Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NU8g8DMZxGsDT7rQXlxJbpPIlEA.roa
File: NU8g8DMZxGsDT7rQXlxJbpPIlEA.roa (raw, json)
Hash identifier: +Ip6Xn7jP7g1SOfGLf1JE9La5WcEEKW9ytDcYQZd1ck=
Subject key identifier: 35:4F:20:F0:33:19:C4:6B:03:4F:BA:D0:5E:5C:49:6E:93:C8:94:40
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01969F7CFD3E61CAC0998DFC65A9D26F144F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NU8g8DMZxGsDT7rQXlxJbpPIlEA.roa
Signing time: Mon 05 May 2025 08:08:10 +0000
ROA not before: Mon 05 May 2025 08:08:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2.59.253.0/24 maxlen: 24
5.252.132.0/22 maxlen: 24
31.13.211.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.12.253.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.81.39.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.90.89.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.141.159.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.89.0/24 maxlen: 24
87.120.126.0/23 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.22.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.70.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.45.0/24 maxlen: 24
93.123.47.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
93.123.117.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.64.0/21 maxlen: 32
94.156.105.0/24 maxlen: 24
94.156.167.0/24 maxlen: 24
94.156.232.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
171.22.73.0/24 maxlen: 24
171.22.74.0/23 maxlen: 24
178.215.227.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
193.25.216.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
193.222.98.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 May 2025 07:33:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9f:7c:fd:3e:61:ca:c0:99:8d:fc:65:a9:d2:6f:14:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 5 08:08:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=354f20f03319c46b034fbad05e5c496e93c89440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:40:d9:24:83:40:f9:8b:fa:55:9a:84:d6:de:
49:ab:5a:22:42:b7:82:80:d0:20:98:cc:a8:ad:af:
de:5b:8e:d6:79:ff:dd:20:cb:88:25:96:f6:4c:c7:
b8:04:b4:d0:62:76:84:63:3c:1b:da:90:49:a1:8b:
33:7b:51:cd:d6:e4:f1:fc:d9:0f:7b:2b:59:12:57:
27:24:d7:44:59:d6:3a:da:9e:8b:ff:65:d4:b8:3b:
94:b3:d5:d6:b0:27:6c:9a:da:e4:7e:54:5e:9e:27:
f2:98:dc:cd:4b:1f:4f:8c:ea:c2:fe:80:ba:1e:16:
5d:f2:5f:cb:26:5c:33:89:26:a0:c6:29:c4:01:ae:
df:bc:c2:63:56:06:cf:c7:1e:b6:ba:bd:c6:dd:75:
ea:80:6f:9c:ee:3e:36:87:a2:a5:9f:fc:de:b2:d5:
23:9c:a7:f8:ef:07:3a:74:35:e1:28:7b:30:44:70:
ef:d9:c6:98:3a:87:4f:9d:17:eb:74:5a:af:0e:44:
f0:77:54:c4:15:93:87:db:d9:86:7b:dd:10:5f:a2:
57:11:90:9d:c2:c1:39:ca:97:88:db:34:d0:19:38:
f3:cd:30:f2:12:38:f9:b5:d0:20:d7:de:23:cf:ec:
f6:79:3d:8e:da:85:a8:bb:5e:8a:a8:cc:88:77:5c:
50:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:4F:20:F0:33:19:C4:6B:03:4F:BA:D0:5E:5C:49:6E:93:C8:94:40
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NU8g8DMZxGsDT7rQXlxJbpPIlEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
5.252.132.0/22
31.13.211.0/24
45.9.157.0/24
45.12.253.0/24
45.66.228.0/24
45.66.231.0/24
45.81.39.0/24
45.88.64.0/24
45.89.247.0/24
45.90.89.0/24
45.139.106.0/24
45.141.158.0/23
45.151.90.0/24
79.110.50.0/24
81.161.238.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.89.0/24
87.120.126.0/23
87.120.166.0/24
87.121.22.0/24
87.121.38.0/24
87.121.45.0/24
87.121.87.0/24
87.121.124.0/23
87.121.165.0/24
91.92.70.0/24
92.119.196.0/23
92.249.50.0/24
93.123.45.0/24
93.123.47.0/24
93.123.85.0/24
93.123.109.0/24
93.123.117.0/24
93.123.119.0/24
94.103.125.0/24
94.154.160.0/22
94.156.64.0/21
94.156.105.0/24
94.156.167.0/24
94.156.232.0/24
94.156.239.0/24
141.98.1.0/24
141.98.6.0/24
171.22.73.0-171.22.75.255
178.215.227.0/24
185.216.84.0/22
193.25.216.0/24
193.35.18.0/24
193.222.96.0/24
193.222.98.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:14:42:76:3b:e8:61:f3:0c:ff:90:91:b7:6d:62:dd:af:f3:
58:5a:cf:01:a4:48:54:c7:a9:d4:7c:ed:f9:c2:ea:73:53:0f:
c5:a8:d7:41:3c:fe:a5:ab:4e:14:a1:78:2f:ef:32:ff:a3:cd:
b9:53:4e:47:bf:22:fc:67:6c:2b:e1:cf:5c:d9:c8:4f:d7:d6:
c2:d8:bc:c2:6e:7f:86:df:01:8b:09:21:c9:a9:bb:70:8b:cd:
21:d7:7a:8f:59:a6:64:2c:82:cc:76:70:21:99:ac:e7:9f:5a:
69:39:85:95:f8:ee:48:c0:fa:72:f3:67:e7:71:e2:cc:a5:4f:
8e:ee:bc:c5:63:98:25:b8:fd:87:11:10:26:35:4d:fb:7d:dd:
41:e5:2c:d2:6a:e9:2f:89:ef:84:de:60:05:69:2c:f7:dc:0a:
2d:e4:6e:0c:40:84:cb:14:74:57:a0:22:4a:9c:b3:0f:e2:27:
45:5e:a5:e1:36:43:73:d0:d1:cb:c2:63:f5:31:43:fc:61:9a:
c7:db:35:1e:17:03:a6:f7:81:b6:ea:c0:1f:83:f6:c9:ae:ab:
d3:f5:bb:f4:61:d7:dd:78:94:0b:67:8c:8e:bc:8e:87:d3:11:
b7:a1:3c:2f:b3:0f:d9:83:37:eb:eb:76:be:0c:03:73:49:78:
f6:26:b8:05
-----BEGIN CERTIFICATE-----
MIIGUzCCBTugAwIBAgISAZaffP0+YcrAmY38ZanSbxRPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNTA1MDgwODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTRmMjBmMDMzMTljNDZiMDM0ZmJhZDA1ZTVjNDk2ZTkzYzg5NDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUDZJINA+Yv6VZqE1t5Jq1oiQreC
gNAgmMyora/eW47Wef/dIMuIJZb2TMe4BLTQYnaEYzwb2pBJoYsze1HN1uTx/NkP
eytZElcnJNdEWdY62p6L/2XUuDuUs9XWsCdsmtrkflRenifymNzNSx9PjOrC/oC6
HhZd8l/LJlwziSagxinEAa7fvMJjVgbPxx62ur3G3XXqgG+c7j42h6Kln/zestUj
nKf47wc6dDXhKHswRHDv2caYOodPnRfrdFqvDkTwd1TEFZOH29mGe90QX6JXEZCd
wsE5ypeI2zTQGTjzzTDyEjj5tdAg194jz+z2eT2O2oWou16KqMyId1xQpwIDAQAB
o4IDXzCCA1swHQYDVR0OBBYEFDVPIPAzGcRrA0+60F5cSW6TyJRAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTlU4ZzhETVp4R3NEVDdyUVhseEpicFBJbEVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBcwYIKwYBBQUHAQcBAf8EggFiMIIBXjCCAVoEAgABMIIB
UgMEAAI7/QMEAgX8hAMEAB8N0wMEAC0JnQMEAC0M/QMEAC1C5AMEAC1C5wMEAC1R
JwMEAC1YQAMEAC1Z9wMEAC1aWQMEAC2LagMEAS2NngMEAC2XWgMEAE9uMgMEAFGh
7gMEAFPbYQMEAFQ2MAMEAFd4VwMEAFd4WQMEAVd4fgMEAFd4pgMEAFd5FgMEAFd5
JgMEAFd5LQMEAFd5VwMEAVd5fAMEAFd5pQMEAFtcRgMEAVx3xAMEAFz5MgMEAF17
LQMEAF17LwMEAF17VQMEAF17bQMEAF17dQMEAF17dwMEAF5nfQMEAl6aoAMEA16c
QAMEAF6caQMEAF6cpwMEAF6c6AMEAF6c7wMEAI1iAQMEAI1iBjAMAwQAqxZJAwQC
qxZIAwQAstfjAwQCudhUAwQAwRnYAwQAwSMSAwQAwd5gAwQAwd5iAwQAwje6AwQA
wqmvMA0GCSqGSIb3DQEBCwUAA4IBAQCpFEJ2O+hh8wz/kJG3bWLdr/NYWs8BpEhU
x6nUfO35wupzUw/FqNdBPP6lq04UoXgv7zL/o825U05HvyL8Z2wr4c9c2chP19bC
2LzCbn+G3wGLCSHJqbtwi80h13qPWaZkLILMdnAhmaznn1ppOYWV+O5IwPpy82fn
ceLMpU+O7rzFY5gluP2HERAmNU37fd1B5SzSaukvie+E3mAFaSz33Aot5G4MQITL
FHRXoCJKnLMP4idFXqXhNkNz0NHLwmP1MUP8YZrH2zUeFwOm94G26sAfg/bJrqvT
9bv0YdfdeJQLZ4yOvI6H0xG3oTwvsw/Zgzfr63a+DANzSXj2JrgF
-----END CERTIFICATE-----
Generated at Tue May 13 17:35:54 2025 by rpki-client