Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/JC-xKS9C6Eao7LMQUijUzEetdI4.roa
File: JC-xKS9C6Eao7LMQUijUzEetdI4.roa (raw, json)
Hash identifier: 2r1ZmSu3Mn38GZtAlWWVUSbGk64iNkpni75dHIlpCNY=
Subject key identifier: 24:2F:B1:29:2F:42:E8:46:A8:EC:B3:10:52:28:D4:CC:47:AD:74:8E
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01955AF2DBC86999952159B1D99EC134CCEC
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/JC-xKS9C6Eao7LMQUijUzEetdI4.roa
Signing time: Mon 03 Mar 2025 07:40:20 +0000
ROA not before: Mon 03 Mar 2025 07:40:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 2.58.171.0/24 maxlen: 24
88.151.56.0/24 maxlen: 24
88.151.61.0/24 maxlen: 24
88.209.192.0/24 maxlen: 24
88.209.207.0/24 maxlen: 24
88.209.209.0/24 maxlen: 24
88.209.222.0/24 maxlen: 24
88.209.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Mar 2025 08:51:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5a:f2:db:c8:69:99:95:21:59:b1:d9:9e:c1:34:cc:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 3 07:40:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=242fb1292f42e846a8ecb3105228d4cc47ad748e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ca:1b:88:3f:ac:b4:a2:68:fa:67:f7:a8:aa:
3c:93:51:24:e5:de:5b:dd:0b:70:04:fb:8a:6b:b5:
40:20:04:f0:79:29:2a:7e:05:36:ea:64:4c:b1:4a:
a4:6c:9b:38:0c:d0:e0:ac:d9:0f:7f:fb:3d:83:93:
ba:b9:81:39:f6:01:fb:96:61:e1:09:1c:93:ec:2f:
29:19:f1:af:17:81:38:1d:44:5d:53:5c:87:a7:7b:
89:e0:a2:d4:8a:32:1d:fa:af:c3:43:29:18:b8:ce:
34:fa:9c:75:f9:10:48:43:1f:59:b4:3d:f0:eb:bc:
c5:aa:d8:b8:84:77:a5:ec:00:92:0d:f6:eb:fb:71:
a4:83:34:a8:1f:29:05:64:7e:d2:31:9b:92:ba:45:
b1:31:9e:b0:b7:6c:9c:19:42:47:34:f6:b4:8f:fd:
a4:e8:1f:e8:14:1b:e7:af:6d:b4:95:c2:64:c4:bb:
3b:3e:b1:ff:cb:d9:32:47:5f:8c:c9:fd:b8:9a:9f:
cb:3e:7e:95:28:91:cc:72:59:bc:0e:35:5b:20:b6:
76:71:16:6d:48:41:dc:de:da:60:9a:74:15:90:ca:
15:70:f6:82:9c:cd:5d:c1:8b:25:f8:31:01:a4:cb:
1f:d1:92:56:ab:c2:6b:16:7c:6b:58:b5:6a:d5:86:
5b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:2F:B1:29:2F:42:E8:46:A8:EC:B3:10:52:28:D4:CC:47:AD:74:8E
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/JC-xKS9C6Eao7LMQUijUzEetdI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.171.0/24
88.151.56.0/24
88.151.61.0/24
88.209.192.0/24
88.209.207.0/24
88.209.209.0/24
88.209.222.0/24
88.209.225.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:2a:9e:af:40:dd:17:3f:19:f5:ba:ab:11:a0:a9:91:ca:f4:
84:9d:23:17:1c:e7:35:33:18:69:5b:5f:9f:17:80:6f:c2:8d:
1b:17:be:64:1d:6c:5a:d6:9c:e7:31:be:7c:cd:8c:86:88:e0:
5d:fc:11:59:46:a3:74:b1:18:82:eb:88:54:af:c1:06:b9:e7:
8c:ab:8c:8e:a4:36:86:c1:44:15:7d:40:27:0d:61:e4:89:a1:
1c:42:da:a1:c1:ee:95:f7:4e:c6:d4:11:2d:15:1d:d5:9b:17:
49:63:b6:1e:c5:44:9b:35:3e:bb:22:d9:f5:40:91:5f:a9:1a:
9e:21:da:92:ab:5c:c2:8c:49:c9:98:67:31:68:48:00:38:6d:
8b:90:43:8f:74:04:5c:e2:60:f2:16:6d:99:d1:7c:d5:f4:59:
c3:58:43:97:64:75:1c:b3:e3:42:70:52:b2:e8:35:15:73:d5:
df:1a:42:01:d1:b2:b7:14:89:8e:b9:6b:e0:83:f7:4a:36:74:
ce:cf:5d:a4:b6:33:73:51:7e:ec:05:3b:d8:6c:f9:31:29:e6:
c4:53:19:ca:76:d5:d2:7d:c4:83:58:db:1d:e9:24:59:67:a9:
52:78:4e:73:c4:f0:79:3b:0d:98:84:90:83:b1:a4:33:35:84:
45:41:9e:d4
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZVa8tvIaZmVIVmx2Z7BNMzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMzAzMDc0MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDJmYjEyOTJmNDJlODQ2YThlY2IzMTA1MjI4ZDRjYzQ3YWQ3NDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8obiD+stKJo+mf3qKo8k1Ek5d5b
3QtwBPuKa7VAIATweSkqfgU26mRMsUqkbJs4DNDgrNkPf/s9g5O6uYE59gH7lmHh
CRyT7C8pGfGvF4E4HURdU1yHp3uJ4KLUijId+q/DQykYuM40+px1+RBIQx9ZtD3w
67zFqti4hHel7ACSDfbr+3GkgzSoHykFZH7SMZuSukWxMZ6wt2ycGUJHNPa0j/2k
6B/oFBvnr220lcJkxLs7PrH/y9kyR1+Myf24mp/LPn6VKJHMclm8DjVbILZ2cRZt
SEHc3tpgmnQVkMoVcPaCnM1dwYsl+DEBpMsf0ZJWq8JrFnxrWLVq1YZboQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCQvsSkvQuhGqOyzEFIo1MxHrXSOMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvSkMteEtTOUM2RWFvN0xNUVVpalV6RWV0ZEk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAAjqrAwQA
WJc4AwQAWJc9AwQAWNHAAwQAWNHPAwQAWNHRAwQAWNHeAwQAWNHhMA0GCSqGSIb3
DQEBCwUAA4IBAQCqKp6vQN0XPxn1uqsRoKmRyvSEnSMXHOc1MxhpW1+fF4Bvwo0b
F75kHWxa1pznMb58zYyGiOBd/BFZRqN0sRiC64hUr8EGueeMq4yOpDaGwUQVfUAn
DWHkiaEcQtqhwe6V907G1BEtFR3VmxdJY7YexUSbNT67Itn1QJFfqRqeIdqSq1zC
jEnJmGcxaEgAOG2LkEOPdARc4mDyFm2Z0XzV9FnDWEOXZHUcs+NCcFKy6DUVc9Xf
GkIB0bK3FImOuWvgg/dKNnTOz12ktjNzUX7sBTvYbPkxKebEUxnKdtXSfcSDWNsd
6SRZZ6lSeE5zxPB5Ow2YhJCDsaQzNYRFQZ7U
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:18:37 2025 by rpki-client