Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/jiXUkjN0GAGTu6QBNtQmCpZkHL8.roa
File: jiXUkjN0GAGTu6QBNtQmCpZkHL8.roa (raw, json)
Hash identifier: gxt9SVdew0JnadW3nnb7FwW3BNHzIbQpL9U85Qy4V5g=
Subject key identifier: 8E:25:D4:92:33:74:18:01:93:BB:A4:01:36:D4:26:0A:96:64:1C:BF
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0195D2DA32E79F8FDF37E3ADC8052F91B5E7
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/jiXUkjN0GAGTu6QBNtQmCpZkHL8.roa
Signing time: Wed 26 Mar 2025 14:27:50 +0000
ROA not before: Wed 26 Mar 2025 14:27:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201776
IP address blocks: 2.63.144.0/20 maxlen: 20
2.63.176.0/20 maxlen: 20
2.63.224.0/20 maxlen: 20
46.61.150.0/24 maxlen: 24
46.61.245.0/24 maxlen: 24
84.42.92.0/22 maxlen: 24
84.42.92.0/24 maxlen: 24
84.42.93.0/24 maxlen: 24
84.42.94.0/24 maxlen: 24
84.42.95.0/24 maxlen: 24
92.50.204.0/23 maxlen: 23
176.119.169.0/24 maxlen: 24
176.119.170.0/24 maxlen: 24
176.119.171.0/24 maxlen: 24
176.119.172.0/24 maxlen: 24
176.208.74.0/24 maxlen: 24
176.211.120.0/22 maxlen: 22
188.128.76.0/23 maxlen: 24
188.254.122.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 02 Apr 2025 04:44:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d2:da:32:e7:9f:8f:df:37:e3:ad:c8:05:2f:91:b5:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Mar 26 14:27:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e25d4923374180193bba40136d4260a96641cbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:bb:b1:25:2a:39:2e:e3:08:e3:43:eb:c5:89:
da:c0:33:7c:65:2a:83:c7:7b:d0:13:e2:01:99:8d:
14:f8:f9:00:67:78:bf:17:78:d4:53:9d:7b:2b:03:
0d:6b:bb:8e:a7:72:81:92:fa:b3:c5:26:75:15:1f:
f2:59:f3:cf:7a:ba:27:81:cb:12:aa:4d:24:6e:22:
e4:6e:56:e4:51:b8:65:fe:7c:f4:26:34:62:23:42:
75:fd:ce:70:2a:37:ff:c2:45:06:04:61:6d:15:f6:
47:16:4a:4b:8d:c3:38:29:fb:ca:2b:84:63:ad:f8:
ec:07:f2:46:11:b7:93:d6:d1:4e:08:2e:df:9a:c5:
81:cc:16:76:08:88:14:70:83:06:a8:80:bc:7a:55:
b2:71:8c:be:79:5b:14:d0:76:5d:36:6b:76:5f:70:
da:b1:5f:bf:62:37:da:a0:80:79:30:71:16:71:62:
88:15:6f:62:9e:10:32:d1:53:28:f3:16:96:6d:c5:
3b:da:61:53:3d:3a:d2:b7:93:73:1e:81:b3:4d:9b:
32:78:9d:6a:c2:30:0f:34:32:df:59:c4:11:c2:4e:
44:25:29:f2:e1:88:d8:2f:fb:d5:46:e3:41:63:34:
e6:52:b5:45:17:a3:96:f2:98:b8:c8:99:08:7c:55:
3c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:25:D4:92:33:74:18:01:93:BB:A4:01:36:D4:26:0A:96:64:1C:BF
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/jiXUkjN0GAGTu6QBNtQmCpZkHL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.63.144.0/20
2.63.176.0/20
2.63.224.0/20
46.61.150.0/24
46.61.245.0/24
84.42.92.0/22
92.50.204.0/23
176.119.169.0-176.119.172.255
176.208.74.0/24
176.211.120.0/22
188.128.76.0/23
188.254.122.0/23
Signature Algorithm: sha256WithRSAEncryption
31:cd:ae:1e:c4:cf:39:bf:76:c4:9e:4e:fb:ad:13:bc:4f:64:
b3:82:c8:f2:e5:cb:d2:b8:c5:d1:0e:4f:45:85:27:bd:05:5a:
d4:65:a2:e3:3b:ce:40:5d:c2:c4:20:88:a6:1e:e6:db:5e:98:
72:43:e7:d6:a6:b4:5f:2e:34:69:ce:ea:f1:59:5f:e5:3e:da:
d5:15:73:d3:d4:15:f8:59:58:46:61:01:a4:78:5e:46:3d:0d:
1e:3d:85:e7:5b:7a:2b:40:47:c8:3b:46:06:2e:c0:b4:75:1c:
89:08:df:ac:72:af:88:50:59:a1:93:e4:2d:f1:10:9a:25:e4:
d7:91:19:e7:24:c4:f2:13:36:d8:8a:a8:5c:78:b7:8f:22:f3:
13:f7:46:a7:11:eb:ba:3c:2e:69:6e:53:43:c5:f9:b0:a7:78:
18:0e:84:04:9a:45:b2:8e:ed:6d:d3:b2:60:ac:a6:a4:af:4e:
e7:84:f8:f8:87:b8:72:c1:43:3d:9d:4c:b3:f8:73:12:b1:71:
76:3d:c7:df:e6:a4:fd:a8:4f:ec:3a:0f:15:b8:f5:b6:3b:3b:
94:74:2a:d8:68:e7:3a:8e:02:c2:f8:a4:fa:05:f2:70:ad:2b:
bd:65:35:f9:50:25:91:ce:d0:1c:2f:eb:19:4c:7c:25:19:b3:
d7:9c:5a:a1
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZXS2jLnn4/fN+OtyAUvkbXnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMzI2MTQyNzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTI1ZDQ5MjMzNzQxODAxOTNiYmE0MDEzNmQ0MjYwYTk2NjQxY2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLuxJSo5LuMI40PrxYnawDN8ZSqD
x3vQE+IBmY0U+PkAZ3i/F3jUU517KwMNa7uOp3KBkvqzxSZ1FR/yWfPPerongcsS
qk0kbiLkblbkUbhl/nz0JjRiI0J1/c5wKjf/wkUGBGFtFfZHFkpLjcM4KfvKK4Rj
rfjsB/JGEbeT1tFOCC7fmsWBzBZ2CIgUcIMGqIC8elWycYy+eVsU0HZdNmt2X3Da
sV+/YjfaoIB5MHEWcWKIFW9inhAy0VMo8xaWbcU72mFTPTrSt5NzHoGzTZsyeJ1q
wjAPNDLfWcQRwk5EJSny4YjYL/vVRuNBYzTmUrVFF6OW8pi4yJkIfFU82QIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFI4l1JIzdBgBk7ukATbUJgqWZBy/MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvamlYVWtqTjBHQUdUdTZRQk50UW1DcFprSEw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQEAj+QAwQE
Aj+wAwQEAj/gAwQALj2WAwQALj31AwQCVCpcAwQBXDLMMAwDBACwd6kDBACwd6wD
BACw0EoDBAKw03gDBAG8gEwDBAG8/nowDQYJKoZIhvcNAQELBQADggEBADHNrh7E
zzm/dsSeTvutE7xPZLOCyPLly9K4xdEOT0WFJ70FWtRlouM7zkBdwsQgiKYe5tte
mHJD59amtF8uNGnO6vFZX+U+2tUVc9PUFfhZWEZhAaR4XkY9DR49hedbeitAR8g7
RgYuwLR1HIkI36xyr4hQWaGT5C3xEJol5NeRGeckxPITNtiKqFx4t48i8xP3RqcR
67o8LmluU0PF+bCneBgOhASaRbKO7W3TsmCspqSvTueE+PiHuHLBQz2dTLP4cxKx
cXY9x9/mpP2oT+w6DxW49bY7O5R0Ktho5zqOAsL4pPoF8nCtK71lNflQJZHO0Bwv
6xlMfCUZs9ecWqE=
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:55:12 2025 by rpki-client