Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qzlTfuKyIBmJdIYGJO4r3uBOEoA.roa
File: qzlTfuKyIBmJdIYGJO4r3uBOEoA.roa (raw, json)
Hash identifier: MVMdU6728PEHsxU6ch/QIKyOGep/lWnj0ZBYICu72tM=
Subject key identifier: AB:39:53:7E:E2:B2:20:19:89:74:86:06:24:EE:2B:DE:E0:4E:12:80
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019813F66C03E702D8F0001DE97A0008D279
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qzlTfuKyIBmJdIYGJO4r3uBOEoA.roa
Signing time: Wed 16 Jul 2025 15:59:33 +0000
ROA not before: Wed 16 Jul 2025 15:59:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215540
IP address blocks: 5.253.59.0/24 maxlen: 24
85.208.139.0/24 maxlen: 24
87.120.219.0/24 maxlen: 24
87.120.219.0/32 maxlen: 32
87.120.222.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
171.22.16.0/24 maxlen: 24
171.22.19.0/25 maxlen: 25
171.22.19.128/25 maxlen: 25
212.87.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Aug 2025 13:09:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:13:f6:6c:03:e7:02:d8:f0:00:1d:e9:7a:00:08:d2:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 16 15:59:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab39537ee2b220198974860624ee2bdee04e1280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c8:5e:5c:8f:0b:7d:02:ac:55:3b:c1:e4:30:
d8:bb:32:fc:12:be:92:ca:ae:e9:71:77:2f:c5:57:
b2:0c:96:59:04:4b:6b:c2:83:c6:5a:7b:80:b7:a7:
15:5f:7e:ad:87:4d:c2:87:d2:e0:24:1a:92:92:2f:
db:31:a8:6a:54:52:17:9e:73:d7:b9:f9:d0:d0:c5:
c6:e1:15:6f:18:9a:f9:97:aa:9f:47:23:fd:8b:06:
78:32:f9:2e:37:a6:85:90:5b:4f:ba:b7:76:a1:08:
69:5b:8c:ea:89:ac:74:b8:e5:47:e9:11:5c:92:4c:
b9:05:22:d7:77:55:65:6f:1b:d6:06:fa:c0:68:e3:
85:f8:27:ec:69:af:78:e3:6d:1c:a6:da:e0:b7:ef:
97:a7:4d:68:b1:bd:d0:83:ca:02:e1:04:b0:bd:ba:
ba:9a:ab:81:df:4f:87:36:c4:31:72:ea:be:45:6c:
a0:bc:61:79:86:21:b3:6f:11:dc:88:d0:62:a3:7a:
58:38:d1:fe:4d:c4:95:83:80:b7:de:46:b7:cc:28:
d7:a4:5f:bd:37:14:c7:28:09:3d:16:6d:8b:1c:7a:
ff:b2:fa:fe:3a:71:69:66:c0:33:aa:bd:da:90:7d:
7a:d8:ca:05:5e:aa:80:a2:0d:c3:13:c4:e9:6f:cf:
ca:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:39:53:7E:E2:B2:20:19:89:74:86:06:24:EE:2B:DE:E0:4E:12:80
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qzlTfuKyIBmJdIYGJO4r3uBOEoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.59.0/24
85.208.139.0/24
87.120.219.0/24
87.120.222.0/24
87.121.47.0/24
171.22.16.0/24
171.22.19.0/24
212.87.222.0/24
Signature Algorithm: sha256WithRSAEncryption
85:5e:ec:16:0e:4a:c9:bb:13:42:98:77:0f:68:85:0a:94:76:
c5:47:5b:0b:35:51:d7:5c:40:97:4e:ab:de:ce:15:0f:3c:8f:
c6:81:fd:3b:d5:2a:b5:c1:42:9b:e2:54:bf:7e:f5:07:f5:95:
f3:24:f8:52:04:01:57:b9:0d:2c:d9:5a:f7:e6:a1:23:d1:ed:
59:0e:81:a6:13:13:cf:4d:3a:35:ef:d6:95:80:ad:08:0d:5e:
15:b4:a0:cd:96:54:a1:18:8e:94:ed:be:6b:6d:3f:e0:8c:ee:
0b:7d:59:9f:5a:91:d0:f3:11:e1:ba:e7:19:ad:aa:e2:f1:0a:
e2:1c:72:a5:ac:e7:41:36:58:2d:ae:37:52:10:8d:47:7f:80:
9c:ea:4c:22:10:d5:b2:a0:52:a5:1d:05:b6:9a:64:b9:71:d2:
3a:76:dc:ca:32:97:8f:21:a1:c1:2e:12:8d:06:da:c2:ac:36:
b1:22:2e:a2:68:a5:8b:bd:2f:b4:2b:ab:db:7a:04:0c:df:71:
02:67:67:e3:cc:a7:b9:3b:5d:c8:0d:98:ac:0b:d8:ef:16:0e:
05:95:45:10:53:89:22:07:3f:f5:bb:ef:95:54:1b:38:39:9d:
c7:0f:9c:af:cb:a8:d2:c2:58:fb:35:f6:85:1b:f1:9a:65:c0:
01:63:ea:18
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZgT9mwD5wLY8AAd6XoACNJ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNzE2MTU1OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjM5NTM3ZWUyYjIyMDE5ODk3NDg2MDYyNGVlMmJkZWUwNGUxMjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcheXI8LfQKsVTvB5DDYuzL8Er6S
yq7pcXcvxVeyDJZZBEtrwoPGWnuAt6cVX36th03Ch9LgJBqSki/bMahqVFIXnnPX
ufnQ0MXG4RVvGJr5l6qfRyP9iwZ4MvkuN6aFkFtPurd2oQhpW4zqiax0uOVH6RFc
kky5BSLXd1VlbxvWBvrAaOOF+Cfsaa94420cptrgt++Xp01osb3Qg8oC4QSwvbq6
mquB30+HNsQxcuq+RWygvGF5hiGzbxHciNBio3pYONH+TcSVg4C33ka3zCjXpF+9
NxTHKAk9Fm2LHHr/svr+OnFpZsAzqr3akH162MoFXqqAog3DE8Tpb8/KBwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKs5U37isiAZiXSGBiTuK97gThKAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcXpsVGZ1S3lJQm1KZElZR0pPNHIzdUJPRW9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABf07AwQA
VdCLAwQAV3jbAwQAV3jeAwQAV3kvAwQAqxYQAwQAqxYTAwQA1FfeMA0GCSqGSIb3
DQEBCwUAA4IBAQCFXuwWDkrJuxNCmHcPaIUKlHbFR1sLNVHXXECXTqvezhUPPI/G
gf071Sq1wUKb4lS/fvUH9ZXzJPhSBAFXuQ0s2Vr35qEj0e1ZDoGmExPPTTo179aV
gK0IDV4VtKDNllShGI6U7b5rbT/gjO4LfVmfWpHQ8xHhuucZrari8QriHHKlrOdB
NlgtrjdSEI1Hf4Cc6kwiENWyoFKlHQW2mmS5cdI6dtzKMpePIaHBLhKNBtrCrDax
Ii6iaKWLvS+0K6vbegQM33ECZ2fjzKe5O13IDZisC9jvFg4FlUUQU4kiBz/1u++V
VBs4OZ3HD5yvy6jSwlj7NfaFG/GaZcABY+oY
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:50:02 2025 by rpki-client