Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/JsUmdClm53AxYvbTXsKo4uScDUQ.roa
File: JsUmdClm53AxYvbTXsKo4uScDUQ.roa (raw, json)
Hash identifier: 2Y5ZMzv5WFeSZ5NIWZmbiJVgiDxRt/77gjv/9DrHO4A=
Subject key identifier: 26:C5:26:74:29:66:E7:70:31:62:F6:D3:5E:C2:A8:E2:E4:9C:0D:44
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01951E580FFABE247EE6473F670C17D78D00
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/JsUmdClm53AxYvbTXsKo4uScDUQ.roa
Signing time: Wed 19 Feb 2025 13:14:02 +0000
ROA not before: Wed 19 Feb 2025 13:14:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8772
IP address blocks: 62.205.128.0/19 maxlen: 20
62.205.132.0/24 maxlen: 24
62.205.134.0/24 maxlen: 24
62.205.144.0/20 maxlen: 20
62.205.152.0/24 maxlen: 24
62.205.159.0/24 maxlen: 24
94.131.0.0/23 maxlen: 23
94.131.0.0/24 maxlen: 24
94.131.4.0/24 maxlen: 24
94.131.6.0/24 maxlen: 24
94.131.7.0/24 maxlen: 24
94.131.21.0/24 maxlen: 24
94.131.22.0/24 maxlen: 24
94.131.23.0/24 maxlen: 24
94.131.124.0/24 maxlen: 24
94.131.127.0/24 maxlen: 24
95.164.12.0/23 maxlen: 23
95.164.15.0/24 maxlen: 24
95.164.20.0/24 maxlen: 24
95.164.40.0/22 maxlen: 22
95.164.49.0/24 maxlen: 24
95.164.50.0/24 maxlen: 24
95.164.52.0/24 maxlen: 24
95.164.56.0/22 maxlen: 22
95.164.72.0/22 maxlen: 22
95.164.76.0/24 maxlen: 24
95.164.80.0/22 maxlen: 22
95.164.120.0/24 maxlen: 24
95.164.121.0/24 maxlen: 24
95.164.122.0/24 maxlen: 24
95.164.123.0/24 maxlen: 24
95.164.170.0/23 maxlen: 23
95.164.172.0/22 maxlen: 22
95.164.248.0/23 maxlen: 23
95.164.251.0/24 maxlen: 24
195.214.212.0/22 maxlen: 22
2a01:d0::/29 maxlen: 48
2a01:d0::/32 maxlen: 32
2a01:d0:4::/48 maxlen: 48
2a01:d0:a::/48 maxlen: 48
2a01:d0:28::/48 maxlen: 48
2a01:d0:3b::/48 maxlen: 48
2a01:d0:43::/48 maxlen: 48
2a01:d0:105::/48 maxlen: 48
2a01:d0:303::/48 maxlen: 48
2a01:d0:305::/48 maxlen: 48
2a01:d0:308::/48 maxlen: 48
2a01:d0:317::/48 maxlen: 48
2a01:d0:31d::/48 maxlen: 48
2a01:d0:333::/48 maxlen: 48
2a01:d0:962::/48 maxlen: 48
2a01:d0:1657::/48 maxlen: 48
2a01:d0:7fff::/48 maxlen: 48
2a01:d0:8000::/33 maxlen: 33
2a01:d0:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 10 Mar 2025 13:21:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1e:58:0f:fa:be:24:7e:e6:47:3f:67:0c:17:d7:8d:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Feb 19 13:14:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=26c526742966e7703162f6d35ec2a8e2e49c0d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d0:de:11:91:30:da:e8:fe:b5:72:79:d9:ad:
9a:2f:96:d8:44:8d:13:78:e7:62:a5:16:27:f7:02:
bd:64:7c:7c:8b:3d:d0:f6:00:28:dc:c5:19:9f:e5:
77:c3:f1:78:36:74:56:c2:a2:c3:8f:cc:cd:92:a8:
cc:62:a2:90:17:ee:14:5a:68:03:cd:37:70:67:30:
ed:8a:01:8e:8d:10:3f:ad:98:31:d9:d0:00:20:32:
b8:1d:27:57:46:17:de:58:94:84:0e:25:5a:08:81:
7a:0e:dc:6d:b3:24:04:4d:a0:ca:99:33:99:92:22:
3f:6b:e6:22:f6:9e:63:2c:c7:18:20:73:0b:2a:bb:
23:05:54:68:6e:2d:c8:8d:a2:d6:cd:18:31:dc:f8:
d4:dc:44:01:7b:33:6b:05:1f:c9:50:e3:34:c1:a2:
63:55:5d:80:8b:11:cf:8d:15:72:a7:eb:5a:bd:ec:
a0:b8:9b:02:a6:a2:e3:d3:f1:14:c3:1c:aa:b8:06:
aa:93:b7:af:cd:f7:a2:9d:36:89:de:e4:41:ea:6b:
71:16:4d:3e:61:84:89:6a:d1:e9:03:96:c4:d9:33:
9e:62:a8:3c:fa:3e:dd:28:eb:47:e1:26:f8:18:bf:
80:20:70:be:86:01:53:0d:b7:59:8e:4f:f2:33:c2:
fd:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:C5:26:74:29:66:E7:70:31:62:F6:D3:5E:C2:A8:E2:E4:9C:0D:44
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/JsUmdClm53AxYvbTXsKo4uScDUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
94.131.0.0/23
94.131.4.0/24
94.131.6.0/23
94.131.21.0-94.131.23.255
94.131.124.0/24
94.131.127.0/24
95.164.12.0/23
95.164.15.0/24
95.164.20.0/24
95.164.40.0/22
95.164.49.0-95.164.50.255
95.164.52.0/24
95.164.56.0/22
95.164.72.0-95.164.76.255
95.164.80.0/22
95.164.120.0/22
95.164.170.0-95.164.175.255
95.164.248.0/23
95.164.251.0/24
195.214.212.0/22
IPv6:
2a01:d0::/29
Signature Algorithm: sha256WithRSAEncryption
9f:fa:41:a8:f9:4f:0c:ab:5f:1f:de:28:42:e9:87:53:7f:26:
91:e2:63:38:af:f0:14:05:b6:9b:6a:11:72:0a:b4:28:60:cd:
1b:9a:e4:1f:24:3d:88:02:dc:2e:a4:69:fc:df:c9:5b:ee:5a:
9e:0f:f9:43:57:fe:92:b5:12:4b:db:0e:e8:42:87:2d:f3:10:
26:eb:3b:e5:1e:5b:4e:cb:3a:3d:da:5e:9f:dc:4c:ad:42:6f:
3f:79:13:e4:fa:3d:17:82:af:d6:89:c8:3b:dd:7f:c9:e2:d4:
db:b7:19:57:d8:0d:b2:62:bf:e9:c5:a9:40:41:37:cc:eb:d9:
ba:41:01:71:f9:63:08:bc:12:22:e6:b8:2e:4e:c1:fd:31:76:
d7:98:a8:50:2a:6c:73:50:d4:84:7f:02:2c:80:85:75:e5:0b:
d9:f2:1c:2b:9e:f0:1c:ac:13:ba:12:12:7a:ad:15:32:41:5b:
c8:c9:97:03:6b:57:d8:08:d6:4e:a1:ab:58:2d:65:98:f8:65:
81:98:3a:96:47:19:65:3c:03:50:79:fe:39:76:fe:a3:d7:aa:
91:92:f2:2b:e8:e1:70:02:8b:c7:c4:92:3b:68:69:95:20:c8:
3e:3e:6c:a3:7f:c1:3f:6b:f9:3e:00:1f:86:48:c1:c7:81:fa:
8e:16:4a:6b
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZUeWA/6viR+5kc/ZwwX140AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwMjE5MTMxNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmM1MjY3NDI5NjZlNzcwMzE2MmY2ZDM1ZWMyYThlMmU0OWMwZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtDeEZEw2uj+tXJ52a2aL5bYRI0T
eOdipRYn9wK9ZHx8iz3Q9gAo3MUZn+V3w/F4NnRWwqLDj8zNkqjMYqKQF+4UWmgD
zTdwZzDtigGOjRA/rZgx2dAAIDK4HSdXRhfeWJSEDiVaCIF6DtxtsyQETaDKmTOZ
kiI/a+Yi9p5jLMcYIHMLKrsjBVRobi3IjaLWzRgx3PjU3EQBezNrBR/JUOM0waJj
VV2AixHPjRVyp+taveyguJsCpqLj0/EUwxyquAaqk7evzfeinTaJ3uRB6mtxFk0+
YYSJatHpA5bE2TOeYqg8+j7dKOtH4Sb4GL+AIHC+hgFTDbdZjk/yM8L9UwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFCbFJnQpZudwMWL2017CqOLknA1EMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvSnNVbWRDbG01M0F4WXZiVFhzS280dVNjRFVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHKBggrBgEFBQcBBwEB/wSBujCBtzCBpQQCAAEwgZ4DBAU+
zYADBAFegwADBABegwQDBAFegwYwDAMEAF6DFQMEA16DEAMEAF6DfAMEAF6DfwME
AV+kDAMEAF+kDwMEAF+kFAMEAl+kKDAMAwQAX6QxAwQAX6QyAwQAX6Q0AwQCX6Q4
MAwDBANfpEgDBABfpEwDBAJfpFADBAJfpHgwDAMEAV+kqgMEBF+koAMEAV+k+AME
AF+k+wMEAsPW1DANBAIAAjAHAwUDKgEA0DANBgkqhkiG9w0BAQsFAAOCAQEAn/pB
qPlPDKtfH94oQumHU38mkeJjOK/wFAW2m2oRcgq0KGDNG5rkHyQ9iALcLqRp/N/J
W+5ang/5Q1f+krUSS9sO6EKHLfMQJus75R5bTss6Pdpen9xMrUJvP3kT5Po9F4Kv
1onIO91/yeLU27cZV9gNsmK/6cWpQEE3zOvZukEBcfljCLwSIua4Lk7B/TF215io
UCpsc1DUhH8CLICFdeUL2fIcK57wHKwTuhISeq0VMkFbyMmXA2tX2AjWTqGrWC1l
mPhlgZg6lkcZZTwDUHn+OXb+o9eqkZLyK+jhcAKLx8SSO2hplSDIPj5so3/BP2v5
PgAfhkjBx4H6jhZKaw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:49:59 2025 by rpki-client