Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/j2i6QQNxoq1bUQXcldP9uoDxzgk.roa
File: j2i6QQNxoq1bUQXcldP9uoDxzgk.roa (raw, json)
Hash identifier: DOB/JKVqliz29siwToKUHOHa/MLne0VmQ1cmCCPrxok=
Subject key identifier: 8F:68:BA:41:03:71:A2:AD:5B:51:05:DC:95:D3:FD:BA:80:F1:CE:09
Certificate issuer: /CN=2e43dac8ea55693439dd1b8b4812ba71834f1031
Certificate serial: 0196AB78EA2CE3EAB306E78FC3B65D350C7D
Authority key identifier: 2E:43:DA:C8:EA:55:69:34:39:DD:1B:8B:48:12:BA:71:83:4F:10:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/j2i6QQNxoq1bUQXcldP9uoDxzgk.roa
Signing time: Wed 07 May 2025 15:59:10 +0000
ROA not before: Wed 07 May 2025 15:59:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209275
IP address blocks: 31.222.228.0/24 maxlen: 24
88.214.40.0/24 maxlen: 24
88.214.42.0/24 maxlen: 24
185.225.198.0/24 maxlen: 24
2a09:9d00::/29 maxlen: 48
2a09:9d00:1::/48 maxlen: 48
2a09:9d00:2::/48 maxlen: 48
2a09:9d00:3::/48 maxlen: 48
2a09:9d00:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 May 2025 20:51:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ab:78:ea:2c:e3:ea:b3:06:e7:8f:c3:b6:5d:35:0c:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e43dac8ea55693439dd1b8b4812ba71834f1031
Validity
Not Before: May 7 15:59:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f68ba410371a2ad5b5105dc95d3fdba80f1ce09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8e:05:4d:34:fe:74:65:d1:6b:6f:d5:8a:c3:
8d:1c:45:91:43:f1:ce:41:67:19:55:de:c3:55:59:
2e:1c:b5:bf:8b:e8:84:fb:14:00:20:76:20:11:26:
e7:7a:58:8a:ca:f2:d7:6f:1f:2e:9e:f1:7d:83:86:
ab:ac:7c:44:09:02:ac:4d:9c:fe:cd:47:81:7a:3a:
05:ef:58:fd:80:cd:80:61:ff:a7:f0:b7:a0:b9:d4:
d0:dd:a5:6d:70:ae:6d:fd:53:ca:a1:21:45:ab:ad:
aa:88:34:06:6a:29:66:13:8f:be:ae:6a:aa:88:36:
a0:f1:37:7b:45:a7:aa:3c:09:b8:c3:5d:63:d3:65:
f4:66:9f:9d:26:79:0f:1e:6a:d1:0d:d3:d8:9d:09:
82:98:2a:46:68:37:76:a7:07:cf:80:59:d1:8f:61:
84:08:e9:08:53:29:d5:b9:66:05:aa:c7:14:0b:fd:
b6:0e:5d:dc:e6:41:c2:e6:9c:23:62:ad:9a:1c:67:
af:32:ae:fb:ce:0f:96:2b:34:45:a7:0d:83:88:b3:
95:38:93:eb:48:59:38:6f:e5:8b:aa:c0:98:b0:fe:
50:8f:d9:15:89:93:f8:0e:07:5b:53:5e:0d:4f:00:
5b:70:eb:7b:0b:4f:1c:a6:3d:c8:7b:37:c4:8a:f5:
7d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:68:BA:41:03:71:A2:AD:5B:51:05:DC:95:D3:FD:BA:80:F1:CE:09
X509v3 Authority Key Identifier:
keyid:2E:43:DA:C8:EA:55:69:34:39:DD:1B:8B:48:12:BA:71:83:4F:10:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/j2i6QQNxoq1bUQXcldP9uoDxzgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/LkPayOpVaTQ53RuLSBK6cYNPEDE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.228.0/24
88.214.40.0/24
88.214.42.0/24
185.225.198.0/24
IPv6:
2a09:9d00::/29
Signature Algorithm: sha256WithRSAEncryption
88:63:0f:ab:2e:28:58:e3:f0:c3:ae:e9:31:22:15:bd:71:35:
1b:fc:4f:92:48:78:b5:fc:f4:7e:86:56:31:d9:c7:6d:7b:28:
0d:42:3c:3a:1a:13:ef:e1:e0:b3:13:ea:f5:3f:ca:ad:96:28:
eb:8b:1d:3e:be:a3:6e:24:c3:3b:4e:90:07:fa:c7:c7:c3:26:
56:56:e4:be:2a:27:0c:13:fc:11:d0:2d:4d:df:15:ce:3a:db:
03:7b:cd:47:ff:86:14:b3:25:4c:2a:45:ac:75:b6:3b:af:4a:
aa:ac:5c:34:3b:9a:f0:82:9b:8d:d4:6d:aa:ec:ed:3d:ce:1d:
65:45:be:e7:99:56:e5:29:f9:30:40:28:76:0a:9d:98:bb:eb:
be:ce:15:c5:07:7c:ca:d9:c0:2c:7d:71:b3:5a:5e:2d:cd:3c:
d4:3d:e7:c1:de:c8:25:b8:ee:22:aa:e6:e8:f8:6d:5d:b3:0d:
be:2d:bb:ae:48:f5:02:7c:93:fd:1f:76:e5:2b:42:75:26:5b:
8c:92:75:5b:4e:52:f9:1e:f1:e8:21:6c:4f:44:45:86:fd:33:
a9:8c:b1:95:45:92:d8:42:92:98:70:80:89:ac:90:8f:74:ae:
7c:cb:f9:a9:fc:00:e8:36:bc:f4:bf:83:51:d8:d2:db:01:77:
13:51:15:15
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZareOos4+qzBuePw7ZdNQx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNDNkYWM4ZWE1NTY5MzQzOWRkMWI4YjQ4MTJiYTcxODM0
ZjEwMzEwHhcNMjUwNTA3MTU1OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjY4YmE0MTAzNzFhMmFkNWI1MTA1ZGM5NWQzZmRiYTgwZjFjZTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvo4FTTT+dGXRa2/VisONHEWRQ/HO
QWcZVd7DVVkuHLW/i+iE+xQAIHYgESbneliKyvLXbx8unvF9g4arrHxECQKsTZz+
zUeBejoF71j9gM2AYf+n8LegudTQ3aVtcK5t/VPKoSFFq62qiDQGailmE4++rmqq
iDag8Td7RaeqPAm4w11j02X0Zp+dJnkPHmrRDdPYnQmCmCpGaDd2pwfPgFnRj2GE
COkIUynVuWYFqscUC/22Dl3c5kHC5pwjYq2aHGevMq77zg+WKzRFpw2DiLOVOJPr
SFk4b+WLqsCYsP5Qj9kViZP4DgdbU14NTwBbcOt7C08cpj3IezfEivV9DwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFI9oukEDcaKtW1EF3JXT/bqA8c4JMB8GA1UdIwQY
MBaAFC5D2sjqVWk0Od0bi0gSunGDTxAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGtQYXlPcFZhVFE1M1J1TFNCSzZjWU5QRURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84NmJhMzYtNzhiOC00NGJiLTlmYjQt
MjZjN2M5NjNhNzY5LzEvajJpNlFRTnhvcTFiVVFYY2xkUDl1b0R4emdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84NmJhMzYtNzhiOC00NGJiLTlmYjQtMjZjN2M5NjNhNzY5
LzEvTGtQYXlPcFZhVFE1M1J1TFNCSzZjWU5QRURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAH97kAwQA
WNYoAwQAWNYqAwQAueHGMA0EAgACMAcDBQMqCZ0AMA0GCSqGSIb3DQEBCwUAA4IB
AQCIYw+rLihY4/DDrukxIhW9cTUb/E+SSHi1/PR+hlYx2cdteygNQjw6GhPv4eCz
E+r1P8qtlijrix0+vqNuJMM7TpAH+sfHwyZWVuS+KicME/wR0C1N3xXOOtsDe81H
/4YUsyVMKkWsdbY7r0qqrFw0O5rwgpuN1G2q7O09zh1lRb7nmVblKfkwQCh2Cp2Y
u+u+zhXFB3zK2cAsfXGzWl4tzTzUPefB3sgluO4iqubo+G1dsw2+LbuuSPUCfJP9
H3blK0J1JluMknVbTlL5HvHoIWxPREWG/TOpjLGVRZLYQpKYcICJrJCPdK58y/mp
/ADoNrz0v4NR2NLbAXcTURUV
-----END CERTIFICATE-----
Generated at Sun Jun 8 22:45:37 2025 by rpki-client