Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7pBBhIayrpgUIF0LakrebeLZ7-o.roa
File: 7pBBhIayrpgUIF0LakrebeLZ7-o.roa (raw, json)
Hash identifier: xb37GtoHrE6RJixTRNcUxOh2a7b2gMjAoaAOMxHOpUY=
Subject key identifier: EE:90:41:84:86:B2:AE:98:14:20:5D:0B:6A:4A:DE:6D:E2:D9:EF:EA
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019666B26B59B07ACC4C2C7BEFE6C8A2E1F6
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7pBBhIayrpgUIF0LakrebeLZ7-o.roa
Signing time: Thu 24 Apr 2025 07:28:10 +0000
ROA not before: Thu 24 Apr 2025 07:28:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2.59.253.0/24 maxlen: 24
5.252.132.0/22 maxlen: 24
31.13.211.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.12.253.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.230.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.81.39.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.90.89.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.141.159.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.89.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.22.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.70.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.45.0/24 maxlen: 24
93.123.47.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
93.123.117.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.64.0/21 maxlen: 32
94.156.232.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
171.22.73.0/24 maxlen: 24
171.22.74.0/23 maxlen: 24
178.215.227.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
193.25.216.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Apr 2025 07:35:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:66:b2:6b:59:b0:7a:cc:4c:2c:7b:ef:e6:c8:a2:e1:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 24 07:28:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee90418486b2ae9814205d0b6a4ade6de2d9efea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bd:fb:07:8e:4f:df:d7:8d:5d:d0:9e:45:9e:
c5:0d:83:bd:ac:3f:b3:71:c6:7e:78:fa:63:69:ce:
cd:74:fe:a5:2e:29:84:41:fe:17:0f:b8:b6:3e:73:
bf:70:4b:aa:2a:f3:7a:d8:6e:70:c4:fb:72:e8:32:
f0:bc:d8:df:b4:38:05:ba:0d:86:96:45:7f:b2:2a:
45:63:bb:93:dc:29:39:22:33:85:51:66:54:2a:44:
13:9f:ee:1c:ac:b7:99:37:e2:04:c3:33:b5:be:2e:
33:c0:c5:66:dc:d4:c2:d8:b7:19:17:a5:e7:6a:3c:
fb:75:69:15:c7:92:ec:8f:0a:44:00:c8:c0:8a:db:
50:04:8a:d2:49:0d:7e:df:fa:75:7f:ef:fe:e0:4d:
7c:e6:d9:f0:82:24:cb:1e:06:23:ba:d3:53:90:d2:
5f:2f:46:5d:e5:c8:02:f5:06:e6:0c:83:44:3d:92:
3f:6f:79:68:fe:0a:f9:9b:de:d2:e4:a5:74:5f:31:
35:95:26:68:6f:e9:f5:53:cf:7f:ba:95:f8:01:0d:
84:44:72:af:d8:db:21:84:9d:d5:8f:1b:33:5d:76:
a2:04:ab:5c:9b:f5:a8:3b:15:50:c8:43:64:09:65:
8d:11:22:33:50:5c:47:dc:39:ec:87:70:e3:68:6a:
7c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:90:41:84:86:B2:AE:98:14:20:5D:0B:6A:4A:DE:6D:E2:D9:EF:EA
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7pBBhIayrpgUIF0LakrebeLZ7-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
5.252.132.0/22
31.13.211.0/24
45.9.157.0/24
45.12.253.0/24
45.66.228.0/24
45.66.230.0/23
45.81.39.0/24
45.88.64.0/24
45.89.247.0/24
45.90.89.0/24
45.139.106.0/24
45.141.158.0/23
45.151.90.0/24
79.110.50.0/24
81.161.238.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.89.0/24
87.120.166.0/24
87.121.22.0/24
87.121.38.0/24
87.121.45.0/24
87.121.87.0/24
87.121.124.0/23
87.121.162.0/24
87.121.165.0/24
91.92.70.0/24
92.249.50.0/24
93.123.45.0/24
93.123.47.0/24
93.123.85.0/24
93.123.109.0/24
93.123.117.0/24
93.123.119.0/24
94.103.125.0/24
94.154.160.0/22
94.156.64.0/21
94.156.232.0/24
94.156.239.0/24
141.98.1.0/24
141.98.6.0/24
171.22.73.0-171.22.75.255
178.215.227.0/24
185.216.84.0/22
193.25.216.0/24
193.35.18.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:3b:e5:3d:ad:d9:8f:73:5e:22:ce:23:47:a8:90:bb:a7:e4:
da:cd:be:3f:7f:6b:5a:fa:d2:80:7b:e9:30:b9:db:f7:1e:03:
e1:6a:bd:01:0d:58:1c:3b:50:32:5d:8f:1c:1e:3e:ad:72:3b:
18:76:bc:a5:7d:33:f8:a4:e7:8f:2e:1d:3f:fb:de:fe:6b:04:
34:c1:75:5d:6a:ad:b6:4e:ae:6e:64:9e:2e:ca:d1:dc:08:a3:
02:06:dc:0e:ad:e7:db:e6:30:ef:a8:34:79:ae:b8:2c:25:bc:
ad:ee:e0:96:94:7b:83:ed:93:d7:45:9c:2f:2d:96:29:84:8b:
3d:c0:bd:1e:6c:19:c9:18:21:b3:66:e3:b5:a3:6b:e9:9c:17:
91:e0:b0:d4:e6:1e:57:b4:05:40:54:dc:eb:b4:9c:67:fb:cd:
89:8b:30:5f:ff:7b:75:24:a0:30:1a:74:b9:cb:b5:db:42:b5:
ac:ed:50:65:90:33:e2:07:2a:56:9b:6a:be:78:45:0c:cf:db:
9f:51:26:1f:b7:5f:8e:bb:ad:ae:2a:32:a0:2f:e1:f4:e3:be:
24:a5:ac:d7:89:22:76:8d:6f:f5:fc:5b:da:d0:92:a3:71:4b:
28:5a:98:69:91:fa:f2:f7:2e:b1:5e:ab:ad:8c:fe:2a:4f:fb:
6d:2b:dc:da
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgISAZZmsmtZsHrMTCx77+bIouH2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNDI0MDcyODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTkwNDE4NDg2YjJhZTk4MTQyMDVkMGI2YTRhZGU2ZGUyZDllZmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu737B45P39eNXdCeRZ7FDYO9rD+z
ccZ+ePpjac7NdP6lLimEQf4XD7i2PnO/cEuqKvN62G5wxPty6DLwvNjftDgFug2G
lkV/sipFY7uT3Ck5IjOFUWZUKkQTn+4crLeZN+IEwzO1vi4zwMVm3NTC2LcZF6Xn
ajz7dWkVx5LsjwpEAMjAittQBIrSSQ1+3/p1f+/+4E185tnwgiTLHgYjutNTkNJf
L0Zd5cgC9QbmDINEPZI/b3lo/gr5m97S5KV0XzE1lSZob+n1U89/upX4AQ2ERHKv
2NshhJ3VjxszXXaiBKtcm/WoOxVQyENkCWWNESIzUFxH3Dnsh3DjaGp8pQIDAQAB
o4IDQTCCAz0wHQYDVR0OBBYEFO6QQYSGsq6YFCBdC2pK3m3i2e/qMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvN3BCQmhJYXlycGdVSUYwTGFrcmViZUxaNy1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVQYIKwYBBQUHAQcBAf8EggFEMIIBQDCCATwEAgABMIIB
NAMEAAI7/QMEAgX8hAMEAB8N0wMEAC0JnQMEAC0M/QMEAC1C5AMEAS1C5gMEAC1R
JwMEAC1YQAMEAC1Z9wMEAC1aWQMEAC2LagMEAS2NngMEAC2XWgMEAE9uMgMEAFGh
7gMEAFPbYQMEAFQ2MAMEAFd4VwMEAFd4WQMEAFd4pgMEAFd5FgMEAFd5JgMEAFd5
LQMEAFd5VwMEAVd5fAMEAFd5ogMEAFd5pQMEAFtcRgMEAFz5MgMEAF17LQMEAF17
LwMEAF17VQMEAF17bQMEAF17dQMEAF17dwMEAF5nfQMEAl6aoAMEA16cQAMEAF6c
6AMEAF6c7wMEAI1iAQMEAI1iBjAMAwQAqxZJAwQCqxZIAwQAstfjAwQCudhUAwQA
wRnYAwQAwSMSAwQAwje6AwQAwqmvMA0GCSqGSIb3DQEBCwUAA4IBAQCOO+U9rdmP
c14iziNHqJC7p+Tazb4/f2ta+tKAe+kwudv3HgPhar0BDVgcO1AyXY8cHj6tcjsY
drylfTP4pOePLh0/+97+awQ0wXVdaq22Tq5uZJ4uytHcCKMCBtwOrefb5jDvqDR5
rrgsJbyt7uCWlHuD7ZPXRZwvLZYphIs9wL0ebBnJGCGzZuO1o2vpnBeR4LDU5h5X
tAVAVNzrtJxn+82JizBf/3t1JKAwGnS5y7XbQrWs7VBlkDPiBypWm2q+eEUMz9uf
USYft1+Ou62uKjKgL+H0474kpazXiSJ2jW/1/Fva0JKjcUsoWphpkfry9y6xXqut
jP4qT/ttK9za
-----END CERTIFICATE-----
Generated at Tue May 13 16:33:39 2025 by rpki-client