Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/h7ztOwweonHpbziek8j567B_AFo.roa
File: h7ztOwweonHpbziek8j567B_AFo.roa (raw, json)
Hash identifier: qri8dIafJGqV/QroFp1pAShmyo4uhbD5IT6ntUOC/xg=
Subject key identifier: 87:BC:ED:3B:0C:1E:A2:71:E9:6F:38:9E:93:C8:F9:EB:B0:7F:00:5A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0195A2D1C12A8055DCB9919616FD1F596A74
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/h7ztOwweonHpbziek8j567B_AFo.roa
Signing time: Mon 17 Mar 2025 06:36:50 +0000
ROA not before: Mon 17 Mar 2025 06:36:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214417
IP address blocks: 2.59.253.0/24 maxlen: 24
45.66.230.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
79.110.62.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
87.121.86.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.156.104.0/24 maxlen: 24
94.156.166.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
176.125.254.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Mar 2025 09:12:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a2:d1:c1:2a:80:55:dc:b9:91:96:16:fd:1f:59:6a:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 17 06:36:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87bced3b0c1ea271e96f389e93c8f9ebb07f005a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:3d:93:64:43:5d:2c:c2:56:f7:21:09:74:22:
36:b5:27:d6:9f:e8:44:39:a2:7a:76:bf:1f:42:01:
7c:f9:91:65:f3:0a:ed:bf:0d:58:c0:03:5a:77:45:
4a:e9:68:b5:b3:02:72:3c:e4:e7:fc:2f:c7:1c:75:
df:63:32:f4:10:9e:0e:48:2f:f4:5c:9d:e7:66:24:
62:d1:96:4e:e9:7f:f2:fe:98:66:7c:14:b2:d8:e3:
27:0a:0f:f6:db:05:36:c7:62:fd:9e:e3:af:1f:97:
84:ae:4e:da:7a:7e:2b:b4:d4:d2:cd:2c:cf:20:f3:
8f:08:9f:e0:f5:2e:22:fe:66:53:6f:d5:2a:5c:ba:
11:2d:3c:25:ca:90:71:2c:21:86:4d:81:34:45:39:
2d:a0:c6:e5:f6:16:3d:1b:60:c9:3e:2a:f3:39:f3:
53:2b:a2:d3:7b:39:1e:58:d8:24:92:d5:fa:a1:8f:
3b:81:b6:ec:bf:af:40:19:5a:91:13:7b:c1:52:aa:
76:9c:60:84:7a:97:a0:02:f8:91:82:21:1b:4f:32:
cd:db:82:00:08:25:1d:2c:9a:0f:8e:78:90:f4:bf:
27:b4:72:bc:8b:67:92:3a:e3:cf:f0:bc:88:2a:8c:
3e:ea:f3:00:a3:8e:a8:38:ec:2a:50:8e:86:66:f9:
4c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:BC:ED:3B:0C:1E:A2:71:E9:6F:38:9E:93:C8:F9:EB:B0:7F:00:5A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/h7ztOwweonHpbziek8j567B_AFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.66.230.0/24
45.88.88.0/24
79.110.62.0/24
83.219.97.0/24
87.121.86.0/24
87.121.221.0/24
93.123.85.0/24
94.103.125.0/24
94.156.104.0/24
94.156.166.0/24
141.98.6.0/24
176.125.254.0/24
185.252.177.0/24
194.48.250.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:61:07:bc:ad:84:2b:78:70:56:8f:8e:84:ee:b8:44:f7:d4:
c0:d4:17:e5:17:53:0f:21:b1:66:c8:8d:ef:af:68:b9:97:3c:
60:4d:1d:c9:a1:12:d5:5d:21:b2:cf:f1:e5:99:1f:80:17:02:
e4:ca:e9:fd:a7:68:4e:4c:a2:06:1d:75:e4:28:f3:16:b9:eb:
90:62:89:70:06:e6:2e:a4:8f:01:e4:41:2e:c9:e8:72:36:ff:
56:43:00:6c:86:63:69:0c:e9:07:14:f8:0d:38:44:72:ab:6d:
4e:29:f5:97:f5:97:54:92:ae:2f:c5:9f:60:69:e3:07:80:2d:
ba:f6:03:c9:4a:95:5c:4c:ef:ba:2c:ae:f6:92:3c:19:02:7d:
a8:02:3e:95:be:0f:85:9e:72:38:e6:9e:af:a3:83:7e:cc:ed:
dc:df:4b:6f:a2:d6:4f:2a:f9:21:99:e5:ea:fa:52:01:57:f2:
da:89:5a:73:c0:5d:fe:ae:51:ff:04:1b:92:71:51:37:80:f3:
ee:37:18:b6:91:4a:6a:a0:9d:26:45:f1:2d:b6:b8:b2:01:0d:
7c:14:84:9a:4a:ba:36:4b:5a:f6:ea:4a:ec:ee:ae:b1:1f:d9:
60:5b:28:03:63:0e:30:31:16:c3:43:fc:0f:58:83:10:8d:1f:
69:bc:00:16
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZWi0cEqgFXcuZGWFv0fWWp0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMzE3MDYzNjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2JjZWQzYjBjMWVhMjcxZTk2ZjM4OWU5M2M4ZjllYmIwN2YwMDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1T2TZENdLMJW9yEJdCI2tSfWn+hE
OaJ6dr8fQgF8+ZFl8wrtvw1YwANad0VK6Wi1swJyPOTn/C/HHHXfYzL0EJ4OSC/0
XJ3nZiRi0ZZO6X/y/phmfBSy2OMnCg/22wU2x2L9nuOvH5eErk7aen4rtNTSzSzP
IPOPCJ/g9S4i/mZTb9UqXLoRLTwlypBxLCGGTYE0RTktoMbl9hY9G2DJPirzOfNT
K6LTezkeWNgkktX6oY87gbbsv69AGVqRE3vBUqp2nGCEepegAviRgiEbTzLN24IA
CCUdLJoPjniQ9L8ntHK8i2eSOuPP8LyIKow+6vMAo46oOOwqUI6GZvlM+wIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFIe87TsMHqJx6W84npPI+euwfwBaMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaDd6dE93d2VvbkhwYnppZWs4ajU2N0JfQUZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAAjv9AwQA
LULmAwQALVhYAwQAT24+AwQAU9thAwQAV3lWAwQAV3ndAwQAXXtVAwQAXmd9AwQA
XpxoAwQAXpymAwQAjWIGAwQAsH3+AwQAufyxAwQAwjD6MA0GCSqGSIb3DQEBCwUA
A4IBAQCPYQe8rYQreHBWj46E7rhE99TA1BflF1MPIbFmyI3vr2i5lzxgTR3JoRLV
XSGyz/HlmR+AFwLkyun9p2hOTKIGHXXkKPMWueuQYolwBuYupI8B5EEuyehyNv9W
QwBshmNpDOkHFPgNOERyq21OKfWX9ZdUkq4vxZ9gaeMHgC269gPJSpVcTO+6LK72
kjwZAn2oAj6Vvg+FnnI45p6vo4N+zO3c30tvotZPKvkhmeXq+lIBV/LaiVpzwF3+
rlH/BBuScVE3gPPuNxi2kUpqoJ0mRfEttriyAQ18FISaSro2S1r26krs7q6xH9lg
WygDYw4wMRbDQ/wPWIMQjR9pvAAW
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:09:08 2025 by rpki-client