Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AlZLX3g9oM0hVLIw0SQjrzMyRIE.roa
File: AlZLX3g9oM0hVLIw0SQjrzMyRIE.roa (raw, json)
Hash identifier: XglXwAxQl8mlZ8Fhm5M9fGCGgZGGyNFpL4liYa5sPjQ=
Subject key identifier: 02:56:4B:5F:78:3D:A0:CD:21:54:B2:30:D1:24:23:AF:33:32:44:81
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0196037436FB13CD1C4A373B070F03C9CF4E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AlZLX3g9oM0hVLIw0SQjrzMyRIE.roa
Signing time: Sat 05 Apr 2025 00:57:50 +0000
ROA not before: Sat 05 Apr 2025 00:57:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 83.219.98.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.121.60.0/24 maxlen: 24
87.121.61.0/24 maxlen: 24
93.123.74.0/23 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Apr 2025 11:43:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:03:74:36:fb:13:cd:1c:4a:37:3b:07:0f:03:c9:cf:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 5 00:57:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02564b5f783da0cd2154b230d12423af33324481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e7:b8:2d:0c:8a:d2:12:f6:29:25:5a:c0:f3:
20:f1:aa:3b:1a:84:c4:57:b2:32:c7:a9:2b:a9:90:
a5:ae:49:42:92:b5:44:7d:1d:0a:44:1e:bf:ec:b0:
b0:4f:73:4a:14:b0:8f:31:b1:63:1b:b7:e7:d7:75:
cd:4e:36:1f:55:64:b3:c0:7b:8d:d1:22:7a:2e:df:
80:da:d6:7f:ec:94:9d:64:69:54:fd:85:a9:75:2f:
6a:97:b6:ed:7b:50:18:84:0a:a5:13:68:e2:4e:c5:
04:d9:85:c5:f5:7a:89:bf:90:6a:97:af:a3:f6:00:
19:90:d4:79:f2:dc:d6:10:ee:2d:47:4f:85:46:00:
78:23:ee:60:f2:50:e0:b9:ad:8b:59:1b:0a:38:a1:
86:15:ef:61:7d:bb:0e:01:2e:d8:b5:e1:28:e5:b2:
e2:24:fe:c0:95:b7:56:fc:1d:e3:cf:93:17:c0:eb:
4f:9a:4c:1d:13:11:f6:86:bb:aa:5b:53:99:8a:a6:
f2:67:5a:9d:44:31:81:bc:02:83:7f:cb:dc:89:6e:
f0:dd:64:18:71:b3:35:de:ea:44:de:4a:50:31:15:
59:07:cf:c4:f9:c4:08:87:94:4b:fb:c7:9a:eb:86:
38:a4:72:54:ea:7e:68:6c:f4:35:b7:dc:6a:11:44:
f6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:56:4B:5F:78:3D:A0:CD:21:54:B2:30:D1:24:23:AF:33:32:44:81
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AlZLX3g9oM0hVLIw0SQjrzMyRIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.219.98.0/24
87.120.68.0/23
87.121.60.0/23
93.123.74.0/23
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
57:e7:6e:d3:2f:30:18:c8:5d:d9:cf:ee:b9:ce:be:6f:fe:6d:
e4:63:b6:5a:7b:98:a5:86:52:99:8b:98:99:46:9b:08:d3:15:
a0:55:96:ec:e6:8f:99:f0:ab:e2:1f:f3:c9:6a:b0:3c:d1:97:
d9:76:84:53:75:bb:87:80:87:d0:00:53:7e:83:c8:b1:5f:9d:
d6:a1:38:4b:05:8c:64:07:11:3c:5d:37:0f:53:d3:e2:72:1a:
66:73:9a:7e:de:77:f9:70:73:bc:a8:b1:f6:c3:a8:4a:15:35:
dc:6c:c1:c6:d2:4f:08:8d:be:a3:a2:d8:97:6c:d8:b3:9c:c3:
21:c0:d9:d6:5a:24:cc:01:52:ba:21:a5:d5:d2:bb:b1:70:e4:
c5:58:af:92:ed:13:5c:a2:74:23:2f:07:41:b2:99:c9:91:cd:
53:d6:43:a3:66:48:c8:48:6a:d6:e5:a5:10:ce:d7:ea:0d:62:
9e:7b:46:aa:b1:8a:f6:bc:b6:87:53:b8:e3:dc:e3:4d:c2:f8:
36:9b:18:17:84:66:7a:b0:8e:eb:18:4c:1d:45:65:31:b9:91:
aa:9e:36:ce:08:87:aa:26:58:49:e9:fc:36:f8:8f:2d:23:00:
eb:2f:84:42:6a:26:51:de:9b:5d:08:eb:73:a6:20:d5:fc:92:
ae:a5:da:58
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZYDdDb7E80cSjc7Bw8Dyc9OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNDA1MDA1NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjU2NGI1Zjc4M2RhMGNkMjE1NGIyMzBkMTI0MjNhZjMzMzI0NDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+e4LQyK0hL2KSVawPMg8ao7GoTE
V7Iyx6krqZClrklCkrVEfR0KRB6/7LCwT3NKFLCPMbFjG7fn13XNTjYfVWSzwHuN
0SJ6Lt+A2tZ/7JSdZGlU/YWpdS9ql7bte1AYhAqlE2jiTsUE2YXF9XqJv5Bql6+j
9gAZkNR58tzWEO4tR0+FRgB4I+5g8lDgua2LWRsKOKGGFe9hfbsOAS7YteEo5bLi
JP7AlbdW/B3jz5MXwOtPmkwdExH2hruqW1OZiqbyZ1qdRDGBvAKDf8vciW7w3WQY
cbM13upE3kpQMRVZB8/E+cQIh5RL+8ea64Y4pHJU6n5obPQ1t9xqEUT2LwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAJWS194PaDNIVSyMNEkI68zMkSBMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQWxaTFgzZzlvTTBoVkxJdzBTUWpyek15UklFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAU9tiAwQB
V3hEAwQBV3k8AwQBXXtKAwQBufygMA0GCSqGSIb3DQEBCwUAA4IBAQBX527TLzAY
yF3Zz+65zr5v/m3kY7Zae5ilhlKZi5iZRpsI0xWgVZbs5o+Z8KviH/PJarA80ZfZ
doRTdbuHgIfQAFN+g8ixX53WoThLBYxkBxE8XTcPU9Pichpmc5p+3nf5cHO8qLH2
w6hKFTXcbMHG0k8Ijb6jotiXbNiznMMhwNnWWiTMAVK6IaXV0ruxcOTFWK+S7RNc
onQjLwdBspnJkc1T1kOjZkjISGrW5aUQztfqDWKee0aqsYr2vLaHU7jj3ONNwvg2
mxgXhGZ6sI7rGEwdRWUxuZGqnjbOCIeqJlhJ6fw2+I8tIwDrL4RCaiZR3ptdCOtz
piDV/JKupdpY
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:44:54 2025 by rpki-client