Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/JjUlfSQdQN2Yl4zQHNee6eapdwI.roa
File: JjUlfSQdQN2Yl4zQHNee6eapdwI.roa (raw, json)
Hash identifier: //5mMe7G9VS/lVnC4QUXI0QLm09kGFYZBtywNNUPPXM=
Subject key identifier: 26:35:25:7D:24:1D:40:DD:98:97:8C:D0:1C:D7:9E:E9:E6:A9:77:02
Certificate issuer: /CN=923a2b3dd7667275f09886df7da079f755ceed59
Certificate serial: 0197109AE07E62BC73713749385C70FD5788
Authority key identifier: 92:3A:2B:3D:D7:66:72:75:F0:98:86:DF:7D:A0:79:F7:55:CE:ED:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kjorPddmcnXwmIbffaB591XO7Vk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/JjUlfSQdQN2Yl4zQHNee6eapdwI.roa
Signing time: Tue 27 May 2025 07:17:54 +0000
ROA not before: Tue 27 May 2025 07:17:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207143
IP address blocks: 185.101.156.0/22 maxlen: 22
185.101.156.0/24 maxlen: 24
185.101.157.0/24 maxlen: 24
185.101.158.0/24 maxlen: 24
185.101.159.0/24 maxlen: 24
185.229.88.0/24 maxlen: 24
185.229.89.0/24 maxlen: 24
185.229.90.0/24 maxlen: 24
185.229.91.0/24 maxlen: 24
193.203.253.0/24 maxlen: 24
204.174.100.0/24 maxlen: 24
213.254.165.0/24 maxlen: 24
2a11:8b81::/32 maxlen: 32
2a11:8b82::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 30 May 2025 08:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:10:9a:e0:7e:62:bc:73:71:37:49:38:5c:70:fd:57:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=923a2b3dd7667275f09886df7da079f755ceed59
Validity
Not Before: May 27 07:17:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2635257d241d40dd98978cd01cd79ee9e6a97702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:32:5b:6d:9d:fe:04:14:8b:97:27:58:d4:7e:
36:8d:96:4a:1a:9e:7b:f3:88:fe:2d:1c:01:9d:54:
20:44:a1:50:a0:0d:a8:54:56:ef:af:64:f9:3e:b0:
ea:1a:7f:77:33:c2:55:27:b5:db:90:71:b7:a3:2a:
c6:98:e1:07:72:cc:03:33:ab:b9:5b:98:47:f3:58:
92:21:f1:9a:89:ff:1e:16:f4:d9:ab:17:55:a5:9c:
ce:57:77:a5:40:6d:34:0b:6b:31:45:fd:a4:37:b0:
f7:2e:14:a8:7b:4d:4d:32:84:bc:a5:e9:3e:bf:0c:
54:1b:b1:68:3f:6f:1a:8e:12:dc:af:64:65:08:bb:
cd:41:11:ea:a8:c2:ea:7b:ab:04:39:ca:c4:ac:f6:
61:bb:5e:38:37:3d:b9:78:68:b9:7a:34:8f:0f:b4:
e9:0b:ef:1a:65:fc:3a:71:7d:25:b7:e7:4e:3e:e0:
49:a2:4a:db:5e:67:a8:c6:c8:e4:19:69:48:e6:7b:
22:a4:4e:57:6e:64:df:48:d3:82:fa:0f:4d:b9:1f:
29:46:0c:25:af:35:38:15:20:8f:90:89:e7:c7:30:
2d:c4:50:82:87:3a:f7:a8:e3:40:de:ea:61:2b:b1:
2d:70:ce:32:d4:50:7f:df:e2:99:a2:47:dc:8f:c3:
5a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:35:25:7D:24:1D:40:DD:98:97:8C:D0:1C:D7:9E:E9:E6:A9:77:02
X509v3 Authority Key Identifier:
keyid:92:3A:2B:3D:D7:66:72:75:F0:98:86:DF:7D:A0:79:F7:55:CE:ED:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjorPddmcnXwmIbffaB591XO7Vk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/JjUlfSQdQN2Yl4zQHNee6eapdwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/kjorPddmcnXwmIbffaB591XO7Vk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.156.0/22
185.229.88.0/22
193.203.253.0/24
204.174.100.0/24
213.254.165.0/24
IPv6:
2a11:8b81::-2a11:8b82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
62:44:8e:6d:fa:49:f0:c4:49:f4:90:cf:e7:c8:41:ba:e7:a0:
90:d3:da:e1:64:c6:9f:fb:19:54:16:32:ea:ab:68:99:28:64:
a9:cb:3e:40:4d:8b:da:a4:23:bb:ea:7c:d3:1f:e6:cd:af:36:
fd:c4:1c:4b:5a:e3:e3:70:71:08:69:4c:71:da:1f:40:26:97:
b9:94:a9:b8:4d:2e:d6:53:f6:8b:a5:28:2b:1f:c2:2b:60:be:
78:8b:fc:d6:3a:6c:94:bd:c9:23:be:8f:e4:8d:a5:83:a5:db:
e0:19:aa:1f:12:53:05:32:cc:f8:84:bf:33:82:ed:b0:1e:14:
50:ca:de:95:17:dd:82:4f:3b:1f:63:ab:11:d9:09:df:cc:57:
dc:42:69:f9:c6:45:76:30:8e:6c:0a:17:63:00:22:22:ae:fe:
15:74:d2:32:1a:41:9d:71:47:91:c3:e2:50:4d:ce:0f:67:7f:
50:1f:94:d5:20:1a:1f:91:e5:eb:9c:82:60:88:33:0f:18:da:
de:3e:9b:15:99:d3:7e:1e:79:33:e9:c3:d9:ae:97:f8:bd:16:
74:b3:df:23:fc:b5:ec:a6:26:52:87:5c:92:7a:e3:87:b3:3c:
88:39:a6:40:42:bd:6a:6e:21:60:4f:92:10:4b:e4:0f:17:cc:
07:d9:d0:39
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZcQmuB+YrxzcTdJOFxw/VeIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyM2EyYjNkZDc2NjcyNzVmMDk4ODZkZjdkYTA3OWY3NTVj
ZWVkNTkwHhcNMjUwNTI3MDcxNzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjM1MjU3ZDI0MWQ0MGRkOTg5NzhjZDAxY2Q3OWVlOWU2YTk3NzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzJbbZ3+BBSLlydY1H42jZZKGp57
84j+LRwBnVQgRKFQoA2oVFbvr2T5PrDqGn93M8JVJ7XbkHG3oyrGmOEHcswDM6u5
W5hH81iSIfGaif8eFvTZqxdVpZzOV3elQG00C2sxRf2kN7D3LhSoe01NMoS8pek+
vwxUG7FoP28ajhLcr2RlCLvNQRHqqMLqe6sEOcrErPZhu144Nz25eGi5ejSPD7Tp
C+8aZfw6cX0lt+dOPuBJokrbXmeoxsjkGWlI5nsipE5XbmTfSNOC+g9NuR8pRgwl
rzU4FSCPkInnxzAtxFCChzr3qONA3uphK7EtcM4y1FB/3+KZokfcj8Na/QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCY1JX0kHUDdmJeM0BzXnunmqXcCMB8GA1UdIwQY
MBaAFJI6Kz3XZnJ18JiG332gefdVzu1ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2pvclBkZG1jblh3bUliZmZhQjU5MVhPN1ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iNzk2ZjQtMmU4OC00ZWFhLWEyNjkt
MjczOGJjYjQzZDZkLzEvSmpVbGZTUWRRTjJZbDR6UUhOZWU2ZWFwZHdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iNzk2ZjQtMmU4OC00ZWFhLWEyNjktMjczOGJjYjQzZDZk
LzEva2pvclBkZG1jblh3bUliZmZhQjU5MVhPN1ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQCuWWcAwQC
ueVYAwQAwcv9AwQAzK5kAwQA1f6lMBYEAgACMBAwDgMFACoRi4EDBQAqEYuCMA0G
CSqGSIb3DQEBCwUAA4IBAQBiRI5t+knwxEn0kM/nyEG656CQ09rhZMaf+xlUFjLq
q2iZKGSpyz5ATYvapCO76nzTH+bNrzb9xBxLWuPjcHEIaUxx2h9AJpe5lKm4TS7W
U/aLpSgrH8IrYL54i/zWOmyUvckjvo/kjaWDpdvgGaofElMFMsz4hL8zgu2wHhRQ
yt6VF92CTzsfY6sR2QnfzFfcQmn5xkV2MI5sChdjACIirv4VdNIyGkGdcUeRw+JQ
Tc4PZ39QH5TVIBofkeXrnIJgiDMPGNrePpsVmdN+Hnkz6cPZrpf4vRZ0s98j/LXs
piZSh1ySeuOHszyIOaZAQr1qbiFgT5IQS+QPF8wH2dA5
-----END CERTIFICATE-----
Generated at Sat Jun 7 14:10:52 2025 by rpki-client