Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Z_Yd9YQjw98wczqBKRgkaJNAuPU.roa
File: Z_Yd9YQjw98wczqBKRgkaJNAuPU.roa (raw, json)
Hash identifier: oLmJXaQybV5v43WcfjDyimr/bS1e0Pg4sS+IDHgnTiU=
Subject key identifier: 67:F6:1D:F5:84:23:C3:DF:30:73:3A:81:29:18:24:68:93:40:B8:F5
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019735645867933B372B29256BA9BA1C8969
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Z_Yd9YQjw98wczqBKRgkaJNAuPU.roa
Signing time: Tue 03 Jun 2025 10:44:18 +0000
ROA not before: Tue 03 Jun 2025 10:44:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214238
IP address blocks: 5.253.56.0/24 maxlen: 24
5.253.57.0/24 maxlen: 24
5.253.58.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.95.0.0/24 maxlen: 24
45.95.2.0/24 maxlen: 24
45.128.234.0/24 maxlen: 24
45.128.235.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
85.208.136.0/24 maxlen: 24
87.120.92.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
87.120.219.0/24 maxlen: 24
87.120.222.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
87.121.216.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
93.123.31.0/24 maxlen: 24
94.125.102.0/24 maxlen: 24
94.125.103.0/24 maxlen: 24
94.156.236.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
109.206.243.0/24 maxlen: 24
171.22.30.0/24 maxlen: 24
185.207.14.0/24 maxlen: 24
185.207.15.0/24 maxlen: 24
185.218.138.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.8.184.0/24 maxlen: 24
193.8.186.0/24 maxlen: 24
193.8.187.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
193.148.56.0/24 maxlen: 24
193.148.57.0/24 maxlen: 24
193.148.58.0/24 maxlen: 24
193.148.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 07:34:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:64:58:67:93:3b:37:2b:29:25:6b:a9:ba:1c:89:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 3 10:44:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67f61df58423c3df30733a81291824689340b8f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:26:c4:b2:38:75:4f:9e:0f:c9:cf:cb:21:da:
2b:e8:72:8d:92:93:c5:26:8c:7e:bf:2b:bc:2d:50:
99:f2:c2:19:6c:e5:35:d8:47:03:05:8e:fb:19:f8:
9e:d4:0c:a8:8f:69:15:6a:18:0a:3e:bb:5d:eb:01:
d8:69:42:43:61:13:d2:44:b6:01:22:16:ba:0b:92:
3b:5d:67:2b:50:5b:1b:26:a4:e7:f0:be:a9:60:3f:
cc:3c:cc:cf:bc:36:9f:72:b2:76:c9:72:b7:f3:5c:
45:d0:1e:64:7b:61:ad:5f:71:a1:c6:c8:e0:64:1c:
23:45:b2:d6:c5:17:e5:99:21:6a:03:0c:e5:b7:60:
99:b6:59:d5:2f:e5:9f:09:17:38:16:61:bc:72:5b:
60:b8:7b:fd:9f:08:7f:46:95:b7:46:dd:19:62:4c:
cb:c6:20:41:ea:38:d5:f0:96:c9:56:a8:0e:21:85:
d0:5b:62:1a:4f:ea:aa:61:34:01:e9:72:9a:98:88:
96:c8:bd:1d:53:51:5a:67:8b:ee:bf:ec:54:0b:f7:
3f:a7:01:00:32:5e:1f:f9:1f:ad:a9:68:21:be:e7:
b0:68:ca:8a:97:34:a5:cb:67:b4:a9:ee:74:00:c7:
13:9e:05:0c:71:7a:b3:ee:0b:d9:e8:90:f2:9f:c8:
b1:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:F6:1D:F5:84:23:C3:DF:30:73:3A:81:29:18:24:68:93:40:B8:F5
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Z_Yd9YQjw98wczqBKRgkaJNAuPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0-5.253.58.255
31.169.127.0/24
37.139.128.0/24
45.88.66.0/24
45.95.0.0/24
45.95.2.0/24
45.128.234.0/23
79.110.63.0/24
85.31.44.0/24
85.31.46.0/24
85.208.136.0/24
87.120.92.0/24
87.120.108.0/24
87.120.196.0/24
87.120.205.0/24
87.120.216.0/24
87.120.219.0/24
87.120.222.0/24
87.121.47.0/24
87.121.216.0/24
91.92.21.0/24
93.123.31.0/24
94.125.102.0/23
94.156.236.0/24
109.206.240.0/24
109.206.243.0/24
171.22.30.0/24
185.207.14.0/23
185.218.138.0/24
185.246.221.0/24
185.252.179.0/24
193.8.184.0/24
193.8.186.0/23
193.47.60.0/23
193.148.56.0/22
Signature Algorithm: sha256WithRSAEncryption
50:f2:b6:2f:e3:45:55:ec:45:99:7b:3a:c0:5d:af:f4:c4:1d:
d4:56:58:35:1a:be:b6:7f:41:0c:ba:87:b4:a0:5b:6a:41:a4:
5a:58:6d:e6:e3:d2:6a:37:cb:b3:e0:1f:be:c5:e2:77:8a:fa:
21:ab:13:10:bc:cb:2b:8e:d2:63:86:0d:bb:45:31:9d:ee:5a:
f8:89:b2:a6:03:ab:b8:ce:39:d1:c7:01:95:78:53:ae:31:e2:
f4:4f:90:85:5b:67:f8:2a:a4:23:d6:48:c7:42:de:8b:11:dc:
a7:1e:64:39:56:15:97:ef:bd:d1:c6:73:5f:f8:68:2e:68:b7:
80:f5:e9:b5:9a:4d:0b:3e:8f:88:57:b3:f4:c1:35:05:1b:65:
08:d8:46:46:38:39:ba:0f:d7:da:3d:4a:cc:5a:7c:37:7c:53:
0e:5e:33:cc:10:0f:02:7b:e8:63:5d:72:1d:e7:7f:b0:b9:29:
82:6f:99:b6:c2:42:55:ab:e0:66:a8:e8:6d:81:fd:47:ad:bf:
4e:48:ed:26:1e:3d:91:e8:3a:e4:a5:8a:fc:42:d8:bc:ff:be:
ff:74:e7:c2:af:0b:94:05:40:6a:89:0b:de:64:0b:1b:0b:f3:
87:24:43:88:5b:be:e7:7f:db:17:a6:ad:05:5b:1f:9c:2b:7d:
eb:a0:f4:65
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZc1ZFhnkzs3Kykla6m6HIlpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNjAzMTA0NDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2Y2MWRmNTg0MjNjM2RmMzA3MzNhODEyOTE4MjQ2ODkzNDBiOGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSbEsjh1T54Pyc/LIdor6HKNkpPF
Jox+vyu8LVCZ8sIZbOU12EcDBY77Gfie1Ayoj2kVahgKPrtd6wHYaUJDYRPSRLYB
Iha6C5I7XWcrUFsbJqTn8L6pYD/MPMzPvDafcrJ2yXK381xF0B5ke2GtX3Ghxsjg
ZBwjRbLWxRflmSFqAwzlt2CZtlnVL+WfCRc4FmG8cltguHv9nwh/RpW3Rt0ZYkzL
xiBB6jjV8JbJVqgOIYXQW2IaT+qqYTQB6XKamIiWyL0dU1FaZ4vuv+xUC/c/pwEA
Ml4f+R+tqWghvuewaMqKlzSly2e0qe50AMcTngUMcXqz7gvZ6JDyn8ix6QIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFGf2HfWEI8PfMHM6gSkYJGiTQLj1MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWl9ZZDlZUWp3OTh3Y3pxQktSZ2thSk5BdVBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdowDAME
AwX9OAMEAAX9OgMEAB+pfwMEACWLgAMEAC1YQgMEAC1fAAMEAC1fAgMEAS2A6gME
AE9uPwMEAFUfLAMEAFUfLgMEAFXQiAMEAFd4XAMEAFd4bAMEAFd4xAMEAFd4zQME
AFd42AMEAFd42wMEAFd43gMEAFd5LwMEAFd52AMEAFtcFQMEAF17HwMEAV59ZgME
AF6c7AMEAG3O8AMEAG3O8wMEAKsWHgMEAbnPDgMEALnaigMEALn23QMEALn8swME
AMEIuAMEAcEIugMEAcEvPAMEAsGUODANBgkqhkiG9w0BAQsFAAOCAQEAUPK2L+NF
VexFmXs6wF2v9MQd1FZYNRq+tn9BDLqHtKBbakGkWlht5uPSajfLs+AfvsXid4r6
IasTELzLK47SY4YNu0Uxne5a+ImypgOruM450ccBlXhTrjHi9E+QhVtn+CqkI9ZI
x0LeixHcpx5kOVYVl++90cZzX/hoLmi3gPXptZpNCz6PiFez9ME1BRtlCNhGRjg5
ug/X2j1KzFp8N3xTDl4zzBAPAnvoY11yHed/sLkpgm+ZtsJCVavgZqjobYH9R62/
TkjtJh49keg65KWK/ELYvP++/3Tnwq8LlAVAaokL3mQLGwvzhyRDiFu+53/bF6at
BVsfnCt966D0ZQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 19:28:30 2025 by rpki-client