Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZeCSl4yEDj5VlNm7I5GLd-39J_Y.roa
File: ZeCSl4yEDj5VlNm7I5GLd-39J_Y.roa (raw, json)
Hash identifier: qUu6sSkmsAD899rInNCKKj7nfEwQOYv+NwcA4Ct41M4=
Subject key identifier: 65:E0:92:97:8C:84:0E:3E:55:94:D9:BB:23:91:8B:77:ED:FD:27:F6
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0195443A40F9A769A34D413C4C38A3302F8F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZeCSl4yEDj5VlNm7I5GLd-39J_Y.roa
Signing time: Wed 26 Feb 2025 21:47:03 +0000
ROA not before: Wed 26 Feb 2025 21:47:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214417
IP address blocks: 2.59.253.0/24 maxlen: 24
45.66.230.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
87.121.86.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
176.125.254.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Mar 2025 09:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:44:3a:40:f9:a7:69:a3:4d:41:3c:4c:38:a3:30:2f:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 26 21:47:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65e092978c840e3e5594d9bb23918b77edfd27f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:97:69:70:02:94:44:d0:70:32:8c:20:32:56:
06:4a:cd:02:48:d9:6e:06:ff:1d:1e:12:da:dd:42:
e8:9f:7e:eb:15:d9:56:6b:30:10:77:5c:89:30:51:
0b:f9:ba:97:dc:61:b9:9f:3c:6a:4d:11:18:0a:e2:
1a:bd:b0:06:53:04:96:f8:7b:84:f1:fc:72:5d:6f:
74:e7:8d:57:1f:09:92:ee:53:aa:3d:27:ad:b6:da:
5f:43:06:04:a9:4e:3d:00:d3:26:67:ac:b4:02:1c:
d2:60:11:c0:ea:e7:1c:c5:bd:98:a3:36:02:5d:c9:
b4:b2:dc:20:d2:90:fd:ec:c8:fc:51:26:cc:aa:53:
dd:74:c2:c7:7e:28:96:12:cd:9d:14:08:cb:dc:98:
23:b5:cc:9d:60:43:62:41:34:5c:bf:18:b1:bd:1e:
e1:a3:8c:26:46:95:fb:96:ea:cb:c7:3a:ae:57:98:
25:81:96:49:0d:fa:c2:ed:cd:80:b4:5c:15:d5:78:
94:2d:70:da:73:24:cb:79:5c:d7:22:ac:10:8d:f1:
a1:b8:fe:7e:64:ca:63:86:76:b9:88:17:a7:73:03:
f2:3a:d9:9d:b3:18:22:43:77:f0:98:e2:19:8a:97:
df:1a:df:3c:40:bc:b0:4b:d7:22:b1:f5:09:65:fe:
3a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:E0:92:97:8C:84:0E:3E:55:94:D9:BB:23:91:8B:77:ED:FD:27:F6
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZeCSl4yEDj5VlNm7I5GLd-39J_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.66.230.0/24
45.88.88.0/24
83.219.97.0/24
87.121.86.0/24
87.121.221.0/24
93.123.85.0/24
94.103.125.0/24
141.98.6.0/24
176.125.254.0/24
185.252.177.0/24
194.48.250.0/24
Signature Algorithm: sha256WithRSAEncryption
97:df:0d:bc:94:22:f5:a7:7d:ec:03:6a:36:b0:e4:17:6f:7a:
e2:75:bf:d2:4d:49:d7:3c:7d:b7:c5:eb:80:26:6c:b8:20:a7:
b5:9a:8d:6c:0c:52:90:27:27:50:c1:c5:41:1b:20:b4:5a:92:
15:cf:dc:9a:59:9f:4e:b5:56:b4:63:12:1f:cd:1b:0a:81:d6:
6c:7f:14:c7:f9:0d:0f:a0:72:6f:9d:55:c6:fc:0d:9d:b2:96:
93:67:f3:93:6d:bb:a8:85:60:b2:3b:e6:b7:ff:6c:c6:ae:f9:
b7:1f:68:a0:c2:f9:4b:f6:11:53:91:a0:1d:c5:bc:35:02:84:
93:40:ac:a9:9a:84:bc:62:f3:cb:35:b2:cc:05:35:05:be:12:
2d:a6:10:94:26:ab:73:df:d5:24:f8:3e:49:94:78:18:e1:40:
ed:96:c2:47:63:30:b1:49:65:44:c0:11:34:a4:96:8e:09:38:
93:94:ac:2d:d5:39:b0:e9:d7:ae:a9:f0:83:a3:49:5e:80:de:
a8:46:12:16:7b:9b:e1:cc:ad:16:46:20:dd:7e:21:d4:94:35:
b4:ab:25:fe:79:64:0d:dd:fc:d3:f5:43:d7:84:a1:7e:e1:fa:
b5:48:fd:df:fd:a2:1b:9e:55:54:10:4b:f1:1e:3d:10:ad:57:
08:dc:d4:eb
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZVEOkD5p2mjTUE8TDijMC+PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMjI2MjE0NzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWUwOTI5NzhjODQwZTNlNTU5NGQ5YmIyMzkxOGI3N2VkZmQyN2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5dpcAKURNBwMowgMlYGSs0CSNlu
Bv8dHhLa3ULon37rFdlWazAQd1yJMFEL+bqX3GG5nzxqTREYCuIavbAGUwSW+HuE
8fxyXW90541XHwmS7lOqPSetttpfQwYEqU49ANMmZ6y0AhzSYBHA6uccxb2YozYC
Xcm0stwg0pD97Mj8USbMqlPddMLHfiiWEs2dFAjL3JgjtcydYENiQTRcvxixvR7h
o4wmRpX7lurLxzquV5glgZZJDfrC7c2AtFwV1XiULXDacyTLeVzXIqwQjfGhuP5+
ZMpjhna5iBencwPyOtmdsxgiQ3fwmOIZipffGt88QLywS9cisfUJZf464QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGXgkpeMhA4+VZTZuyORi3ft/Sf2MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWmVDU2w0eUVEajVWbE5tN0k1R0xkLTM5Sl9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAAjv9AwQA
LULmAwQALVhYAwQAU9thAwQAV3lWAwQAV3ndAwQAXXtVAwQAXmd9AwQAjWIGAwQA
sH3+AwQAufyxAwQAwjD6MA0GCSqGSIb3DQEBCwUAA4IBAQCX3w28lCL1p33sA2o2
sOQXb3ridb/STUnXPH23xeuAJmy4IKe1mo1sDFKQJydQwcVBGyC0WpIVz9yaWZ9O
tVa0YxIfzRsKgdZsfxTH+Q0PoHJvnVXG/A2dspaTZ/OTbbuohWCyO+a3/2zGrvm3
H2igwvlL9hFTkaAdxbw1AoSTQKypmoS8YvPLNbLMBTUFvhItphCUJqtz39Uk+D5J
lHgY4UDtlsJHYzCxSWVEwBE0pJaOCTiTlKwt1Tmw6deuqfCDo0legN6oRhIWe5vh
zK0WRiDdfiHUlDW0qyX+eWQN3fzT9UPXhKF+4fq1SP3f/aIbnlVUEEvxHj0QrVcI
3NTr
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:28:51 2025 by rpki-client