Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/jTSMZq01KHx1p0hJv72WHYRtqS8.roa
File: jTSMZq01KHx1p0hJv72WHYRtqS8.roa (raw, json)
Hash identifier: o0z3Qt3xgrTfNkgOzw2N8H8zRXafo62tcBTDsv2H8rM=
Subject key identifier: 8D:34:8C:66:AD:35:28:7C:75:A7:48:49:BF:BD:96:1D:84:6D:A9:2F
Certificate issuer: /CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Certificate serial: 01955B6AC9DC24458EE4E28E99689C171F43
Authority key identifier: 24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/jTSMZq01KHx1p0hJv72WHYRtqS8.roa
Signing time: Mon 03 Mar 2025 09:51:19 +0000
ROA not before: Mon 03 Mar 2025 09:51:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9141
IP address blocks: 31.178.0.0/17 maxlen: 17
31.178.128.0/17 maxlen: 17
31.179.0.0/17 maxlen: 17
31.179.128.0/17 maxlen: 24
31.186.192.0/19 maxlen: 19
77.236.0.0/21 maxlen: 21
77.236.8.0/21 maxlen: 21
77.236.16.0/21 maxlen: 21
77.236.24.0/21 maxlen: 21
81.18.192.0/22 maxlen: 22
81.18.196.0/22 maxlen: 22
81.18.200.0/22 maxlen: 22
81.18.204.0/22 maxlen: 22
81.18.208.0/22 maxlen: 22
81.18.212.0/22 maxlen: 22
81.18.216.0/22 maxlen: 22
81.18.220.0/22 maxlen: 22
83.144.64.0/19 maxlen: 19
83.144.96.0/19 maxlen: 19
83.175.176.0/20 maxlen: 20
84.10.0.0/18 maxlen: 18
84.10.64.0/18 maxlen: 18
84.10.128.0/18 maxlen: 18
84.10.192.0/18 maxlen: 18
85.222.0.0/19 maxlen: 19
85.222.32.0/19 maxlen: 19
85.222.52.0/22 maxlen: 22
85.222.64.0/19 maxlen: 19
85.222.96.0/19 maxlen: 19
89.68.0.0/14 maxlen: 14
89.70.108.0/22 maxlen: 22
89.72.0.0/14 maxlen: 14
89.72.228.0/22 maxlen: 22
89.77.216.0/22 maxlen: 22
195.34.210.0/23 maxlen: 23
217.119.64.0/20 maxlen: 20
2a02:a300::/29 maxlen: 29
2a02:a308::/29 maxlen: 29
2a02:a310::/32 maxlen: 32
2a02:a311::/32 maxlen: 32
2a02:a312::/32 maxlen: 32
2a02:a313::/32 maxlen: 32
2a02:a315:e500::/40 maxlen: 40
2a02:a316:e100::/40 maxlen: 40
2a02:a319:6000::/40 maxlen: 40
2a02:a31b:c400::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Mar 2025 11:38:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:6a:c9:dc:24:45:8e:e4:e2:8e:99:68:9c:17:1f:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Validity
Not Before: Mar 3 09:51:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d348c66ad35287c75a74849bfbd961d846da92f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:58:1e:34:5e:fd:d3:be:c3:75:88:9e:8d:37:
2b:56:d9:35:e3:38:c5:a7:eb:98:99:d5:36:1d:c3:
de:e3:2b:e0:2e:c1:17:ed:35:1f:bb:b8:92:7f:cc:
1e:d6:34:f1:c1:ef:68:44:6b:9b:f4:f9:82:5c:8c:
b3:d1:7c:d4:6c:75:b2:88:bd:4c:81:68:62:a0:dd:
01:8d:ab:3e:2a:ba:7d:41:f8:be:60:b2:95:40:3e:
47:84:66:d7:bd:18:2b:18:4a:bb:f8:03:66:12:07:
39:53:51:b3:77:5d:67:91:9a:79:0f:94:b5:c1:6b:
db:0d:8a:10:1c:53:21:8b:43:8a:33:07:d7:72:55:
15:8f:b9:81:6a:98:75:bf:7c:1a:ff:c9:65:9d:f1:
7f:a8:a5:32:4d:27:b4:a0:09:8c:89:15:7d:3f:d8:
27:07:b1:84:b9:ff:ef:61:f4:c6:df:16:a4:a5:ec:
20:e2:a3:96:96:75:46:b7:39:77:4f:0c:d1:4c:df:
10:6a:58:1c:11:ac:c1:d5:92:9d:bd:b5:5c:cf:05:
64:d3:5e:3d:b2:e9:14:f1:0d:13:e4:c8:00:e2:7f:
ed:93:95:94:91:26:a5:3a:fa:25:5f:94:c7:26:b9:
49:46:75:b8:e9:da:4a:53:e0:b2:0c:cd:f2:72:5c:
b2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:34:8C:66:AD:35:28:7C:75:A7:48:49:BF:BD:96:1D:84:6D:A9:2F
X509v3 Authority Key Identifier:
keyid:24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/jTSMZq01KHx1p0hJv72WHYRtqS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/JBR8iz83hQ6fkHSZOEXE4Gn47-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.178.0.0/15
31.186.192.0/19
77.236.0.0/19
81.18.192.0/19
83.144.64.0/18
83.175.176.0/20
84.10.0.0/16
85.222.0.0/17
89.68.0.0-89.75.255.255
89.77.216.0/22
195.34.210.0/23
217.119.64.0/20
IPv6:
2a02:a300::-2a02:a313:ffff:ffff:ffff:ffff:ffff:ffff
2a02:a315:e500::/40
2a02:a316:e100::/40
2a02:a319:6000::/40
2a02:a31b:c400::/40
Signature Algorithm: sha256WithRSAEncryption
5a:d2:19:61:c0:18:47:ed:71:e4:72:0d:5c:9d:04:dc:77:f3:
df:a5:e4:0b:2b:23:a9:b0:21:09:ef:d1:c6:d4:a5:4d:83:21:
6c:46:5d:57:7b:e0:34:c7:52:e0:61:b7:b6:1b:ff:25:5c:2f:
19:bb:fe:d2:d2:3d:1f:bd:b7:cb:61:68:74:7e:90:99:e6:b7:
9f:1f:b5:4a:e7:f4:61:e1:32:e6:82:8c:f3:91:bc:91:5e:b6:
bf:9d:f8:dc:32:27:ab:8d:3b:56:f0:9e:ad:0c:69:60:76:12:
fa:b6:cf:5d:10:2e:21:d2:ea:67:06:6c:93:ac:53:0e:49:63:
02:c6:19:b8:be:4e:39:37:d0:7f:ff:5e:d2:82:93:14:11:e3:
b3:a3:39:bf:56:80:69:96:42:a5:f6:ca:6b:70:fe:83:a9:5f:
18:c1:19:76:51:ad:c2:a6:f7:c8:d7:df:82:12:c6:8f:3d:d1:
a7:bc:d1:40:8e:11:9e:45:48:a4:0b:1b:f9:ee:e1:42:b7:8e:
ca:33:26:9e:47:15:3a:36:39:31:7f:66:d7:7e:a1:4b:db:b4:
fc:44:9f:2f:c0:f1:49:c6:1e:3b:44:21:6f:f0:ec:67:b0:1e:
d8:39:b2:a6:72:8e:5c:3c:af:b9:fd:9a:e8:4f:72:0a:4a:bb:
e5:96:12:38
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAZVbasncJEWO5OKOmWicFx9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTQ3YzhiM2YzNzg1MGU5ZjkwNzQ5OTM4NDVjNGUwNjlm
OGVmZTIwHhcNMjUwMzAzMDk1MTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDM0OGM2NmFkMzUyODdjNzVhNzQ4NDliZmJkOTYxZDg0NmRhOTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFgeNF79077DdYiejTcrVtk14zjF
p+uYmdU2HcPe4yvgLsEX7TUfu7iSf8we1jTxwe9oRGub9PmCXIyz0XzUbHWyiL1M
gWhioN0Bjas+Krp9Qfi+YLKVQD5HhGbXvRgrGEq7+ANmEgc5U1Gzd11nkZp5D5S1
wWvbDYoQHFMhi0OKMwfXclUVj7mBaph1v3wa/8llnfF/qKUyTSe0oAmMiRV9P9gn
B7GEuf/vYfTG3xakpewg4qOWlnVGtzl3TwzRTN8QalgcEazB1ZKdvbVczwVk0149
sukU8Q0T5MgA4n/tk5WUkSalOvolX5THJrlJRnW46dpKU+CyDM3yclyyxwIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFI00jGatNSh8dadISb+9lh2EbakvMB8GA1UdIwQY
MBaAFCQUfIs/N4UOn5B0mThFxOBp+O/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEt
YjM1MzViNGNhNTBmLzEvalRTTVpxMDFLSHgxcDBoSnY3MldIWVJ0cVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEtYjM1MzViNGNhNTBm
LzEvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizBSBAIAATBMAwMBH7ID
BAUfusADBAVN7AADBAVREsADBAZTkEADBARTr7ADAwBUCgMEB1XeADAKAwMCWUQD
AwJZSAMEAllN2AMEAcMi0gMEBNl3QDA1BAIAAjAvMA0DBAAqAqMDBQIqAqMQAwYA
KgKjFeUDBgAqAqMW4QMGACoCoxlgAwYAKgKjG8QwDQYJKoZIhvcNAQELBQADggEB
AFrSGWHAGEftceRyDVydBNx389+l5AsrI6mwIQnv0cbUpU2DIWxGXVd74DTHUuBh
t7Yb/yVcLxm7/tLSPR+9t8thaHR+kJnmt58ftUrn9GHhMuaCjPORvJFetr+d+Nwy
J6uNO1bwnq0MaWB2Evq2z10QLiHS6mcGbJOsUw5JYwLGGbi+Tjk30H//XtKCkxQR
47OjOb9WgGmWQqX2ymtw/oOpXxjBGXZRrcKm98jX34ISxo890ae80UCOEZ5FSKQL
G/nu4UK3jsozJp5HFTo2OTF/Ztd+oUvbtPxEny/A8UnGHjtEIW/w7GewHtg5sqZy
jlw8r7n9muhPcgpKu+WWEjg=
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:07:14 2025 by rpki-client