Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/juW99NxcNxDWZbYaNiuWvWd1XVQ.roa
File: juW99NxcNxDWZbYaNiuWvWd1XVQ.roa (raw, json)
Hash identifier: f5SmqOqwrK0zECJKUonFzTVCj04sn9/NpqWX1uLyyYE=
Subject key identifier: 8E:E5:BD:F4:DC:5C:37:10:D6:65:B6:1A:36:2B:96:BD:67:75:5D:54
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 0194236A2D60F796D75F939CB2DA781B14C0
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/juW99NxcNxDWZbYaNiuWvWd1XVQ.roa
Signing time: Wed 01 Jan 2025 19:49:08 +0000
ROA not before: Wed 01 Jan 2025 19:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48287
IP address blocks: 31.177.64.0/22 maxlen: 24
31.177.68.0/22 maxlen: 22
31.177.72.0/21 maxlen: 24
31.177.80.0/21 maxlen: 24
31.177.88.0/21 maxlen: 22
31.177.91.0/24 maxlen: 24
89.104.80.0/21 maxlen: 24
89.111.128.0/24 maxlen: 24
89.111.130.0/24 maxlen: 24
89.111.132.0/23 maxlen: 23
89.111.144.0/22 maxlen: 24
89.111.164.0/24 maxlen: 24
91.189.112.0/21 maxlen: 21
91.189.114.0/23 maxlen: 23
91.189.116.0/22 maxlen: 22
91.217.20.0/24 maxlen: 24
91.217.21.0/24 maxlen: 24
109.70.24.0/21 maxlen: 24
178.210.64.0/19 maxlen: 24
185.26.112.0/22 maxlen: 22
185.76.144.0/22 maxlen: 22
195.24.64.0/22 maxlen: 22
195.24.68.0/22 maxlen: 22
195.24.68.0/23 maxlen: 23
195.24.70.0/24 maxlen: 24
195.24.71.0/24 maxlen: 24
2a02:2090::/48 maxlen: 48
2a02:2090:1::/48 maxlen: 48
2a02:2090:e400::/48 maxlen: 48
2a02:2090:e800::/48 maxlen: 48
2a02:2090:ec00::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 30 Jan 2025 08:25:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2d:60:f7:96:d7:5f:93:9c:b2:da:78:1b:14:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Jan 1 19:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ee5bdf4dc5c3710d665b61a362b96bd67755d54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:36:2f:cb:ac:90:ff:2d:0f:0e:b5:c9:01:2e:
c5:59:a5:72:59:c3:c0:ab:46:c7:c0:52:a9:b2:44:
a0:0f:64:77:3e:dc:4f:2f:6c:af:f8:40:6f:1b:38:
d3:b3:b0:48:76:08:14:68:98:70:83:59:ff:0a:4f:
8b:22:c7:35:59:91:f7:49:4a:19:d7:e7:be:c8:2b:
6d:99:bc:ef:4c:6c:ce:2e:6d:d5:c5:9a:e3:98:e6:
b3:4d:18:96:6a:fe:f5:c3:1a:92:c2:07:55:ff:8a:
17:bb:84:63:6d:b8:f1:4a:b8:06:67:2e:bf:f1:54:
97:7f:ff:c6:97:0c:84:88:f3:17:71:14:9e:f3:f9:
c4:d0:cb:90:2b:69:42:49:4c:42:02:77:d9:5a:ca:
a2:ad:00:bf:db:91:71:10:05:67:c4:92:65:25:12:
5b:2a:7c:d1:ae:6a:f4:1d:1d:e6:e0:e2:c2:88:2d:
26:67:0b:c4:d0:58:2c:98:49:a6:50:7f:93:82:fc:
dc:ee:31:93:f3:f8:1a:94:f6:73:52:78:66:3c:3e:
c5:ba:a2:1a:94:0e:45:97:f9:d1:6c:00:a8:17:40:
54:fe:7c:fd:d3:ec:35:65:dc:a8:25:14:67:eb:c1:
ee:e4:10:08:b7:fe:0e:e5:a1:ff:5e:3d:14:9e:fb:
3a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:E5:BD:F4:DC:5C:37:10:D6:65:B6:1A:36:2B:96:BD:67:75:5D:54
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/juW99NxcNxDWZbYaNiuWvWd1XVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.64.0/19
89.104.80.0/21
89.111.128.0/24
89.111.130.0/24
89.111.132.0/23
89.111.144.0/22
89.111.164.0/24
91.189.112.0/21
91.217.20.0/23
109.70.24.0/21
178.210.64.0/19
185.26.112.0/22
185.76.144.0/22
195.24.64.0/21
IPv6:
2a02:2090::/47
2a02:2090:e400::/48
2a02:2090:e800::/48
2a02:2090:ec00::/48
Signature Algorithm: sha256WithRSAEncryption
45:b4:5c:e3:1e:6d:1a:0c:19:79:1b:31:d8:19:88:3e:73:f9:
98:97:83:34:d7:70:2e:21:e4:35:2a:20:a8:b9:d9:ad:94:2e:
4a:a4:4a:6d:4c:d2:fe:20:c9:b0:94:6e:9f:0e:72:e9:60:a3:
c3:51:8d:46:d1:7e:06:f8:ae:20:cf:a4:f9:5e:0d:01:69:8b:
82:09:c4:19:08:55:fc:b0:08:51:3b:80:82:e1:2e:e6:2a:b0:
4a:6a:49:06:bc:78:34:0e:81:ed:58:9b:5b:3e:3e:50:cd:d0:
ef:db:c0:5b:3f:43:30:21:98:1c:e3:fc:84:ef:4d:d5:0f:5b:
9d:76:fc:96:c7:58:d1:0e:08:f5:d7:c1:f0:7e:a1:7a:f8:47:
ca:ae:f6:ed:cf:d0:75:39:31:f9:d1:63:b2:cb:ec:51:eb:04:
57:b9:b1:4e:72:3f:f7:62:a9:d8:55:27:b8:2e:4f:bb:6f:43:
24:68:f8:f6:9b:fa:03:ae:6a:70:de:8c:8e:56:a6:b9:e4:df:
36:f5:8a:67:e3:f6:84:51:7f:fc:e7:50:6b:27:bc:98:ec:63:
1f:4e:ad:f1:4f:dc:00:28:f9:89:b2:b0:51:a6:59:ae:13:55:
bc:83:77:af:2e:58:d5:80:3c:e9:ba:e0:13:3b:02:8a:69:09:
9f:e4:ba:75
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAZQjai1g95bXX5Ocstp4GxTAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjUwMTAxMTk0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWU1YmRmNGRjNWMzNzEwZDY2NWI2MWEzNjJiOTZiZDY3NzU1ZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zYvy6yQ/y0PDrXJAS7FWaVyWcPA
q0bHwFKpskSgD2R3PtxPL2yv+EBvGzjTs7BIdggUaJhwg1n/Ck+LIsc1WZH3SUoZ
1+e+yCttmbzvTGzOLm3VxZrjmOazTRiWav71wxqSwgdV/4oXu4RjbbjxSrgGZy6/
8VSXf//GlwyEiPMXcRSe8/nE0MuQK2lCSUxCAnfZWsqirQC/25FxEAVnxJJlJRJb
KnzRrmr0HR3m4OLCiC0mZwvE0FgsmEmmUH+Tgvzc7jGT8/galPZzUnhmPD7FuqIa
lA5Fl/nRbACoF0BU/nz90+w1ZdyoJRRn68Hu5BAIt/4O5aH/Xj0Unvs6gwIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFI7lvfTcXDcQ1mW2GjYrlr1ndV1UMB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvanVXOTlOeGNOeERXWmJZYU5pdVd2V2QxWFZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBaBAIAATBUAwQFH7FA
AwQDWWhQAwQAWW+AAwQAWW+CAwQBWW+EAwQCWW+QAwQAWW+kAwQDW71wAwQBW9kU
AwQDbUYYAwQFstJAAwQCuRpwAwQCuUyQAwQDwxhAMCoEAgACMCQDBwEqAiCQAAAD
BwAqAiCQ5AADBwAqAiCQ6AADBwAqAiCQ7AAwDQYJKoZIhvcNAQELBQADggEBAEW0
XOMebRoMGXkbMdgZiD5z+ZiXgzTXcC4h5DUqIKi52a2ULkqkSm1M0v4gybCUbp8O
culgo8NRjUbRfgb4riDPpPleDQFpi4IJxBkIVfywCFE7gILhLuYqsEpqSQa8eDQO
ge1Ym1s+PlDN0O/bwFs/QzAhmBzj/ITvTdUPW512/JbHWNEOCPXXwfB+oXr4R8qu
9u3P0HU5MfnRY7LL7FHrBFe5sU5yP/diqdhVJ7guT7tvQyRo+Pab+gOuanDejI5W
prnk3zb1imfj9oRRf/znUGsnvJjsYx9OrfFP3AAo+YmysFGmWa4TVbyDd68uWNWA
POm64BM7AoppCZ/kunU=
-----END CERTIFICATE-----
Generated at Mon May 12 16:25:24 2025 by rpki-client