Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/J1PzCEn6DBv7NUURCPokoTNbzo4.roa
File: J1PzCEn6DBv7NUURCPokoTNbzo4.roa (raw, json)
Hash identifier: raQOghLy+KYVUCADRl52arAx6TY7aM1T7CkFzJ1jvGw=
Subject key identifier: 27:53:F3:08:49:FA:0C:1B:FB:35:45:11:08:FA:24:A1:33:5B:CE:8E
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 0195A8214F0113C8ABAA95769C92DA8EDFA6
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/J1PzCEn6DBv7NUURCPokoTNbzo4.roa
Signing time: Tue 18 Mar 2025 07:21:49 +0000
ROA not before: Tue 18 Mar 2025 07:21:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24589
IP address blocks: 31.42.80.0/20 maxlen: 20
83.243.88.0/21 maxlen: 21
84.38.136.0/21 maxlen: 21
87.99.64.0/19 maxlen: 19
87.99.64.0/24 maxlen: 24
87.99.65.0/24 maxlen: 24
87.99.66.0/24 maxlen: 24
87.99.67.0/24 maxlen: 24
87.99.95.0/24 maxlen: 24
88.135.128.0/19 maxlen: 19
91.90.224.0/19 maxlen: 29
91.90.225.0/24 maxlen: 24
91.90.230.0/24 maxlen: 24
91.90.231.0/24 maxlen: 24
91.90.236.0/24 maxlen: 24
91.90.237.0/25 maxlen: 25
91.90.238.0/24 maxlen: 24
91.90.252.64/29 maxlen: 29
91.90.255.0/24 maxlen: 24
91.233.214.0/23 maxlen: 23
109.197.208.0/21 maxlen: 21
109.197.208.0/24 maxlen: 24
109.229.192.0/19 maxlen: 19
171.25.218.0/23 maxlen: 23
176.103.176.0/22 maxlen: 22
176.103.184.0/24 maxlen: 24
176.106.48.0/20 maxlen: 20
176.106.96.0/21 maxlen: 21
176.106.100.0/23 maxlen: 23
176.106.160.0/20 maxlen: 20
176.106.176.0/21 maxlen: 21
185.47.10.0/24 maxlen: 24
185.47.11.0/24 maxlen: 24
185.220.196.0/22 maxlen: 22
185.220.196.0/24 maxlen: 24
193.111.244.0/22 maxlen: 22
193.238.212.0/22 maxlen: 22
193.238.212.128/25 maxlen: 25
193.238.216.0/21 maxlen: 21
194.9.212.0/22 maxlen: 22
194.9.212.0/24 maxlen: 24
195.69.88.0/22 maxlen: 22
213.110.64.0/19 maxlen: 19
2a01:8ca0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 19 Mar 2025 08:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a8:21:4f:01:13:c8:ab:aa:95:76:9c:92:da:8e:df:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Mar 18 07:21:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2753f30849fa0c1bfb35451108fa24a1335bce8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5b:ea:84:38:86:5c:b4:90:28:c1:07:44:c4:
49:43:1a:c6:98:d4:70:f1:2a:71:8e:de:44:74:d0:
5c:ad:4b:5c:d2:4e:e7:a1:f7:e8:d7:8d:c8:4d:dd:
93:54:68:1f:bc:64:3f:e3:67:4a:69:24:6c:f5:b3:
e4:e8:3a:65:fa:b9:fe:92:74:39:06:29:4b:e3:28:
bc:36:41:a4:d6:6e:be:f9:70:ef:53:d7:b8:62:c4:
b6:3f:16:27:b7:cc:9c:1b:f2:82:0e:d6:19:8e:38:
71:72:43:63:52:0e:4e:d1:c5:f2:73:81:fb:91:50:
78:da:f2:9a:f1:45:e3:37:80:60:af:41:73:90:48:
0e:da:be:d0:c2:98:a3:6e:aa:de:66:2c:83:1e:cc:
f1:32:46:7e:e7:8b:9d:54:cb:fe:2d:44:df:41:a5:
cc:81:a9:5a:04:f7:f7:63:72:e9:7b:f8:c6:69:cf:
70:dd:f6:eb:93:13:8b:01:42:3a:13:3f:12:18:2a:
da:36:dd:d4:78:4c:08:4b:72:e8:e6:b7:b4:40:73:
b6:dd:ff:ac:30:24:41:80:0f:ec:67:8a:6c:68:cd:
af:36:d4:ea:58:2b:10:ca:03:a4:5c:d6:d5:88:cc:
b1:d2:84:b9:47:b3:e6:75:cf:48:03:b6:5b:0c:f1:
1c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:53:F3:08:49:FA:0C:1B:FB:35:45:11:08:FA:24:A1:33:5B:CE:8E
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/J1PzCEn6DBv7NUURCPokoTNbzo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.80.0/20
83.243.88.0/21
84.38.136.0/21
87.99.64.0/19
88.135.128.0/19
91.90.224.0/19
91.233.214.0/23
109.197.208.0/21
109.229.192.0/19
171.25.218.0/23
176.103.176.0/22
176.103.184.0/24
176.106.48.0/20
176.106.96.0/21
176.106.160.0-176.106.183.255
185.47.10.0/23
185.220.196.0/22
193.111.244.0/22
193.238.212.0-193.238.223.255
194.9.212.0/22
195.69.88.0/22
213.110.64.0/19
IPv6:
2a01:8ca0::/32
Signature Algorithm: sha256WithRSAEncryption
83:4a:80:67:b2:88:2c:68:2f:5c:6f:40:20:a1:cf:9e:18:0b:
31:a8:04:db:47:50:32:92:3c:3b:9f:b6:4f:45:b5:7a:d1:88:
be:d6:78:02:19:8a:5d:8f:11:7b:36:ce:a6:e5:0c:78:a0:bc:
88:9a:1f:87:d8:22:ed:b1:2f:15:7a:79:ba:8a:ff:8c:c1:4a:
98:38:59:1a:b1:16:a0:43:af:81:7a:ab:2e:e4:2b:01:db:3f:
a0:b9:0d:22:56:c4:74:6b:ef:e6:e5:82:71:d9:90:73:9f:60:
da:83:17:f5:1b:af:7f:eb:b5:90:3e:50:e3:3c:40:65:d4:5b:
41:89:b5:59:7b:c7:c6:e3:a6:3b:eb:30:42:88:ee:c5:00:f2:
62:f5:30:46:e7:5d:a0:a1:7d:87:2e:b7:64:41:a3:44:ad:1a:
1e:40:62:7b:e7:36:40:5d:8f:0f:69:eb:f8:ff:06:ba:a1:32:
aa:05:17:bf:cb:4d:3b:ee:f1:54:4b:f6:0b:3b:fe:3f:d1:f7:
0c:e8:65:54:97:f5:55:49:3e:25:a3:53:38:1c:21:33:aa:91:
17:43:52:3a:5e:4d:23:88:d3:be:63:f0:a9:30:80:a4:d0:56:
7b:64:8f:d5:2d:c9:44:66:89:d9:89:5f:0a:27:e3:3a:95:3a:
56:9a:cf:2f
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAZWoIU8BE8irqpV2nJLajt+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjUwMzE4MDcyMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzUzZjMwODQ5ZmEwYzFiZmIzNTQ1MTEwOGZhMjRhMTMzNWJjZThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1vqhDiGXLSQKMEHRMRJQxrGmNRw
8Spxjt5EdNBcrUtc0k7noffo143ITd2TVGgfvGQ/42dKaSRs9bPk6Dpl+rn+knQ5
BilL4yi8NkGk1m6++XDvU9e4YsS2PxYnt8ycG/KCDtYZjjhxckNjUg5O0cXyc4H7
kVB42vKa8UXjN4Bgr0FzkEgO2r7QwpijbqreZiyDHszxMkZ+54udVMv+LUTfQaXM
galaBPf3Y3Lpe/jGac9w3fbrkxOLAUI6Ez8SGCraNt3UeEwIS3Lo5re0QHO23f+s
MCRBgA/sZ4psaM2vNtTqWCsQygOkXNbViMyx0oS5R7Pmdc9IA7ZbDPEcoQIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFCdT8whJ+gwb+zVFEQj6JKEzW86OMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvSjFQekNFbjZEQnY3TlVVUkNQb2tvVE5iem80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTCBmwQCAAEwgZQDBAQf
KlADBANT81gDBANUJogDBAVXY0ADBAVYh4ADBAVbWuADBAFb6dYDBANtxdADBAVt
5cADBAGrGdoDBAKwZ7ADBACwZ7gDBASwajADBAOwamAwDAMEBbBqoAMEA7BqsAME
AbkvCgMEArncxAMEAsFv9DAMAwQCwe7UAwQFwe7AAwQCwgnUAwQCw0VYAwQF1W5A
MA0EAgACMAcDBQAqAYygMA0GCSqGSIb3DQEBCwUAA4IBAQCDSoBnsogsaC9cb0Ag
oc+eGAsxqATbR1Aykjw7n7ZPRbV60Yi+1ngCGYpdjxF7Ns6m5Qx4oLyImh+H2CLt
sS8Venm6iv+MwUqYOFkasRagQ6+Beqsu5CsB2z+guQ0iVsR0a+/m5YJx2ZBzn2Da
gxf1G69/67WQPlDjPEBl1FtBibVZe8fG46Y76zBCiO7FAPJi9TBG512goX2HLrdk
QaNErRoeQGJ75zZAXY8Paev4/wa6oTKqBRe/y0077vFUS/YLO/4/0fcM6GVUl/VV
ST4lo1M4HCEzqpEXQ1I6Xk0jiNO+Y/CpMICk0FZ7ZI/VLclEZonZiV8KJ+M6lTpW
ms8v
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:06:56 2025 by rpki-client