Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/JLUDDsziZQSGMCnv0vCYdskVu9Q.roa
File: JLUDDsziZQSGMCnv0vCYdskVu9Q.roa (raw, json)
Hash identifier: 2Wv0xKOxaSE8fsyG3tC9A5p2+Wmoscj8sSMUZ41H9nE=
Subject key identifier: 24:B5:03:0E:CC:E2:65:04:86:30:29:EF:D2:F0:98:76:C9:15:BB:D4
Certificate issuer: /CN=0969a2a39635b797476f1f1633ae8f27bf33b533
Certificate serial: 018CC3B6DA95892348A682EB3ECF1511C6EE
Authority key identifier: 09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/JLUDDsziZQSGMCnv0vCYdskVu9Q.roa
Signing time: Mon 01 Jan 2024 06:29:49 +0000
ROA not before: Mon 01 Jan 2024 06:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207709
IP address blocks: 195.85.216.0/24 maxlen: 24
185.242.162.0/24 maxlen: 24
185.242.161.0/24 maxlen: 24
185.242.160.0/24 maxlen: 24
185.242.163.0/24 maxlen: 24
2.56.152.0/24 maxlen: 24
2.56.155.0/24 maxlen: 24
2.56.154.0/24 maxlen: 24
2.56.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Sep 2024 15:34:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:da:95:89:23:48:a6:82:eb:3e:cf:15:11:c6:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0969a2a39635b797476f1f1633ae8f27bf33b533
Validity
Not Before: Jan 1 06:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24b5030ecce26504863029efd2f09876c915bbd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:05:98:21:7c:91:67:e8:f5:14:80:b8:57:06:
42:ff:ad:63:b9:04:91:35:5f:f0:8a:f2:b5:24:e3:
cc:8a:23:9d:0c:2c:31:f7:d5:1e:2e:9e:f0:e1:c0:
2d:83:cf:d9:83:91:92:1b:1a:0d:ee:ac:bd:8e:47:
0f:ab:aa:38:86:5d:4d:48:ab:41:95:87:d0:b3:dc:
30:f8:a0:e0:0b:24:b6:6a:45:3b:cf:4e:40:b0:2a:
01:86:d3:4a:71:28:e2:e2:6b:b0:19:95:eb:0b:92:
c2:0a:c9:8c:f4:5f:3b:cd:74:c0:d8:cc:16:3c:b6:
5a:ff:5f:58:82:0c:48:5c:28:cd:9e:70:cb:9d:41:
5a:d7:6d:b7:bc:a1:2a:78:f6:32:fd:04:7a:bd:fd:
43:bf:56:c0:bc:24:38:cf:cc:09:74:9f:e4:ec:7a:
1b:ae:be:f0:99:4b:a3:4a:6b:47:03:12:d3:86:6b:
d4:92:72:5b:aa:5d:9b:a3:c3:c0:e3:2b:a8:3d:cc:
5a:7b:e0:94:47:02:8d:c3:71:b3:76:4a:51:77:3f:
11:e4:8e:b8:ee:c3:d6:98:93:96:5b:9e:94:a4:50:
a9:e4:c2:be:59:d0:26:23:ce:c4:19:7f:58:2e:f9:
15:d8:3f:37:c5:d7:ef:56:14:b8:fb:ac:0c:5a:6e:
62:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:B5:03:0E:CC:E2:65:04:86:30:29:EF:D2:F0:98:76:C9:15:BB:D4
X509v3 Authority Key Identifier:
keyid:09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/JLUDDsziZQSGMCnv0vCYdskVu9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.152.0/22
185.242.160.0/22
195.85.216.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:1c:9d:58:9d:dc:67:ee:e7:46:2e:e2:46:c1:43:75:d8:bd:
0d:b7:18:c3:d3:6e:78:91:e0:0b:68:5d:ac:78:f4:18:5e:9e:
1c:e2:87:55:74:cd:81:45:eb:92:0f:db:1b:f9:c1:9f:d4:f4:
e4:43:7d:82:0d:08:83:da:f9:dd:bc:73:79:a3:a6:b3:d9:7e:
97:74:ac:2f:02:9b:7f:25:5d:9b:fa:27:4c:f0:52:44:05:8a:
7b:dd:8d:4c:e6:2c:a5:18:42:73:d3:ac:22:14:08:97:bc:54:
05:8c:9d:2f:59:d0:e1:6f:12:96:e0:1d:53:b1:3c:75:1d:4f:
b3:b4:85:53:3a:d9:b4:ff:74:b6:27:7a:2a:92:23:33:f7:77:
12:a3:79:ed:e9:15:07:39:87:ed:d8:28:93:c3:60:38:97:97:
0a:8e:c7:ee:3a:0e:c9:db:63:be:c4:71:3c:d8:6a:09:19:21:
37:e1:1d:79:94:23:a4:52:d0:e4:93:71:52:37:af:41:e3:0b:
45:66:96:4d:0b:fa:bb:73:87:1f:ee:08:0c:84:c5:07:70:31:
67:09:7e:26:7a:6a:bd:f0:17:c8:75:5d:20:7f:2a:34:aa:40:
ed:ba:4a:d6:78:16:49:ca:e1:ff:73:04:07:33:87:4b:07:a9:
4f:75:1c:62
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDttqViSNIpoLrPs8VEcbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NjlhMmEzOTYzNWI3OTc0NzZmMWYxNjMzYWU4ZjI3YmYz
M2I1MzMwHhcNMjQwMTAxMDYyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGI1MDMwZWNjZTI2NTA0ODYzMDI5ZWZkMmYwOTg3NmM5MTViYmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQWYIXyRZ+j1FIC4VwZC/61juQSR
NV/wivK1JOPMiiOdDCwx99UeLp7w4cAtg8/Zg5GSGxoN7qy9jkcPq6o4hl1NSKtB
lYfQs9ww+KDgCyS2akU7z05AsCoBhtNKcSji4muwGZXrC5LCCsmM9F87zXTA2MwW
PLZa/19YggxIXCjNnnDLnUFa1223vKEqePYy/QR6vf1Dv1bAvCQ4z8wJdJ/k7Hob
rr7wmUujSmtHAxLThmvUknJbql2bo8PA4yuoPcxae+CURwKNw3GzdkpRdz8R5I64
7sPWmJOWW56UpFCp5MK+WdAmI87EGX9YLvkV2D83xdfvVhS4+6wMWm5iLwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCS1Aw7M4mUEhjAp79LwmHbJFbvUMB8GA1UdIwQY
MBaAFAlpoqOWNbeXR28fFjOujye/M7UzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUt
NDE0OTA4NzJmYzRlLzEvSkxVRERzemlaUVNHTUNudjB2Q1lkc2tWdTlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUtNDE0OTA4NzJmYzRl
LzEvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjiYAwQC
ufKgAwQAw1XYMA0GCSqGSIb3DQEBCwUAA4IBAQB6HJ1Yndxn7udGLuJGwUN12L0N
txjD0254keALaF2sePQYXp4c4odVdM2BReuSD9sb+cGf1PTkQ32CDQiD2vndvHN5
o6az2X6XdKwvApt/JV2b+idM8FJEBYp73Y1M5iylGEJz06wiFAiXvFQFjJ0vWdDh
bxKW4B1TsTx1HU+ztIVTOtm0/3S2J3oqkiMz93cSo3nt6RUHOYft2CiTw2A4l5cK
jsfuOg7J22O+xHE82GoJGSE34R15lCOkUtDkk3FSN69B4wtFZpZNC/q7c4cf7ggM
hMUHcDFnCX4memq98BfIdV0gfyo0qkDtukrWeBZJyuH/cwQHM4dLB6lPdRxi
-----END CERTIFICATE-----
Generated at Mon Sep 30 18:08:11 2024 by rpki-client on console-fra.rpki-client.org