Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_5OfI0k9BJ8jfDUGTo8Tp1Q7CnU.roa
File: _5OfI0k9BJ8jfDUGTo8Tp1Q7CnU.roa (raw, json)
Hash identifier: 65i9vlqB07xtvI4YUhIvkc4aE3ey6A+qxlA40ZhpgRc=
Subject key identifier: FF:93:9F:23:49:3D:04:9F:23:7C:35:06:4E:8F:13:A7:54:3B:0A:75
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019503F80E0EC3A47D407B964495147FBCAF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_5OfI0k9BJ8jfDUGTo8Tp1Q7CnU.roa
Signing time: Fri 14 Feb 2025 10:19:03 +0000
ROA not before: Fri 14 Feb 2025 10:19:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214417
IP address blocks: 2.59.253.0/24 maxlen: 24
45.66.230.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
176.125.254.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Feb 2025 09:19:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:03:f8:0e:0e:c3:a4:7d:40:7b:96:44:95:14:7f:bc:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 14 10:19:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff939f23493d049f237c35064e8f13a7543b0a75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:85:b7:8e:d8:7d:b6:b1:36:c0:81:e5:0c:c6:
d5:22:68:bf:40:cb:45:65:b1:ff:6c:3e:2c:5c:36:
df:19:46:7c:f3:f3:fd:6c:f7:58:c5:0d:fd:ad:f1:
8a:fa:3e:11:d1:69:ab:2c:67:ff:71:59:d0:66:85:
ff:dd:be:80:68:48:38:2f:19:6d:7c:8e:41:c0:c9:
79:43:93:eb:5f:c4:13:51:c7:b5:2b:46:eb:bb:09:
b9:06:25:86:c4:fd:54:12:32:1d:91:d3:1b:a2:3c:
59:f6:0c:da:54:33:14:ed:3c:c8:c8:e6:48:8f:64:
c6:52:15:9b:b3:62:5e:98:d5:8f:c6:60:50:c2:18:
69:04:aa:d0:99:ce:b9:a7:28:5d:8d:d4:ac:1d:54:
7c:04:43:b4:01:6d:82:fc:e1:0f:80:73:23:aa:4c:
da:79:0e:44:4e:a7:0e:80:44:46:1d:b8:3a:e2:ea:
30:4f:a0:08:b2:e9:f3:82:cd:6d:8a:72:1d:5d:46:
ce:5a:b4:f3:1f:c3:91:50:5d:17:69:be:14:6d:82:
16:9d:10:89:73:64:ea:6d:7e:13:a6:8d:de:40:6c:
ea:a1:73:49:0b:1d:d5:f0:ed:59:f3:26:9d:69:94:
79:e2:fb:57:c0:4c:65:7b:4c:3c:9e:7a:31:b2:ed:
f1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:93:9F:23:49:3D:04:9F:23:7C:35:06:4E:8F:13:A7:54:3B:0A:75
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_5OfI0k9BJ8jfDUGTo8Tp1Q7CnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.66.230.0/24
83.219.97.0/24
87.121.221.0/24
141.98.6.0/24
176.125.254.0/24
185.252.177.0/24
194.48.250.0/24
Signature Algorithm: sha256WithRSAEncryption
84:81:e1:b7:0b:e9:bd:e0:b9:c5:77:d7:b7:32:7a:e7:4e:06:
49:01:8e:35:4c:3f:0d:e0:a6:9d:cc:ee:3f:fc:d6:f0:11:8a:
dd:25:1d:3f:a6:41:39:6f:96:3c:9f:9d:63:e1:18:3e:df:cb:
44:06:b2:d4:ef:0c:41:4f:74:61:4c:76:e1:0c:83:92:25:6c:
6b:e7:ab:52:c9:76:bb:93:65:8d:84:03:8e:4a:94:e9:2c:d2:
5d:67:d0:12:c7:f7:1c:20:c0:0e:02:9f:4a:50:71:f2:4e:81:
a2:af:fe:32:c1:9a:2a:9a:0c:9a:0f:d4:85:86:82:2c:82:8f:
a6:53:61:53:07:a8:a3:b3:ba:0b:33:5c:1a:a6:a6:03:ca:e1:
81:9d:f2:a6:96:22:3f:61:64:56:00:47:90:5c:c5:9d:a0:fe:
6c:3c:be:ba:55:8e:6d:be:bc:a2:be:e2:34:00:92:6c:81:d4:
0b:b5:9a:5b:d4:5f:50:35:b5:39:a7:d6:b1:29:c9:41:05:78:
fc:8f:58:56:cd:d4:cb:81:4d:ce:f6:6a:71:d3:e9:d8:95:b5:
4f:cc:a0:47:2c:87:51:29:40:88:e0:de:e1:94:ef:1e:15:05:
35:e4:8d:2d:0d:8e:e3:8d:58:4b:28:81:4a:cf:ef:c6:3c:13:
6b:4b:49:2e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZUD+A4Ow6R9QHuWRJUUf7yvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMjE0MTAxOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjkzOWYyMzQ5M2QwNDlmMjM3YzM1MDY0ZThmMTNhNzU0M2IwYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4W3jth9trE2wIHlDMbVImi/QMtF
ZbH/bD4sXDbfGUZ88/P9bPdYxQ39rfGK+j4R0WmrLGf/cVnQZoX/3b6AaEg4Lxlt
fI5BwMl5Q5PrX8QTUce1K0bruwm5BiWGxP1UEjIdkdMbojxZ9gzaVDMU7TzIyOZI
j2TGUhWbs2JemNWPxmBQwhhpBKrQmc65pyhdjdSsHVR8BEO0AW2C/OEPgHMjqkza
eQ5ETqcOgERGHbg64uowT6AIsunzgs1tinIdXUbOWrTzH8ORUF0Xab4UbYIWnRCJ
c2TqbX4Tpo3eQGzqoXNJCx3V8O1Z8yadaZR54vtXwExle0w8nnoxsu3xEQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFP+TnyNJPQSfI3w1Bk6PE6dUOwp1MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvXzVPZkkwazlCSjhqZkRVR1RvOFRwMVE3Q25VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAAjv9AwQA
LULmAwQAU9thAwQAV3ndAwQAjWIGAwQAsH3+AwQAufyxAwQAwjD6MA0GCSqGSIb3
DQEBCwUAA4IBAQCEgeG3C+m94LnFd9e3MnrnTgZJAY41TD8N4KadzO4//NbwEYrd
JR0/pkE5b5Y8n51j4Rg+38tEBrLU7wxBT3RhTHbhDIOSJWxr56tSyXa7k2WNhAOO
SpTpLNJdZ9ASx/ccIMAOAp9KUHHyToGir/4ywZoqmgyaD9SFhoIsgo+mU2FTB6ij
s7oLM1wapqYDyuGBnfKmliI/YWRWAEeQXMWdoP5sPL66VY5tvryivuI0AJJsgdQL
tZpb1F9QNbU5p9axKclBBXj8j1hWzdTLgU3O9mpx0+nYlbVPzKBHLIdRKUCI4N7h
lO8eFQU15I0tDY7jjVhLKIFKz+/GPBNrS0ku
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:50:30 2025 by rpki-client