43:e9:ca:d2:33:e3:8e:56:14:1c:1f:0c:76:22:30:c4:16:47:
7e:7c:42:b2:08:ee:77:4a:a8:99:92:23:87:43:eb:d6:33:2e:
89:5b:06:f1:01:68:00:5f:46:ad:ed:b5:d0:da:cb:22:ac:c1:
2b:f4:df:5e:1b:ec:35:4a:8c:72:78:54:43:1a:a3:a1:ca:b7:
e0:d8:28:15:0c:45:c7:45:35:50:59:42:ab:c2:17:b1:d7:22:
cc:14:62:b8:d2:a8:40:6e:6d:9d:9c:26:dc:26:c4:ea:31:d3:
3c:99:a9:87
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAZANFiqmlnLhIZjFMnEr54bNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjEyMTUzNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTAwNmY5MGI5NDY1YzkyM2UyOTljNmJiZGVkMGY3YjYyOGFiMjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApE5BtEdnhbQ3TxjkJeL8serpiDq4
wVl7odT6sIVAympmpdvJYt0UN3SvaDPvi/ww5oOp+S8N/WFrdPi6I9tyPWCIEzHD
HejJG05pzItRbnXP+WjxN6vCBdDdVRsfV2scKGLM4VvDrP7yksA3xNjFMtQtoR+X
/blOlN4e9M2IuoMp/Zz1pcCrRMBksadTqVxYoFGPtlC2kUB7oXwGi4VKScv3DKwW
viQYX1bApP9I8Eh2G6eo9+WyMq4PMvkUmj7b4phk+JO0d6qo0RA2G61Pc0zp7J/9
SUCSmiNW7Wq88CbgXSFgdKP6LnPYGKiwkqdaeSo/JIZBT2XIfjbEfnZVXQIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFLEAb5C5RlySPimca73tD3tiirJSMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvc1FCdmtMbEdYSkktS1p4cnZlMFBlMktLc2xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBzQQCAAEwgcYDBAIl
3XgDBAAtQuUwDAMEAC1R8QMEAC1R8gMEAC1YWDAMAwQDLZCYAwQALZCaAwQALZXp
AwQBLZXyAwQBLZdYAwQAU9thAwQBVBWuAwQAV3hXAwQAV3ktAwQBV3lWAwQAV3nd
AwQBXHfEAwQCXpqgAwQAXpwLMAwDBABf1hkDBABf1hoDBACNYgEDBACTTmYDBACr
FhEDBAKrFkgDBACy1+ADBAK52FQDBAK52lQDBAHBKiADBAHBlQIDBADCMPgDBADC
N+AwDQYJKoZIhvcNAQELBQADggEBALEGHJeq0zJX1OwdebvNiy+qJlTSP1qqnZLs
aSijLqDTJtbVRDwDP36CnltqsfSvK9Wcn1BJeh1v7Ln6lAdCLNsCegY/IMO8nP6y
qf+K7GTn11LubiszpaJCx6kmv1dToLBpVutQ0r2kQThaCULw8rxUqWvD1OX1yl9l
M4V7RWrfffXrwS6fRtvjr/zNWsno8EPpytIz445WFBwfDHYiMMQWR358QrII7ndK
qJmSI4dD69YzLolbBvEBaABfRq3ttdDayyKswSv0314b7DVKjHJ4VEMao6HKt+DY
KBUMRcdFNVBZQqvCF7HXIswUYrjSqEBubZ2cJtwmxOox0zyZqYc=
-----END CERTIFICATE-----
Generated at Tue Jun 18 06:40:40 2024 by rpki-client on console-fra.rpki-client.org