Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/j7B7oQhAwsn-n-d9QVreFZqanh0.roa
File: j7B7oQhAwsn-n-d9QVreFZqanh0.roa (raw, json)
Hash identifier: TOVpgw/51UJfhbljYR+kutr1hHR3Y87mkdc0YAZerEI=
Subject key identifier: 8F:B0:7B:A1:08:40:C2:C9:FE:9F:E7:7D:41:5A:DE:15:9A:9A:9E:1D
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 0195B8B11D1444F20B2AB7CA9A281E0AADEF
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/j7B7oQhAwsn-n-d9QVreFZqanh0.roa
Signing time: Fri 21 Mar 2025 12:32:49 +0000
ROA not before: Fri 21 Mar 2025 12:32:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12238
IP address blocks: 62.93.164.0/22 maxlen: 24
62.93.176.0/22 maxlen: 24
84.20.4.0/22 maxlen: 24
84.20.16.0/22 maxlen: 24
84.20.24.0/22 maxlen: 24
213.139.8.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Mar 2025 21:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b8:b1:1d:14:44:f2:0b:2a:b7:ca:9a:28:1e:0a:ad:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Mar 21 12:32:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8fb07ba10840c2c9fe9fe77d415ade159a9a9e1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e0:33:ab:57:04:83:5f:ab:7c:04:96:cb:ee:
4b:3f:24:af:0e:d1:32:5a:14:ee:29:6c:ae:d4:8b:
0d:ee:2e:8f:b8:c9:b8:91:a1:5b:73:c4:d0:d7:a8:
1d:5a:f3:df:47:04:c2:77:a7:15:47:f7:63:2e:48:
a5:72:5b:d9:7c:a5:c3:49:df:47:8b:9d:82:1b:9b:
fa:81:90:f4:a8:3a:18:dc:f9:56:d5:d7:ba:64:7e:
fd:c1:58:45:51:a8:df:bb:f5:6a:47:82:a4:90:e8:
b3:11:18:30:83:9f:6a:d2:ab:07:6d:d7:6e:f7:39:
2f:89:b3:e2:9d:61:70:7c:9b:e6:09:78:2d:f6:b0:
96:e7:00:ef:2f:fb:15:21:b2:9d:68:4f:46:44:78:
1a:f7:bf:11:63:b3:a8:7f:50:8e:6f:35:ef:7c:59:
59:5d:7a:03:e3:f8:d2:90:d4:78:80:cd:4d:71:a9:
07:ca:ba:0e:60:5a:e5:92:c0:02:a3:60:69:ae:38:
8d:f5:00:9a:5d:9f:03:98:2a:0f:d7:76:b5:85:3f:
50:e1:1d:01:06:4e:85:e1:50:e5:9d:5f:c8:ee:a1:
84:9a:fa:fa:60:9d:66:86:fa:2b:da:48:d5:31:f6:
5a:f9:0b:46:bf:c7:e2:70:e1:ef:7c:d2:48:59:9b:
25:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B0:7B:A1:08:40:C2:C9:FE:9F:E7:7D:41:5A:DE:15:9A:9A:9E:1D
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/j7B7oQhAwsn-n-d9QVreFZqanh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.93.164.0/22
62.93.176.0/22
84.20.4.0/22
84.20.16.0/22
84.20.24.0/22
213.139.8.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:12:0c:49:4b:d2:2f:34:8e:06:ed:25:c1:4a:c4:2d:82:c4:
54:77:ca:92:0f:33:94:ea:c1:6d:4d:b1:df:8c:32:79:ef:77:
41:a7:28:e1:c6:d5:5f:8a:e2:73:78:9c:4a:1d:12:24:37:28:
18:8d:e5:81:dd:ab:b7:5e:28:60:52:b6:a9:01:ee:a0:d7:69:
4d:c0:2e:f4:ae:63:44:36:19:60:fd:6f:6b:f8:28:f8:0b:31:
6d:df:41:ce:e6:c4:be:1d:f4:b9:12:7a:00:1c:15:fc:ec:b3:
25:09:f2:3c:45:4e:a2:75:32:29:d1:2f:ff:84:d9:70:07:2c:
2a:61:de:97:45:0a:00:29:48:0c:6c:97:10:04:cc:41:fd:e6:
8e:46:95:63:2c:27:5e:7f:40:26:0c:da:14:b7:6f:93:d8:ff:
8c:ed:65:d6:ef:34:b6:04:bf:d5:4d:d6:21:76:1d:b8:1a:e1:
08:52:86:08:69:51:46:29:a5:20:65:b4:00:bc:8f:3a:76:a2:
9b:d2:88:59:89:15:96:82:6e:7f:7d:ee:7a:5e:4a:17:dd:9e:
b6:e8:31:4d:6c:6d:ef:2c:d3:48:3c:44:42:46:8e:3f:cb:84:
15:2d:11:7d:a4:7d:df:39:e7:89:77:41:f2:1e:92:41:20:2c:
95:9d:4b:b6
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZW4sR0URPILKrfKmigeCq3vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwMzIxMTIzMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmIwN2JhMTA4NDBjMmM5ZmU5ZmU3N2Q0MTVhZGUxNTlhOWE5ZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+Azq1cEg1+rfASWy+5LPySvDtEy
WhTuKWyu1IsN7i6PuMm4kaFbc8TQ16gdWvPfRwTCd6cVR/djLkilclvZfKXDSd9H
i52CG5v6gZD0qDoY3PlW1de6ZH79wVhFUajfu/VqR4KkkOizERgwg59q0qsHbddu
9zkvibPinWFwfJvmCXgt9rCW5wDvL/sVIbKdaE9GRHga978RY7Oof1CObzXvfFlZ
XXoD4/jSkNR4gM1NcakHyroOYFrlksACo2BprjiN9QCaXZ8DmCoP13a1hT9Q4R0B
Bk6F4VDlnV/I7qGEmvr6YJ1mhvor2kjVMfZa+QtGv8ficOHvfNJIWZsl3wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFI+we6EIQMLJ/p/nfUFa3hWamp4dMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvajdCN29RaEF3c24tbi1kOVFWcmVGWnFhbmgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCPl2kAwQC
Pl2wAwQCVBQEAwQCVBQQAwQCVBQYAwQC1YsIMA0GCSqGSIb3DQEBCwUAA4IBAQBe
EgxJS9IvNI4G7SXBSsQtgsRUd8qSDzOU6sFtTbHfjDJ573dBpyjhxtVfiuJzeJxK
HRIkNygYjeWB3au3XihgUrapAe6g12lNwC70rmNENhlg/W9r+Cj4CzFt30HO5sS+
HfS5EnoAHBX87LMlCfI8RU6idTIp0S//hNlwBywqYd6XRQoAKUgMbJcQBMxB/eaO
RpVjLCdef0AmDNoUt2+T2P+M7WXW7zS2BL/VTdYhdh24GuEIUoYIaVFGKaUgZbQA
vI86dqKb0ohZiRWWgm5/fe56XkoX3Z626DFNbG3vLNNIPERCRo4/y4QVLRF9pH3f
OeeJd0HyHpJBICyVnUu2
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:12:18 2025 by rpki-client