Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/22WTR9wWr1S_lRYn0LOb2oDc4A8.roa
File: 22WTR9wWr1S_lRYn0LOb2oDc4A8.roa (raw, json)
Hash identifier: wKZNucy5LfxQIcQVvNSt0iLPNw9OP5LvRIdlncJ4BQ4=
Subject key identifier: DB:65:93:47:DC:16:AF:54:BF:95:16:27:D0:B3:9B:DA:80:DC:E0:0F
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018E08D48517B512117E423756D5BB5DD8AE
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/22WTR9wWr1S_lRYn0LOb2oDc4A8.roa
Signing time: Mon 04 Mar 2024 09:38:49 +0000
ROA not before: Mon 04 Mar 2024 09:38:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 37.77.147.0/24 maxlen: 24
37.140.221.0/24 maxlen: 24
45.90.197.0/24 maxlen: 24
45.93.22.0/24 maxlen: 24
62.233.44.0/24 maxlen: 24
91.132.226.0/24 maxlen: 24
193.109.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Mar 2024 14:13:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:08:d4:85:17:b5:12:11:7e:42:37:56:d5:bb:5d:d8:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Mar 4 09:38:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db659347dc16af54bf951627d0b39bda80dce00f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b9:a1:5c:54:66:51:54:b8:07:fd:af:c2:89:
77:cf:f6:be:74:72:83:96:c1:7f:d8:ca:cb:83:29:
25:7c:4b:9a:f4:b3:fc:40:ad:31:b3:e3:35:14:de:
26:75:9e:3d:e5:a4:0a:74:af:47:fb:d9:c8:5e:a4:
6b:20:f3:74:82:21:b0:13:51:11:d8:ae:7a:78:d4:
80:05:4e:38:a9:9f:96:1f:4e:62:17:d9:f3:bb:b8:
8d:e9:1c:f1:40:0b:c4:e8:1f:6f:ab:fe:76:a5:07:
92:06:e8:1f:8d:10:c8:1c:84:e2:17:21:5a:2d:78:
39:95:a0:79:56:ea:17:d7:a0:1c:1a:e1:56:24:fe:
1a:37:56:fa:cb:86:fd:3f:5c:ab:66:d0:89:d6:fb:
3a:eb:f1:1b:d0:bd:3d:a3:66:13:b3:c0:99:e5:fe:
55:cf:1c:dd:66:f0:50:e2:81:64:8f:ed:3b:0b:84:
6c:0c:f3:c8:e9:8b:a1:8e:36:9e:2e:9f:91:49:c4:
39:c2:84:aa:b0:07:a1:ab:99:81:1a:40:ed:20:3f:
22:54:38:77:f0:51:92:83:a7:4f:bf:55:9a:0f:5a:
10:a3:36:49:ae:af:54:e4:9f:66:a4:67:06:ea:d0:
b9:b7:9b:a9:d9:a0:52:f6:79:76:65:ed:4e:c7:07:
c1:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:65:93:47:DC:16:AF:54:BF:95:16:27:D0:B3:9B:DA:80:DC:E0:0F
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/22WTR9wWr1S_lRYn0LOb2oDc4A8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.147.0/24
37.140.221.0/24
45.90.197.0/24
45.93.22.0/24
62.233.44.0/24
91.132.226.0/24
193.109.213.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:fd:8b:54:ca:64:c4:f1:ad:ab:26:b7:2a:d4:ef:3b:46:3f:
43:bc:ff:a7:a4:1f:15:fd:81:6c:ad:34:fb:f7:fe:2f:cd:26:
91:9a:5d:cb:ae:9c:d4:90:f4:f2:16:d1:b7:78:ef:fe:43:11:
22:00:6b:a7:3e:32:28:ce:97:07:12:91:13:47:8d:24:e3:cd:
59:de:42:c5:84:20:5f:20:f9:43:e4:3c:47:98:ef:cd:92:9d:
a5:77:bc:e2:ff:d2:a1:e9:60:7c:16:ff:98:30:a9:e2:dd:b0:
85:1c:10:ea:e4:42:f5:2d:54:7d:32:87:8f:2b:fd:bb:85:d3:
8f:fb:2c:de:ec:e6:ab:32:05:3c:33:17:53:b5:25:bd:bf:b3:
c4:ce:cf:28:74:01:24:4c:23:f9:82:c6:36:95:8c:81:f7:25:
b3:ec:d3:bc:37:b4:c5:5f:b1:b5:ef:81:be:58:54:96:50:13:
ce:bd:e6:60:7f:49:ab:32:27:0d:98:d4:6b:35:0a:75:c7:ea:
b3:12:80:66:67:92:71:5f:3f:aa:ca:91:31:6c:c3:d8:5a:8d:
25:f1:cf:25:58:2a:33:77:33:69:2c:95:f6:18:1f:da:f1:9a:
ce:fc:6d:fb:a9:62:02:a0:53:aa:b4:47:c8:65:a4:34:8c:45:
59:34:1a:e2
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY4I1IUXtRIRfkI3VtW7XdiuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMzA0MDkzODQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjY1OTM0N2RjMTZhZjU0YmY5NTE2MjdkMGIzOWJkYTgwZGNlMDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7mhXFRmUVS4B/2vwol3z/a+dHKD
lsF/2MrLgyklfEua9LP8QK0xs+M1FN4mdZ495aQKdK9H+9nIXqRrIPN0giGwE1ER
2K56eNSABU44qZ+WH05iF9nzu7iN6RzxQAvE6B9vq/52pQeSBugfjRDIHITiFyFa
LXg5laB5VuoX16AcGuFWJP4aN1b6y4b9P1yrZtCJ1vs66/Eb0L09o2YTs8CZ5f5V
zxzdZvBQ4oFkj+07C4RsDPPI6YuhjjaeLp+RScQ5woSqsAehq5mBGkDtID8iVDh3
8FGSg6dPv1WaD1oQozZJrq9U5J9mpGcG6tC5t5up2aBS9nl2Ze1OxwfBLQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNtlk0fcFq9Uv5UWJ9Czm9qA3OAPMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvMjJXVFI5d1dyMVNfbFJZbjBMT2Iyb0RjNEE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAJU2TAwQA
JYzdAwQALVrFAwQALV0WAwQAPuksAwQAW4TiAwQAwW3VMA0GCSqGSIb3DQEBCwUA
A4IBAQBM/YtUymTE8a2rJrcq1O87Rj9DvP+npB8V/YFsrTT79/4vzSaRml3LrpzU
kPTyFtG3eO/+QxEiAGunPjIozpcHEpETR40k481Z3kLFhCBfIPlD5DxHmO/Nkp2l
d7zi/9Kh6WB8Fv+YMKni3bCFHBDq5EL1LVR9MoePK/27hdOP+yze7OarMgU8MxdT
tSW9v7PEzs8odAEkTCP5gsY2lYyB9yWz7NO8N7TFX7G174G+WFSWUBPOveZgf0mr
MicNmNRrNQp1x+qzEoBmZ5JxXz+qypExbMPYWo0l8c8lWCozdzNpLJX2GB/a8ZrO
/G37qWICoFOqtEfIZaQ0jEVZNBri
-----END CERTIFICATE-----
Generated at Tue Mar 5 17:44:35 2024 by rpki-client on console-fra.rpki-client.org