Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yKahRNbx5VBKMjmKcpdNMx9lbEg.roa
File: yKahRNbx5VBKMjmKcpdNMx9lbEg.roa (raw, json)
Hash identifier: l/ogaXxzzqmy2BALp0NDyvrB2t9MC10cwHvXKd4b+WI=
Subject key identifier: C8:A6:A1:44:D6:F1:E5:50:4A:32:39:8A:72:97:4D:33:1F:65:6C:48
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0190EEF7CAC1B92805FD3A864A6594ED8D99
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yKahRNbx5VBKMjmKcpdNMx9lbEg.roa
Signing time: Fri 26 Jul 2024 12:15:35 +0000
ROA not before: Fri 26 Jul 2024 12:15:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.58.95.0/24 maxlen: 24
45.8.92.0/24 maxlen: 24
45.88.90.0/24 maxlen: 24
45.128.96.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
84.54.48.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
93.123.24.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
94.156.10.0/24 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.79.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
147.78.103.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.35.18.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
195.178.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jul 2024 05:55:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ee:f7:ca:c1:b9:28:05:fd:3a:86:4a:65:94:ed:8d:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 26 12:15:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8a6a144d6f1e5504a32398a72974d331f656c48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4b:df:1a:95:90:5f:32:87:51:fd:02:ba:37:
e7:f1:e0:75:35:13:f8:8d:f0:7c:25:c5:60:36:52:
d8:23:7d:49:fb:7c:7a:9e:7c:57:2a:c1:da:5b:05:
31:b1:df:be:4b:ea:2e:a4:ad:ea:bf:28:cf:76:78:
61:7b:09:24:bf:ff:7c:d2:f7:fe:ef:03:6b:93:4e:
8f:5f:f7:02:90:c8:c1:22:82:8f:1b:a8:63:81:76:
0d:ec:b6:51:38:d7:91:58:96:db:14:e4:7b:db:7e:
07:45:3b:87:2c:e7:6e:d7:7c:75:1b:3a:ae:ea:2c:
d4:7a:e3:83:2c:32:40:37:12:e6:2a:58:c3:3d:67:
0f:2b:54:cb:70:76:f5:cb:e2:36:db:21:9c:16:f9:
4b:06:df:61:7f:0f:88:88:5a:08:18:b4:00:5a:28:
af:90:52:d3:c5:cc:d2:e2:11:f6:04:08:f6:17:9f:
ca:a2:9a:e8:2f:33:03:6a:65:30:6f:9c:84:af:38:
82:b3:09:4d:8a:bd:cb:fe:e4:b3:0f:f5:b1:54:03:
61:36:29:d7:e6:70:eb:66:7f:70:5d:f3:ff:88:e2:
6b:d9:1f:ff:78:69:92:9d:84:7a:eb:05:5c:6d:7e:
ff:71:af:a4:6c:0d:a6:2d:94:07:fc:ad:47:11:14:
85:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:A6:A1:44:D6:F1:E5:50:4A:32:39:8A:72:97:4D:33:1F:65:6C:48
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yKahRNbx5VBKMjmKcpdNMx9lbEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
45.8.92.0/24
45.88.90.0/24
45.128.96.0/24
45.128.232.0/24
45.144.154.0/24
45.151.89.0/24
80.76.51.0/24
81.161.238.0/24
83.219.97.0/24
84.21.174.0/23
84.54.48.0/24
84.54.51.0/24
85.31.47.0/24
87.120.87.0/24
87.121.38.0/24
87.121.45.0/24
87.121.58.0/24
87.121.69.0/24
87.121.221.0/24
91.92.16.0/24
92.119.196.0/23
93.123.24.0/24
93.123.39.0/24
94.103.124.0/24
94.154.160.0/22
94.156.2.0/24
94.156.8.0/24
94.156.10.0/23
94.156.79.0/24
141.98.1.0/24
141.98.4.0/24
147.78.102.0/23
171.22.72.0/22
178.215.224.0/24
185.216.70.0/24
185.216.84.0/22
185.218.84.0/22
193.35.18.0/24
193.37.41.0/24
193.37.44.0/24
193.222.96.0/24
194.48.251.0/24
194.55.224.0/24
195.178.110.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:f5:04:6f:d7:12:d5:3e:f8:e7:b5:fd:b5:3a:e4:3c:69:b0:
55:d0:5e:3f:25:61:a1:e0:43:be:07:3b:94:84:9b:11:37:97:
7a:ff:38:d1:c1:36:76:13:97:9a:9e:83:3e:2b:5d:13:c1:18:
8e:5c:b5:52:8e:79:7e:2c:50:0a:57:69:5c:19:f1:b5:c2:ef:
c1:e0:c7:bf:30:d5:83:0e:64:33:2c:8c:9e:d2:32:4e:84:1f:
af:14:1e:8e:a2:92:b9:86:cb:b9:ec:71:f1:6c:19:77:5c:39:
72:7d:78:c2:e6:71:1e:e2:e3:fc:ec:dc:19:a8:b0:ef:8d:c3:
71:f2:ec:5b:97:a9:84:eb:6c:0b:6b:e4:52:74:3e:83:32:5e:
23:4d:b7:86:03:c7:44:90:f2:af:f2:97:f8:eb:dd:01:19:25:
6e:03:17:13:fc:64:d8:e8:24:bf:81:3e:af:f7:3f:e8:e0:7b:
f6:eb:fd:46:4f:09:4d:87:76:57:9c:33:ab:68:99:ec:28:43:
7d:a8:48:e5:a9:40:cd:55:69:4a:b7:61:5d:74:f9:ff:58:76:
68:93:9e:f6:a9:6e:e0:5b:d9:00:5b:18:17:5d:2b:e4:a5:35:
04:0b:4b:21:14:72:8f:ff:99:05:57:29:a0:b3:6b:96:fb:b7:
30:94:14:b6
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAZDu98rBuSgF/TqGSmWU7Y2ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzI2MTIxNTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGE2YTE0NGQ2ZjFlNTUwNGEzMjM5OGE3Mjk3NGQzMzFmNjU2YzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEvfGpWQXzKHUf0Cujfn8eB1NRP4
jfB8JcVgNlLYI31J+3x6nnxXKsHaWwUxsd++S+oupK3qvyjPdnhhewkkv/980vf+
7wNrk06PX/cCkMjBIoKPG6hjgXYN7LZRONeRWJbbFOR7234HRTuHLOdu13x1Gzqu
6izUeuODLDJANxLmKljDPWcPK1TLcHb1y+I22yGcFvlLBt9hfw+IiFoIGLQAWiiv
kFLTxczS4hH2BAj2F5/KoproLzMDamUwb5yErziCswlNir3L/uSzD/WxVANhNinX
5nDrZn9wXfP/iOJr2R//eGmSnYR66wVcbX7/ca+kbA2mLZQH/K1HERSFLQIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFMimoUTW8eVQSjI5inKXTTMfZWxIMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveUthaFJOYng1VkJLTWptS2NwZE5NeDlsYkVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DgMEAAI6XwMEAC0IXAMEAC1YWgMEAC2AYAMEAC2A6AMEAC2QmgMEAC2XWQMEAFBM
MwMEAFGh7gMEAFPbYQMEAVQVrgMEAFQ2MAMEAFQ2MwMEAFUfLwMEAFd4VwMEAFd5
JgMEAFd5LQMEAFd5OgMEAFd5RQMEAFd53QMEAFtcEAMEAVx3xAMEAF17GAMEAF17
JwMEAF5nfAMEAl6aoAMEAF6cAgMEAF6cCAMEAV6cCgMEAF6cTwMEAI1iAQMEAI1i
BAMEAZNOZgMEAqsWSAMEALLX4AMEALnYRgMEArnYVAMEArnaVAMEAMEjEgMEAMEl
KQMEAMElLAMEAMHeYAMEAMIw+wMEAMI34AMEAMOybjANBgkqhkiG9w0BAQsFAAOC
AQEAOvUEb9cS1T7457X9tTrkPGmwVdBePyVhoeBDvgc7lISbETeXev840cE2dhOX
mp6DPitdE8EYjly1Uo55fixQCldpXBnxtcLvweDHvzDVgw5kMyyMntIyToQfrxQe
jqKSuYbLuexx8WwZd1w5cn14wuZxHuLj/OzcGaiw743DcfLsW5ephOtsC2vkUnQ+
gzJeI023hgPHRJDyr/KX+OvdARklbgMXE/xk2Ogkv4E+r/c/6OB79uv9Rk8JTYd2
V5wzq2iZ7ChDfahI5alAzVVpSrdhXXT5/1h2aJOe9qlu4FvZAFsYF10r5KU1BAtL
IRRyj/+ZBVcpoLNrlvu3MJQUtg==
-----END CERTIFICATE-----
Generated at Mon Jul 29 08:16:42 2024 by rpki-client on console-fra.rpki-client.org