Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/JCEp9D_bWf9LSeTXs2s_F6g7bs0.roa
File: JCEp9D_bWf9LSeTXs2s_F6g7bs0.roa (raw, json)
Hash identifier: eRrNGGUN794yW+Qu2eE8IUi2P5ngDGTow4exLLr6f9U=
Subject key identifier: 24:21:29:F4:3F:DB:59:FF:4B:49:E4:D7:B3:6B:3F:17:A8:3B:6E:CD
Certificate issuer: /CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Certificate serial: 0195619F39C08E9BF406D68A576496F92B20
Authority key identifier: 24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/JCEp9D_bWf9LSeTXs2s_F6g7bs0.roa
Signing time: Tue 04 Mar 2025 14:46:19 +0000
ROA not before: Tue 04 Mar 2025 14:46:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9141
IP address blocks: 31.178.0.0/17 maxlen: 17
31.178.128.0/17 maxlen: 17
31.179.0.0/17 maxlen: 17
31.179.128.0/17 maxlen: 24
31.186.192.0/19 maxlen: 19
77.236.0.0/21 maxlen: 21
77.236.8.0/21 maxlen: 21
77.236.16.0/21 maxlen: 21
77.236.24.0/21 maxlen: 21
81.18.192.0/22 maxlen: 22
81.18.196.0/22 maxlen: 22
81.18.200.0/22 maxlen: 22
81.18.204.0/22 maxlen: 22
81.18.208.0/22 maxlen: 22
81.18.212.0/22 maxlen: 22
81.18.216.0/22 maxlen: 22
81.18.220.0/22 maxlen: 22
83.144.64.0/19 maxlen: 19
83.144.96.0/19 maxlen: 19
83.175.176.0/20 maxlen: 20
84.10.0.0/18 maxlen: 18
84.10.64.0/18 maxlen: 18
84.10.128.0/18 maxlen: 18
84.10.192.0/18 maxlen: 18
85.222.0.0/19 maxlen: 19
85.222.32.0/19 maxlen: 19
85.222.52.0/22 maxlen: 22
85.222.64.0/19 maxlen: 19
85.222.96.0/19 maxlen: 19
87.206.0.0/17 maxlen: 17
87.206.128.0/17 maxlen: 17
87.207.0.0/17 maxlen: 17
87.207.128.0/17 maxlen: 17
89.64.0.0/14 maxlen: 14
89.68.0.0/14 maxlen: 14
89.70.108.0/22 maxlen: 22
89.72.0.0/14 maxlen: 14
89.72.228.0/22 maxlen: 22
89.76.0.0/14 maxlen: 14
89.77.216.0/22 maxlen: 22
91.150.192.0/20 maxlen: 20
91.150.208.0/20 maxlen: 20
92.244.32.0/21 maxlen: 21
92.244.40.0/21 maxlen: 21
92.244.48.0/21 maxlen: 21
92.244.56.0/21 maxlen: 21
94.75.64.0/20 maxlen: 20
94.75.80.0/20 maxlen: 20
94.75.96.0/20 maxlen: 20
94.75.112.0/20 maxlen: 20
94.172.0.0/18 maxlen: 18
94.172.64.0/18 maxlen: 18
94.172.128.0/18 maxlen: 18
94.172.192.0/18 maxlen: 18
195.34.210.0/23 maxlen: 23
217.119.64.0/20 maxlen: 20
2a02:a300::/29 maxlen: 29
2a02:a308::/29 maxlen: 29
2a02:a310::/32 maxlen: 32
2a02:a311::/32 maxlen: 32
2a02:a312::/32 maxlen: 32
2a02:a313::/32 maxlen: 32
2a02:a315:e500::/40 maxlen: 40
2a02:a316:e100::/40 maxlen: 40
2a02:a319:6000::/40 maxlen: 40
2a02:a31b:c400::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 04 Mar 2025 14:47:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:61:9f:39:c0:8e:9b:f4:06:d6:8a:57:64:96:f9:2b:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Validity
Not Before: Mar 4 14:46:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=242129f43fdb59ff4b49e4d7b36b3f17a83b6ecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d3:26:10:7e:a5:cb:31:c9:4c:71:60:36:7f:
b5:3f:31:84:d7:55:83:1a:cd:56:f0:51:51:b4:ec:
cf:24:f7:46:ec:07:9d:18:4e:3f:0f:76:47:c1:2d:
f2:24:96:72:27:5a:8d:f0:d5:37:48:1b:cc:34:b1:
bc:6f:66:25:d8:59:7b:e1:eb:12:ed:b9:42:d0:53:
38:b6:a9:ed:c9:63:1b:04:16:95:1a:42:ad:c4:28:
d2:36:f6:ec:e5:97:42:00:4f:e6:be:35:b9:75:9b:
4a:e2:66:48:23:2c:3d:61:56:fd:27:b9:2e:fe:71:
88:2b:b9:15:03:b0:6f:b3:fb:a2:3f:7f:7c:3e:69:
fe:dd:64:05:b9:4b:76:a4:e8:fd:a3:e7:65:63:f5:
dc:17:fa:95:5a:77:4f:14:a0:a9:74:0e:71:c8:58:
5d:ac:f4:0d:d3:12:2c:b0:25:72:11:5b:1c:f2:50:
1a:5f:58:24:f4:13:3e:b3:09:98:8a:16:f0:c6:89:
41:21:21:be:8d:5e:8f:b7:45:c1:75:aa:b6:4c:eb:
97:5e:05:a0:ea:58:e7:0e:c2:52:fc:49:dd:2a:93:
81:66:57:2e:b3:2b:aa:da:4b:c3:ac:8c:e9:ed:66:
72:9d:0f:c4:f5:7a:79:f0:4c:66:0c:d1:be:69:2f:
90:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:21:29:F4:3F:DB:59:FF:4B:49:E4:D7:B3:6B:3F:17:A8:3B:6E:CD
X509v3 Authority Key Identifier:
keyid:24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/JCEp9D_bWf9LSeTXs2s_F6g7bs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/JBR8iz83hQ6fkHSZOEXE4Gn47-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.178.0.0/15
31.186.192.0/19
77.236.0.0/19
81.18.192.0/19
83.144.64.0/18
83.175.176.0/20
84.10.0.0/16
85.222.0.0/17
87.206.0.0/15
89.64.0.0/12
91.150.192.0/19
92.244.32.0/19
94.75.64.0/18
94.172.0.0/16
195.34.210.0/23
217.119.64.0/20
IPv6:
2a02:a300::-2a02:a313:ffff:ffff:ffff:ffff:ffff:ffff
2a02:a315:e500::/40
2a02:a316:e100::/40
2a02:a319:6000::/40
2a02:a31b:c400::/40
Signature Algorithm: sha256WithRSAEncryption
6a:ed:aa:77:86:72:3c:2c:fc:c5:80:b5:4a:5a:5d:26:05:99:
15:8b:1b:85:9b:5c:63:2d:d6:29:b9:eb:34:03:9f:b1:61:e2:
2b:d0:0b:e2:1d:cb:51:2f:ba:db:6e:27:56:2e:cb:3d:2e:87:
26:a0:9e:26:4e:e6:e6:1b:60:60:45:d2:8d:9b:b1:17:d4:e2:
9f:6b:01:96:63:b0:3e:8b:34:e3:73:8a:18:76:e1:2e:d6:9f:
dc:4c:c7:fa:83:05:18:5c:97:5f:88:eb:a8:7e:7b:a7:69:b6:
3b:99:82:2b:01:16:4a:32:a1:1c:29:f1:dc:90:38:c9:fd:37:
e9:33:6b:dd:78:98:8e:0e:b3:b5:4b:f0:15:7f:7e:40:7d:4d:
4b:85:bf:23:5b:9d:84:55:11:46:e8:a4:ca:af:9a:a8:30:bc:
e2:f8:4e:20:02:0b:70:12:19:2f:bf:db:09:e4:f6:52:c1:ae:
f5:6c:5f:41:4d:83:6f:35:b9:de:7a:e9:a7:3f:15:64:20:e4:
5f:d4:1e:3c:74:eb:d1:49:6d:60:b3:a6:bf:ae:e6:16:57:37:
a5:f6:67:f4:da:1d:09:0d:34:41:ae:c7:87:cd:24:96:e9:4d:
d9:26:22:ff:b7:55:ff:5a:92:d7:4f:15:2a:bd:f3:df:a5:06:
e9:f4:fb:b2
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZVhnznAjpv0BtaKV2SW+SsgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTQ3YzhiM2YzNzg1MGU5ZjkwNzQ5OTM4NDVjNGUwNjlm
OGVmZTIwHhcNMjUwMzA0MTQ0NjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDIxMjlmNDNmZGI1OWZmNGI0OWU0ZDdiMzZiM2YxN2E4M2I2ZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdMmEH6lyzHJTHFgNn+1PzGE11WD
Gs1W8FFRtOzPJPdG7AedGE4/D3ZHwS3yJJZyJ1qN8NU3SBvMNLG8b2Yl2Fl74esS
7blC0FM4tqntyWMbBBaVGkKtxCjSNvbs5ZdCAE/mvjW5dZtK4mZIIyw9YVb9J7ku
/nGIK7kVA7Bvs/uiP398Pmn+3WQFuUt2pOj9o+dlY/XcF/qVWndPFKCpdA5xyFhd
rPQN0xIssCVyEVsc8lAaX1gk9BM+swmYihbwxolBISG+jV6Pt0XBdaq2TOuXXgWg
6ljnDsJS/EndKpOBZlcusyuq2kvDrIzp7WZynQ/E9Xp58ExmDNG+aS+QrQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFCQhKfQ/21n/S0nk17NrPxeoO27NMB8GA1UdIwQY
MBaAFCQUfIs/N4UOn5B0mThFxOBp+O/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEt
YjM1MzViNGNhNTBmLzEvSkNFcDlEX2JXZjlMU2VUWHMyc19GNmc3YnMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEtYjM1MzViNGNhNTBm
LzEvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjBhBAIAATBbAwMBH7ID
BAUfusADBAVN7AADBAVREsADBAZTkEADBARTr7ADAwBUCgMEB1XeAAMDAVfOAwME
WUADBAVblsADBAVc9CADBAZeS0ADAwBerAMEAcMi0gMEBNl3QDA1BAIAAjAvMA0D
BAAqAqMDBQIqAqMQAwYAKgKjFeUDBgAqAqMW4QMGACoCoxlgAwYAKgKjG8QwDQYJ
KoZIhvcNAQELBQADggEBAGrtqneGcjws/MWAtUpaXSYFmRWLG4WbXGMt1im56zQD
n7Fh4ivQC+Idy1EvuttuJ1Yuyz0uhyagniZO5uYbYGBF0o2bsRfU4p9rAZZjsD6L
NONzihh24S7Wn9xMx/qDBRhcl1+I66h+e6dptjuZgisBFkoyoRwp8dyQOMn9N+kz
a914mI4Os7VL8BV/fkB9TUuFvyNbnYRVEUbopMqvmqgwvOL4TiACC3ASGS+/2wnk
9lLBrvVsX0FNg281ud566ac/FWQg5F/UHjx069FJbWCzpr+u5hZXN6X2Z/TaHQkN
NEGux4fNJJbpTdkmIv+3Vf9aktdPFSq989+lBun0+7I=
-----END CERTIFICATE-----
Generated at Tue Apr 29 06:40:44 2025 by rpki-client