Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/j8naKnyoTnhu7IqoCGVHjwAefRQ.roa
File: j8naKnyoTnhu7IqoCGVHjwAefRQ.roa (raw, json)
Hash identifier: 8B55ZHDR7vtVi+p5n1d2uWiX7TE18y9rpccjoNTVa1c=
Subject key identifier: 8F:C9:DA:2A:7C:A8:4E:78:6E:EC:8A:A8:08:65:47:8F:00:1E:7D:14
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 019425FD56ABC348D1501ACBDC021F6011DF
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/j8naKnyoTnhu7IqoCGVHjwAefRQ.roa
Signing time: Thu 02 Jan 2025 07:49:07 +0000
ROA not before: Thu 02 Jan 2025 07:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49199
IP address blocks: 62.76.74.0/23 maxlen: 24
62.76.96.0/23 maxlen: 24
194.226.34.0/23 maxlen: 24
194.226.137.0/24 maxlen: 24
195.19.10.0/23 maxlen: 24
195.208.220.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Feb 2025 06:34:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:56:ab:c3:48:d1:50:1a:cb:dc:02:1f:60:11:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 2 07:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8fc9da2a7ca84e786eec8aa80865478f001e7d14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c2:9b:a7:93:dd:37:f3:e5:25:dc:c1:90:cf:
8d:d6:de:e8:da:4c:65:37:b2:ad:64:d9:48:1d:e4:
a5:9c:30:70:48:7b:05:1f:4c:1c:fb:6b:70:34:68:
6f:23:66:93:35:ec:c9:1b:26:1c:7f:53:f8:1b:77:
6c:cc:d6:aa:2e:9a:ff:12:66:a2:b4:c3:1f:7e:d2:
86:5e:55:ec:c8:41:96:f4:af:4e:e5:5a:87:0c:a9:
e9:fd:63:1b:73:63:61:ba:cc:8f:00:61:f3:e7:e5:
d4:9a:bc:f2:7b:16:7a:b3:ef:19:ed:52:ba:1b:5b:
3c:bc:d9:ec:c2:db:91:92:25:8a:65:99:d9:d1:02:
d6:e1:21:21:2d:84:76:35:b0:25:2e:d1:6d:28:f6:
69:bc:5a:5a:22:c8:66:3d:b9:c8:62:06:8d:c7:e3:
39:e5:67:31:11:e2:a9:1e:93:b7:92:19:7b:fe:e6:
02:9a:2a:b2:c5:14:91:f5:9c:6e:13:3d:e1:44:28:
54:ae:f0:6f:a6:8f:95:8f:40:7a:b9:79:d0:de:4c:
5c:5f:f9:4c:37:98:f6:2b:a1:b1:6b:53:ec:de:5a:
e7:83:c7:14:e3:8f:e0:2d:95:b8:84:b0:4b:bb:2d:
b3:7b:e6:50:87:34:ee:b5:7b:c3:a4:b3:23:70:0a:
14:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:C9:DA:2A:7C:A8:4E:78:6E:EC:8A:A8:08:65:47:8F:00:1E:7D:14
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/j8naKnyoTnhu7IqoCGVHjwAefRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.74.0/23
62.76.96.0/23
194.226.34.0/23
194.226.137.0/24
195.19.10.0/23
195.208.220.0/23
Signature Algorithm: sha256WithRSAEncryption
b8:cf:6a:82:0b:48:b2:8e:4f:72:7f:d0:72:e6:69:24:f7:09:
ea:1b:91:3e:82:d5:6c:b2:69:5c:21:fa:6c:2b:bb:1a:11:45:
d2:d4:b0:20:aa:cb:cd:66:6f:2f:f7:d9:5b:ab:28:b4:fe:25:
d8:ad:55:fa:6c:40:ff:d8:6b:1f:3d:19:6b:ae:f1:0a:33:be:
6e:82:b3:10:10:dd:90:17:65:0f:ce:5a:28:74:b6:09:de:0b:
e7:b5:11:89:5b:44:34:e1:92:ec:36:19:2c:83:fa:bd:20:44:
cb:7e:21:07:8a:c8:48:36:7b:40:6e:14:75:5e:4e:fd:b8:e6:
08:f5:21:bd:3d:ad:e1:83:40:ab:43:0d:7b:01:14:5a:17:50:
1d:7a:3a:96:3d:e9:a7:ab:54:c3:9e:10:3f:30:7f:52:2c:8f:
7b:cd:ef:c8:fd:d6:b6:41:78:d3:ea:ef:d4:cf:c5:8e:0b:16:
bb:a4:98:ba:17:68:5e:fd:bd:6b:aa:20:fa:48:e6:d6:4e:80:
41:1a:b0:89:ec:46:54:e5:41:6b:7b:e2:fc:e3:61:01:b8:8d:
59:b9:7e:dd:ec:d6:13:63:43:a6:d3:93:1b:4c:66:26:e9:d3:
3f:4d:39:59:ae:c1:c8:bd:0d:ff:8f:91:48:3a:25:cc:2c:26:
9f:bc:c0:9d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQl/Varw0jRUBrL3AIfYBHfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwMTAyMDc0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmM5ZGEyYTdjYTg0ZTc4NmVlYzhhYTgwODY1NDc4ZjAwMWU3ZDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMKbp5PdN/PlJdzBkM+N1t7o2kxl
N7KtZNlIHeSlnDBwSHsFH0wc+2twNGhvI2aTNezJGyYcf1P4G3dszNaqLpr/Emai
tMMfftKGXlXsyEGW9K9O5VqHDKnp/WMbc2NhusyPAGHz5+XUmrzyexZ6s+8Z7VK6
G1s8vNnswtuRkiWKZZnZ0QLW4SEhLYR2NbAlLtFtKPZpvFpaIshmPbnIYgaNx+M5
5WcxEeKpHpO3khl7/uYCmiqyxRSR9ZxuEz3hRChUrvBvpo+Vj0B6uXnQ3kxcX/lM
N5j2K6Gxa1Ps3lrng8cU44/gLZW4hLBLuy2ze+ZQhzTutXvDpLMjcAoU3wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFI/J2ip8qE54buyKqAhlR48AHn0UMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvajhuYUtueW9Ubmh1N0lxb0NHVkhqd0FlZlJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBPkxKAwQB
PkxgAwQBwuIiAwQAwuKJAwQBwxMKAwQBw9DcMA0GCSqGSIb3DQEBCwUAA4IBAQC4
z2qCC0iyjk9yf9By5mkk9wnqG5E+gtVssmlcIfpsK7saEUXS1LAgqsvNZm8v99lb
qyi0/iXYrVX6bED/2GsfPRlrrvEKM75ugrMQEN2QF2UPzloodLYJ3gvntRGJW0Q0
4ZLsNhksg/q9IETLfiEHishINntAbhR1Xk79uOYI9SG9Pa3hg0CrQw17ARRaF1Ad
ejqWPemnq1TDnhA/MH9SLI97ze/I/da2QXjT6u/Uz8WOCxa7pJi6F2he/b1rqiD6
SObWToBBGrCJ7EZU5UFre+L842EBuI1ZuX7d7NYTY0Om05MbTGYm6dM/TTlZrsHI
vQ3/j5FIOiXMLCafvMCd
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:35:47 2025 by rpki-client