Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/JcgrwMm1pFqrlFunP6cV0oGr14w.roa
File: JcgrwMm1pFqrlFunP6cV0oGr14w.roa (raw, json)
Hash identifier: Ku8mCjBMHpo/UA2izFY6znm06TlJDyDvrq7GdZ1p2DM=
Subject key identifier: 25:C8:2B:C0:C9:B5:A4:5A:AB:94:5B:A7:3F:A7:15:D2:81:AB:D7:8C
Certificate issuer: /CN=20eee05da183dee2b8118141956462c9240d7876
Certificate serial: 01857042892E1512145BA3B0A0A4A148920E
Authority key identifier: 20:EE:E0:5D:A1:83:DE:E2:B8:11:81:41:95:64:62:C9:24:0D:78:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IO7gXaGD3uK4EYFBlWRiySQNeHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/JcgrwMm1pFqrlFunP6cV0oGr14w.roa
Signing time: Mon 02 Jan 2023 02:14:46 +0000
ROA not before: Mon 02 Jan 2023 02:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205584
IP address blocks: 2.57.156.0/22 maxlen: 24
185.215.29.0/24 maxlen: 24
185.215.28.0/24 maxlen: 24
185.215.28.0/22 maxlen: 24
185.215.31.0/24 maxlen: 24
185.215.30.0/24 maxlen: 24
193.105.168.0/24 maxlen: 24
195.78.98.0/23 maxlen: 24
2a0b:a2c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:89:2e:15:12:14:5b:a3:b0:a0:a4:a1:48:92:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20eee05da183dee2b8118141956462c9240d7876
Validity
Not Before: Jan 2 02:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25c82bc0c9b5a45aab945ba73fa715d281abd78c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:22:41:b0:4e:8d:bb:4a:a2:c8:bc:00:59:b4:
f8:71:fc:35:70:64:f6:e9:a9:0a:70:e6:fb:c0:7a:
e2:e0:b1:dd:d0:bb:ba:f9:7f:f1:40:75:1e:3f:ce:
8b:6c:37:b9:79:71:02:91:47:e8:6a:50:93:75:13:
86:d0:6f:21:73:45:81:75:18:d2:6d:49:fc:a3:cc:
ad:f7:c1:14:0e:8e:0e:29:9d:eb:41:fe:2b:e3:39:
60:d7:87:25:06:a8:07:31:c0:62:5b:b3:c0:8d:c9:
19:42:9c:13:4b:60:b5:17:ec:a4:6e:45:f9:ac:52:
aa:34:38:2e:98:31:ad:82:dd:81:14:80:de:11:9d:
79:21:e9:bd:53:3c:e8:c6:af:5a:a5:df:b0:64:97:
1c:73:4f:fd:92:18:9b:89:d2:73:56:b2:7f:26:2d:
0e:d9:0c:c1:be:a1:5a:69:9c:d9:3b:82:e3:9c:0e:
77:7f:96:e6:a0:b8:d8:1f:22:b6:c6:4a:ef:ee:41:
e6:05:3d:cb:86:88:d4:cf:b7:79:74:77:41:0c:ed:
97:dc:79:a3:96:74:7e:00:f4:e7:df:5a:c9:86:a7:
29:81:3d:2e:53:c4:da:63:9d:7c:e1:a7:8f:e2:75:
ba:b6:eb:1f:7f:e7:2c:41:24:cc:90:55:65:d1:f9:
ee:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:C8:2B:C0:C9:B5:A4:5A:AB:94:5B:A7:3F:A7:15:D2:81:AB:D7:8C
X509v3 Authority Key Identifier:
keyid:20:EE:E0:5D:A1:83:DE:E2:B8:11:81:41:95:64:62:C9:24:0D:78:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IO7gXaGD3uK4EYFBlWRiySQNeHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/JcgrwMm1pFqrlFunP6cV0oGr14w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/IO7gXaGD3uK4EYFBlWRiySQNeHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.156.0/22
185.215.28.0/22
193.105.168.0/24
195.78.98.0/23
IPv6:
2a0b:a2c0::/29
Signature Algorithm: sha256WithRSAEncryption
7b:e6:b6:5c:18:c6:02:cf:68:4b:cc:89:ad:71:15:a9:a1:dc:
ee:08:88:41:10:4a:a1:d1:10:97:b7:b1:91:e9:76:50:4c:46:
55:71:f5:a6:ed:85:fd:93:1e:fc:fc:60:95:b6:66:b7:71:b7:
14:55:06:f4:db:26:40:05:46:20:c7:bf:3b:69:fa:10:61:73:
9e:2d:a9:20:27:ef:95:ba:37:be:d2:45:c7:2d:4b:7b:13:73:
e4:a9:94:10:e6:09:bb:01:6e:35:56:aa:85:9e:d1:33:42:45:
36:f8:37:91:e9:a0:b6:7f:95:d5:24:c4:f7:a3:71:f0:03:8c:
3c:5f:2f:4f:91:a1:c3:8e:3d:ab:b4:77:05:c9:39:9d:17:75:
15:a5:e1:e3:1a:d3:c6:1a:af:2e:c0:87:e8:4d:c1:b0:4c:f3:
f2:3f:d9:15:37:d4:cf:7c:4c:77:24:3a:31:4e:ae:f6:2b:b5:
12:5d:22:86:b2:0a:57:8c:12:e8:83:9f:24:8e:a6:0a:eb:4a:
1b:b9:4c:70:d8:b5:a6:0b:74:90:cd:d5:f5:00:38:b2:78:b3:
ef:3f:f8:0f:25:5c:5c:05:9a:dd:11:63:28:0e:db:52:db:7d:
3d:fd:6e:35:48:07:d1:ff:8f:a7:d5:49:48:c7:d5:79:fa:f0:
9e:16:85:65
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVwQokuFRIUW6OwoKShSJIOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZWVlMDVkYTE4M2RlZTJiODExODE0MTk1NjQ2MmM5MjQw
ZDc4NzYwHhcNMjMwMTAyMDIxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWM4MmJjMGM5YjVhNDVhYWI5NDViYTczZmE3MTVkMjgxYWJkNzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiJBsE6Nu0qiyLwAWbT4cfw1cGT2
6akKcOb7wHri4LHd0Lu6+X/xQHUeP86LbDe5eXECkUfoalCTdROG0G8hc0WBdRjS
bUn8o8yt98EUDo4OKZ3rQf4r4zlg14clBqgHMcBiW7PAjckZQpwTS2C1F+ykbkX5
rFKqNDgumDGtgt2BFIDeEZ15Iem9Uzzoxq9apd+wZJccc0/9khibidJzVrJ/Ji0O
2QzBvqFaaZzZO4LjnA53f5bmoLjYHyK2xkrv7kHmBT3LhojUz7d5dHdBDO2X3Hmj
lnR+APTn31rJhqcpgT0uU8TaY5184aeP4nW6tusff+csQSTMkFVl0fnuewIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCXIK8DJtaRaq5Rbpz+nFdKBq9eMMB8GA1UdIwQY
MBaAFCDu4F2hg97iuBGBQZVkYskkDXh2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU83Z1hhR0QzdUs0RVlGQmxXUml5U1FOZUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jZmMwZDEtZDA5NS00YjFiLTliNWQt
Mzk4NTI5OWZhZDZkLzEvSmNncndNbTFwRnFybEZ1blA2Y1Ywb0dyMTR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jZmMwZDEtZDA5NS00YjFiLTliNWQtMzk4NTI5OWZhZDZk
LzEvSU83Z1hhR0QzdUs0RVlGQmxXUml5U1FOZUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCAjmcAwQC
udccAwQAwWmoAwQBw05iMA0EAgACMAcDBQMqC6LAMA0GCSqGSIb3DQEBCwUAA4IB
AQB75rZcGMYCz2hLzImtcRWpodzuCIhBEEqh0RCXt7GR6XZQTEZVcfWm7YX9kx78
/GCVtma3cbcUVQb02yZABUYgx787afoQYXOeLakgJ++Vuje+0kXHLUt7E3PkqZQQ
5gm7AW41VqqFntEzQkU2+DeR6aC2f5XVJMT3o3HwA4w8Xy9PkaHDjj2rtHcFyTmd
F3UVpeHjGtPGGq8uwIfoTcGwTPPyP9kVN9TPfEx3JDoxTq72K7USXSKGsgpXjBLo
g58kjqYK60obuUxw2LWmC3SQzdX1ADiyeLPvP/gPJVxcBZrdEWMoDttS2309/W41
SAfR/4+n1UlIx9V5+vCeFoVl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:40 2024 by rpki-client on console-ams.rpki-client.org