Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ltLoiUNoh0qSTdWQzy_t1wLdCtM.roa
File: ltLoiUNoh0qSTdWQzy_t1wLdCtM.roa (raw, json)
Hash identifier: qEfXjZgldzl12YUL15kxw2qNhkIG1Q+wkv6hQOz0wMU=
Subject key identifier: 96:D2:E8:89:43:68:87:4A:92:4D:D5:90:CF:2F:ED:D7:02:DD:0A:D3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0197355EDA45B19B5551FF4CCFE7BA1F84E4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ltLoiUNoh0qSTdWQzy_t1wLdCtM.roa
Signing time: Tue 03 Jun 2025 10:38:18 +0000
ROA not before: Tue 03 Jun 2025 10:38:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 37.139.128.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.128.234.0/24 maxlen: 24
45.128.235.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
85.208.136.0/24 maxlen: 24
87.120.92.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
87.120.219.0/24 maxlen: 24
87.120.222.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
94.156.236.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
109.206.243.0/24 maxlen: 24
171.22.30.0/24 maxlen: 24
185.207.14.0/23 maxlen: 24
185.218.138.0/24 maxlen: 24
185.246.220.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
193.148.56.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jun 2025 10:18:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:5e:da:45:b1:9b:55:51:ff:4c:cf:e7:ba:1f:84:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 3 10:38:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96d2e8894368874a924dd590cf2fedd702dd0ad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:41:4f:8f:70:3c:89:5f:3f:d7:19:7f:be:db:
1d:89:d7:73:2d:e1:8f:3e:6e:ba:f0:2b:30:43:1a:
79:48:d7:22:f3:4a:87:b2:f3:26:5e:5a:1f:b8:e9:
8b:73:9b:e5:5b:b0:51:92:d5:c4:74:56:c2:e9:1c:
f3:de:90:6e:b1:99:2c:dc:78:a2:f4:29:b0:39:18:
d0:e2:2a:e6:cd:04:fe:d2:ce:d3:55:74:b3:30:fc:
27:5f:50:c1:4d:a4:bb:19:02:3e:ff:0c:a6:ec:49:
ab:fc:b2:f1:22:3f:03:7c:9e:ed:e3:ad:57:10:e9:
5d:da:90:35:77:c0:57:db:73:96:cb:a8:10:21:79:
d8:b6:99:78:c4:56:1c:b7:e7:7e:45:45:c4:1f:11:
5a:9a:56:be:76:c1:2d:b5:88:b3:71:e5:f1:87:f5:
19:86:b1:b4:5b:87:ed:49:34:fd:dc:ac:d1:50:d1:
6f:33:3e:27:99:bb:bb:b5:4b:74:ad:54:5d:8d:54:
2f:9f:6e:cd:42:bd:84:f2:7f:a4:ce:13:fa:0e:73:
2e:20:53:b8:5a:c9:1f:a9:ce:36:32:cd:e1:0e:8f:
04:49:8e:a2:30:71:3e:b0:75:2d:c3:80:ac:40:00:
8d:02:b9:26:ef:f3:2d:6f:09:9d:1d:f2:61:68:d9:
4a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:D2:E8:89:43:68:87:4A:92:4D:D5:90:CF:2F:ED:D7:02:DD:0A:D3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ltLoiUNoh0qSTdWQzy_t1wLdCtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.128.0/24
45.88.66.0/24
45.128.234.0/23
79.110.63.0/24
85.31.44.0/24
85.31.46.0/24
85.208.136.0/24
87.120.92.0/24
87.120.108.0/24
87.120.196.0/24
87.120.205.0/24
87.120.216.0/24
87.120.219.0/24
87.120.222.0/24
87.121.47.0/24
91.92.21.0/24
94.156.236.0/24
109.206.240.0/24
109.206.243.0/24
171.22.30.0/24
185.207.14.0/23
185.218.138.0/24
185.246.220.0/23
185.252.179.0/24
193.47.60.0/23
193.148.56.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:22:59:82:43:af:8c:15:ac:09:e2:f5:31:e7:3a:8c:27:8b:
45:4b:e0:d9:d6:de:50:cd:14:2d:3a:d1:98:63:8f:de:cb:7a:
26:16:25:1f:c8:16:13:4e:44:18:af:94:b7:05:6c:21:0e:a1:
26:6d:ca:7d:5a:3c:ed:15:09:80:51:50:a1:0d:ae:18:94:66:
36:e9:76:00:87:b3:b1:96:8e:b3:f2:b9:20:b0:f9:7f:be:d4:
84:ce:57:e7:5f:c2:60:fa:6e:e5:dd:b0:1d:bc:d9:05:50:00:
f3:df:fc:4a:7e:83:49:e6:c3:36:3d:e6:63:77:e6:b5:9e:b9:
bd:c7:51:9e:fa:9e:20:82:ad:20:78:31:cf:2d:fe:3c:82:e5:
fb:6d:f2:e1:fb:9f:18:88:55:6c:17:75:2b:2e:44:c7:c6:b7:
a6:d5:8b:d1:41:ca:9f:da:93:c3:6d:db:27:9a:46:55:ec:0a:
02:1e:fb:cb:f9:0a:99:d9:ff:de:24:d3:53:3e:75:75:f3:52:
22:03:97:27:5c:4e:c4:c6:0d:90:17:07:0c:e2:3c:f8:cd:28:
1f:f7:56:55:08:ff:43:b6:c6:bc:8c:9e:bb:a2:d4:0c:3c:41:
6b:bb:45:4d:ba:b8:e7:6d:c4:49:da:b6:02:e3:b7:b5:b2:2e:
de:1b:b9:b9
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZc1XtpFsZtVUf9Mz+e6H4TkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNjAzMTAzODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmQyZTg4OTQzNjg4NzRhOTI0ZGQ1OTBjZjJmZWRkNzAyZGQwYWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUFPj3A8iV8/1xl/vtsdiddzLeGP
Pm668CswQxp5SNci80qHsvMmXlofuOmLc5vlW7BRktXEdFbC6Rzz3pBusZks3Hii
9CmwORjQ4irmzQT+0s7TVXSzMPwnX1DBTaS7GQI+/wym7Emr/LLxIj8DfJ7t461X
EOld2pA1d8BX23OWy6gQIXnYtpl4xFYct+d+RUXEHxFamla+dsEttYizceXxh/UZ
hrG0W4ftSTT93KzRUNFvMz4nmbu7tUt0rVRdjVQvn27NQr2E8n+kzhP6DnMuIFO4
Wskfqc42Ms3hDo8ESY6iMHE+sHUtw4CsQACNArkm7/MtbwmdHfJhaNlKwwIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFJbS6IlDaIdKkk3VkM8v7dcC3QrTMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbHRMb2lVTm9oMHFTVGRXUXp5X3Qxd0xkQ3RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAAl
i4ADBAAtWEIDBAEtgOoDBABPbj8DBABVHywDBABVHy4DBABV0IgDBABXeFwDBABX
eGwDBABXeMQDBABXeM0DBABXeNgDBABXeNsDBABXeN4DBABXeS8DBABbXBUDBABe
nOwDBABtzvADBABtzvMDBACrFh4DBAG5zw4DBAC52ooDBAG59twDBAC5/LMDBAHB
LzwDBALBlDgwDQYJKoZIhvcNAQELBQADggEBAAsiWYJDr4wVrAni9THnOowni0VL
4NnW3lDNFC060Zhjj97LeiYWJR/IFhNORBivlLcFbCEOoSZtyn1aPO0VCYBRUKEN
rhiUZjbpdgCHs7GWjrPyuSCw+X++1ITOV+dfwmD6buXdsB282QVQAPPf/Ep+g0nm
wzY95mN35rWeub3HUZ76niCCrSB4Mc8t/jyC5ftt8uH7nxiIVWwXdSsuRMfGt6bV
i9FByp/ak8Nt2yeaRlXsCgIe+8v5CpnZ/94k01M+dXXzUiIDlydcTsTGDZAXBwzi
PPjNKB/3VlUI/0O2xryMnrui1Aw8QWu7RU26uOdtxEnatgLjt7WyLt4bubk=
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:08:13 2025 by rpki-client