Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/jKuAxWL7BGf_MZqNh9WCKifoJ0E.roa
File: jKuAxWL7BGf_MZqNh9WCKifoJ0E.roa (raw, json)
Hash identifier: 0uKt+yqxhztaCvwaEc1BCAS9n1Jn3huJzeCoGeg9J1U=
Subject key identifier: 8C:AB:80:C5:62:FB:04:67:FF:31:9A:8D:87:D5:82:2A:27:E8:27:41
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 018D83509F6CEC689B4735AB924F73A502E5
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/jKuAxWL7BGf_MZqNh9WCKifoJ0E.roa
Signing time: Wed 07 Feb 2024 11:25:15 +0000
ROA not before: Wed 07 Feb 2024 11:25:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213274
IP address blocks: 89.252.142.0/24 maxlen: 24
89.252.144.0/24 maxlen: 24
89.252.147.0/24 maxlen: 24
89.252.149.0/24 maxlen: 24
89.252.152.0/24 maxlen: 24
89.252.156.0/24 maxlen: 24
89.252.157.0/24 maxlen: 24
94.102.10.0/24 maxlen: 24
94.102.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 06:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:50:9f:6c:ec:68:9b:47:35:ab:92:4f:73:a5:02:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Feb 7 11:25:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cab80c562fb0467ff319a8d87d5822a27e82741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9b:37:5b:64:9f:b0:1d:31:d1:56:b5:e2:46:
cb:40:a1:a1:d4:6f:ba:7f:dd:8d:8b:c6:cf:34:0e:
0d:ef:6d:a4:f7:c7:21:0e:10:a3:ee:35:1c:ec:e8:
20:4d:15:bc:e2:a8:d2:ec:4d:6e:03:65:6c:7e:d8:
50:cd:50:9c:6f:28:7c:6d:3a:2a:40:ff:fe:10:b5:
a0:d2:27:3d:39:a4:f9:0e:18:a4:8c:cd:16:7a:42:
c5:4f:a7:35:1d:39:a5:d0:2f:21:97:f1:53:f9:73:
ba:54:a4:10:84:3e:97:f8:db:b4:84:bd:34:11:d4:
6f:eb:0b:87:c8:70:31:76:43:ab:42:f4:11:3e:90:
55:2f:4f:fd:8f:db:91:90:22:34:85:93:f8:a6:6a:
35:7b:51:40:ed:e4:79:ea:d1:e8:fe:d1:6c:b0:d6:
a6:1c:3c:5d:cc:c4:4c:f4:4f:52:b7:89:ce:50:3d:
26:4b:07:93:cc:96:61:f5:0e:19:1e:3e:25:6d:c1:
c4:e3:cf:a3:ce:be:8e:50:56:10:60:32:90:b1:65:
e3:86:c0:e5:bf:f6:46:cd:2c:0d:d3:00:e8:2a:0f:
17:88:94:bd:bb:4b:b3:8d:1e:3e:d3:59:6c:d4:6e:
3c:3b:a8:ac:25:3e:e2:0c:61:80:73:cc:29:70:7e:
2d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:AB:80:C5:62:FB:04:67:FF:31:9A:8D:87:D5:82:2A:27:E8:27:41
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/jKuAxWL7BGf_MZqNh9WCKifoJ0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.142.0/24
89.252.144.0/24
89.252.147.0/24
89.252.149.0/24
89.252.152.0/24
89.252.156.0/23
94.102.10.0/24
94.102.12.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:00:5f:37:87:d1:be:ba:88:6c:ef:b6:ec:db:7b:63:18:2b:
39:40:e9:2b:5a:c6:00:de:f2:18:19:b7:fb:8b:10:c0:3d:36:
0c:57:c5:c6:e0:10:7e:89:33:07:b2:8b:ad:76:d2:88:dc:90:
b7:75:da:f7:3d:ad:6e:80:7e:44:ba:c5:7e:77:99:75:85:da:
89:43:8c:6c:11:92:4f:65:44:7b:f5:04:7c:32:d7:87:17:81:
28:00:4d:ab:94:0d:e6:1c:7b:a5:33:c2:12:66:3d:31:e4:50:
76:72:23:f9:49:4f:2e:41:f4:da:4a:b4:7b:98:83:93:1b:08:
49:06:99:8d:87:7f:f3:8f:88:24:86:d4:9f:bb:f1:43:be:8d:
98:68:54:e7:cc:7f:f2:d0:1f:ee:46:62:a1:5a:c2:e8:ca:44:
c3:3d:69:0f:ff:29:76:5f:3e:09:7f:b9:67:b2:59:31:8a:7a:
ac:d1:41:65:85:54:62:7d:28:e6:14:76:82:52:be:f6:c3:77:
4d:0c:fb:5f:dc:2c:77:e5:87:e6:83:d7:29:b2:fa:a1:f1:3f:
56:cb:6d:55:2f:0b:2f:84:43:c1:20:7d:3c:dd:5b:e9:fe:42:
03:5f:cc:37:c6:13:96:e3:8a:9c:8d:0b:fc:ef:c8:e2:b3:e4:
6e:2e:3a:d3
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY2DUJ9s7GibRzWrkk9zpQLlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjQwMjA3MTEyNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2FiODBjNTYyZmIwNDY3ZmYzMTlhOGQ4N2Q1ODIyYTI3ZTgyNzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApps3W2SfsB0x0Va14kbLQKGh1G+6
f92Ni8bPNA4N722k98chDhCj7jUc7OggTRW84qjS7E1uA2VsfthQzVCcbyh8bToq
QP/+ELWg0ic9OaT5DhikjM0WekLFT6c1HTml0C8hl/FT+XO6VKQQhD6X+Nu0hL00
EdRv6wuHyHAxdkOrQvQRPpBVL0/9j9uRkCI0hZP4pmo1e1FA7eR56tHo/tFssNam
HDxdzMRM9E9St4nOUD0mSweTzJZh9Q4ZHj4lbcHE48+jzr6OUFYQYDKQsWXjhsDl
v/ZGzSwN0wDoKg8XiJS9u0uzjR4+01ls1G48O6isJT7iDGGAc8wpcH4txQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFIyrgMVi+wRn/zGajYfVgion6CdBMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvakt1QXhXTDdCR2ZfTVpxTmg5V0NLaWZvSjBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAWfyOAwQA
WfyQAwQAWfyTAwQAWfyVAwQAWfyYAwQBWfycAwQAXmYKAwQAXmYMMA0GCSqGSIb3
DQEBCwUAA4IBAQBtAF83h9G+uohs77bs23tjGCs5QOkrWsYA3vIYGbf7ixDAPTYM
V8XG4BB+iTMHsoutdtKI3JC3ddr3Pa1ugH5EusV+d5l1hdqJQ4xsEZJPZUR79QR8
MteHF4EoAE2rlA3mHHulM8ISZj0x5FB2ciP5SU8uQfTaSrR7mIOTGwhJBpmNh3/z
j4gkhtSfu/FDvo2YaFTnzH/y0B/uRmKhWsLoykTDPWkP/yl2Xz4Jf7lnslkxinqs
0UFlhVRifSjmFHaCUr72w3dNDPtf3Cx35Yfmg9cpsvqh8T9Wy21VLwsvhEPBIH08
3Vvp/kIDX8w3xhOW44qcjQv878jis+RuLjrT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:08 2024 by rpki-client on console-ams.rpki-client.org