Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/A7YmSYpZzsZPMzVaisjN9fQUkAA.roa
File: A7YmSYpZzsZPMzVaisjN9fQUkAA.roa (raw, json)
Hash identifier: exGSHgPo5bB7VjiQhiscO5VoOY+czmPAiCnEZ/ybijI=
Subject key identifier: 03:B6:26:49:8A:59:CE:C6:4F:33:35:5A:8A:C8:CD:F5:F4:14:90:00
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0196866028C284D22848CD07F177512837B2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/A7YmSYpZzsZPMzVaisjN9fQUkAA.roa
Signing time: Wed 30 Apr 2025 11:06:10 +0000
ROA not before: Wed 30 Apr 2025 11:06:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2.59.253.0/24 maxlen: 24
5.252.132.0/22 maxlen: 24
31.13.211.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.12.253.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.81.39.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.90.89.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.141.159.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.89.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.22.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.70.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.45.0/24 maxlen: 24
93.123.47.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
93.123.117.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.64.0/21 maxlen: 32
94.156.105.0/24 maxlen: 24
94.156.167.0/24 maxlen: 24
94.156.232.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
171.22.73.0/24 maxlen: 24
171.22.74.0/23 maxlen: 24
178.215.227.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
193.25.216.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Apr 2025 14:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:86:60:28:c2:84:d2:28:48:cd:07:f1:77:51:28:37:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 30 11:06:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03b626498a59cec64f33355a8ac8cdf5f4149000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:71:df:75:34:3e:63:cf:75:42:97:a9:9f:c1:
af:6d:e1:eb:f7:76:69:2d:19:b5:1c:20:1f:b6:9a:
7a:f9:8c:7a:77:a3:29:0b:c1:89:87:36:c3:53:41:
11:4b:9e:0a:a2:0b:69:83:a5:76:24:4d:b6:59:ba:
2b:43:6d:fd:c7:91:ab:ac:9c:67:69:62:79:88:08:
b4:c8:0b:dd:6e:3e:b5:56:c7:a6:83:06:97:51:6b:
b7:13:22:bf:f2:c5:b5:38:a6:5f:b6:75:80:c9:64:
6f:4c:f7:92:15:b5:8b:32:fa:c1:ab:0f:98:4e:bf:
50:1c:f7:25:76:fe:26:d7:d9:1f:2d:e9:6d:db:aa:
9e:a8:dc:9a:1c:e1:a7:73:32:bb:84:26:a8:3c:7e:
5d:7d:34:b7:48:cb:2d:7c:33:35:1f:72:1c:fc:bc:
30:d4:b3:50:29:c4:43:ec:e0:8e:a7:da:42:8f:70:
ad:c9:c0:c8:12:f4:f6:74:57:e9:18:aa:69:2a:ce:
15:69:0f:09:9c:eb:39:20:29:c1:67:01:a7:b2:c2:
0c:6f:a3:28:0d:72:b8:a4:cc:75:e1:ac:92:3a:d0:
9f:ad:79:e2:4c:73:67:cf:1e:ed:e9:4b:ce:58:71:
b7:1d:3d:d7:de:23:2d:31:a3:a0:71:cf:5d:03:6c:
e3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:B6:26:49:8A:59:CE:C6:4F:33:35:5A:8A:C8:CD:F5:F4:14:90:00
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/A7YmSYpZzsZPMzVaisjN9fQUkAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
5.252.132.0/22
31.13.211.0/24
45.9.157.0/24
45.12.253.0/24
45.66.228.0/24
45.66.231.0/24
45.81.39.0/24
45.88.64.0/24
45.89.247.0/24
45.90.89.0/24
45.139.106.0/24
45.141.158.0/23
45.151.90.0/24
79.110.50.0/24
81.161.238.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.89.0/24
87.120.166.0/24
87.121.22.0/24
87.121.38.0/24
87.121.45.0/24
87.121.87.0/24
87.121.124.0/23
87.121.165.0/24
91.92.70.0/24
92.119.196.0/23
92.249.50.0/24
93.123.45.0/24
93.123.47.0/24
93.123.85.0/24
93.123.109.0/24
93.123.117.0/24
93.123.119.0/24
94.103.125.0/24
94.154.160.0/22
94.156.64.0/21
94.156.105.0/24
94.156.167.0/24
94.156.232.0/24
94.156.239.0/24
141.98.1.0/24
141.98.6.0/24
171.22.73.0-171.22.75.255
178.215.227.0/24
185.216.84.0/22
193.25.216.0/24
193.35.18.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:5c:8b:76:fd:c2:8e:a7:8e:04:9d:99:df:60:a8:a9:75:71:
47:cf:f4:77:b5:26:1c:86:88:1b:35:76:76:26:3f:aa:c5:3e:
27:fe:ff:e7:3a:6a:c1:41:74:e7:6b:fd:28:86:38:e2:90:d3:
00:33:01:e9:90:d7:e7:92:1b:8a:66:cf:46:2e:5a:56:ac:40:
09:4a:8a:c8:b3:ab:9b:76:4a:1e:d5:3a:9c:c8:09:a0:44:7c:
a0:ac:f3:94:0b:9a:73:8e:4b:7c:d5:0b:87:25:6f:0d:2f:86:
17:29:17:46:a9:07:33:39:ca:a7:93:96:71:5e:68:e1:73:c0:
3a:32:a8:11:66:5d:3a:31:86:1c:d3:22:c5:5a:4e:56:35:8b:
c9:e4:c7:b0:55:38:1b:00:1a:c7:7a:cf:b3:ff:ff:cf:89:ce:
16:04:49:54:dd:7e:3d:8d:70:fd:b8:88:17:5b:8c:2e:98:67:
f2:18:b0:f3:f5:c0:65:7e:48:57:35:bc:ce:ba:92:5d:cc:3e:
f9:77:92:a8:9c:38:96:63:94:f4:b8:bb:c5:b3:4d:a9:bb:50:
a8:0c:aa:c7:23:11:37:e2:00:66:85:e3:19:23:18:1e:d9:fa:
f1:c4:ca:a7:00:43:61:28:2e:58:e5:6e:24:81:13:6f:5f:4b:
3a:96:86:70
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgISAZaGYCjChNIoSM0H8XdRKDeyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNDMwMTEwNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2I2MjY0OThhNTljZWM2NGYzMzM1NWE4YWM4Y2RmNWY0MTQ5MDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonHfdTQ+Y891Qpepn8GvbeHr93Zp
LRm1HCAftpp6+Yx6d6MpC8GJhzbDU0ERS54Kogtpg6V2JE22WborQ239x5GrrJxn
aWJ5iAi0yAvdbj61VsemgwaXUWu3EyK/8sW1OKZftnWAyWRvTPeSFbWLMvrBqw+Y
Tr9QHPcldv4m19kfLelt26qeqNyaHOGnczK7hCaoPH5dfTS3SMstfDM1H3Ic/Lww
1LNQKcRD7OCOp9pCj3CtycDIEvT2dFfpGKppKs4VaQ8JnOs5ICnBZwGnssIMb6Mo
DXK4pMx14aySOtCfrXniTHNnzx7t6UvOWHG3HT3X3iMtMaOgcc9dA2zjuQIDAQAB
o4IDTTCCA0kwHQYDVR0OBBYEFAO2JkmKWc7GTzM1WorIzfX0FJAAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQTdZbVNZcFp6c1pQTXpWYWlzak45ZlFVa0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYQYIKwYBBQUHAQcBAf8EggFQMIIBTDCCAUgEAgABMIIB
QAMEAAI7/QMEAgX8hAMEAB8N0wMEAC0JnQMEAC0M/QMEAC1C5AMEAC1C5wMEAC1R
JwMEAC1YQAMEAC1Z9wMEAC1aWQMEAC2LagMEAS2NngMEAC2XWgMEAE9uMgMEAFGh
7gMEAFPbYQMEAFQ2MAMEAFd4VwMEAFd4WQMEAFd4pgMEAFd5FgMEAFd5JgMEAFd5
LQMEAFd5VwMEAVd5fAMEAFd5pQMEAFtcRgMEAVx3xAMEAFz5MgMEAF17LQMEAF17
LwMEAF17VQMEAF17bQMEAF17dQMEAF17dwMEAF5nfQMEAl6aoAMEA16cQAMEAF6c
aQMEAF6cpwMEAF6c6AMEAF6c7wMEAI1iAQMEAI1iBjAMAwQAqxZJAwQCqxZIAwQA
stfjAwQCudhUAwQAwRnYAwQAwSMSAwQAwje6AwQAwqmvMA0GCSqGSIb3DQEBCwUA
A4IBAQA8XIt2/cKOp44EnZnfYKipdXFHz/R3tSYchogbNXZ2Jj+qxT4n/v/nOmrB
QXTna/0ohjjikNMAMwHpkNfnkhuKZs9GLlpWrEAJSorIs6ubdkoe1TqcyAmgRHyg
rPOUC5pzjkt81QuHJW8NL4YXKRdGqQczOcqnk5ZxXmjhc8A6MqgRZl06MYYc0yLF
Wk5WNYvJ5MewVTgbABrHes+z///Pic4WBElU3X49jXD9uIgXW4wumGfyGLDz9cBl
fkhXNbzOupJdzD75d5KonDiWY5T0uLvFs02pu1CoDKrHIxE34gBmheMZIxge2frx
xMqnAENhKC5Y5W4kgRNvX0s6loZw
-----END CERTIFICATE-----
Generated at Tue May 13 18:06:53 2025 by rpki-client