Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yOM1Ec6CMKiU4YaqwlwszLx0CF0.roa
File: yOM1Ec6CMKiU4YaqwlwszLx0CF0.roa (raw, json)
Hash identifier: jDlwJUG+3SU71wRhQRWyG4hp8+R27PUpUocofMxajcc=
Subject key identifier: C8:E3:35:11:CE:82:30:A8:94:E1:86:AA:C2:5C:2C:CC:BC:74:08:5D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019053AEACDB46003AF4E3791F10A7258CA5
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yOM1Ec6CMKiU4YaqwlwszLx0CF0.roa
Signing time: Wed 26 Jun 2024 08:34:34 +0000
ROA not before: Wed 26 Jun 2024 08:34:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.221.120.0/22 maxlen: 24
45.66.229.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
45.81.242.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.149.243.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
82.115.211.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.33.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.162.0/24 maxlen: 24
193.42.32.0/23 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Jun 2024 10:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:53:ae:ac:db:46:00:3a:f4:e3:79:1f:10:a7:25:8c:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 26 08:34:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8e33511ce8230a894e186aac25c2cccbc74085d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:49:64:41:5c:c6:11:2e:39:4b:21:24:60:c5:
4b:cd:34:83:84:92:e9:1c:b6:3a:cb:03:05:79:58:
cb:11:ff:2c:94:69:ab:9f:57:13:87:af:50:63:47:
e6:23:85:5e:f4:c0:96:57:8b:22:46:f6:fe:33:84:
0e:97:87:a4:b9:a7:ce:59:4d:f6:d0:02:30:76:d1:
e7:0e:1e:d0:33:f6:c6:a1:92:65:c3:f9:d6:30:6f:
c0:a8:01:d9:45:94:68:69:a2:bb:1e:50:29:84:16:
5e:44:bb:be:1b:5f:c3:69:79:2c:72:c0:35:00:8f:
7c:17:f7:a7:1e:aa:fa:80:98:5b:55:00:f5:da:ca:
67:01:69:fa:8b:46:8e:61:35:08:3c:d8:e6:fb:34:
79:59:2a:57:e8:7f:5f:9d:86:51:13:db:6d:68:96:
47:d6:bd:15:c0:e5:ee:16:2d:57:10:1d:32:ba:11:
a3:79:cb:4c:3a:b6:6b:d1:10:15:7a:ea:db:ad:0b:
2d:4e:87:6b:38:89:0a:e2:9a:8c:47:d4:e4:9a:d5:
2c:e0:62:5f:cf:dd:05:3b:5f:a5:98:9c:ce:78:f0:
56:25:35:10:6a:99:90:dd:b2:16:65:83:d5:31:41:
11:50:b1:22:97:96:10:a5:f8:c0:38:ea:45:ba:d1:
43:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:E3:35:11:CE:82:30:A8:94:E1:86:AA:C2:5C:2C:CC:BC:74:08:5D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yOM1Ec6CMKiU4YaqwlwszLx0CF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.66.229.0/24
45.81.241.0-45.81.242.255
45.88.64.0/24
45.88.88.0/24
45.144.152.0-45.144.154.255
45.149.233.0/24
45.149.243.0/24
45.151.88.0/23
82.115.211.0/24
83.219.97.0/24
84.21.174.0/23
87.120.33.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
94.156.78.0/24
95.214.25.0-95.214.26.255
141.98.1.0/24
147.78.102.0/24
171.22.17.0/24
171.22.31.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
185.222.162.0/24
193.42.32.0/23
193.149.2.0/23
194.48.248.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
57:f4:f7:c0:80:17:30:78:c6:f1:65:e3:99:75:c0:f5:51:20:
b4:24:92:84:a0:85:51:7b:67:7b:d8:a8:a5:51:d6:b4:89:c5:
4f:0f:3c:27:9e:02:58:09:90:1a:ef:ef:b1:38:ca:4b:17:4d:
ea:45:46:f6:4f:56:10:1f:6c:b4:0f:56:25:0d:a5:40:4b:e0:
a1:d2:13:f0:e7:8d:f7:11:44:49:00:f2:48:ce:a5:1b:0d:6a:
6c:26:dd:86:19:79:28:22:10:84:1d:fd:bd:af:04:e2:81:b4:
ea:f9:62:0e:97:1b:15:19:e9:a2:2d:b1:d2:3d:a7:91:44:fc:
43:c2:f8:31:1a:32:9e:88:13:5e:eb:30:fb:34:85:86:fe:22:
0f:ca:bb:35:d0:f3:94:6c:c5:d1:80:b6:a6:71:18:df:cd:c2:
6f:84:0e:68:8d:6f:f3:95:33:d2:45:a1:8d:e9:3f:53:78:9c:
c7:0e:94:85:6d:f7:da:6e:b2:33:08:5d:29:22:14:84:29:e7:
94:55:ab:ae:bb:61:8d:00:de:38:67:70:c5:63:f4:ea:a9:bd:
b1:39:f0:54:f8:50:bc:95:e5:5f:f3:ef:d3:f6:c5:92:2d:55:
46:d5:5a:d6:18:c7:a2:37:16:bb:93:6e:9f:fe:ca:2d:06:6a:
99:ac:64:6f
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAZBTrqzbRgA69ON5HxCnJYylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjI2MDgzNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGUzMzUxMWNlODIzMGE4OTRlMTg2YWFjMjVjMmNjY2JjNzQwODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUlkQVzGES45SyEkYMVLzTSDhJLp
HLY6ywMFeVjLEf8slGmrn1cTh69QY0fmI4Ve9MCWV4siRvb+M4QOl4ekuafOWU32
0AIwdtHnDh7QM/bGoZJlw/nWMG/AqAHZRZRoaaK7HlAphBZeRLu+G1/DaXkscsA1
AI98F/enHqr6gJhbVQD12spnAWn6i0aOYTUIPNjm+zR5WSpX6H9fnYZRE9ttaJZH
1r0VwOXuFi1XEB0yuhGjectMOrZr0RAVeurbrQstTodrOIkK4pqMR9TkmtUs4GJf
z90FO1+lmJzOePBWJTUQapmQ3bIWZYPVMUERULEil5YQpfjAOOpFutFDEwIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFMjjNRHOgjColOGGqsJcLMy8dAhdMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveU9NMUVjNkNNS2lVNFlhcXdsd3N6THgwQ0YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkAwQC
Jd14AwQALULlMAwDBAAtUfEDBAAtUfIDBAAtWEADBAAtWFgwDAMEAy2QmAMEAC2Q
mgMEAC2V6QMEAC2V8wMEAS2XWAMEAFJz0wMEAFPbYQMEAVQVrgMEAFd4IQMEAFd4
VwMEAFd5LQMEAFd53QMEAVx3xAMEAl6aoAMEAF6cCwMEAF6cTjAMAwQAX9YZAwQA
X9YaAwQAjWIBAwQAk05mAwQAqxYRAwQAqxYfAwQCqxZIAwQAstfgAwQCudhUAwQC
udpUAwQAud6iAwQBwSogAwQBwZUCAwQAwjD4AwQAwjfgMA0GCSqGSIb3DQEBCwUA
A4IBAQBX9PfAgBcweMbxZeOZdcD1USC0JJKEoIVRe2d72KilUda0icVPDzwnngJY
CZAa7++xOMpLF03qRUb2T1YQH2y0D1YlDaVAS+Ch0hPw5433EURJAPJIzqUbDWps
Jt2GGXkoIhCEHf29rwTigbTq+WIOlxsVGemiLbHSPaeRRPxDwvgxGjKeiBNe6zD7
NIWG/iIPyrs10POUbMXRgLamcRjfzcJvhA5ojW/zlTPSRaGN6T9TeJzHDpSFbffa
brIzCF0pIhSEKeeUVauuu2GNAN44Z3DFY/Tqqb2xOfBU+FC8leVf8+/T9sWSLVVG
1VrWGMeiNxa7k26f/sotBmqZrGRv
-----END CERTIFICATE-----
Generated at Wed Jun 26 15:26:58 2024 by rpki-client on console-fra.rpki-client.org