Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Zt1Cfh2mjPfp79NzSmug0kGoU2o.roa
File: Zt1Cfh2mjPfp79NzSmug0kGoU2o.roa (raw, json)
Hash identifier: 7a5XO41c1uPNXQbu8Dchy1M9Dlqb1OK3xFWUPpkLgN8=
Subject key identifier: 66:DD:42:7E:1D:A6:8C:F7:E9:EF:D3:73:4A:6B:A0:D2:41:A8:53:6A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01966BDF2FAA4578249654BA5F3CF6D99450
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Zt1Cfh2mjPfp79NzSmug0kGoU2o.roa
Signing time: Fri 25 Apr 2025 07:35:10 +0000
ROA not before: Fri 25 Apr 2025 07:35:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2.59.253.0/24 maxlen: 24
5.252.132.0/22 maxlen: 24
31.13.211.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.12.253.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.81.39.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.90.89.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.141.159.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.89.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.22.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.70.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.45.0/24 maxlen: 24
93.123.47.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
93.123.117.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.64.0/21 maxlen: 32
94.156.232.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
171.22.73.0/24 maxlen: 24
171.22.74.0/23 maxlen: 24
178.215.227.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
193.25.216.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Apr 2025 07:55:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6b:df:2f:aa:45:78:24:96:54:ba:5f:3c:f6:d9:94:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 25 07:35:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66dd427e1da68cf7e9efd3734a6ba0d241a8536a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:12:5b:94:97:2c:9f:2d:40:3a:5d:4c:7c:e2:
d3:43:3e:08:2d:38:39:30:15:48:12:0a:69:5d:3f:
e0:bb:b2:58:36:83:47:fa:3d:c9:47:bf:63:72:73:
72:f0:2b:0f:ce:27:06:07:12:12:32:bb:53:f5:fd:
2d:4b:64:a6:66:78:fb:4f:fd:8a:8d:c6:ed:b1:a9:
5d:09:49:2b:4b:01:7c:f1:0c:d9:aa:d8:19:c6:bf:
e9:d7:ed:a9:c6:d2:75:79:8c:4b:b7:75:99:ed:ea:
10:89:17:80:88:37:6d:c3:9b:a9:49:cf:d0:82:0e:
80:4e:05:a6:ef:de:e4:29:8d:88:a8:fe:e7:ee:f4:
84:f3:2d:4f:b9:e4:72:05:bf:9f:3b:69:a4:f7:ff:
8b:17:42:4c:92:e1:f3:4a:d9:26:fb:3c:2a:78:10:
5d:bc:76:e8:79:13:6d:ab:6c:7a:47:aa:6c:90:f1:
3b:c9:00:5f:c6:aa:cf:e4:43:18:ea:c2:c5:9e:d3:
2b:04:bb:c6:21:dc:f1:db:61:33:45:2b:60:72:6e:
a0:8d:62:fe:9f:e7:0a:80:36:0b:db:5d:8c:a6:e9:
9a:33:ed:53:e6:0e:d5:39:b9:aa:d4:8c:57:6e:3f:
e7:62:24:05:6e:a1:b4:fd:15:b7:c3:82:67:90:1b:
a8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:DD:42:7E:1D:A6:8C:F7:E9:EF:D3:73:4A:6B:A0:D2:41:A8:53:6A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Zt1Cfh2mjPfp79NzSmug0kGoU2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
5.252.132.0/22
31.13.211.0/24
45.9.157.0/24
45.12.253.0/24
45.66.228.0/24
45.66.231.0/24
45.81.39.0/24
45.88.64.0/24
45.89.247.0/24
45.90.89.0/24
45.139.106.0/24
45.141.158.0/23
45.151.90.0/24
79.110.50.0/24
81.161.238.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.89.0/24
87.120.166.0/24
87.121.22.0/24
87.121.38.0/24
87.121.45.0/24
87.121.87.0/24
87.121.124.0/23
87.121.162.0/24
87.121.165.0/24
91.92.70.0/24
92.249.50.0/24
93.123.45.0/24
93.123.47.0/24
93.123.85.0/24
93.123.109.0/24
93.123.117.0/24
93.123.119.0/24
94.103.125.0/24
94.154.160.0/22
94.156.64.0/21
94.156.232.0/24
94.156.239.0/24
141.98.1.0/24
141.98.6.0/24
171.22.73.0-171.22.75.255
178.215.227.0/24
185.216.84.0/22
193.25.216.0/24
193.35.18.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:77:09:a7:02:b9:47:c0:fa:94:a5:a3:ac:a4:c3:55:37:77:
73:53:a4:24:1e:2b:79:e7:f1:5a:24:99:a0:a3:81:d8:2d:a8:
8a:b5:e5:4f:23:48:69:4f:8c:9b:d6:df:77:28:a5:c0:73:18:
1e:ec:3c:c0:3d:9a:8d:10:73:22:a7:1b:b9:6b:88:e5:cd:31:
67:0a:e6:74:27:53:ef:b2:90:45:6f:7b:21:32:c2:21:ba:46:
52:49:2f:98:94:d2:07:a0:7e:f2:df:98:14:da:8d:6e:93:f7:
fd:db:bc:3f:61:28:2a:60:1f:fe:d3:a7:c4:c9:af:a0:dd:38:
10:70:c2:23:27:bd:fd:e3:69:90:81:06:5e:d9:33:2a:ab:90:
57:f0:e7:ba:8b:4f:b1:81:cd:14:e0:80:66:bd:fe:9b:bc:55:
ed:31:81:a8:c3:af:5e:ee:d5:72:f6:cf:f9:50:8b:77:dd:d0:
ec:72:14:6b:c0:cd:10:3a:19:b0:68:d5:4d:41:60:7b:eb:27:
58:c1:c8:d6:cb:b8:ac:83:2e:40:de:a1:4f:7d:cf:14:c0:6f:
ca:46:e5:3c:49:a0:0e:37:36:39:67:a6:05:12:36:97:9d:e3:
4e:b7:3e:19:aa:f0:19:52:45:5e:a4:79:9d:f5:49:c9:ca:5e:
68:f6:bf:0e
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgISAZZr3y+qRXgkllS6Xzz22ZRQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNDI1MDczNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmRkNDI3ZTFkYTY4Y2Y3ZTllZmQzNzM0YTZiYTBkMjQxYTg1MzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RJblJcsny1AOl1MfOLTQz4ILTg5
MBVIEgppXT/gu7JYNoNH+j3JR79jcnNy8CsPzicGBxISMrtT9f0tS2SmZnj7T/2K
jcbtsaldCUkrSwF88QzZqtgZxr/p1+2pxtJ1eYxLt3WZ7eoQiReAiDdtw5upSc/Q
gg6ATgWm797kKY2IqP7n7vSE8y1PueRyBb+fO2mk9/+LF0JMkuHzStkm+zwqeBBd
vHboeRNtq2x6R6pskPE7yQBfxqrP5EMY6sLFntMrBLvGIdzx22EzRStgcm6gjWL+
n+cKgDYL212MpumaM+1T5g7VObmq1IxXbj/nYiQFbqG0/RW3w4JnkBuoowIDAQAB
o4IDQTCCAz0wHQYDVR0OBBYEFGbdQn4dpoz36e/Tc0proNJBqFNqMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWnQxQ2ZoMm1qUGZwNzlOelNtdWcwa0dvVTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVQYIKwYBBQUHAQcBAf8EggFEMIIBQDCCATwEAgABMIIB
NAMEAAI7/QMEAgX8hAMEAB8N0wMEAC0JnQMEAC0M/QMEAC1C5AMEAC1C5wMEAC1R
JwMEAC1YQAMEAC1Z9wMEAC1aWQMEAC2LagMEAS2NngMEAC2XWgMEAE9uMgMEAFGh
7gMEAFPbYQMEAFQ2MAMEAFd4VwMEAFd4WQMEAFd4pgMEAFd5FgMEAFd5JgMEAFd5
LQMEAFd5VwMEAVd5fAMEAFd5ogMEAFd5pQMEAFtcRgMEAFz5MgMEAF17LQMEAF17
LwMEAF17VQMEAF17bQMEAF17dQMEAF17dwMEAF5nfQMEAl6aoAMEA16cQAMEAF6c
6AMEAF6c7wMEAI1iAQMEAI1iBjAMAwQAqxZJAwQCqxZIAwQAstfjAwQCudhUAwQA
wRnYAwQAwSMSAwQAwje6AwQAwqmvMA0GCSqGSIb3DQEBCwUAA4IBAQChdwmnArlH
wPqUpaOspMNVN3dzU6QkHit55/FaJJmgo4HYLaiKteVPI0hpT4yb1t93KKXAcxge
7DzAPZqNEHMipxu5a4jlzTFnCuZ0J1PvspBFb3shMsIhukZSSS+YlNIHoH7y35gU
2o1uk/f927w/YSgqYB/+06fEya+g3TgQcMIjJ73942mQgQZe2TMqq5BX8Oe6i0+x
gc0U4IBmvf6bvFXtMYGow69e7tVy9s/5UIt33dDschRrwM0QOhmwaNVNQWB76ydY
wcjWy7isgy5A3qFPfc8UwG/KRuU8SaAONzY5Z6YFEjaXneNOtz4ZqvAZUkVepHmd
9UnJyl5o9r8O
-----END CERTIFICATE-----
Generated at Sun Apr 27 21:33:38 2025 by rpki-client