Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yoCxyOTt4yiy-sz85ISoLHSqRN8.roa
File: yoCxyOTt4yiy-sz85ISoLHSqRN8.roa (raw, json)
Hash identifier: zJ205UlqqPUWs1xGzCKQhLqu0spt9ZEeNBe9TsYC1nc=
Subject key identifier: CA:80:B1:C8:E4:ED:E3:28:B2:FA:CC:FC:E4:84:A8:2C:74:AA:44:DF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018FF19FF29BD16B1527C29AB3861B0628AA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yoCxyOTt4yiy-sz85ISoLHSqRN8.roa
Signing time: Fri 07 Jun 2024 07:35:42 +0000
ROA not before: Fri 07 Jun 2024 07:35:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.221.120.0/22 maxlen: 24
45.81.241.0/24 maxlen: 24
45.81.242.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.86.0/23 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.42.32.0/23 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Jun 2024 09:19:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f1:9f:f2:9b:d1:6b:15:27:c2:9a:b3:86:1b:06:28:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 7 07:35:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca80b1c8e4ede328b2faccfce484a82c74aa44df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:7e:ce:44:7f:84:7c:73:d9:a0:cb:6d:43:2f:
76:17:d3:bd:71:b0:ad:8f:7d:6e:81:e5:e3:4a:9a:
1b:09:b9:f6:18:ec:b4:10:64:b7:e4:1c:0e:4e:ff:
a1:56:4b:e2:80:a4:62:62:59:60:66:b1:70:67:ea:
c6:12:39:4a:3d:dc:04:17:be:49:87:44:d2:0f:15:
42:10:e8:63:1b:a0:1f:09:fb:30:21:da:2d:03:4b:
24:7c:6a:50:f3:bc:70:5b:72:3f:1f:96:4a:68:83:
3c:b7:28:2c:9d:4f:f4:ae:39:2e:c1:bd:23:52:cc:
e8:f0:a8:4e:23:c6:7a:42:99:10:bb:da:41:3d:ec:
c8:e5:7a:68:c6:e5:6d:a0:ae:2c:0d:69:c0:5d:56:
88:9e:f3:6f:b1:c7:5b:64:58:e2:fd:8b:a9:f8:31:
16:c9:e6:63:3f:f7:3d:1b:2a:ca:26:6a:36:6c:2e:
b6:e3:0a:22:58:8b:99:b5:7c:1a:6e:92:e0:c1:2b:
0c:96:51:73:36:bb:88:81:7a:37:f1:d6:2a:f9:33:
bb:5b:95:58:d8:e6:e9:cb:80:15:5a:0e:07:4a:57:
c6:37:84:9b:5d:27:33:a2:37:e5:5e:dc:b6:95:73:
f9:30:e8:e2:bf:2e:df:64:d4:a7:85:6e:c3:b4:f7:
f5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:80:B1:C8:E4:ED:E3:28:B2:FA:CC:FC:E4:84:A8:2C:74:AA:44:DF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yoCxyOTt4yiy-sz85ISoLHSqRN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.81.241.0-45.81.242.255
45.88.88.0/24
45.144.152.0-45.144.154.255
45.149.233.0/24
45.151.88.0-45.151.90.255
83.219.97.0/24
84.21.174.0/23
87.120.87.0/24
87.121.45.0/24
87.121.86.0/23
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
95.214.25.0-95.214.26.255
141.98.1.0/24
147.78.102.0/24
171.22.17.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
193.42.32.0/23
193.149.2.0/23
194.48.248.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
52:99:23:79:69:cb:de:3b:50:2d:86:15:49:74:e0:fc:1f:61:
61:a5:98:cc:0e:52:24:7f:f9:16:d7:72:49:d1:81:e0:e1:79:
a3:60:38:5b:e6:9e:bd:a5:03:c7:c4:db:20:c0:f5:a7:76:2d:
a6:58:f6:4d:35:08:37:d9:a0:c5:23:99:b5:e4:f1:a7:ce:5a:
a5:a6:4d:cd:2f:e0:18:1e:8f:2c:9a:39:4b:f2:d8:20:ed:2f:
0d:8c:23:ed:58:0c:62:7d:21:e7:e6:f8:19:36:0a:be:d1:01:
6e:fb:55:cc:b4:3f:30:80:62:00:e3:be:bd:0f:3b:bc:74:af:
7e:96:0b:1d:83:b0:55:4b:a1:a1:b2:18:a6:7a:a6:d0:7c:c3:
b4:be:2c:2c:4b:f2:8e:f6:d7:d6:83:96:23:84:af:52:6f:b4:
8f:7b:7b:0d:bf:78:fc:0c:f7:e4:b2:2d:06:df:37:67:5c:0b:
88:86:d0:60:00:44:3e:23:25:03:39:4b:0c:e5:7e:ae:c7:a0:
82:f8:ac:ea:24:17:df:02:da:f5:00:7c:b3:14:c2:33:e3:a4:
52:99:b8:59:f9:30:58:02:0a:bd:7d:e4:3f:0f:c7:d4:56:39:
5c:47:02:b5:c5:76:d5:f4:61:c6:bc:3e:8a:c8:ab:55:55:74:
03:91:ed:ca
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAY/xn/Kb0WsVJ8Kas4YbBiiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjA3MDczNTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTgwYjFjOGU0ZWRlMzI4YjJmYWNjZmNlNDg0YTgyYzc0YWE0NGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0n7ORH+EfHPZoMttQy92F9O9cbCt
j31ugeXjSpobCbn2GOy0EGS35BwOTv+hVkvigKRiYllgZrFwZ+rGEjlKPdwEF75J
h0TSDxVCEOhjG6AfCfswIdotA0skfGpQ87xwW3I/H5ZKaIM8tygsnU/0rjkuwb0j
Uszo8KhOI8Z6QpkQu9pBPezI5XpoxuVtoK4sDWnAXVaInvNvscdbZFji/Yup+DEW
yeZjP/c9GyrKJmo2bC624woiWIuZtXwabpLgwSsMllFzNruIgXo38dYq+TO7W5VY
2Obpy4AVWg4HSlfGN4SbXSczojflXty2lXP5MOjivy7fZNSnhW7DtPf1YwIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFMqAscjk7eMosvrM/OSEqCx0qkTfMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveW9DeHlPVHQ0eWl5LXN6ODVJU29MSFNxUk44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIDBAIl
3XgwDAMEAC1R8QMEAC1R8gMEAC1YWDAMAwQDLZCYAwQALZCaAwQALZXpMAwDBAMt
l1gDBAAtl1oDBABT22EDBAFUFa4DBABXeFcDBABXeS0DBAFXeVYDBABXed0DBAFc
d8QDBAJemqADBABenAswDAMEAF/WGQMEAF/WGgMEAI1iAQMEAJNOZgMEAKsWEQME
AqsWSAMEALLX4AMEArnYVAMEArnaVAMEAcEqIAMEAcGVAgMEAMIw+AMEAMI34DAN
BgkqhkiG9w0BAQsFAAOCAQEAUpkjeWnL3jtQLYYVSXTg/B9hYaWYzA5SJH/5Ftdy
SdGB4OF5o2A4W+aevaUDx8TbIMD1p3Ytplj2TTUIN9mgxSOZteTxp85apaZNzS/g
GB6PLJo5S/LYIO0vDYwj7VgMYn0h5+b4GTYKvtEBbvtVzLQ/MIBiAOO+vQ87vHSv
fpYLHYOwVUuhobIYpnqm0HzDtL4sLEvyjvbX1oOWI4SvUm+0j3t7Db94/Az35LIt
Bt83Z1wLiIbQYABEPiMlAzlLDOV+rseggvis6iQX3wLa9QB8sxTCM+OkUpm4Wfkw
WAIKvX3kPw/H1FY5XEcCtcV21fRhxrw+isirVVV0A5Htyg==
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:48:47 2024 by rpki-client on console-ams.rpki-client.org