Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cVzYHQkMieVMr6mpEalvyAHBLvA.roa
File: cVzYHQkMieVMr6mpEalvyAHBLvA.roa (raw, json)
Hash identifier: cv20KrhWJpQnoOIAHMw8isOfvkkeqkIeOLQABc7E8so=
Subject key identifier: 71:5C:D8:1D:09:0C:89:E5:4C:AF:A9:A9:11:A9:6F:C8:01:C1:2E:F0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824B29B7FCE61CAF9326F34EE075574
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cVzYHQkMieVMr6mpEalvyAHBLvA.roa
Signing time: Thu 02 Jan 2025 17:51:21 +0000
ROA not before: Thu 02 Jan 2025 17:51:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Jan 2025 06:24:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:b2:9b:7f:ce:61:ca:f9:32:6f:34:ee:07:55:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=715cd81d090c89e54cafa9a911a96fc801c12ef0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:96:f5:83:d1:79:e6:46:56:f5:22:55:28:e6:
e4:fb:26:03:52:a1:70:82:38:6f:b9:2a:14:de:fd:
a3:5f:f6:6c:ed:79:84:bf:40:b0:c5:04:0d:21:91:
40:01:9a:86:c0:88:dd:8b:10:3a:24:e9:29:56:81:
aa:bb:8f:e3:f1:a2:be:d9:4e:46:2e:53:ff:6f:75:
e0:b9:59:ad:9f:a1:82:4a:7a:88:67:2c:72:4b:ea:
fc:24:04:4f:e3:f8:69:e2:93:85:09:a9:e8:ad:ac:
96:c6:f3:57:bc:fd:25:f0:52:a1:b2:f6:f2:e2:42:
87:89:f4:a5:71:1e:cb:96:08:9a:83:11:9a:da:c4:
83:4f:4e:12:37:24:78:8e:29:fc:29:66:15:be:26:
16:ce:79:c7:ac:e1:6a:dd:04:09:a2:6c:e0:d8:eb:
b1:6a:2b:54:b5:ba:3f:bc:19:1b:6c:d6:18:99:c7:
12:a1:01:4d:88:4a:fa:5e:82:81:3e:43:30:11:06:
fd:d8:ac:e4:e4:ac:ee:38:66:6a:c3:91:1f:2c:93:
0b:ce:22:7b:09:e1:04:a5:32:76:c1:cd:e7:0a:23:
bb:cb:5c:b7:5e:ca:25:87:e7:20:bc:f3:15:c2:dc:
99:b6:0d:4a:ab:4f:b6:c8:3c:ff:e8:43:1c:d3:7e:
1a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:5C:D8:1D:09:0C:89:E5:4C:AF:A9:A9:11:A9:6F:C8:01:C1:2E:F0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cVzYHQkMieVMr6mpEalvyAHBLvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
79.110.51.0/24
94.154.162.0/24
109.206.239.0/24
193.37.40.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:bd:c6:3c:36:9a:21:f5:a8:3c:93:f4:94:13:ac:f7:4a:a3:
4c:06:e7:5c:3d:ee:5e:7a:90:4b:41:6f:b9:10:e2:0e:68:9d:
f8:7d:d4:78:38:fe:42:58:06:46:b9:c6:30:e0:59:0a:ec:f4:
38:74:a8:03:23:25:4d:13:f1:ea:b9:52:3c:e0:d9:0e:8f:cb:
fe:de:6b:7c:c2:23:98:e3:fb:f5:c0:73:70:64:aa:14:5f:39:
c7:63:72:4a:f1:ae:6f:0e:2a:f4:67:d3:fb:c0:ba:9f:f2:46:
56:cb:c8:8f:86:ee:72:ed:ea:15:28:d4:3f:1b:f4:f1:33:d1:
31:d8:b1:9e:69:b3:e0:2a:62:b8:67:98:9f:4a:26:2a:5d:17:
58:cd:c4:6b:51:f1:35:cd:11:3e:da:37:b6:f5:43:6e:45:ab:
6d:98:6d:c6:ef:8b:e4:6a:96:9e:75:b0:55:8e:5c:ae:01:04:
b8:cb:04:c8:9c:ed:98:76:c9:b3:fb:c4:1f:72:1a:4c:60:85:
53:61:02:80:6d:bd:d4:05:e0:2f:d1:6c:d3:4f:6e:62:c9:40:
9b:03:d3:88:7e:b7:43:83:53:bf:11:49:ce:ca:d6:08:72:bd:
e1:c5:21:22:e8:38:be:5b:02:3d:08:c3:e6:e1:87:1a:19:a1:
8b:d5:b3:40
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQoJLKbf85hyvkybzTuB1V0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTVjZDgxZDA5MGM4OWU1NGNhZmE5YTkxMWE5NmZjODAxYzEyZWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJb1g9F55kZW9SJVKObk+yYDUqFw
gjhvuSoU3v2jX/Zs7XmEv0CwxQQNIZFAAZqGwIjdixA6JOkpVoGqu4/j8aK+2U5G
LlP/b3XguVmtn6GCSnqIZyxyS+r8JARP4/hp4pOFCanorayWxvNXvP0l8FKhsvby
4kKHifSlcR7LlgiagxGa2sSDT04SNyR4jin8KWYVviYWznnHrOFq3QQJomzg2Oux
aitUtbo/vBkbbNYYmccSoQFNiEr6XoKBPkMwEQb92Kzk5KzuOGZqw5EfLJMLziJ7
CeEEpTJ2wc3nCiO7y1y3Xsolh+cgvPMVwtyZtg1Kq0+2yDz/6EMc034aGwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHFc2B0JDInlTK+pqRGpb8gBwS7wMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvY1Z6WUhRa01pZVZNcjZtcEVhbHZ5QUhCTHZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjv9AwQA
T24zAwQAXpqiAwQAbc7vAwQAwSUoMA0GCSqGSIb3DQEBCwUAA4IBAQBavcY8Npoh
9ag8k/SUE6z3SqNMBudcPe5eepBLQW+5EOIOaJ34fdR4OP5CWAZGucYw4FkK7PQ4
dKgDIyVNE/HquVI84NkOj8v+3mt8wiOY4/v1wHNwZKoUXznHY3JK8a5vDir0Z9P7
wLqf8kZWy8iPhu5y7eoVKNQ/G/TxM9Ex2LGeabPgKmK4Z5ifSiYqXRdYzcRrUfE1
zRE+2je29UNuRattmG3G74vkapaedbBVjlyuAQS4ywTInO2Ydsmz+8QfchpMYIVT
YQKAbb3UBeAv0WzTT25iyUCbA9OIfrdDg1O/EUnOytYIcr3hxSEi6Di+WwI9CMPm
4YcaGaGL1bNA
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:35:59 2025 by rpki-client