Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/scVRpGkYyqrfM1Hyy-PjNnUrnmI.roa
File: scVRpGkYyqrfM1Hyy-PjNnUrnmI.roa (raw, json)
Hash identifier: pgZBD8AJnny9znjtseMzBZPSHIyxgfEKXe2xkFdZt60=
Subject key identifier: B1:C5:51:A4:69:18:CA:AA:DF:33:51:F2:CB:E3:E3:36:75:2B:9E:62
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0190BA55F86D9C25CFB310742C5F5D437786
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/scVRpGkYyqrfM1Hyy-PjNnUrnmI.roa
Signing time: Tue 16 Jul 2024 06:58:34 +0000
ROA not before: Tue 16 Jul 2024 06:58:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.221.120.0/22 maxlen: 24
45.66.229.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
45.81.242.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
84.54.48.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.42.32.0/23 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jul 2024 13:44:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ba:55:f8:6d:9c:25:cf:b3:10:74:2c:5f:5d:43:77:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 16 06:58:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1c551a46918caaadf3351f2cbe3e336752b9e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:06:8d:b6:df:5a:e9:be:b8:76:fe:d0:e2:fe:
8b:36:ff:13:ce:a9:2d:7c:67:2e:78:06:40:c3:2f:
6e:41:f1:f2:b8:28:61:66:5a:c8:3d:ba:2f:cb:b3:
3e:dc:d9:c0:2c:00:e6:39:3e:49:e6:75:6c:c5:43:
da:df:70:dd:2c:5a:db:00:61:df:85:86:81:65:03:
1b:61:72:79:c2:29:11:7d:fd:59:e2:3c:3d:99:30:
72:11:a3:96:5b:66:8a:7a:71:37:56:b6:03:bd:b1:
34:cd:72:e4:11:66:58:1e:12:a6:f0:d7:68:46:33:
aa:98:9a:16:ee:ce:e7:bd:e1:44:0f:7c:fd:c3:5a:
ad:f1:1f:e6:e9:5b:67:d2:48:6a:69:b7:3b:13:66:
f6:7d:e3:b1:5f:d5:a5:7f:7f:f7:d1:91:9c:9f:c2:
f7:15:d4:8e:80:85:8b:5e:ca:13:b7:ca:c0:41:4d:
80:7a:88:c1:38:06:d1:f5:b1:93:71:d8:00:46:90:
bb:f9:a9:77:8a:fd:86:bc:5c:88:ae:de:73:01:3e:
1e:a3:e7:0d:be:2e:77:f4:82:77:fc:8a:60:2e:20:
5d:a6:d9:87:0b:86:b2:5a:24:87:78:9f:4f:40:84:
53:14:58:31:9d:5b:58:96:97:46:d9:a8:32:f5:f0:
c8:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:C5:51:A4:69:18:CA:AA:DF:33:51:F2:CB:E3:E3:36:75:2B:9E:62
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/scVRpGkYyqrfM1Hyy-PjNnUrnmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.66.229.0/24
45.81.241.0-45.81.242.255
45.144.152.0-45.144.154.255
45.149.233.0/24
45.151.88.0/23
81.161.238.0/24
83.219.97.0/24
84.21.174.0/23
84.54.48.0/24
85.31.47.0/24
87.120.87.0/24
87.121.38.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
94.156.78.0/24
141.98.1.0/24
147.78.102.0/24
171.22.17.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
193.42.32.0/23
193.149.2.0/23
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
76:56:a8:df:eb:1d:3a:01:8b:35:d1:29:1f:e1:95:58:f1:3a:
57:67:5e:fe:fa:53:0c:7f:99:be:e7:5e:e1:ba:16:aa:99:52:
b5:4f:e2:16:7e:51:94:6b:3d:51:35:29:4e:9d:81:b1:59:46:
27:16:ce:4c:68:6b:5d:f2:ce:f2:c3:bc:5d:8f:96:b3:48:4b:
0c:90:75:72:60:dc:6c:d2:d6:36:e8:47:aa:f2:1e:6e:cd:27:
d2:3e:f3:56:7f:cc:29:92:0e:63:2e:bf:fe:8a:fa:e7:3c:80:
d7:3b:69:1a:ba:3b:02:41:0c:71:e6:d4:75:98:fd:ef:d0:14:
fe:51:6f:5e:9d:6c:45:e6:6e:18:91:29:07:a1:a6:fe:71:4d:
23:8e:55:07:c6:ce:ef:c8:4d:48:d2:dd:be:3a:67:65:ef:5c:
ea:20:35:93:9e:f6:90:27:f0:78:e5:e3:34:d9:26:40:f9:c4:
10:60:f7:c1:3a:ed:a7:ff:2b:21:98:65:c8:53:e5:53:94:97:
37:30:8c:84:54:52:52:9e:59:5b:ca:e5:c5:bc:5a:8f:e7:9d:
71:67:b6:bc:29:be:79:fd:67:51:e6:56:5f:db:cc:65:90:55:
61:7d:e7:82:a9:5b:c7:50:90:45:ac:e3:2c:0e:74:42:6d:b8:
d9:67:3f:f6
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAZC6VfhtnCXPsxB0LF9dQ3eGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzE2MDY1ODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWM1NTFhNDY5MThjYWFhZGYzMzUxZjJjYmUzZTMzNjc1MmI5ZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6gaNtt9a6b64dv7Q4v6LNv8Tzqkt
fGcueAZAwy9uQfHyuChhZlrIPbovy7M+3NnALADmOT5J5nVsxUPa33DdLFrbAGHf
hYaBZQMbYXJ5wikRff1Z4jw9mTByEaOWW2aKenE3VrYDvbE0zXLkEWZYHhKm8Ndo
RjOqmJoW7s7nveFED3z9w1qt8R/m6Vtn0khqabc7E2b2feOxX9Wlf3/30ZGcn8L3
FdSOgIWLXsoTt8rAQU2AeojBOAbR9bGTcdgARpC7+al3iv2GvFyIrt5zAT4eo+cN
vi539IJ3/IpgLiBdptmHC4ayWiSHeJ9PQIRTFFgxnVtYlpdG2agy9fDI4QIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFLHFUaRpGMqq3zNR8svj4zZ1K55iMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvc2NWUnBHa1l5cXJmTTFIeXktUGpOblVybm1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBxQQCAAEwgb4DBAIl
3XgDBAAtQuUwDAMEAC1R8QMEAC1R8jAMAwQDLZCYAwQALZCaAwQALZXpAwQBLZdY
AwQAUaHuAwQAU9thAwQBVBWuAwQAVDYwAwQAVR8vAwQAV3hXAwQAV3kmAwQAV3kt
AwQAV3ndAwQBXHfEAwQCXpqgAwQAXpwLAwQAXpxOAwQAjWIBAwQAk05mAwQAqxYR
AwQCqxZIAwQAstfgAwQCudhUAwQCudpUAwQBwSogAwQBwZUCAwQAwjfgMA0GCSqG
SIb3DQEBCwUAA4IBAQB2Vqjf6x06AYs10Skf4ZVY8TpXZ17++lMMf5m+517huhaq
mVK1T+IWflGUaz1RNSlOnYGxWUYnFs5MaGtd8s7yw7xdj5azSEsMkHVyYNxs0tY2
6Eeq8h5uzSfSPvNWf8wpkg5jLr/+ivrnPIDXO2kaujsCQQxx5tR1mP3v0BT+UW9e
nWxF5m4YkSkHoab+cU0jjlUHxs7vyE1I0t2+Omdl71zqIDWTnvaQJ/B45eM02SZA
+cQQYPfBOu2n/yshmGXIU+VTlJc3MIyEVFJSnllbyuXFvFqP551xZ7a8Kb55/WdR
5lZf28xlkFVhfeeCqVvHUJBFrOMsDnRCbbjZZz/2
-----END CERTIFICATE-----
Generated at Wed Jul 17 16:55:34 2024 by rpki-client on console-fra.rpki-client.org