Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8ZXTL34_aCxlQbW0nBITOMxAYSs.roa
File: 8ZXTL34_aCxlQbW0nBITOMxAYSs.roa (raw, json)
Hash identifier: IX9kJ9r7Xxd2vbfSrrIb4FMW73vmZwHiVcEKpHcmk3A=
Subject key identifier: F1:95:D3:2F:7E:3F:68:2C:65:41:B5:B4:9C:12:13:38:CC:40:61:2B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01953740B81E3A028FB226A8EFA9FD010144
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8ZXTL34_aCxlQbW0nBITOMxAYSs.roa
Signing time: Mon 24 Feb 2025 09:19:03 +0000
ROA not before: Mon 24 Feb 2025 09:19:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214417
IP address blocks: 2.59.253.0/24 maxlen: 24
45.66.230.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
87.121.86.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
176.125.254.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Feb 2025 21:41:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:40:b8:1e:3a:02:8f:b2:26:a8:ef:a9:fd:01:01:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 24 09:19:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f195d32f7e3f682c6541b5b49c121338cc40612b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4b:9a:43:21:35:cc:cf:d8:40:74:27:4a:9b:
13:b9:63:29:3e:e3:69:54:1d:50:c5:07:7e:82:19:
03:db:c1:f8:b1:a4:f8:a0:78:08:d8:2c:33:83:61:
2b:5d:6f:f9:fb:89:61:66:9e:02:37:32:e7:5f:fa:
ab:24:bf:46:59:55:35:a0:5f:aa:0a:82:36:69:3a:
ac:13:e3:94:21:58:84:d7:c1:33:7f:db:69:df:c3:
43:00:8b:4b:b6:58:05:91:1b:8f:0f:67:cd:09:68:
7d:2e:70:75:fb:ee:41:65:77:bb:c0:04:fc:7c:2c:
a8:11:65:13:c3:46:d6:a1:84:80:57:88:1b:54:f4:
22:04:13:e7:44:67:80:a0:fa:65:7f:00:67:3e:4b:
d7:65:02:83:8e:58:fa:3a:db:b0:2b:e5:7e:8a:fc:
c9:7f:ae:92:d5:3e:c6:48:e5:07:99:50:a0:a4:1c:
16:ec:ab:86:e7:0a:c7:5d:1c:7e:a9:d0:27:f9:99:
f1:0d:87:8f:cc:f6:5d:27:87:35:ce:bc:b2:d3:49:
5f:18:2e:15:e9:d6:82:5f:d3:b9:15:73:ec:62:67:
58:25:35:1a:f7:4f:ae:33:76:cf:d9:ae:6f:e8:2e:
1e:f4:ed:7f:37:92:7e:10:6b:0e:20:66:fb:1f:a2:
f3:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:95:D3:2F:7E:3F:68:2C:65:41:B5:B4:9C:12:13:38:CC:40:61:2B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8ZXTL34_aCxlQbW0nBITOMxAYSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.66.230.0/24
45.88.88.0/24
83.219.97.0/24
87.121.86.0/24
87.121.221.0/24
141.98.6.0/24
176.125.254.0/24
185.252.177.0/24
194.48.250.0/24
Signature Algorithm: sha256WithRSAEncryption
03:cb:89:46:85:01:82:80:27:77:ec:a4:a6:c8:fc:a5:0a:8f:
e3:f7:5a:e0:8a:06:89:42:01:34:cf:14:d9:0e:05:e4:66:f6:
8e:eb:96:86:15:f7:a4:52:0c:6f:78:c4:3a:bc:d3:59:48:d2:
84:86:15:fa:aa:96:9c:3d:eb:1a:69:31:96:76:d5:49:d6:e0:
a4:cb:ae:42:e8:7f:1c:c7:5a:8a:f4:94:02:cb:c0:7b:1d:70:
40:ec:44:ee:8d:0a:40:22:0f:cd:29:00:a7:67:24:50:7c:68:
d1:af:b8:a8:3c:e1:58:91:75:5a:83:b1:b5:2c:04:e0:58:81:
94:6b:68:a9:9d:5f:d4:7c:c8:04:f3:7d:f6:3d:a5:b3:9f:22:
a8:1c:c3:5c:5c:72:45:a2:db:d9:cc:b4:3c:3a:76:b7:a8:18:
37:0d:ca:56:4c:44:4c:50:95:96:3f:cc:b7:aa:00:18:30:42:
f5:5e:86:56:e4:74:88:de:af:6e:65:b4:5f:8a:eb:ef:64:a5:
1a:93:23:0a:73:e2:d6:60:c5:3c:b9:e4:87:25:9f:d8:21:47:
74:38:a0:09:1e:03:59:6c:26:3e:2a:1b:3b:10:12:93:9d:0b:
1f:b6:58:d6:bc:6c:fc:18:ea:5c:b9:20:90:26:2e:3c:31:31:
e6:3a:5a:01
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZU3QLgeOgKPsiao76n9AQFEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMjI0MDkxOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTk1ZDMyZjdlM2Y2ODJjNjU0MWI1YjQ5YzEyMTMzOGNjNDA2MTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukuaQyE1zM/YQHQnSpsTuWMpPuNp
VB1QxQd+ghkD28H4saT4oHgI2Cwzg2ErXW/5+4lhZp4CNzLnX/qrJL9GWVU1oF+q
CoI2aTqsE+OUIViE18Ezf9tp38NDAItLtlgFkRuPD2fNCWh9LnB1++5BZXe7wAT8
fCyoEWUTw0bWoYSAV4gbVPQiBBPnRGeAoPplfwBnPkvXZQKDjlj6OtuwK+V+ivzJ
f66S1T7GSOUHmVCgpBwW7KuG5wrHXRx+qdAn+ZnxDYePzPZdJ4c1zryy00lfGC4V
6daCX9O5FXPsYmdYJTUa90+uM3bP2a5v6C4e9O1/N5J+EGsOIGb7H6LzRwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFPGV0y9+P2gsZUG1tJwSEzjMQGErMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvOFpYVEwzNF9hQ3hsUWJXMG5CSVRPTXhBWVNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAAjv9AwQA
LULmAwQALVhYAwQAU9thAwQAV3lWAwQAV3ndAwQAjWIGAwQAsH3+AwQAufyxAwQA
wjD6MA0GCSqGSIb3DQEBCwUAA4IBAQADy4lGhQGCgCd37KSmyPylCo/j91rgigaJ
QgE0zxTZDgXkZvaO65aGFfekUgxveMQ6vNNZSNKEhhX6qpacPesaaTGWdtVJ1uCk
y65C6H8cx1qK9JQCy8B7HXBA7ETujQpAIg/NKQCnZyRQfGjRr7ioPOFYkXVag7G1
LATgWIGUa2ipnV/UfMgE8332PaWznyKoHMNcXHJFotvZzLQ8Ona3qBg3DcpWTERM
UJWWP8y3qgAYMEL1XoZW5HSI3q9uZbRfiuvvZKUakyMKc+LWYMU8ueSHJZ/YIUd0
OKAJHgNZbCY+Khs7EBKTnQsftljWvGz8GOpcuSCQJi48MTHmOloB
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:30:25 2025 by rpki-client