Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vAkdIlnNZiOoMnE2T5MHgkjdZm8.roa
File: vAkdIlnNZiOoMnE2T5MHgkjdZm8.roa (raw, json)
Hash identifier: UBAB5fgz385vSTFHQ2XAwixCDo125t2YqTXm3LO5R2M=
Subject key identifier: BC:09:1D:22:59:CD:66:23:A8:32:71:36:4F:93:07:82:48:DD:66:6F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01968724FF0A4211C214652045EBEBD885AC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vAkdIlnNZiOoMnE2T5MHgkjdZm8.roa
Signing time: Wed 30 Apr 2025 14:41:10 +0000
ROA not before: Wed 30 Apr 2025 14:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2.59.253.0/24 maxlen: 24
5.252.132.0/22 maxlen: 24
31.13.211.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.12.253.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.81.39.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.90.89.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.141.159.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.89.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.22.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.70.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.45.0/24 maxlen: 24
93.123.47.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
93.123.117.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.64.0/21 maxlen: 32
94.156.105.0/24 maxlen: 24
94.156.167.0/24 maxlen: 24
94.156.232.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
171.22.73.0/24 maxlen: 24
171.22.74.0/23 maxlen: 24
178.215.227.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
193.25.216.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 04 May 2025 15:15:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:87:24:ff:0a:42:11:c2:14:65:20:45:eb:eb:d8:85:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 30 14:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc091d2259cd6623a83271364f93078248dd666f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:09:cf:17:65:2d:55:94:3a:ef:aa:a8:28:4b:
2b:90:bf:a4:b4:9b:91:e8:6d:17:e1:1b:f7:33:27:
22:4d:ac:a0:53:9d:92:9e:aa:f4:eb:5a:6a:96:f0:
cc:31:3a:22:b6:e0:c7:e0:fb:a7:f1:97:11:da:eb:
2f:fa:75:33:27:60:4d:06:7c:0e:f0:f1:0a:39:7e:
1f:19:22:b5:56:d8:d8:11:34:ff:b7:27:d4:d0:fc:
ac:3f:1c:3d:a3:ed:a8:21:a6:20:27:4c:1c:59:11:
6f:35:52:b0:65:f6:0e:be:06:92:1f:fb:5c:4e:4c:
ed:b3:3d:64:74:c3:a5:b8:da:d0:ad:52:00:65:ce:
a0:26:5c:e1:23:c2:d3:2b:27:89:0c:49:41:eb:3d:
ca:05:b5:5b:f7:e9:9d:99:ac:de:71:2f:3e:5f:f8:
9f:60:7c:45:c3:94:d9:2c:85:cd:3c:5c:8d:75:b6:
3c:ad:61:90:61:64:4e:f4:f2:34:22:12:9a:88:86:
61:e6:25:e7:00:4d:2d:03:92:d4:8f:6a:a9:42:f5:
60:1c:41:e2:8c:da:35:30:de:35:b6:33:18:ad:75:
d0:79:ea:0c:30:f0:32:59:76:70:dd:b7:36:ca:93:
d4:e1:65:7a:0b:74:15:46:11:46:3a:c3:36:77:2b:
37:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:09:1D:22:59:CD:66:23:A8:32:71:36:4F:93:07:82:48:DD:66:6F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vAkdIlnNZiOoMnE2T5MHgkjdZm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
5.252.132.0/22
31.13.211.0/24
45.9.157.0/24
45.12.253.0/24
45.66.228.0/24
45.66.231.0/24
45.81.39.0/24
45.88.64.0/24
45.89.247.0/24
45.90.89.0/24
45.139.106.0/24
45.141.158.0/23
45.151.90.0/24
79.110.50.0/24
81.161.238.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.89.0/24
87.120.166.0/24
87.121.22.0/24
87.121.38.0/24
87.121.45.0/24
87.121.87.0/24
87.121.124.0/23
87.121.165.0/24
91.92.70.0/24
92.119.196.0/23
92.249.50.0/24
93.123.45.0/24
93.123.47.0/24
93.123.85.0/24
93.123.109.0/24
93.123.117.0/24
93.123.119.0/24
94.103.125.0/24
94.154.160.0/22
94.156.64.0/21
94.156.105.0/24
94.156.167.0/24
94.156.232.0/24
94.156.239.0/24
141.98.1.0/24
141.98.6.0/24
171.22.73.0-171.22.75.255
178.215.227.0/24
185.216.84.0/22
193.25.216.0/24
193.35.18.0/24
193.222.96.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
94:0c:39:e4:ad:2c:a4:fc:a0:c5:3d:b2:9f:0d:80:7d:01:06:
a3:50:5b:5d:e8:5f:39:54:28:08:d4:fe:1a:f1:ce:9f:81:3d:
66:e6:06:37:5c:8f:34:64:dd:21:03:c0:75:83:59:1b:19:2a:
68:c1:4e:d3:52:8b:d1:38:b2:b0:88:50:d2:13:37:a6:01:9f:
e6:d7:7e:c8:61:ec:92:3b:3e:3f:ac:22:a8:dd:2b:4d:05:62:
e4:ab:54:7a:c6:d5:05:fe:14:12:51:e2:1a:eb:a4:54:19:dd:
05:1b:ef:65:76:61:a3:ae:6a:f8:24:e0:ed:89:0e:13:ca:71:
bb:58:8d:a2:d1:d1:ea:4e:54:8c:28:21:d9:2a:77:66:38:a0:
5c:cd:41:af:7d:15:e1:dd:4b:2c:99:68:af:fe:ea:6f:f3:d2:
89:74:4e:13:a5:95:c8:6b:e5:e3:40:a9:a6:e7:7d:b9:ae:cd:
a8:89:5b:2e:1e:8e:3f:b8:65:4f:57:97:eb:8d:7e:a0:12:c5:
f1:f5:09:1e:bb:ca:de:da:96:64:f5:b5:f6:82:f5:b0:8e:22:
2d:6f:0f:b2:e4:06:a6:95:7b:7c:48:4c:1d:58:b0:1a:81:fc:
13:d1:b9:04:42:d5:83:22:bc:7b:6c:4d:e1:41:20:79:2c:1e:
0a:ad:ad:a0
-----BEGIN CERTIFICATE-----
MIIGRzCCBS+gAwIBAgISAZaHJP8KQhHCFGUgRevr2IWsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNDMwMTQ0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzA5MWQyMjU5Y2Q2NjIzYTgzMjcxMzY0ZjkzMDc4MjQ4ZGQ2NjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwnPF2UtVZQ676qoKEsrkL+ktJuR
6G0X4Rv3MyciTaygU52Snqr061pqlvDMMToituDH4Pun8ZcR2usv+nUzJ2BNBnwO
8PEKOX4fGSK1VtjYETT/tyfU0PysPxw9o+2oIaYgJ0wcWRFvNVKwZfYOvgaSH/tc
Tkztsz1kdMOluNrQrVIAZc6gJlzhI8LTKyeJDElB6z3KBbVb9+mdmazecS8+X/if
YHxFw5TZLIXNPFyNdbY8rWGQYWRO9PI0IhKaiIZh5iXnAE0tA5LUj2qpQvVgHEHi
jNo1MN41tjMYrXXQeeoMMPAyWXZw3bc2ypPU4WV6C3QVRhFGOsM2dys3wwIDAQAB
o4IDUzCCA08wHQYDVR0OBBYEFLwJHSJZzWYjqDJxNk+TB4JI3WZvMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdkFrZElsbk5aaU9vTW5FMlQ1TUhna2pkWm04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZwYIKwYBBQUHAQcBAf8EggFWMIIBUjCCAU4EAgABMIIB
RgMEAAI7/QMEAgX8hAMEAB8N0wMEAC0JnQMEAC0M/QMEAC1C5AMEAC1C5wMEAC1R
JwMEAC1YQAMEAC1Z9wMEAC1aWQMEAC2LagMEAS2NngMEAC2XWgMEAE9uMgMEAFGh
7gMEAFPbYQMEAFQ2MAMEAFd4VwMEAFd4WQMEAFd4pgMEAFd5FgMEAFd5JgMEAFd5
LQMEAFd5VwMEAVd5fAMEAFd5pQMEAFtcRgMEAVx3xAMEAFz5MgMEAF17LQMEAF17
LwMEAF17VQMEAF17bQMEAF17dQMEAF17dwMEAF5nfQMEAl6aoAMEA16cQAMEAF6c
aQMEAF6cpwMEAF6c6AMEAF6c7wMEAI1iAQMEAI1iBjAMAwQAqxZJAwQCqxZIAwQA
stfjAwQCudhUAwQAwRnYAwQAwSMSAwQAwd5gAwQAwje6AwQAwqmvMA0GCSqGSIb3
DQEBCwUAA4IBAQCUDDnkrSyk/KDFPbKfDYB9AQajUFtd6F85VCgI1P4a8c6fgT1m
5gY3XI80ZN0hA8B1g1kbGSpowU7TUovROLKwiFDSEzemAZ/m137IYeySOz4/rCKo
3StNBWLkq1R6xtUF/hQSUeIa66RUGd0FG+9ldmGjrmr4JODtiQ4TynG7WI2i0dHq
TlSMKCHZKndmOKBczUGvfRXh3UssmWiv/upv89KJdE4TpZXIa+XjQKmm5325rs2o
iVsuHo4/uGVPV5frjX6gEsXx9Qkeu8re2pZk9bX2gvWwjiItbw+y5AamlXt8SEwd
WLAagfwT0bkEQtWDIrx7bE3hQSB5LB4Kra2g
-----END CERTIFICATE-----
Generated at Tue May 13 17:54:06 2025 by rpki-client