Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/x-OFcYONLDqtclyWACMM896uecM.roa
File: x-OFcYONLDqtclyWACMM896uecM.roa (raw, json)
Hash identifier: t9vB0BsystdmUMFHgWzfPAp8q7d2cdwDFpyiOqwhhqU=
Subject key identifier: C7:E3:85:71:83:8D:2C:3A:AD:72:5C:96:00:23:0C:F3:DE:AE:79:C3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0196FC67B520E2EF6B0A4F6266F56A4205CD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/x-OFcYONLDqtclyWACMM896uecM.roa
Signing time: Fri 23 May 2025 09:09:37 +0000
ROA not before: Fri 23 May 2025 09:09:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2.59.253.0/24 maxlen: 24
5.252.132.0/22 maxlen: 24
31.13.211.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.12.253.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.81.39.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.90.89.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.141.159.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
81.31.192.0/22 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.89.0/24 maxlen: 24
87.120.126.0/23 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.22.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.70.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.45.0/24 maxlen: 24
93.123.47.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
93.123.117.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.64.0/21 maxlen: 32
94.156.105.0/24 maxlen: 24
94.156.167.0/24 maxlen: 24
94.156.232.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
171.22.73.0/24 maxlen: 24
171.22.74.0/23 maxlen: 24
178.215.227.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
193.25.216.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
193.222.98.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
195.178.111.0/24 maxlen: 24
212.115.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 May 2025 13:13:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fc:67:b5:20:e2:ef:6b:0a:4f:62:66:f5:6a:42:05:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 23 09:09:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7e38571838d2c3aad725c9600230cf3deae79c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:01:25:77:50:17:43:fa:87:d0:02:eb:a5:a8:
7d:53:19:5d:52:2c:ca:ae:0a:44:da:9c:c4:76:c0:
93:ac:55:80:5c:2c:3c:c5:63:27:16:00:d3:45:1d:
88:df:51:d2:d9:2a:36:67:59:26:43:31:49:f9:f0:
26:3d:50:7f:44:eb:3b:d9:2a:96:ca:34:05:6d:99:
cc:f6:ff:ed:fc:56:10:cb:a8:87:3a:ae:e1:f2:e6:
a5:58:7d:69:61:3f:64:ec:2a:a2:d2:f1:f4:48:e2:
96:e3:f3:6d:de:2e:5a:54:07:9b:e0:9f:82:d5:d1:
f0:9b:63:86:a6:c8:f3:90:af:51:5c:e8:c6:90:00:
46:f1:0a:88:a1:3f:be:0d:4f:99:b3:68:f7:0c:10:
37:21:43:14:90:04:72:05:3e:d3:bf:f7:62:22:3f:
5b:48:35:1f:bf:28:29:fa:0f:8b:a6:53:20:96:62:
dd:bc:80:ee:73:74:fe:d6:aa:96:70:42:c5:a4:a4:
42:0f:fa:14:95:af:a4:7c:d1:3e:4a:b6:70:88:7c:
ea:0e:23:6c:7b:13:14:7f:ca:4e:87:2d:e6:8e:5d:
d9:9b:f0:21:09:4e:95:f6:9c:85:96:86:05:67:f3:
01:fd:f0:85:7c:c8:bc:3d:97:60:a4:1c:7d:ed:5b:
a6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:E3:85:71:83:8D:2C:3A:AD:72:5C:96:00:23:0C:F3:DE:AE:79:C3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/x-OFcYONLDqtclyWACMM896uecM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
5.252.132.0/22
31.13.211.0/24
45.8.93.0/24
45.9.157.0/24
45.12.253.0/24
45.66.228.0/24
45.66.231.0/24
45.81.39.0/24
45.88.64.0/24
45.89.247.0/24
45.90.89.0/24
45.139.106.0/24
45.141.158.0/23
45.151.90.0/24
81.31.192.0/22
81.161.238.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.89.0/24
87.120.126.0/23
87.120.166.0/24
87.121.22.0/24
87.121.38.0/24
87.121.45.0/24
87.121.87.0/24
87.121.124.0/23
87.121.165.0/24
91.92.70.0/24
92.119.196.0/23
92.249.50.0/24
93.123.45.0/24
93.123.47.0/24
93.123.85.0/24
93.123.109.0/24
93.123.117.0/24
93.123.119.0/24
94.103.125.0/24
94.154.160.0/22
94.156.64.0/21
94.156.105.0/24
94.156.167.0/24
94.156.232.0/24
94.156.239.0/24
141.98.1.0/24
141.98.6.0/24
171.22.73.0-171.22.75.255
178.215.227.0/24
185.216.84.0/22
193.25.216.0/24
193.35.18.0/24
193.222.96.0/24
193.222.98.0/24
194.55.186.0/24
194.169.175.0/24
195.178.111.0/24
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
28:b2:87:db:24:92:58:fd:85:58:58:71:da:ba:d4:9f:2a:51:
22:f9:70:7a:d5:25:e9:fd:67:5a:6f:f6:35:b0:4e:88:24:19:
2b:64:a1:3f:e9:62:41:a6:87:b0:8d:eb:51:e0:fc:88:2e:5d:
35:95:27:9e:44:22:3f:aa:32:83:d5:39:ed:70:09:73:ec:48:
c6:21:fb:87:f9:ca:28:4c:ed:49:d0:42:c7:3d:46:52:1f:01:
5f:ae:89:f1:4e:65:91:33:17:7a:a8:b8:c1:50:6f:8c:74:8f:
36:34:59:e4:d0:95:26:42:1a:31:a0:48:7d:93:ed:f4:43:0b:
b8:13:79:85:fb:20:96:24:d4:65:40:82:e0:3c:f0:cb:74:8a:
92:c8:27:4b:1d:f4:12:0e:ed:1a:8f:4a:36:3a:1b:40:d7:88:
29:7f:55:21:b9:2d:dd:27:f1:8c:73:09:ae:03:23:0c:83:78:
3f:64:05:de:39:8e:39:44:af:b2:aa:d4:54:2b:1e:fe:49:f6:
87:74:94:0c:c4:d2:ad:07:74:79:27:c6:88:c1:e2:ce:77:10:
b7:6a:a2:23:7e:02:68:bf:a5:45:37:ac:ff:a3:7e:55:32:a4:
82:11:0d:6e:36:0e:fd:37:06:6e:39:2f:ce:55:93:84:05:e4:
bd:af:74:c2
-----BEGIN CERTIFICATE-----
MIIGZTCCBU2gAwIBAgISAZb8Z7Ug4u9rCk9iZvVqQgXNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNTIzMDkwOTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2UzODU3MTgzOGQyYzNhYWQ3MjVjOTYwMDIzMGNmM2RlYWU3OWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQEld1AXQ/qH0ALrpah9UxldUizK
rgpE2pzEdsCTrFWAXCw8xWMnFgDTRR2I31HS2So2Z1kmQzFJ+fAmPVB/ROs72SqW
yjQFbZnM9v/t/FYQy6iHOq7h8ualWH1pYT9k7Cqi0vH0SOKW4/Nt3i5aVAeb4J+C
1dHwm2OGpsjzkK9RXOjGkABG8QqIoT++DU+Zs2j3DBA3IUMUkARyBT7Tv/diIj9b
SDUfvygp+g+LplMglmLdvIDuc3T+1qqWcELFpKRCD/oUla+kfNE+SrZwiHzqDiNs
exMUf8pOhy3mjl3Zm/AhCU6V9pyFloYFZ/MB/fCFfMi8PZdgpBx97VumxwIDAQAB
o4IDcTCCA20wHQYDVR0OBBYEFMfjhXGDjSw6rXJclgAjDPPernnDMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveC1PRmNZT05MRHF0Y2x5V0FDTU04OTZ1ZWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhQYIKwYBBQUHAQcBAf8EggF0MIIBcDCCAWwEAgABMIIB
ZAMEAAI7/QMEAgX8hAMEAB8N0wMEAC0IXQMEAC0JnQMEAC0M/QMEAC1C5AMEAC1C
5wMEAC1RJwMEAC1YQAMEAC1Z9wMEAC1aWQMEAC2LagMEAS2NngMEAC2XWgMEAlEf
wAMEAFGh7gMEAFPbYQMEAFQ2MAMEAFd4VwMEAFd4WQMEAVd4fgMEAFd4pgMEAFd5
FgMEAFd5JgMEAFd5LQMEAFd5VwMEAVd5fAMEAFd5pQMEAFtcRgMEAVx3xAMEAFz5
MgMEAF17LQMEAF17LwMEAF17VQMEAF17bQMEAF17dQMEAF17dwMEAF5nfQMEAl6a
oAMEA16cQAMEAF6caQMEAF6cpwMEAF6c6AMEAF6c7wMEAI1iAQMEAI1iBjAMAwQA
qxZJAwQCqxZIAwQAstfjAwQCudhUAwQAwRnYAwQAwSMSAwQAwd5gAwQAwd5iAwQA
wje6AwQAwqmvAwQAw7JvAwQA1HMpMA0GCSqGSIb3DQEBCwUAA4IBAQAosofbJJJY
/YVYWHHautSfKlEi+XB61SXp/Wdab/Y1sE6IJBkrZKE/6WJBpoewjetR4PyILl01
lSeeRCI/qjKD1TntcAlz7EjGIfuH+cooTO1J0ELHPUZSHwFfronxTmWRMxd6qLjB
UG+MdI82NFnk0JUmQhoxoEh9k+30Qwu4E3mF+yCWJNRlQILgPPDLdIqSyCdLHfQS
Du0aj0o2OhtA14gpf1UhuS3dJ/GMcwmuAyMMg3g/ZAXeOY45RK+yqtRUKx7+SfaH
dJQMxNKtB3R5J8aIweLOdxC3aqIjfgJov6VFN6z/o35VMqSCEQ1uNg79NwZuOS/O
VZOEBeS9r3TC
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:29:47 2025 by rpki-client