Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/JcquetGHKCg9Eam1OIL8r-cM5C4.roa
File: JcquetGHKCg9Eam1OIL8r-cM5C4.roa (raw, json)
Hash identifier: h0+l+BW79vWT20d08lW2IJTcZdTBh4WM8LmPRjHP4Qw=
Subject key identifier: 25:CA:AE:7A:D1:87:28:28:3D:11:A9:B5:38:82:FC:AF:E7:0C:E4:2E
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0191BD24ABDC637BA6CB17A90B3B3A458DE9
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/JcquetGHKCg9Eam1OIL8r-cM5C4.roa
Signing time: Wed 04 Sep 2024 13:06:22 +0000
ROA not before: Wed 04 Sep 2024 13:06:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198510
IP address blocks: 2.57.242.0/24 maxlen: 24
45.144.174.0/24 maxlen: 24
45.144.175.0/24 maxlen: 24
188.208.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Sep 2024 09:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bd:24:ab:dc:63:7b:a6:cb:17:a9:0b:3b:3a:45:8d:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 4 13:06:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25caae7ad18728283d11a9b53882fcafe70ce42e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:33:2a:52:5a:47:75:54:c7:71:1d:f3:38:28:
2e:a9:91:bd:41:90:d3:53:8a:d8:69:c0:4e:fe:8b:
46:07:62:05:5a:9c:3b:44:f5:d8:6a:71:97:e9:23:
c3:4f:73:ad:37:a1:8d:32:72:4a:60:c5:86:92:2f:
0f:f8:6d:de:eb:99:9c:78:bd:06:38:14:ed:36:99:
fe:ca:8a:b7:3b:f1:25:f2:06:12:0b:85:29:13:38:
91:06:07:21:84:d7:d1:ab:57:63:84:51:68:11:40:
01:ee:90:52:a8:15:fc:73:9d:a7:aa:22:d9:6e:ba:
4d:5b:22:99:d7:f5:f0:c3:7b:b8:c0:00:e4:06:63:
1f:ce:ff:3e:d1:01:1a:5d:61:be:74:44:db:f9:3b:
00:58:1a:fc:9a:1e:6b:b2:ab:0c:ed:b9:a1:b4:88:
d0:a8:10:5f:0b:bc:dd:c5:f9:80:55:1a:c0:8a:43:
86:51:6b:81:c5:15:74:76:2b:92:72:da:0e:6d:b9:
28:d4:55:29:bd:d7:30:89:fb:96:03:f4:af:a9:77:
46:12:ef:cd:48:1c:c2:b3:9f:f6:05:64:ad:19:b0:
cb:31:e7:a3:b9:1e:89:d6:a0:f0:7a:50:93:f7:57:
dc:92:39:53:c4:04:8b:64:af:f5:e1:ef:c1:91:95:
a1:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:CA:AE:7A:D1:87:28:28:3D:11:A9:B5:38:82:FC:AF:E7:0C:E4:2E
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/JcquetGHKCg9Eam1OIL8r-cM5C4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.242.0/24
45.144.174.0/23
188.208.103.0/24
Signature Algorithm: sha256WithRSAEncryption
23:0b:bc:ae:42:d6:0c:f6:fe:b5:1a:4f:a4:ef:15:2d:f2:ad:
02:ec:39:a1:1a:92:7e:1a:f2:87:35:d4:c6:94:67:a8:e0:47:
c8:66:f2:c5:a2:e8:16:a0:38:8e:f0:af:9b:a0:5c:90:01:c0:
ca:2f:f3:b0:0e:f6:2a:e8:ea:ca:08:04:cb:de:a5:01:16:0e:
35:01:36:a7:d5:e8:a2:92:ed:37:94:0f:a9:b2:e2:2d:c7:c9:
75:cc:68:dd:f2:3d:9c:1a:2c:a7:64:c0:88:c0:4a:77:de:0b:
3e:0e:d4:57:55:84:ec:83:47:42:34:98:56:7c:83:78:0b:b1:
07:18:47:01:e6:10:69:ff:12:e8:5d:1d:5b:f8:44:30:6a:50:
02:5d:12:59:aa:df:21:8a:7f:f2:13:f8:ef:b7:65:00:ee:02:
97:0b:78:6e:e0:6e:e1:7c:ce:cf:e5:c5:b7:89:14:3e:af:08:
f2:73:bb:2a:2d:66:54:d7:38:0b:e1:0b:02:73:f4:fd:2f:75:
b0:1f:c3:5a:b0:fb:c3:1b:9d:dd:c9:8b:ae:f5:de:88:54:ea:
c5:09:a4:f6:fc:59:23:42:e1:05:66:72:91:ab:4d:7f:3b:1d:
38:f3:88:87:18:46:b9:a0:74:7f:32:c1:16:2c:30:3a:f3:ff:
4f:42:75:86
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZG9JKvcY3umyxepCzs6RY3pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwOTA0MTMwNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWNhYWU3YWQxODcyODI4M2QxMWE5YjUzODgyZmNhZmU3MGNlNDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jMqUlpHdVTHcR3zOCguqZG9QZDT
U4rYacBO/otGB2IFWpw7RPXYanGX6SPDT3OtN6GNMnJKYMWGki8P+G3e65mceL0G
OBTtNpn+yoq3O/El8gYSC4UpEziRBgchhNfRq1djhFFoEUAB7pBSqBX8c52nqiLZ
brpNWyKZ1/Xww3u4wADkBmMfzv8+0QEaXWG+dETb+TsAWBr8mh5rsqsM7bmhtIjQ
qBBfC7zdxfmAVRrAikOGUWuBxRV0diuSctoObbko1FUpvdcwifuWA/SvqXdGEu/N
SBzCs5/2BWStGbDLMeejuR6J1qDwelCT91fckjlTxASLZK/14e/BkZWhpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCXKrnrRhygoPRGptTiC/K/nDOQuMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvSmNxdWV0R0hLQ2c5RWFtMU9JTDhyLWNNNUM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjnyAwQB
LZCuAwQAvNBnMA0GCSqGSIb3DQEBCwUAA4IBAQAjC7yuQtYM9v61Gk+k7xUt8q0C
7DmhGpJ+GvKHNdTGlGeo4EfIZvLFougWoDiO8K+boFyQAcDKL/OwDvYq6OrKCATL
3qUBFg41ATan1eiiku03lA+psuItx8l1zGjd8j2cGiynZMCIwEp33gs+DtRXVYTs
g0dCNJhWfIN4C7EHGEcB5hBp/xLoXR1b+EQwalACXRJZqt8hin/yE/jvt2UA7gKX
C3hu4G7hfM7P5cW3iRQ+rwjyc7sqLWZU1zgL4QsCc/T9L3WwH8NasPvDG53dyYuu
9d6IVOrFCaT2/FkjQuEFZnKRq01/Ox0484iHGEa5oHR/MsEWLDA68/9PQnWG
-----END CERTIFICATE-----
Generated at Fri Sep 27 11:22:41 2024 by rpki-client on console-ams.rpki-client.org