Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/99XDMIqJw3ZIfrkzfsBloiRfXoc.roa
File: 99XDMIqJw3ZIfrkzfsBloiRfXoc.roa (raw, json)
Hash identifier: ie/FMHuLcrYFLadgrq/w+xJTxMxKoupWBcge3Ru0B1Y=
Subject key identifier: F7:D5:C3:30:8A:89:C3:76:48:7E:B9:33:7E:C0:65:A2:24:5F:5E:87
Certificate issuer: /CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Certificate serial: 0194DA60869B22AA2CF10B5658081AE4D838
Authority key identifier: 24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/99XDMIqJw3ZIfrkzfsBloiRfXoc.roa
Signing time: Thu 06 Feb 2025 08:29:06 +0000
ROA not before: Thu 06 Feb 2025 08:29:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9141
IP address blocks: 31.178.0.0/17 maxlen: 17
31.178.128.0/17 maxlen: 17
31.179.0.0/17 maxlen: 17
83.175.176.0/20 maxlen: 20
85.222.0.0/19 maxlen: 19
85.222.32.0/19 maxlen: 19
85.222.52.0/22 maxlen: 22
85.222.64.0/19 maxlen: 19
85.222.96.0/19 maxlen: 19
89.68.0.0/14 maxlen: 14
89.70.108.0/22 maxlen: 22
89.72.228.0/22 maxlen: 22
89.77.216.0/22 maxlen: 22
195.34.210.0/23 maxlen: 23
217.119.64.0/20 maxlen: 20
2a02:a300::/29 maxlen: 29
2a02:a308::/29 maxlen: 29
2a02:a310::/32 maxlen: 32
2a02:a315:e500::/40 maxlen: 40
2a02:a316:e100::/40 maxlen: 40
2a02:a319:6000::/40 maxlen: 40
2a02:a31b:c400::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 06 Feb 2025 09:46:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:da:60:86:9b:22:aa:2c:f1:0b:56:58:08:1a:e4:d8:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Validity
Not Before: Feb 6 08:29:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7d5c3308a89c376487eb9337ec065a2245f5e87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7c:56:db:b8:24:0f:1a:11:e9:62:3f:fe:e6:
f9:32:49:3a:e3:3a:ac:ae:b7:ec:ae:8d:47:cd:4c:
e7:04:c7:d0:d9:c8:27:8b:24:03:b6:d6:4c:b5:96:
e8:a7:77:2a:70:b4:16:e5:54:3b:47:ae:ba:a0:34:
20:13:ed:1c:a6:66:0d:05:18:b5:14:11:7a:38:33:
00:e9:8d:8f:3b:3d:19:fb:ca:6f:f5:12:44:61:93:
e6:55:8d:95:15:88:79:b8:cb:a5:cf:09:fc:00:ce:
c1:ae:c8:f6:5e:f4:8f:9c:e3:0e:69:64:b3:89:d4:
68:5d:14:76:dc:f4:52:72:95:da:36:36:55:a8:38:
c1:be:b1:5c:3b:bc:14:df:e0:49:25:ba:84:6c:f4:
cc:bf:77:2a:65:9d:2b:d7:c8:ab:ba:fb:64:42:5f:
cf:bb:31:16:9b:78:b1:99:22:c1:a3:b6:e6:70:29:
f8:82:b8:04:f8:c5:26:38:15:a9:e5:f9:cd:f8:6a:
bf:25:62:78:86:b8:14:10:d5:52:c4:30:45:52:82:
6f:11:b0:fc:39:5a:d0:d2:a2:a8:f7:90:39:2a:d3:
16:7a:36:27:5a:13:7d:d0:a1:6d:62:20:32:2a:61:
1a:21:c6:02:b4:ca:37:50:ea:8e:ef:13:fb:be:ed:
37:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:D5:C3:30:8A:89:C3:76:48:7E:B9:33:7E:C0:65:A2:24:5F:5E:87
X509v3 Authority Key Identifier:
keyid:24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/99XDMIqJw3ZIfrkzfsBloiRfXoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/JBR8iz83hQ6fkHSZOEXE4Gn47-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.178.0.0-31.179.127.255
83.175.176.0/20
85.222.0.0/17
89.68.0.0/14
89.72.228.0/22
89.77.216.0/22
195.34.210.0/23
217.119.64.0/20
IPv6:
2a02:a300::-2a02:a310:ffff:ffff:ffff:ffff:ffff:ffff
2a02:a315:e500::/40
2a02:a316:e100::/40
2a02:a319:6000::/40
2a02:a31b:c400::/40
Signature Algorithm: sha256WithRSAEncryption
48:b5:f6:9f:68:00:76:aa:72:6f:46:4d:11:00:99:28:7f:5e:
c3:8f:14:26:5c:dd:90:d8:11:a7:8b:1c:ab:dc:79:15:8d:fe:
14:5b:52:1b:02:5e:72:95:90:bb:63:cd:bc:66:ca:a1:aa:2b:
d8:36:4f:19:98:c7:eb:54:df:da:59:d2:a9:1e:e7:8b:0a:64:
ca:98:19:a4:82:4c:b3:67:29:aa:6c:07:a3:d2:f2:50:5c:aa:
b7:b4:69:b4:d9:a4:f8:86:a1:5f:7a:7c:96:a4:e7:9f:b9:70:
4c:b1:f9:fd:ad:9c:03:29:72:ce:b0:d5:de:08:16:44:54:ad:
9e:7f:0a:dc:7b:94:9c:b7:cc:40:2b:9b:36:f0:42:89:f6:f2:
52:eb:a4:11:3a:90:49:83:30:b7:03:f2:b0:db:6a:22:05:63:
11:c5:52:57:ce:49:89:b7:aa:f7:66:bf:92:1e:41:2d:e1:b6:
a5:03:6f:57:e3:6a:f0:cc:09:f5:1c:74:51:0a:98:66:43:9a:
15:2f:c1:27:14:63:8f:4c:bb:d4:ff:b8:5b:42:18:16:38:db:
aa:94:1e:47:1d:0b:1b:d2:f9:df:99:d3:4d:09:b8:08:2f:1a:
43:1a:bf:88:9a:29:66:f6:b6:88:40:51:90:ae:a3:49:c2:bb:
3b:10:c1:a2
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAZTaYIabIqos8QtWWAga5Ng4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTQ3YzhiM2YzNzg1MGU5ZjkwNzQ5OTM4NDVjNGUwNjlm
OGVmZTIwHhcNMjUwMjA2MDgyOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2Q1YzMzMDhhODljMzc2NDg3ZWI5MzM3ZWMwNjVhMjI0NWY1ZTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHxW27gkDxoR6WI//ub5Mkk64zqs
rrfsro1HzUznBMfQ2cgniyQDttZMtZbop3cqcLQW5VQ7R666oDQgE+0cpmYNBRi1
FBF6ODMA6Y2POz0Z+8pv9RJEYZPmVY2VFYh5uMulzwn8AM7Brsj2XvSPnOMOaWSz
idRoXRR23PRScpXaNjZVqDjBvrFcO7wU3+BJJbqEbPTMv3cqZZ0r18iruvtkQl/P
uzEWm3ixmSLBo7bmcCn4grgE+MUmOBWp5fnN+Gq/JWJ4hrgUENVSxDBFUoJvEbD8
OVrQ0qKo95A5KtMWejYnWhN90KFtYiAyKmEaIcYCtMo3UOqO7xP7vu03cwIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFPfVwzCKicN2SH65M37AZaIkX16HMB8GA1UdIwQY
MBaAFCQUfIs/N4UOn5B0mThFxOBp+O/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEt
YjM1MzViNGNhNTBmLzEvOTlYRE1JcUp3M1pJZnJremZzQmxvaVJmWG9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEtYjM1MzViNGNhNTBm
LzEvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwPAQCAAEwNjALAwMBH7ID
BAcfswADBARTr7ADBAdV3gADAwJZRAMEAllI5AMEAllN2AMEAcMi0gMEBNl3QDA1
BAIAAjAvMA0DBAAqAqMDBQAqAqMQAwYAKgKjFeUDBgAqAqMW4QMGACoCoxlgAwYA
KgKjG8QwDQYJKoZIhvcNAQELBQADggEBAEi19p9oAHaqcm9GTREAmSh/XsOPFCZc
3ZDYEaeLHKvceRWN/hRbUhsCXnKVkLtjzbxmyqGqK9g2TxmYx+tU39pZ0qke54sK
ZMqYGaSCTLNnKapsB6PS8lBcqre0abTZpPiGoV96fJak55+5cEyx+f2tnAMpcs6w
1d4IFkRUrZ5/Ctx7lJy3zEArmzbwQon28lLrpBE6kEmDMLcD8rDbaiIFYxHFUlfO
SYm3qvdmv5IeQS3htqUDb1fjavDMCfUcdFEKmGZDmhUvwScUY49Mu9T/uFtCGBY4
26qUHkcdCxvS+d+Z000JuAgvGkMav4iaKWb2tohAUZCuo0nCuzsQwaI=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:57:03 2025 by rpki-client