Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/d2JwL_UZm4LIcv3iyRq6rpWW8wk.roa
File: d2JwL_UZm4LIcv3iyRq6rpWW8wk.roa (raw, json)
Hash identifier: UHSOQslnlgAzbrpbFNlXVGxW1jIElovYSWR45mgfoSo=
Subject key identifier: 77:62:70:2F:F5:19:9B:82:C8:72:FD:E2:C9:1A:BA:AE:95:96:F3:09
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018CC7953564A484A59535FE76FC590DDA46
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/d2JwL_UZm4LIcv3iyRq6rpWW8wk.roa
Signing time: Tue 02 Jan 2024 00:31:33 +0000
ROA not before: Tue 02 Jan 2024 00:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212212
IP address blocks: 176.108.224.0/22 maxlen: 22
151.248.70.0/23 maxlen: 23
195.54.54.0/24 maxlen: 24
195.54.55.0/24 maxlen: 24
194.213.6.0/24 maxlen: 24
185.76.52.0/23 maxlen: 23
185.76.54.0/23 maxlen: 23
91.239.164.0/23 maxlen: 23
91.242.48.0/23 maxlen: 23
91.242.50.0/23 maxlen: 23
91.239.166.0/23 maxlen: 23
194.107.122.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Apr 2024 16:40:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:35:64:a4:84:a5:95:35:fe:76:fc:59:0d:da:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Jan 2 00:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7762702ff5199b82c872fde2c91abaae9596f309
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b8:01:41:60:9f:ad:de:8e:f5:5b:50:41:37:
04:ff:ac:33:a0:01:3e:97:46:72:07:34:26:22:8b:
5c:cb:81:e1:63:f7:b6:f2:27:77:a5:09:f7:de:9f:
e4:2e:83:9e:ef:c1:0b:29:fd:99:52:73:d8:c7:5e:
c0:6d:82:c4:e8:c3:d5:b6:19:3f:6a:cd:ec:f7:39:
62:2a:57:0a:b7:7a:84:5a:8c:41:3b:b0:20:18:86:
75:d4:f6:af:7b:83:ba:3a:a5:2b:02:c1:70:46:db:
24:6b:dc:a9:e4:ca:b0:22:bc:99:34:df:9c:f1:2e:
ec:a8:0a:ef:78:99:e1:1a:51:79:7a:5d:09:cf:53:
45:56:e6:a9:d6:e8:bf:17:ad:b3:05:a1:72:a2:fc:
0d:29:eb:a3:f2:5a:0b:13:b4:b9:d4:47:28:bf:18:
11:b5:d3:65:e4:05:4d:b5:18:a5:3e:f8:e8:89:3b:
b8:b9:91:0f:f0:02:43:e9:fe:5f:aa:f0:f3:5d:18:
5a:b7:b6:eb:8b:44:ea:5e:cb:56:73:c4:e3:d4:97:
4a:e6:ed:8b:0c:fc:0a:b7:da:1d:a3:80:d4:2b:92:
46:90:55:24:43:91:ab:7e:a8:f5:74:30:bd:09:72:
98:ce:c5:40:b6:35:22:37:e5:40:6e:88:05:c3:70:
75:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:62:70:2F:F5:19:9B:82:C8:72:FD:E2:C9:1A:BA:AE:95:96:F3:09
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/d2JwL_UZm4LIcv3iyRq6rpWW8wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.164.0/22
91.242.48.0/22
151.248.70.0/23
176.108.224.0/22
185.76.52.0/22
194.107.122.0/24
194.213.6.0/24
195.54.54.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:fd:53:c6:3a:7f:66:e2:3b:46:58:e6:83:6a:ae:6d:5e:dd:
0a:85:b0:8c:b7:6f:5d:c3:f1:2f:38:43:b6:4b:d1:c2:ad:ed:
15:88:7d:4e:1d:2c:42:82:db:57:7d:fd:19:ef:41:06:66:ef:
0d:99:67:a0:a9:57:69:36:81:c5:83:b1:74:2b:51:3b:80:59:
d4:15:d2:99:2a:89:b4:5d:cb:fd:43:e3:70:82:44:04:20:c0:
97:57:1a:1d:72:4f:91:f8:97:0c:41:47:a2:ff:e0:3f:ed:5d:
ba:78:c5:37:05:00:7c:a4:df:4a:f7:44:09:60:e8:74:be:95:
78:66:ed:02:90:d3:69:9f:90:c2:3e:79:3e:d4:bf:9a:e6:00:
1e:0f:6d:d1:7a:ef:f0:75:a8:9d:ed:8b:5e:f0:cb:94:04:56:
71:6f:7c:52:0d:83:0d:7c:c7:54:9d:73:14:e4:71:88:cd:9a:
5c:cd:0e:13:a9:20:35:95:66:53:9d:3f:db:50:d6:bd:ed:ef:
27:dd:b9:2a:2b:82:b3:17:67:27:42:36:09:1b:20:d3:02:93:
ca:20:d6:2d:5e:5d:0f:1f:25:b4:f5:83:f1:bb:fd:78:7b:af:
d4:bb:01:d5:61:31:dd:5a:2c:70:33:41:88:6b:ff:f3:cc:a6:
5c:e2:55:32
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzHlTVkpISllTX+dvxZDdpGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjQwMTAyMDAzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzYyNzAyZmY1MTk5YjgyYzg3MmZkZTJjOTFhYmFhZTk1OTZmMzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLgBQWCfrd6O9VtQQTcE/6wzoAE+
l0ZyBzQmIotcy4HhY/e28id3pQn33p/kLoOe78ELKf2ZUnPYx17AbYLE6MPVthk/
as3s9zliKlcKt3qEWoxBO7AgGIZ11Pave4O6OqUrAsFwRtska9yp5MqwIryZNN+c
8S7sqArveJnhGlF5el0Jz1NFVuap1ui/F62zBaFyovwNKeuj8loLE7S51EcovxgR
tdNl5AVNtRilPvjoiTu4uZEP8AJD6f5fqvDzXRhat7bri0TqXstWc8Tj1JdK5u2L
DPwKt9odo4DUK5JGkFUkQ5Grfqj1dDC9CXKYzsVAtjUiN+VAbogFw3B1TQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHdicC/1GZuCyHL94skauq6VlvMJMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvZDJKd0xfVVptNExJY3YzaXlScTZycFdXOHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCW++kAwQC
W/IwAwQBl/hGAwQCsGzgAwQCuUw0AwQAwmt6AwQAwtUGAwQBwzY2MA0GCSqGSIb3
DQEBCwUAA4IBAQBM/VPGOn9m4jtGWOaDaq5tXt0KhbCMt29dw/EvOEO2S9HCre0V
iH1OHSxCgttXff0Z70EGZu8NmWegqVdpNoHFg7F0K1E7gFnUFdKZKom0Xcv9Q+Nw
gkQEIMCXVxodck+R+JcMQUei/+A/7V26eMU3BQB8pN9K90QJYOh0vpV4Zu0CkNNp
n5DCPnk+1L+a5gAeD23Reu/wdaid7Yte8MuUBFZxb3xSDYMNfMdUnXMU5HGIzZpc
zQ4TqSA1lWZTnT/bUNa97e8n3bkqK4KzF2cnQjYJGyDTApPKINYtXl0PHyW09YPx
u/14e6/UuwHVYTHdWixwM0GIa//zzKZc4lUy
-----END CERTIFICATE-----
Generated at Thu Apr 11 21:38:24 2024 by rpki-client on console-ams.rpki-client.org