Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sxGgua93_adJW3UJwK6y6nFboe8.roa
File: sxGgua93_adJW3UJwK6y6nFboe8.roa (raw, json)
Hash identifier: dlt2+nrI6mTN/Zfd40EZELjNvWwkzmlCA3BQ7+zSkzg=
Subject key identifier: B3:11:A0:B9:AF:77:FD:A7:49:5B:75:09:C0:AE:B2:EA:71:5B:A1:EF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01912D2FD726199093850D7576436C4A5B7B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sxGgua93_adJW3UJwK6y6nFboe8.roa
Signing time: Wed 07 Aug 2024 14:13:15 +0000
ROA not before: Wed 07 Aug 2024 14:13:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.58.95.0/24 maxlen: 24
45.8.92.0/24 maxlen: 24
45.88.90.0/24 maxlen: 24
45.128.96.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
84.54.48.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.93.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
93.123.39.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.8.0/24 maxlen: 24
94.156.10.0/24 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.79.0/24 maxlen: 24
109.206.237.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
147.78.103.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.246.223.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
195.178.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Aug 2024 10:20:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2d:2f:d7:26:19:90:93:85:0d:75:76:43:6c:4a:5b:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 7 14:13:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b311a0b9af77fda7495b7509c0aeb2ea715ba1ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d2:bc:08:ca:65:02:a2:dd:0c:be:df:50:26:
8f:01:ce:e8:d1:3b:fb:eb:af:bf:7b:64:93:82:44:
fd:91:86:91:0f:c1:26:80:e3:78:92:88:9f:cc:12:
2a:cb:70:ec:05:4a:0a:35:d3:c3:b3:31:5e:56:2b:
b2:d3:60:03:a5:f7:a0:1f:5b:91:f4:f9:37:e1:91:
5a:92:3f:dc:68:1c:c7:b1:96:2e:c1:ab:c7:96:e1:
d9:65:09:3e:71:b9:10:cf:0a:51:40:06:ef:e1:51:
59:ee:54:b5:6b:0e:fe:b3:ee:0d:16:b5:a8:43:10:
6b:a2:02:2e:46:71:6c:92:9d:d9:c9:3f:b3:16:e7:
eb:6c:4a:81:fe:19:93:69:a3:27:e0:3d:15:fe:8d:
42:27:ff:19:51:f4:51:2f:20:be:68:5d:44:09:44:
b8:48:02:cc:9f:69:7c:76:89:47:e9:d4:b2:ca:bf:
09:65:f7:d9:df:f9:af:c1:9d:2d:21:b3:2e:e0:0d:
0d:3f:b8:94:d7:98:9e:89:90:67:30:2b:12:8a:79:
d6:e8:3d:59:51:3f:0f:1f:19:2d:05:ed:67:29:06:
b7:9a:8b:6d:85:d3:f0:e6:61:2d:ba:a0:2c:14:df:
b3:1f:74:7b:29:9f:0f:68:c3:e9:cc:63:b8:e0:de:
68:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:11:A0:B9:AF:77:FD:A7:49:5B:75:09:C0:AE:B2:EA:71:5B:A1:EF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sxGgua93_adJW3UJwK6y6nFboe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
45.8.92.0/24
45.88.90.0/24
45.128.96.0/24
45.128.232.0/24
45.144.154.0/24
45.151.89.0/24
80.76.51.0/24
81.161.238.0/24
83.219.97.0/24
84.21.174.0/23
84.54.48.0/24
84.54.51.0/24
85.31.47.0/24
87.120.87.0/24
87.120.93.0/24
87.121.45.0/24
87.121.58.0/24
87.121.69.0/24
87.121.221.0/24
92.119.196.0/23
93.123.39.0/24
94.103.124.0/23
94.154.160.0/22
94.156.8.0/24
94.156.10.0/23
94.156.79.0/24
109.206.237.0/24
141.98.1.0/24
141.98.4.0/24
147.78.102.0/23
171.22.72.0/22
178.215.224.0/24
185.216.70.0/24
185.216.84.0/22
185.218.84.0/22
185.246.223.0/24
193.35.18.0/24
193.37.41.0/24
193.37.44.0/24
193.222.96.0/24
194.48.251.0/24
194.55.224.0/24
195.178.110.0/24
Signature Algorithm: sha256WithRSAEncryption
18:4c:06:56:e6:f9:65:3b:d2:14:c6:a5:68:12:d7:be:86:25:
8c:ee:f5:ad:41:90:37:37:42:4f:57:98:b8:77:3c:14:66:8a:
ba:a5:da:e7:2e:65:5c:62:ee:13:d1:35:1a:b8:f5:a1:53:4f:
81:bc:5f:22:9c:b6:03:24:91:47:85:8d:6e:bf:05:02:39:0b:
54:60:89:9d:1b:a5:d3:e6:4b:c9:d0:69:23:c5:2a:5e:ec:02:
28:b1:1b:29:65:84:ed:62:6b:ca:20:53:58:0d:fb:da:15:0c:
7c:38:0c:73:79:fc:52:26:ee:67:63:36:e2:45:5d:fd:ab:07:
23:e7:cc:55:38:f9:50:0a:0a:d9:e3:79:7d:5a:82:ad:78:cc:
f3:7e:6c:f9:ff:f1:75:e7:4b:6d:0c:c1:db:fa:a7:3a:00:40:
d4:6b:1f:1d:b6:2b:2b:7a:a3:bc:50:83:5a:f4:c0:73:a7:f8:
90:99:81:75:6e:2a:c9:8d:e6:64:a5:72:fb:79:75:22:39:a6:
c0:5a:62:b4:9e:bb:40:bf:7b:04:63:ab:fd:1f:2b:59:97:54:
1b:42:0f:4a:ac:75:fc:5f:4f:f2:ff:44:3d:3c:18:98:ab:91:
71:63:e3:2b:32:63:bf:be:40:74:19:f6:a8:25:af:97:11:ed:
4d:3a:39:5f
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgISAZEtL9cmGZCThQ11dkNsSlt7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODA3MTQxMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzExYTBiOWFmNzdmZGE3NDk1Yjc1MDljMGFlYjJlYTcxNWJhMWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstK8CMplAqLdDL7fUCaPAc7o0Tv7
66+/e2STgkT9kYaRD8EmgON4koifzBIqy3DsBUoKNdPDszFeViuy02ADpfegH1uR
9Pk34ZFakj/caBzHsZYuwavHluHZZQk+cbkQzwpRQAbv4VFZ7lS1aw7+s+4NFrWo
QxBrogIuRnFskp3ZyT+zFufrbEqB/hmTaaMn4D0V/o1CJ/8ZUfRRLyC+aF1ECUS4
SALMn2l8dolH6dSyyr8JZffZ3/mvwZ0tIbMu4A0NP7iU15ieiZBnMCsSinnW6D1Z
UT8PHxktBe1nKQa3motthdPw5mEtuqAsFN+zH3R7KZ8PaMPpzGO44N5oKwIDAQAB
o4IDFTCCAxEwHQYDVR0OBBYEFLMRoLmvd/2nSVt1CcCusupxW6HvMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvc3hHZ3VhOTNfYWRKVzNVSndLNnk2bkZib2U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKQYIKwYBBQUHAQcBAf8EggEYMIIBFDCCARAEAgABMIIB
CAMEAAI6XwMEAC0IXAMEAC1YWgMEAC2AYAMEAC2A6AMEAC2QmgMEAC2XWQMEAFBM
MwMEAFGh7gMEAFPbYQMEAVQVrgMEAFQ2MAMEAFQ2MwMEAFUfLwMEAFd4VwMEAFd4
XQMEAFd5LQMEAFd5OgMEAFd5RQMEAFd53QMEAVx3xAMEAF17JwMEAV5nfAMEAl6a
oAMEAF6cCAMEAV6cCgMEAF6cTwMEAG3O7QMEAI1iAQMEAI1iBAMEAZNOZgMEAqsW
SAMEALLX4AMEALnYRgMEArnYVAMEArnaVAMEALn23wMEAMEjEgMEAMElKQMEAMEl
LAMEAMHeYAMEAMIw+wMEAMI34AMEAMOybjANBgkqhkiG9w0BAQsFAAOCAQEAGEwG
Vub5ZTvSFMalaBLXvoYljO71rUGQNzdCT1eYuHc8FGaKuqXa5y5lXGLuE9E1Grj1
oVNPgbxfIpy2AySRR4WNbr8FAjkLVGCJnRul0+ZLydBpI8UqXuwCKLEbKWWE7WJr
yiBTWA372hUMfDgMc3n8UibuZ2M24kVd/asHI+fMVTj5UAoK2eN5fVqCrXjM835s
+f/xdedLbQzB2/qnOgBA1GsfHbYrK3qjvFCDWvTAc6f4kJmBdW4qyY3mZKVy+3l1
IjmmwFpitJ67QL97BGOr/R8rWZdUG0IPSqx1/F9P8v9EPTwYmKuRcWPjKzJjv75A
dBn2qCWvlxHtTTo5Xw==
-----END CERTIFICATE-----
Generated at Thu Aug 8 13:04:23 2024 by rpki-client on console-fra.rpki-client.org