Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/jqeHIP4wFep8l8oG9zjAkJl4PB0.roa
File: jqeHIP4wFep8l8oG9zjAkJl4PB0.roa (raw, json)
Hash identifier: AFCsGzr1D6gXRi3EwtDFMsBHKaq02FOa8esjIaoolZE=
Subject key identifier: 8E:A7:87:20:FE:30:15:EA:7C:97:CA:06:F7:38:C0:90:99:78:3C:1D
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 01929F3A64AC521D4655E7D827D886245F47
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/jqeHIP4wFep8l8oG9zjAkJl4PB0.roa
Signing time: Fri 18 Oct 2024 10:44:17 +0000
ROA not before: Fri 18 Oct 2024 10:44:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199404
IP address blocks: 69.57.172.0/24 maxlen: 24
190.92.174.0/24 maxlen: 24
190.92.175.0/24 maxlen: 24
195.250.20.0/24 maxlen: 24
195.250.21.0/24 maxlen: 24
195.250.22.0/24 maxlen: 24
198.38.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 11:53:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9f:3a:64:ac:52:1d:46:55:e7:d8:27:d8:86:24:5f:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Oct 18 10:44:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ea78720fe3015ea7c97ca06f738c09099783c1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:42:77:4b:6d:65:e3:fa:0e:99:15:87:48:81:
93:a9:79:56:58:c7:77:fa:6e:4e:3e:f8:ac:18:fc:
53:10:78:bc:9b:ed:b3:7b:6f:c3:2d:60:e9:97:a6:
4f:6e:84:b1:c0:08:51:50:7a:50:17:45:d8:dd:a8:
b1:89:43:2f:1f:28:ba:ce:f2:53:62:7c:a6:95:f7:
8f:2e:4f:4c:a2:23:ec:d8:8d:58:93:81:f7:bc:f3:
2c:eb:a0:2d:fc:f9:0c:89:66:6b:0c:0f:b2:4f:6b:
92:6e:90:04:40:5a:56:90:db:b1:06:d8:98:3f:71:
81:3d:f5:11:85:ac:b1:a4:bc:90:1a:e0:64:32:3a:
e6:d9:07:a6:13:80:89:45:7e:50:3d:8d:d8:9b:6a:
5d:17:fc:c7:79:f7:e7:6a:69:d2:19:f2:81:48:38:
75:c6:52:d3:fc:64:f6:4d:5e:d8:7f:0f:a7:1f:c4:
6f:87:af:a9:94:df:d9:31:11:1e:b0:fa:44:e7:1a:
ae:f6:84:9c:db:1e:d5:5f:d7:0e:77:03:be:48:3e:
9e:ee:dc:e2:5c:b4:23:b7:11:d9:b9:41:46:fe:d4:
ba:bd:e7:ce:e2:87:25:c7:be:7e:34:2c:2f:4c:bc:
26:bf:b2:c8:c5:28:94:2b:7d:06:ef:ad:d6:b3:b1:
03:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:A7:87:20:FE:30:15:EA:7C:97:CA:06:F7:38:C0:90:99:78:3C:1D
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/jqeHIP4wFep8l8oG9zjAkJl4PB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.57.172.0/24
190.92.174.0/23
195.250.20.0-195.250.22.255
198.38.81.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:35:36:22:45:9b:bc:20:f7:e7:a2:ed:f5:fd:9b:8e:4d:6a:
cb:66:19:fd:47:88:83:32:fa:8a:9d:78:3c:78:f1:70:c2:3e:
02:39:fd:ea:bf:a2:f8:54:d8:46:2e:c0:ba:e5:db:5a:71:e2:
d6:02:78:34:99:ae:88:2a:2a:aa:8d:5e:ce:c8:1d:7d:17:95:
5f:fb:11:2b:3c:50:bb:73:2d:23:2d:50:6c:f7:ff:98:18:70:
e2:49:71:75:03:f3:46:ca:de:04:00:2d:e5:ee:4b:5a:68:76:
1c:9c:24:4c:03:09:ff:99:50:0c:b1:60:5b:04:f6:18:4f:ac:
c2:88:19:a3:6a:ab:c2:b3:cf:ea:04:f2:d4:8b:a1:26:28:5a:
ae:17:2d:3f:6f:f5:ab:d6:b4:99:90:88:34:62:5f:0c:15:87:
fb:fc:a2:80:02:a8:89:c0:60:d6:b6:51:87:4e:7f:f8:31:a2:
82:34:e1:75:8c:ee:ee:c8:4b:9b:e3:36:c7:f0:9b:59:42:9c:
38:fc:6b:94:f0:f8:17:e4:dd:d6:25:93:e8:4b:c4:16:7b:93:
c0:d3:db:01:5f:f0:f9:3a:30:82:f1:bb:8f:4c:b6:26:0d:95:
01:fb:f7:f7:cb:fe:27:94:04:39:5b:7b:65:fa:f9:76:f2:f9:
cf:05:ca:4f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZKfOmSsUh1GVefYJ9iGJF9HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjQxMDE4MTA0NDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWE3ODcyMGZlMzAxNWVhN2M5N2NhMDZmNzM4YzA5MDk5NzgzYzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUJ3S21l4/oOmRWHSIGTqXlWWMd3
+m5OPvisGPxTEHi8m+2ze2/DLWDpl6ZPboSxwAhRUHpQF0XY3aixiUMvHyi6zvJT
YnymlfePLk9MoiPs2I1Yk4H3vPMs66At/PkMiWZrDA+yT2uSbpAEQFpWkNuxBtiY
P3GBPfURhayxpLyQGuBkMjrm2QemE4CJRX5QPY3Ym2pdF/zHeffnamnSGfKBSDh1
xlLT/GT2TV7Yfw+nH8Rvh6+plN/ZMREesPpE5xqu9oSc2x7VX9cOdwO+SD6e7tzi
XLQjtxHZuUFG/tS6vefO4oclx75+NCwvTLwmv7LIxSiUK30G763Ws7EDXwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFI6nhyD+MBXqfJfKBvc4wJCZeDwdMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvanFlSElQNHdGZXA4bDhvRzl6akFrSmw0UEIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQARTmsAwQB
vlyuMAwDBALD+hQDBADD+hYDBADGJlEwDQYJKoZIhvcNAQELBQADggEBAB01NiJF
m7wg9+ei7fX9m45NastmGf1HiIMy+oqdeDx48XDCPgI5/eq/ovhU2EYuwLrl21px
4tYCeDSZrogqKqqNXs7IHX0XlV/7ESs8ULtzLSMtUGz3/5gYcOJJcXUD80bK3gQA
LeXuS1podhycJEwDCf+ZUAyxYFsE9hhPrMKIGaNqq8Kzz+oE8tSLoSYoWq4XLT9v
9avWtJmQiDRiXwwVh/v8ooACqInAYNa2UYdOf/gxooI04XWM7u7IS5vjNsfwm1lC
nDj8a5Tw+Bfk3dYlk+hLxBZ7k8DT2wFf8Pk6MILxu49MtiYNlQH79/fL/ieUBDlb
e2X6+Xby+c8Fyk8=
-----END CERTIFICATE-----
Generated at Tue Nov 5 16:38:35 2024 by rpki-client on console-fra.rpki-client.org