Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/JnwU6oML-rDelU4u5qc4hrjGm8s.roa
File: JnwU6oML-rDelU4u5qc4hrjGm8s.roa (raw, json)
Hash identifier: nzOcw/5tm5mmfVCMWufNhQMM1epAfSk04jYWZXcadXY=
Subject key identifier: 26:7C:14:EA:83:0B:FA:B0:DE:95:4E:2E:E6:A7:38:86:B8:C6:9B:CB
Certificate issuer: /CN=bbffd123cb93e24e025f952842108402958d4a4c
Certificate serial: 0196DD6ED4F45C4DC428DBA077BBC2B6ABD0
Authority key identifier: BB:FF:D1:23:CB:93:E2:4E:02:5F:95:28:42:10:84:02:95:8D:4A:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u__RI8uT4k4CX5UoQhCEApWNSkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/JnwU6oML-rDelU4u5qc4hrjGm8s.roa
Signing time: Sat 17 May 2025 08:49:10 +0000
ROA not before: Sat 17 May 2025 08:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 147.28.138.0/23 maxlen: 23
147.28.164.0/23 maxlen: 23
147.28.166.0/23 maxlen: 23
147.28.176.0/23 maxlen: 23
147.28.210.0/23 maxlen: 23
147.28.222.0/23 maxlen: 23
147.28.241.0/24 maxlen: 24
147.75.40.0/23 maxlen: 23
147.75.206.0/24 maxlen: 24
147.75.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 May 2025 06:07:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:dd:6e:d4:f4:5c:4d:c4:28:db:a0:77:bb:c2:b6:ab:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbffd123cb93e24e025f952842108402958d4a4c
Validity
Not Before: May 17 08:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=267c14ea830bfab0de954e2ee6a73886b8c69bcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cd:a9:39:3f:79:c5:ea:d4:88:03:8d:dc:89:
57:47:11:da:55:77:65:51:46:7b:31:d4:7d:35:a8:
bf:49:91:c5:e6:24:e0:e7:52:de:d3:05:fa:1a:04:
64:fe:9a:b7:4e:89:84:6e:65:59:62:da:9a:62:e5:
b4:1d:0d:26:4d:59:ab:ed:2d:f0:b6:d8:2c:9f:c8:
9f:79:f0:ae:b2:b2:ea:4a:33:66:e9:fa:2a:a4:61:
29:06:c2:e8:ca:e4:57:c2:d2:05:80:e2:cc:c8:6a:
e5:14:42:00:ef:89:39:e0:7d:0b:52:0c:94:b9:57:
2d:23:0a:e5:58:eb:dd:8a:d8:4e:5e:6c:83:d3:1d:
89:25:2b:7c:2c:5a:ec:ff:1b:b1:5f:59:4b:53:82:
e9:50:30:a8:99:91:ee:68:64:13:29:a3:a6:00:e0:
48:13:74:0d:53:64:c6:42:31:55:05:c7:50:41:54:
9b:bc:7b:fc:dc:7c:05:1d:e1:f2:f4:7a:74:aa:60:
4a:26:c5:92:60:16:5c:d6:ec:09:8a:67:5e:62:fa:
37:e9:f6:66:99:27:5c:64:2f:8b:f2:e6:dc:92:20:
e8:d2:91:9c:ce:90:db:f1:e3:f9:33:30:3f:e2:03:
58:04:03:63:82:67:1c:5e:3b:41:60:ad:73:a4:cd:
4b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:7C:14:EA:83:0B:FA:B0:DE:95:4E:2E:E6:A7:38:86:B8:C6:9B:CB
X509v3 Authority Key Identifier:
keyid:BB:FF:D1:23:CB:93:E2:4E:02:5F:95:28:42:10:84:02:95:8D:4A:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u__RI8uT4k4CX5UoQhCEApWNSkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/JnwU6oML-rDelU4u5qc4hrjGm8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/u__RI8uT4k4CX5UoQhCEApWNSkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.28.138.0/23
147.28.164.0/22
147.28.176.0/23
147.28.210.0/23
147.28.222.0/23
147.28.241.0/24
147.75.40.0/23
147.75.206.0/23
Signature Algorithm: sha256WithRSAEncryption
22:71:2a:9d:72:44:43:9d:85:ae:d5:80:bf:ae:da:f0:9a:22:
46:bb:46:06:42:1f:70:f0:9d:09:20:fb:c2:b1:40:e3:69:ba:
e8:62:0f:0e:f4:22:33:cb:5c:11:9e:0e:3c:9a:38:70:6c:30:
4f:30:a1:82:2d:0d:99:43:d1:d0:b5:c1:2c:bd:c9:11:bb:96:
d6:67:cc:33:cd:80:59:0a:47:e7:7c:7a:cf:1d:e3:3a:f3:8f:
e6:7a:6d:68:e8:a4:28:5a:8a:75:86:77:ac:15:10:51:0f:87:
70:c1:03:94:d7:90:53:42:11:d7:61:e7:2c:ef:71:0d:9b:16:
07:8c:aa:49:63:1f:01:c7:34:b3:f1:14:0a:8d:ac:50:98:42:
03:be:7d:4d:39:5e:88:0e:e8:0d:6d:1b:7a:cf:53:ea:6e:25:
1d:21:3a:c1:d3:27:bf:cc:4f:4f:4c:50:14:17:fa:d2:ff:fe:
b6:62:ef:1e:c6:72:cb:09:dc:be:19:6e:a2:25:d2:fb:36:2a:
49:e6:34:20:0f:9d:d5:4e:6c:34:64:1d:30:e0:75:a3:bd:68:
bd:6d:60:91:b0:06:ea:9d:6b:c0:27:b5:c1:d9:dd:da:7e:a9:
2e:ba:84:04:5c:2d:ad:9a:2b:0b:11:d4:52:9e:57:1e:2a:7d:
cb:4b:df:95
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZbdbtT0XE3EKNugd7vCtqvQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZmZkMTIzY2I5M2UyNGUwMjVmOTUyODQyMTA4NDAyOTU4
ZDRhNGMwHhcNMjUwNTE3MDg0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjdjMTRlYTgzMGJmYWIwZGU5NTRlMmVlNmE3Mzg4NmI4YzY5YmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsM2pOT95xerUiAON3IlXRxHaVXdl
UUZ7MdR9Nai/SZHF5iTg51Le0wX6GgRk/pq3TomEbmVZYtqaYuW0HQ0mTVmr7S3w
ttgsn8ifefCusrLqSjNm6foqpGEpBsLoyuRXwtIFgOLMyGrlFEIA74k54H0LUgyU
uVctIwrlWOvdithOXmyD0x2JJSt8LFrs/xuxX1lLU4LpUDComZHuaGQTKaOmAOBI
E3QNU2TGQjFVBcdQQVSbvHv83HwFHeHy9Hp0qmBKJsWSYBZc1uwJimdeYvo36fZm
mSdcZC+L8ubckiDo0pGczpDb8eP5MzA/4gNYBANjgmccXjtBYK1zpM1LxwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCZ8FOqDC/qw3pVOLuanOIa4xpvLMB8GA1UdIwQY
MBaAFLv/0SPLk+JOAl+VKEIQhAKVjUpMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdV9fUkk4dVQ0azRDWDVVb1FoQ0VBcFdOU2t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC81ZGNmYzktNTdkYS00MDdmLWE2YjIt
YWM0YTQwNjE3NDZkLzEvSm53VTZvTUwtckRlbFU0dTVxYzRocmpHbThzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC81ZGNmYzktNTdkYS00MDdmLWE2YjItYWM0YTQwNjE3NDZk
LzEvdV9fUkk4dVQ0azRDWDVVb1FoQ0VBcFdOU2t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBkxyKAwQC
kxykAwQBkxywAwQBkxzSAwQBkxzeAwQAkxzxAwQBk0soAwQBk0vOMA0GCSqGSIb3
DQEBCwUAA4IBAQAicSqdckRDnYWu1YC/rtrwmiJGu0YGQh9w8J0JIPvCsUDjabro
Yg8O9CIzy1wRng48mjhwbDBPMKGCLQ2ZQ9HQtcEsvckRu5bWZ8wzzYBZCkfnfHrP
HeM684/mem1o6KQoWop1hnesFRBRD4dwwQOU15BTQhHXYecs73ENmxYHjKpJYx8B
xzSz8RQKjaxQmEIDvn1NOV6IDugNbRt6z1PqbiUdITrB0ye/zE9PTFAUF/rS//62
Yu8exnLLCdy+GW6iJdL7NipJ5jQgD53VTmw0ZB0w4HWjvWi9bWCRsAbqnWvAJ7XB
2d3afqkuuoQEXC2tmisLEdRSnlceKn3LS9+V
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:45:45 2025 by rpki-client