Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vOe5TyaDz-uYSyA2Uh-wUaAjomc.roa
File: vOe5TyaDz-uYSyA2Uh-wUaAjomc.roa (raw, json)
Hash identifier: gGhoQJi8kksb8fOv+H+Hi7uDUvY170Jad3WLw+b0LD8=
Subject key identifier: BC:E7:B9:4F:26:83:CF:EB:98:4B:20:36:52:1F:B0:51:A0:23:A2:67
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019073923087190C89B277FF482C996C463F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vOe5TyaDz-uYSyA2Uh-wUaAjomc.roa
Signing time: Tue 02 Jul 2024 13:11:18 +0000
ROA not before: Tue 02 Jul 2024 13:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.221.120.0/22 maxlen: 24
45.12.255.0/24 maxlen: 24
45.66.229.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
45.81.242.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.33.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.42.32.0/23 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jul 2024 05:04:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:73:92:30:87:19:0c:89:b2:77:ff:48:2c:99:6c:46:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 2 13:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bce7b94f2683cfeb984b2036521fb051a023a267
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:fc:96:fe:07:e4:78:96:9a:6c:39:8d:1d:97:
45:06:71:59:60:95:ea:fe:91:6e:9b:4a:23:f3:a8:
56:1a:e9:b6:68:ae:44:e3:34:e0:fa:4f:4a:5c:cc:
8c:35:57:ae:51:67:06:bb:0e:b2:cb:c6:e1:47:ac:
3a:68:25:96:18:a1:05:8d:57:a0:87:2a:df:7c:a9:
fd:dc:b7:56:34:3f:a7:d3:87:62:e0:30:bb:3f:4a:
64:b6:35:48:d9:1b:43:f6:6f:84:69:cc:cd:8c:da:
64:44:12:dd:5d:f4:e5:dd:82:d5:5c:a0:5d:90:84:
fe:d8:a9:b6:62:4e:19:3a:a9:16:2e:f5:51:b2:f4:
cb:dd:fa:ef:ea:81:d4:11:33:9c:ce:ae:3c:1a:3a:
7a:e8:88:2e:ae:a7:9d:b1:b0:41:76:fb:5f:a6:f5:
73:ed:28:12:e4:bc:3d:7e:ca:a3:d2:32:7a:d1:c9:
f8:0d:ae:b7:e1:9e:5f:11:e4:c1:a6:ad:b1:15:e3:
89:63:df:2a:e2:8d:08:41:c6:bb:fa:9d:43:cc:f9:
bc:f6:c2:df:bd:d2:7e:91:06:09:39:d2:bb:4f:97:
0e:2e:39:c7:d8:47:27:66:0f:1a:00:27:0a:5b:99:
4b:f1:9c:f1:f7:23:77:de:0d:50:31:7d:52:3b:a3:
c2:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:E7:B9:4F:26:83:CF:EB:98:4B:20:36:52:1F:B0:51:A0:23:A2:67
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vOe5TyaDz-uYSyA2Uh-wUaAjomc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.12.255.0/24
45.66.229.0/24
45.81.241.0-45.81.242.255
45.144.152.0-45.144.154.255
45.149.233.0/24
45.151.88.0/23
83.219.97.0/24
84.21.174.0/23
87.120.33.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
94.156.78.0/24
141.98.1.0/24
147.78.102.0/24
171.22.17.0/24
171.22.31.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
193.42.32.0/23
193.149.2.0/23
194.48.248.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
96:aa:e7:f5:32:e4:7c:66:a4:bf:29:0f:83:be:b9:6a:4f:e9:
0d:9b:e1:9a:51:1d:2c:ad:16:a9:39:f0:b3:43:a7:6d:58:b0:
ad:97:ed:5a:d5:2e:e6:ab:b8:6d:ef:1b:30:77:5b:b6:d9:44:
3d:c4:79:52:78:78:f3:8b:df:95:82:09:69:72:3d:20:25:56:
36:0b:0c:88:e6:89:4f:45:e7:ec:ce:2f:87:b2:a5:04:6b:2f:
b5:23:03:39:3c:15:2a:56:9f:dc:2b:6c:3d:fd:d8:4c:88:97:
76:23:b2:99:d9:bd:50:9e:43:f9:63:16:a2:4a:c3:86:7d:df:
8c:1a:a7:2b:44:25:d3:97:ff:b6:af:86:af:86:95:06:b3:f6:
67:f3:b6:31:5a:51:77:ab:e0:0e:4e:7b:f7:0c:63:36:30:6f:
18:d5:7f:57:bb:ed:0e:43:d3:5b:e4:f0:bd:6c:5b:f1:30:4f:
3e:df:06:04:70:60:01:8b:95:32:04:fe:bf:42:ea:cf:9a:2e:
98:a5:9b:d5:38:f5:b1:b0:bd:3b:b3:98:48:70:b6:c3:70:14:
bd:7e:72:8b:12:0e:c6:75:ae:b0:47:f0:f0:4c:b8:7a:31:7d:
12:ec:c4:1d:6a:da:ce:16:89:f6:eb:d6:a9:55:9c:e2:da:a0:
c1:a6:10:d2
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAZBzkjCHGQyJsnf/SCyZbEY/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzAyMTMxMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2U3Yjk0ZjI2ODNjZmViOTg0YjIwMzY1MjFmYjA1MWEwMjNhMjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7vyW/gfkeJaabDmNHZdFBnFZYJXq
/pFum0oj86hWGum2aK5E4zTg+k9KXMyMNVeuUWcGuw6yy8bhR6w6aCWWGKEFjVeg
hyrffKn93LdWND+n04di4DC7P0pktjVI2RtD9m+EaczNjNpkRBLdXfTl3YLVXKBd
kIT+2Km2Yk4ZOqkWLvVRsvTL3frv6oHUETOczq48Gjp66IgurqedsbBBdvtfpvVz
7SgS5Lw9fsqj0jJ60cn4Da634Z5fEeTBpq2xFeOJY98q4o0IQca7+p1DzPm89sLf
vdJ+kQYJOdK7T5cOLjnH2EcnZg8aACcKW5lL8Zzx9yN33g1QMX1SO6PCnwIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFLznuU8mg8/rmEsgNlIfsFGgI6JnMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdk9lNVR5YUR6LXVZU3lBMlVoLXdVYUFqb21jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBxQQCAAEwgb4DBAIl
3XgDBAAtDP8DBAAtQuUwDAMEAC1R8QMEAC1R8jAMAwQDLZCYAwQALZCaAwQALZXp
AwQBLZdYAwQAU9thAwQBVBWuAwQAV3ghAwQAV3hXAwQAV3ktAwQAV3ndAwQBXHfE
AwQCXpqgAwQAXpwLAwQAXpxOAwQAjWIBAwQAk05mAwQAqxYRAwQAqxYfAwQCqxZI
AwQAstfgAwQCudhUAwQCudpUAwQBwSogAwQBwZUCAwQAwjD4AwQAwjfgMA0GCSqG
SIb3DQEBCwUAA4IBAQCWquf1MuR8ZqS/KQ+DvrlqT+kNm+GaUR0srRapOfCzQ6dt
WLCtl+1a1S7mq7ht7xswd1u22UQ9xHlSeHjzi9+Vgglpcj0gJVY2CwyI5olPRefs
zi+HsqUEay+1IwM5PBUqVp/cK2w9/dhMiJd2I7KZ2b1QnkP5YxaiSsOGfd+MGqcr
RCXTl/+2r4avhpUGs/Zn87YxWlF3q+AOTnv3DGM2MG8Y1X9Xu+0OQ9Nb5PC9bFvx
ME8+3wYEcGABi5UyBP6/QurPmi6YpZvVOPWxsL07s5hIcLbDcBS9fnKLEg7Gda6w
R/DwTLh6MX0S7MQdatrOFon269apVZzi2qDBphDS
-----END CERTIFICATE-----
Generated at Wed Jul 3 07:18:22 2024 by rpki-client on console-fra.rpki-client.org