Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IuufqN1WKKL0OTg_oBo5Nv8J014.roa
File: IuufqN1WKKL0OTg_oBo5Nv8J014.roa (raw, json)
Hash identifier: dRGD6QAH3LJ8eQSBgObpXMOhbXZUPNQ68plUkXR+eIc=
Subject key identifier: 22:EB:9F:A8:DD:56:28:A2:F4:39:38:3F:A0:1A:39:36:FF:09:D3:5E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0195EB799AFFD64D1798419DA147BF13B18B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IuufqN1WKKL0OTg_oBo5Nv8J014.roa
Signing time: Mon 31 Mar 2025 09:12:50 +0000
ROA not before: Mon 31 Mar 2025 09:12:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214417
IP address blocks: 45.66.230.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
79.110.62.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
87.121.86.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.156.104.0/24 maxlen: 24
94.156.166.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Mar 2025 10:08:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:eb:79:9a:ff:d6:4d:17:98:41:9d:a1:47:bf:13:b1:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 31 09:12:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22eb9fa8dd5628a2f439383fa01a3936ff09d35e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2d:6b:37:40:0d:ff:46:eb:41:a7:78:1d:04:
0e:39:34:cc:53:02:72:d1:61:44:93:2e:c0:9b:87:
34:95:3e:48:e7:71:13:d3:81:7c:e7:db:7d:2f:88:
03:9a:e5:83:2a:d3:bd:5d:55:45:f1:d5:42:29:23:
67:35:0b:9a:74:3b:95:2c:3e:69:93:be:67:7e:80:
73:0d:47:96:9b:9e:80:bc:0e:e1:8a:bf:2e:61:3b:
31:39:4b:f1:c7:5b:4c:c6:d3:b0:ce:ee:7f:5b:08:
e2:eb:9a:a1:27:07:d5:e4:43:34:cd:f4:f3:f0:05:
3d:72:18:9b:1b:44:67:77:2a:42:94:62:1c:f1:d4:
1f:ed:c3:17:1f:05:3d:38:c2:6f:29:82:11:bd:4d:
2b:dc:99:f5:9b:b5:77:38:a7:e0:eb:2a:b0:9e:69:
b0:f6:84:b5:aa:b3:5b:79:ab:96:ef:b7:b7:f9:4d:
b9:13:c1:72:9a:9d:f3:e0:02:70:8b:74:11:cb:3f:
9c:cc:fe:c0:17:cc:d7:25:ab:c9:a5:29:11:b1:49:
4e:2c:ff:d1:96:1c:8c:da:5a:08:ca:a6:1d:a2:d1:
96:42:ee:75:81:39:2e:ff:87:3b:44:5b:b3:9e:dd:
48:a9:9c:03:85:58:6c:a5:e3:6d:48:f0:f2:f7:fa:
79:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:EB:9F:A8:DD:56:28:A2:F4:39:38:3F:A0:1A:39:36:FF:09:D3:5E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IuufqN1WKKL0OTg_oBo5Nv8J014.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.230.0/24
45.88.88.0/24
79.110.62.0/24
83.219.97.0/24
87.121.86.0/24
87.121.221.0/24
93.123.85.0/24
94.103.125.0/24
94.156.104.0/24
94.156.166.0/24
141.98.6.0/24
185.252.177.0/24
194.48.250.0/24
Signature Algorithm: sha256WithRSAEncryption
12:68:50:29:cc:99:4a:5c:c7:da:2f:35:4e:e7:df:6f:21:cf:
ef:2a:f0:5d:e2:5c:a3:68:2e:d5:ed:01:27:99:c3:0b:92:dc:
8d:d4:80:31:b8:e8:a4:33:4e:5b:3c:d0:19:c8:16:69:39:fd:
25:eb:a9:c1:6a:6e:b6:d8:3a:f0:31:c0:98:04:6c:16:57:f0:
02:a5:ce:60:f4:4f:25:e5:16:13:19:47:35:28:f3:55:e7:5f:
ae:fc:a9:8f:29:41:18:a6:b9:cb:50:80:26:36:b7:5b:a2:f0:
7c:96:9e:33:50:20:d6:13:4d:46:aa:f1:2c:ba:5b:cb:5c:26:
a0:fe:c6:2d:94:23:93:71:8a:01:1c:d3:c8:22:f7:54:37:9b:
bc:95:4a:3a:6c:cc:00:46:c7:91:2e:22:9a:7f:98:d8:d9:f1:
1d:7e:9b:f1:1d:6d:3a:10:8d:75:95:9b:89:ad:fe:7c:55:6f:
fc:ca:05:11:23:f0:47:1e:7d:f5:b2:73:01:11:b1:8c:39:b4:
12:52:61:af:d2:25:b3:52:c2:d3:ae:48:fb:ce:cc:eb:41:1e:
12:7b:6b:77:05:9b:c4:0c:e1:77:7c:7c:a3:de:59:bc:b1:59:
fa:f0:a5:08:05:c2:4d:7b:fb:77:c4:17:f6:84:aa:d1:61:dc:
8d:5d:8b:6c
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZXreZr/1k0XmEGdoUe/E7GLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMzMxMDkxMjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmViOWZhOGRkNTYyOGEyZjQzOTM4M2ZhMDFhMzkzNmZmMDlkMzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqi1rN0AN/0brQad4HQQOOTTMUwJy
0WFEky7Am4c0lT5I53ET04F859t9L4gDmuWDKtO9XVVF8dVCKSNnNQuadDuVLD5p
k75nfoBzDUeWm56AvA7hir8uYTsxOUvxx1tMxtOwzu5/Wwji65qhJwfV5EM0zfTz
8AU9chibG0RndypClGIc8dQf7cMXHwU9OMJvKYIRvU0r3Jn1m7V3OKfg6yqwnmmw
9oS1qrNbeauW77e3+U25E8Fymp3z4AJwi3QRyz+czP7AF8zXJavJpSkRsUlOLP/R
lhyM2loIyqYdotGWQu51gTku/4c7RFuznt1IqZwDhVhspeNtSPDy9/p51wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFCLrn6jdViii9Dk4P6AaOTb/CdNeMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSXV1ZnFOMVdLS0wwT1RnX29CbzVOdjhKMDE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALULmAwQA
LVhYAwQAT24+AwQAU9thAwQAV3lWAwQAV3ndAwQAXXtVAwQAXmd9AwQAXpxoAwQA
XpymAwQAjWIGAwQAufyxAwQAwjD6MA0GCSqGSIb3DQEBCwUAA4IBAQASaFApzJlK
XMfaLzVO599vIc/vKvBd4lyjaC7V7QEnmcMLktyN1IAxuOikM05bPNAZyBZpOf0l
66nBam622DrwMcCYBGwWV/ACpc5g9E8l5RYTGUc1KPNV51+u/KmPKUEYprnLUIAm
NrdbovB8lp4zUCDWE01GqvEsulvLXCag/sYtlCOTcYoBHNPIIvdUN5u8lUo6bMwA
RseRLiKaf5jY2fEdfpvxHW06EI11lZuJrf58VW/8ygURI/BHHn31snMBEbGMObQS
UmGv0iWzUsLTrkj7zszrQR4Se2t3BZvEDOF3fHyj3lm8sVn68KUIBcJNe/t3xBf2
hKrRYdyNXYts
-----END CERTIFICATE-----
Generated at Sun Apr 27 13:21:42 2025 by rpki-client