Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qUzXf9EO6V17eAZgQmeBe8xB_GU.roa
File: qUzXf9EO6V17eAZgQmeBe8xB_GU.roa (raw, json)
Hash identifier: SjWTwj8UGTyenBTxSDdVAlpUeCSbQtQ+rZk8OHF3vdA=
Subject key identifier: A9:4C:D7:7F:D1:0E:E9:5D:7B:78:06:60:42:67:81:7B:CC:41:FC:65
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0195847EF22F7400BE0304A75074BE3BD3DF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qUzXf9EO6V17eAZgQmeBe8xB_GU.roa
Signing time: Tue 11 Mar 2025 09:17:46 +0000
ROA not before: Tue 11 Mar 2025 09:17:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214417
IP address blocks: 2.59.253.0/24 maxlen: 24
45.66.230.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
87.121.86.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
176.125.254.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Mar 2025 19:26:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:84:7e:f2:2f:74:00:be:03:04:a7:50:74:be:3b:d3:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 11 09:17:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a94cd77fd10ee95d7b7806604267817bcc41fc65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8a:df:60:37:ca:af:3c:fc:fa:af:f8:82:cc:
d4:00:b7:31:0c:11:70:78:be:cb:80:3a:8f:41:bc:
d5:3f:4d:87:84:3c:62:cf:42:95:fe:d6:91:a6:1e:
39:7c:13:32:5e:5c:fd:a3:a2:fa:01:a5:80:eb:4b:
11:b3:c9:90:87:fd:da:53:2e:00:f0:c0:0b:15:a2:
2a:1b:f0:60:2c:7a:56:90:b6:15:be:50:39:1f:e8:
54:57:88:d0:85:ae:a0:83:f7:71:61:90:dd:4a:5b:
7c:48:73:fd:fa:b5:2a:85:b3:60:28:0c:6e:50:9d:
68:3d:b1:94:7a:d2:65:61:d5:f5:80:c1:3d:0a:1f:
7b:25:f6:60:e1:ad:81:ac:0f:0c:9b:3b:51:de:96:
6b:e5:43:73:d0:42:b2:d2:d0:a3:ea:37:ed:e2:19:
8d:b2:a0:36:50:cd:9d:76:e1:0b:92:81:7f:08:dc:
92:6d:f5:27:85:2b:86:14:f6:91:56:1a:07:f4:cb:
e5:57:01:a5:03:5c:c4:06:d0:ca:7e:e4:b1:f6:8b:
5b:3f:41:1b:2f:5f:d7:a3:4f:cd:64:e2:d8:4e:df:
8e:8d:a2:07:0f:f1:ca:03:ba:6b:e5:b3:70:a0:24:
17:21:9d:a9:f7:b1:3c:01:9f:cb:78:34:39:7d:98:
b4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:4C:D7:7F:D1:0E:E9:5D:7B:78:06:60:42:67:81:7B:CC:41:FC:65
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qUzXf9EO6V17eAZgQmeBe8xB_GU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.66.230.0/24
45.88.88.0/24
83.219.97.0/24
87.121.86.0/24
93.123.85.0/24
94.103.125.0/24
141.98.6.0/24
176.125.254.0/24
185.252.177.0/24
194.48.250.0/24
Signature Algorithm: sha256WithRSAEncryption
43:06:ff:30:76:d6:64:a8:ee:0f:bf:81:37:45:e1:9f:a2:1f:
92:8e:99:d9:24:33:eb:97:93:19:1d:7d:a1:44:04:9d:25:a2:
0c:28:9e:d6:06:a8:79:d7:23:43:e5:c0:8d:e5:2a:d6:46:8f:
cc:42:b0:6b:c2:3a:c7:90:1c:6c:b2:a0:30:bb:73:9a:77:07:
53:ee:2a:47:35:ac:24:47:44:58:76:ad:02:75:e2:79:c5:41:
d7:34:53:95:51:df:f2:a2:6a:3a:a9:0e:cc:31:ce:e6:3a:d4:
04:25:d9:94:52:cf:a7:03:4c:00:71:a3:76:48:fb:b3:d5:90:
15:da:ba:dc:8e:b1:04:1c:88:c8:6f:c6:5a:4c:c8:27:76:58:
55:d3:af:08:d0:bc:56:39:33:c8:cc:73:ef:c9:ae:8b:28:98:
df:ab:54:90:c5:97:47:4a:bb:d2:4c:ea:6a:a8:05:92:de:4b:
93:e0:51:7e:cc:ff:63:38:35:53:85:5f:18:56:81:44:59:e6:
ba:d8:79:44:33:99:02:71:9a:c1:c3:7a:ec:f4:7e:aa:96:f4:
32:f0:29:1d:d7:14:d6:c0:61:99:cd:a5:0c:e1:fa:6e:8d:40:
d2:98:38:d7:0e:69:ee:10:bd:b8:a6:8a:4a:da:dd:0d:d5:fb:
1e:7f:a9:ef
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZWEfvIvdAC+AwSnUHS+O9PfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMzExMDkxNzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTRjZDc3ZmQxMGVlOTVkN2I3ODA2NjA0MjY3ODE3YmNjNDFmYzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIrfYDfKrzz8+q/4gszUALcxDBFw
eL7LgDqPQbzVP02HhDxiz0KV/taRph45fBMyXlz9o6L6AaWA60sRs8mQh/3aUy4A
8MALFaIqG/BgLHpWkLYVvlA5H+hUV4jQha6gg/dxYZDdSlt8SHP9+rUqhbNgKAxu
UJ1oPbGUetJlYdX1gME9Ch97JfZg4a2BrA8MmztR3pZr5UNz0EKy0tCj6jft4hmN
sqA2UM2dduELkoF/CNySbfUnhSuGFPaRVhoH9MvlVwGlA1zEBtDKfuSx9otbP0Eb
L1/Xo0/NZOLYTt+OjaIHD/HKA7pr5bNwoCQXIZ2p97E8AZ/LeDQ5fZi00wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFKlM13/RDulde3gGYEJngXvMQfxlMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcVV6WGY5RU82VjE3ZUFaZ1FtZUJlOHhCX0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAAjv9AwQA
LULmAwQALVhYAwQAU9thAwQAV3lWAwQAXXtVAwQAXmd9AwQAjWIGAwQAsH3+AwQA
ufyxAwQAwjD6MA0GCSqGSIb3DQEBCwUAA4IBAQBDBv8wdtZkqO4Pv4E3ReGfoh+S
jpnZJDPrl5MZHX2hRASdJaIMKJ7WBqh51yND5cCN5SrWRo/MQrBrwjrHkBxssqAw
u3OadwdT7ipHNawkR0RYdq0CdeJ5xUHXNFOVUd/yomo6qQ7MMc7mOtQEJdmUUs+n
A0wAcaN2SPuz1ZAV2rrcjrEEHIjIb8ZaTMgndlhV068I0LxWOTPIzHPvya6LKJjf
q1SQxZdHSrvSTOpqqAWS3kuT4FF+zP9jODVThV8YVoFEWea62HlEM5kCcZrBw3rs
9H6qlvQy8Ckd1xTWwGGZzaUM4fpujUDSmDjXDmnuEL24popK2t0N1fsef6nv
-----END CERTIFICATE-----
Generated at Sun Apr 27 10:33:00 2025 by rpki-client