Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6enbIi6_NJN7S-phz52cscpPQsU.roa
File: 6enbIi6_NJN7S-phz52cscpPQsU.roa (raw, json)
Hash identifier: VpkiF5L1HTv435AqtDjyWqVfiwK9cAYt+eW2n+uCRls=
Subject key identifier: E9:E9:DB:22:2E:BF:34:93:7B:4B:EA:61:CF:9D:9C:B1:CA:4F:42:C5
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01963ECEA0BBC672FF79B5E0AC15A81C3508
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6enbIi6_NJN7S-phz52cscpPQsU.roa
Signing time: Wed 16 Apr 2025 13:34:11 +0000
ROA not before: Wed 16 Apr 2025 13:34:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2.59.253.0/24 maxlen: 24
5.252.132.0/22 maxlen: 24
31.13.211.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.12.253.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.230.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.81.39.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.90.89.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.141.159.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.22.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.84.0/24 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.70.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.45.0/24 maxlen: 24
93.123.47.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
93.123.117.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.64.0/21 maxlen: 32
94.156.232.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
171.22.73.0/24 maxlen: 24
171.22.74.0/23 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
193.25.216.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
194.180.48.0/24 maxlen: 24
194.180.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Apr 2025 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:ce:a0:bb:c6:72:ff:79:b5:e0:ac:15:a8:1c:35:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 16 13:34:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9e9db222ebf34937b4bea61cf9d9cb1ca4f42c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ba:b3:0f:1c:b0:4c:01:33:86:1f:16:31:08:
d5:cf:44:22:45:94:b5:e7:83:26:99:6b:bf:67:0a:
36:7d:82:4a:e3:87:9c:c8:e3:92:59:40:82:b8:61:
f7:f4:68:81:80:41:e9:1f:39:83:1e:a5:c5:03:9a:
76:7c:95:40:9a:3d:14:35:8a:67:69:06:e4:a8:01:
b2:ab:5b:22:f8:23:c7:ec:50:bf:81:2d:1e:62:96:
79:ea:d9:de:77:ba:cf:6d:45:1b:35:64:ea:1f:5d:
86:ff:51:6b:b0:5c:2a:b0:6f:9a:84:3a:23:b0:a4:
8e:1d:e3:c6:bd:3d:d6:62:b0:cd:88:b5:a5:8b:54:
a5:c3:8a:80:38:19:be:a4:4b:3f:54:27:9e:cb:b4:
26:0a:6a:23:b8:34:4f:7a:9f:24:42:7f:b3:73:26:
cd:58:51:9e:fe:c2:f3:9a:e9:a4:eb:3b:bf:c4:89:
4b:00:4d:62:ea:07:3d:b9:1b:e9:58:dd:32:87:92:
9a:e8:3d:b3:f6:f9:46:81:3d:54:b7:17:fe:ad:02:
c5:82:9e:aa:d5:ca:49:91:5a:0f:c2:ce:45:1a:e9:
ee:27:53:8d:ec:97:e7:6d:3d:4a:3b:ae:b6:ce:af:
5d:dd:b8:a3:92:77:ee:e0:ef:61:76:67:ef:7d:8d:
4c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:E9:DB:22:2E:BF:34:93:7B:4B:EA:61:CF:9D:9C:B1:CA:4F:42:C5
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6enbIi6_NJN7S-phz52cscpPQsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
5.252.132.0/22
31.13.211.0/24
45.9.157.0/24
45.12.253.0/24
45.66.228.0/24
45.66.230.0/23
45.81.39.0/24
45.88.64.0/24
45.89.247.0/24
45.90.89.0/24
45.139.106.0/24
45.141.158.0/23
45.151.90.0/24
79.110.50.0/24
81.161.238.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.166.0/24
87.121.22.0/24
87.121.38.0/24
87.121.45.0/24
87.121.84.0/24
87.121.87.0/24
87.121.124.0/23
87.121.162.0/24
87.121.165.0/24
91.92.70.0/24
92.249.50.0/24
93.123.45.0/24
93.123.47.0/24
93.123.85.0/24
93.123.109.0/24
93.123.117.0/24
93.123.119.0/24
94.103.125.0/24
94.154.160.0/22
94.156.64.0/21
94.156.232.0/24
141.98.1.0/24
141.98.6.0/24
147.78.100.0/24
171.22.73.0-171.22.75.255
178.215.224.0/24
178.215.227.0/24
185.216.84.0/22
193.25.216.0/24
193.35.18.0/24
194.55.186.0/24
194.169.175.0/24
194.180.48.0/23
Signature Algorithm: sha256WithRSAEncryption
26:f4:54:46:8e:3d:d3:5d:56:3d:11:c5:9c:9b:a6:8a:d0:af:
29:49:ef:ac:17:4f:b7:60:d4:57:92:3e:07:cf:41:9b:f0:7b:
22:c1:c3:cc:82:84:fa:89:a9:5a:bc:80:d7:84:bb:f4:fa:81:
35:27:79:b8:7b:95:0c:ee:41:42:6a:a9:60:27:d4:dd:99:9e:
66:c8:db:0f:d9:e1:45:d4:ac:29:d5:62:e0:4b:94:9d:81:d1:
8e:01:fe:a4:ec:e3:ec:72:93:ac:88:fa:a5:97:0b:89:ae:51:
e4:22:54:df:b7:07:5b:d8:2a:72:70:1e:c2:ca:8f:0d:47:46:
1a:82:88:65:c8:f8:3f:ef:2a:a7:7f:be:ef:76:de:fd:d8:6d:
06:da:80:78:73:2e:41:0c:11:77:70:96:a2:f3:a5:04:c3:a7:
04:b4:89:32:90:1c:bb:cd:00:d5:45:ff:57:09:d5:70:71:d3:
94:4b:a4:a6:9a:f5:68:3b:2c:cb:ea:b7:1f:d1:05:17:ad:25:
76:74:a7:5a:27:8d:38:a2:d7:8e:d8:eb:67:67:99:33:8f:31:
32:69:20:6e:b0:9f:bc:d6:e7:69:ae:ee:48:9b:33:f8:af:ee:
e3:da:8c:5f:76:c4:fb:77:3a:cd:e2:62:f8:8b:f4:6f:00:19:
15:7c:47:dc
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgISAZY+zqC7xnL/ebXgrBWoHDUIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNDE2MTMzNDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWU5ZGIyMjJlYmYzNDkzN2I0YmVhNjFjZjlkOWNiMWNhNGY0MmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7qzDxywTAEzhh8WMQjVz0QiRZS1
54MmmWu/Zwo2fYJK44ecyOOSWUCCuGH39GiBgEHpHzmDHqXFA5p2fJVAmj0UNYpn
aQbkqAGyq1si+CPH7FC/gS0eYpZ56tned7rPbUUbNWTqH12G/1FrsFwqsG+ahDoj
sKSOHePGvT3WYrDNiLWli1Slw4qAOBm+pEs/VCeey7QmCmojuDRPep8kQn+zcybN
WFGe/sLzmumk6zu/xIlLAE1i6gc9uRvpWN0yh5Ka6D2z9vlGgT1Utxf+rQLFgp6q
1cpJkVoPws5FGunuJ1ON7JfnbT1KO662zq9d3bijknfu4O9hdmfvfY1MyQIDAQAB
o4IDTTCCA0kwHQYDVR0OBBYEFOnp2yIuvzSTe0vqYc+dnLHKT0LFMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNmVuYklpNl9OSk43Uy1waHo1MmNzY3BQUXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYQYIKwYBBQUHAQcBAf8EggFQMIIBTDCCAUgEAgABMIIB
QAMEAAI7/QMEAgX8hAMEAB8N0wMEAC0JnQMEAC0M/QMEAC1C5AMEAS1C5gMEAC1R
JwMEAC1YQAMEAC1Z9wMEAC1aWQMEAC2LagMEAS2NngMEAC2XWgMEAE9uMgMEAFGh
7gMEAFPbYQMEAFQ2MAMEAFd4VwMEAFd4pgMEAFd5FgMEAFd5JgMEAFd5LQMEAFd5
VAMEAFd5VwMEAVd5fAMEAFd5ogMEAFd5pQMEAFtcRgMEAFz5MgMEAF17LQMEAF17
LwMEAF17VQMEAF17bQMEAF17dQMEAF17dwMEAF5nfQMEAl6aoAMEA16cQAMEAF6c
6AMEAI1iAQMEAI1iBgMEAJNOZDAMAwQAqxZJAwQCqxZIAwQAstfgAwQAstfjAwQC
udhUAwQAwRnYAwQAwSMSAwQAwje6AwQAwqmvAwQBwrQwMA0GCSqGSIb3DQEBCwUA
A4IBAQAm9FRGjj3TXVY9EcWcm6aK0K8pSe+sF0+3YNRXkj4Hz0Gb8HsiwcPMgoT6
ialavIDXhLv0+oE1J3m4e5UM7kFCaqlgJ9TdmZ5myNsP2eFF1Kwp1WLgS5SdgdGO
Af6k7OPscpOsiPqllwuJrlHkIlTftwdb2CpycB7Cyo8NR0YagohlyPg/7yqnf77v
dt792G0G2oB4cy5BDBF3cJai86UEw6cEtIkykBy7zQDVRf9XCdVwcdOUS6SmmvVo
OyzL6rcf0QUXrSV2dKdaJ404oteO2OtnZ5kzjzEyaSBusJ+81udpru5ImzP4r+7j
2oxfdsT7dzrN4mL4i/RvABkVfEfc
-----END CERTIFICATE-----
Generated at Tue May 13 17:39:15 2025 by rpki-client