Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Kr0Eqs3f-7qaYTVi08c6HahnDpY.roa
File: Kr0Eqs3f-7qaYTVi08c6HahnDpY.roa (raw, json)
Hash identifier: a4m9HGY5DQa9xsP0DnVeHWKkNgoNsZqgDVCh7Irk5ds=
Subject key identifier: 2A:BD:04:AA:CD:DF:FB:BA:9A:61:35:62:D3:C7:3A:1D:A8:67:0E:96
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01965C6B30ECBAB83C87EDE2A331188159DA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Kr0Eqs3f-7qaYTVi08c6HahnDpY.roa
Signing time: Tue 22 Apr 2025 07:34:10 +0000
ROA not before: Tue 22 Apr 2025 07:34:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2.59.253.0/24 maxlen: 24
5.252.132.0/22 maxlen: 24
31.13.211.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.12.253.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.230.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.81.39.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.90.89.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.141.159.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
79.110.62.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.89.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.22.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.70.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.45.0/24 maxlen: 24
93.123.47.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
93.123.117.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.64.0/21 maxlen: 32
94.156.232.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
171.22.73.0/24 maxlen: 24
171.22.74.0/23 maxlen: 24
178.215.227.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
193.25.216.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Apr 2025 07:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5c:6b:30:ec:ba:b8:3c:87:ed:e2:a3:31:18:81:59:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 22 07:34:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2abd04aacddffbba9a613562d3c73a1da8670e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ba:67:58:f8:a8:d6:73:12:85:bc:d5:bd:ec:
11:c6:59:6c:bf:cf:ad:a9:f5:c7:e3:35:95:9a:9d:
ce:b4:d2:b5:bf:be:12:1f:c7:e7:1e:73:2c:ce:a6:
30:9a:d6:ce:8c:6e:43:ff:0d:6c:9f:10:f5:74:a2:
8f:d3:04:13:de:ec:e9:22:88:06:75:70:16:9c:f0:
32:b6:45:a4:b1:75:c0:aa:e9:91:0c:47:2c:1c:af:
db:38:d5:4b:d9:6f:e0:3e:2b:de:b6:27:80:bb:ba:
d6:9e:39:61:fa:ab:de:26:21:ee:84:28:fe:fd:fa:
bc:6b:64:78:f6:77:11:bc:82:8a:a0:e3:10:06:94:
1e:b5:c8:65:4e:bd:fc:93:92:67:69:ee:7e:7e:91:
95:43:70:92:f0:40:cb:df:34:63:ef:a0:0a:0d:d0:
61:5b:de:31:48:72:39:e8:cb:7c:67:c9:d3:a9:23:
49:3a:eb:97:6d:49:b6:36:8e:de:23:68:97:d6:3f:
7b:25:2b:b3:48:da:d8:e1:33:58:c3:57:c2:e8:34:
71:71:ba:65:79:33:79:05:ae:e2:7b:85:43:17:39:
d7:30:3b:d2:44:38:18:d7:62:06:e1:1e:b9:c6:f7:
b9:ba:18:aa:2a:47:14:51:0f:97:8d:86:fe:39:1f:
9c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:BD:04:AA:CD:DF:FB:BA:9A:61:35:62:D3:C7:3A:1D:A8:67:0E:96
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Kr0Eqs3f-7qaYTVi08c6HahnDpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
5.252.132.0/22
31.13.211.0/24
45.9.157.0/24
45.12.253.0/24
45.66.228.0/24
45.66.230.0/23
45.81.39.0/24
45.88.64.0/24
45.89.247.0/24
45.90.89.0/24
45.139.106.0/24
45.141.158.0/23
45.151.90.0/24
79.110.50.0/24
79.110.62.0/24
81.161.238.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.89.0/24
87.120.166.0/24
87.121.22.0/24
87.121.38.0/24
87.121.45.0/24
87.121.87.0/24
87.121.124.0/23
87.121.162.0/24
87.121.165.0/24
91.92.70.0/24
92.249.50.0/24
93.123.45.0/24
93.123.47.0/24
93.123.85.0/24
93.123.109.0/24
93.123.117.0/24
93.123.119.0/24
94.103.125.0/24
94.154.160.0/22
94.156.64.0/21
94.156.232.0/24
94.156.239.0/24
141.98.1.0/24
141.98.6.0/24
147.78.100.0/24
171.22.73.0-171.22.75.255
178.215.227.0/24
185.216.84.0/22
193.25.216.0/24
193.35.18.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:73:96:59:a5:84:d5:83:cb:da:f4:ab:cf:e3:27:a7:e4:b4:
42:56:55:09:ce:b4:f4:d2:20:5e:56:83:26:61:c3:98:8f:a8:
cd:28:d4:70:b2:b6:e8:fe:ee:26:af:1d:82:a0:d1:ab:29:98:
f2:e7:c3:d3:87:0d:0b:f6:2d:ac:90:8d:43:ee:a9:4d:70:2f:
39:ca:03:9a:77:c0:9d:61:b3:12:40:e3:03:36:e3:a3:02:ae:
2e:51:f4:bb:ef:fb:e4:9c:94:56:f9:78:ad:13:5f:0b:85:8b:
03:39:88:0c:d6:8c:19:aa:b3:1c:9b:b6:37:ee:b8:86:d0:25:
42:32:03:eb:60:e3:7c:63:2e:78:28:d9:fa:45:57:e1:17:5d:
c5:2e:2a:8b:a5:56:68:8e:4e:39:0b:49:3c:1a:7d:1e:8a:cb:
91:7a:a3:e4:9d:79:a7:cb:d4:bc:8d:49:07:9a:69:e8:c5:3d:
e5:3f:12:09:56:db:6e:f0:93:f4:3f:3b:05:8f:fa:85:c7:5b:
f4:84:99:b0:e2:79:c3:bb:bf:d7:f8:7c:84:d8:73:56:75:83:
c4:d4:de:d1:e3:0b:a0:16:2f:f2:ad:4c:18:d8:00:6b:fe:ea:
aa:62:25:95:fd:cc:c3:38:10:0b:30:6c:f9:14:38:02:de:9f:
8f:7f:87:71
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgISAZZcazDsurg8h+3iozEYgVnaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNDIyMDczNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWJkMDRhYWNkZGZmYmJhOWE2MTM1NjJkM2M3M2ExZGE4NjcwZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLpnWPio1nMShbzVvewRxllsv8+t
qfXH4zWVmp3OtNK1v74SH8fnHnMszqYwmtbOjG5D/w1snxD1dKKP0wQT3uzpIogG
dXAWnPAytkWksXXAqumRDEcsHK/bONVL2W/gPivetieAu7rWnjlh+qveJiHuhCj+
/fq8a2R49ncRvIKKoOMQBpQetchlTr38k5Jnae5+fpGVQ3CS8EDL3zRj76AKDdBh
W94xSHI56Mt8Z8nTqSNJOuuXbUm2No7eI2iX1j97JSuzSNrY4TNYw1fC6DRxcbpl
eTN5Ba7ie4VDFznXMDvSRDgY12IG4R65xve5uhiqKkcUUQ+XjYb+OR+ccwIDAQAB
o4IDTTCCA0kwHQYDVR0OBBYEFCq9BKrN3/u6mmE1YtPHOh2oZw6WMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvS3IwRXFzM2YtN3FhWVRWaTA4YzZIYWhuRHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYQYIKwYBBQUHAQcBAf8EggFQMIIBTDCCAUgEAgABMIIB
QAMEAAI7/QMEAgX8hAMEAB8N0wMEAC0JnQMEAC0M/QMEAC1C5AMEAS1C5gMEAC1R
JwMEAC1YQAMEAC1Z9wMEAC1aWQMEAC2LagMEAS2NngMEAC2XWgMEAE9uMgMEAE9u
PgMEAFGh7gMEAFPbYQMEAFQ2MAMEAFd4VwMEAFd4WQMEAFd4pgMEAFd5FgMEAFd5
JgMEAFd5LQMEAFd5VwMEAVd5fAMEAFd5ogMEAFd5pQMEAFtcRgMEAFz5MgMEAF17
LQMEAF17LwMEAF17VQMEAF17bQMEAF17dQMEAF17dwMEAF5nfQMEAl6aoAMEA16c
QAMEAF6c6AMEAF6c7wMEAI1iAQMEAI1iBgMEAJNOZDAMAwQAqxZJAwQCqxZIAwQA
stfjAwQCudhUAwQAwRnYAwQAwSMSAwQAwje6AwQAwqmvMA0GCSqGSIb3DQEBCwUA
A4IBAQBMc5ZZpYTVg8va9KvP4yen5LRCVlUJzrT00iBeVoMmYcOYj6jNKNRwsrbo
/u4mrx2CoNGrKZjy58PThw0L9i2skI1D7qlNcC85ygOad8CdYbMSQOMDNuOjAq4u
UfS77/vknJRW+XitE18LhYsDOYgM1owZqrMcm7Y37riG0CVCMgPrYON8Yy54KNn6
RVfhF13FLiqLpVZojk45C0k8Gn0eisuReqPknXmny9S8jUkHmmnoxT3lPxIJVttu
8JP0PzsFj/qFx1v0hJmw4nnDu7/X+HyE2HNWdYPE1N7R4wugFi/yrUwY2ABr/uqq
YiWV/czDOBALMGz5FDgC3p+Pf4dx
-----END CERTIFICATE-----
Generated at Tue May 13 18:06:55 2025 by rpki-client