Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/RIcTpOVmnC3HYEZlxeCGXZL-ep0.roa
File: RIcTpOVmnC3HYEZlxeCGXZL-ep0.roa (raw, json)
Hash identifier: SYAN7sKoJM3eu4UPD1rvmmw2O+WAumxzIaNrjo9ait8=
Subject key identifier: 44:87:13:A4:E5:66:9C:2D:C7:60:46:65:C5:E0:86:5D:92:FE:7A:9D
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018F28B810DE533647C4430CD3EFD7994DB8
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/RIcTpOVmnC3HYEZlxeCGXZL-ep0.roa
Signing time: Mon 29 Apr 2024 07:18:22 +0000
ROA not before: Mon 29 Apr 2024 07:18:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210906
IP address blocks: 85.254.2.0/24 maxlen: 24
85.254.4.0/24 maxlen: 24
85.254.7.0/24 maxlen: 24
85.254.29.0/24 maxlen: 24
85.254.30.0/24 maxlen: 24
85.254.40.0/24 maxlen: 24
85.254.42.0/23 maxlen: 23
85.254.51.0/24 maxlen: 24
85.254.59.0/24 maxlen: 24
85.254.64.0/23 maxlen: 23
85.254.76.0/22 maxlen: 22
85.254.84.0/23 maxlen: 23
85.254.103.0/24 maxlen: 24
85.254.112.0/22 maxlen: 22
85.254.124.0/23 maxlen: 23
85.254.126.0/24 maxlen: 24
85.254.128.0/22 maxlen: 22
85.254.134.0/24 maxlen: 24
85.254.137.0/24 maxlen: 24
85.254.138.0/23 maxlen: 23
85.254.140.0/24 maxlen: 24
85.254.174.0/23 maxlen: 23
85.254.180.0/23 maxlen: 23
159.148.26.0/24 maxlen: 24
159.148.54.0/24 maxlen: 24
159.148.62.0/24 maxlen: 24
159.148.66.0/24 maxlen: 24
159.148.126.0/24 maxlen: 24
159.148.128.0/24 maxlen: 24
159.148.130.0/24 maxlen: 24
159.148.158.0/24 maxlen: 24
159.148.163.0/24 maxlen: 24
159.148.166.0/23 maxlen: 23
159.148.179.0/24 maxlen: 24
159.148.180.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
159.148.216.0/24 maxlen: 24
159.148.218.0/24 maxlen: 24
159.148.234.0/24 maxlen: 24
159.148.241.0/24 maxlen: 24
159.148.246.0/23 maxlen: 23
159.148.248.0/24 maxlen: 24
185.27.94.0/24 maxlen: 24
217.69.121.0/24 maxlen: 24
217.69.125.0/24 maxlen: 24
217.69.126.0/24 maxlen: 24
217.69.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Apr 2024 12:23:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:28:b8:10:de:53:36:47:c4:43:0c:d3:ef:d7:99:4d:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Apr 29 07:18:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=448713a4e5669c2dc7604665c5e0865d92fe7a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7d:3e:6a:f9:2b:68:ca:18:90:94:b9:b1:d0:
80:5c:a0:ad:ab:62:27:ad:21:73:72:a0:f8:0a:49:
de:5c:94:08:d0:b2:3b:23:af:92:72:cb:46:92:3b:
11:e2:94:3e:63:a8:9d:99:66:71:ce:5c:7d:4d:a1:
bd:65:80:22:49:a7:7a:77:7f:e2:2b:20:59:68:ab:
18:9c:35:77:23:1b:31:08:23:97:b1:0f:fa:a4:f3:
77:ff:0a:1c:53:9a:6d:77:eb:bf:3b:a1:54:43:b3:
ac:42:53:59:31:92:29:57:f2:bc:55:95:80:86:26:
bd:34:fa:dc:1e:e6:f8:11:d7:17:85:23:3a:a4:11:
b5:95:06:8f:42:e6:f8:d1:71:4e:56:14:53:7a:99:
2c:d4:a2:92:d0:1a:e4:b1:d2:f2:e2:ad:29:72:80:
dc:09:f9:01:6c:a0:0c:5c:e4:33:96:28:2b:49:a2:
61:a1:ec:42:a4:96:f9:fc:77:a9:a5:1a:61:75:f5:
d5:fd:4c:0a:25:d7:45:8f:c6:24:78:ef:d5:d2:53:
8e:c1:1b:bc:03:13:06:b0:5b:95:91:78:a3:1c:10:
dc:11:2f:d5:bb:da:ca:cc:75:af:fd:12:62:b6:aa:
e6:c3:8f:c4:bc:d7:34:75:72:5f:83:64:58:f9:4d:
b9:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:87:13:A4:E5:66:9C:2D:C7:60:46:65:C5:E0:86:5D:92:FE:7A:9D
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/RIcTpOVmnC3HYEZlxeCGXZL-ep0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.2.0/24
85.254.4.0/24
85.254.7.0/24
85.254.29.0-85.254.30.255
85.254.40.0/24
85.254.42.0/23
85.254.51.0/24
85.254.59.0/24
85.254.64.0/23
85.254.76.0/22
85.254.84.0/23
85.254.103.0/24
85.254.112.0/22
85.254.124.0-85.254.126.255
85.254.128.0/22
85.254.134.0/24
85.254.137.0-85.254.140.255
85.254.174.0/23
85.254.180.0/23
159.148.26.0/24
159.148.54.0/24
159.148.62.0/24
159.148.66.0/24
159.148.126.0/24
159.148.128.0/24
159.148.130.0/24
159.148.158.0/24
159.148.163.0/24
159.148.166.0/23
159.148.179.0-159.148.180.255
159.148.204.0/24
159.148.216.0/24
159.148.218.0/24
159.148.234.0/24
159.148.241.0/24
159.148.246.0-159.148.248.255
185.27.94.0/24
217.69.121.0/24
217.69.125.0-217.69.127.255
Signature Algorithm: sha256WithRSAEncryption
6b:70:15:b8:a6:21:da:98:98:d1:6c:67:82:78:d7:dd:0b:4b:
44:aa:c0:02:6b:ce:50:48:01:3a:ba:90:16:76:d8:ef:d4:71:
4b:e1:e9:af:be:be:9e:81:34:9c:a8:33:3d:1b:42:e3:4a:04:
69:88:e0:aa:9b:a7:79:bc:21:39:6e:b2:12:67:28:c6:ce:0d:
de:49:25:f8:34:85:ec:f6:11:3a:cc:3a:3a:42:c9:4d:21:d9:
bd:3c:23:59:20:20:11:29:6d:f0:8a:a0:c0:7a:30:b0:dd:ff:
d5:7d:67:14:36:c6:50:16:fd:3c:2f:98:b7:34:76:d8:a6:a7:
49:c3:f0:9f:2b:21:35:84:25:14:4a:95:ce:ae:ba:16:23:98:
26:bc:02:f0:4d:95:22:37:2d:06:3f:95:fd:b5:cc:92:e9:17:
75:6c:8d:65:08:7f:c9:66:e6:41:d3:fd:87:cb:d6:8b:6b:b8:
15:06:0b:12:95:e0:20:61:b4:56:2b:a4:3b:b0:2e:61:2e:cd:
8a:1f:59:8c:d4:fa:3b:96:6c:1f:ef:52:d6:f0:ab:e3:d3:ba:
2a:ca:3c:9d:22:cb:df:9f:10:9c:df:0d:88:2d:59:8a:6b:bb:
bf:8f:30:16:8d:0f:09:b9:45:d1:84:d5:d4:99:40:ff:d1:3b:
06:db:1a:d8
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgISAY8ouBDeUzZHxEMM0+/XmU24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwNDI5MDcxODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDg3MTNhNGU1NjY5YzJkYzc2MDQ2NjVjNWUwODY1ZDkyZmU3YTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnH0+avkraMoYkJS5sdCAXKCtq2In
rSFzcqD4CkneXJQI0LI7I6+ScstGkjsR4pQ+Y6idmWZxzlx9TaG9ZYAiSad6d3/i
KyBZaKsYnDV3IxsxCCOXsQ/6pPN3/wocU5ptd+u/O6FUQ7OsQlNZMZIpV/K8VZWA
hia9NPrcHub4EdcXhSM6pBG1lQaPQub40XFOVhRTepks1KKS0BrksdLy4q0pcoDc
CfkBbKAMXOQzligrSaJhoexCpJb5/HeppRphdfXV/UwKJddFj8YkeO/V0lOOwRu8
AxMGsFuVkXijHBDcES/Vu9rKzHWv/RJitqrmw4/EvNc0dXJfg2RY+U25IQIDAQAB
o4IDJzCCAyMwHQYDVR0OBBYEFESHE6TlZpwtx2BGZcXghl2S/nqdMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvUkljVHBPVm1uQzNIWUVabHhlQ0dYWkwtZXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOwYIKwYBBQUHAQcBAf8EggEqMIIBJjCCASIEAgABMIIB
GgMEAFX+AgMEAFX+BAMEAFX+BzAMAwQAVf4dAwQAVf4eAwQAVf4oAwQBVf4qAwQA
Vf4zAwQAVf47AwQBVf5AAwQCVf5MAwQBVf5UAwQAVf5nAwQCVf5wMAwDBAJV/nwD
BABV/n4DBAJV/oADBABV/oYwDAMEAFX+iQMEAFX+jAMEAVX+rgMEAVX+tAMEAJ+U
GgMEAJ+UNgMEAJ+UPgMEAJ+UQgMEAJ+UfgMEAJ+UgAMEAJ+UggMEAJ+UngMEAJ+U
owMEAZ+UpjAMAwQAn5SzAwQAn5S0AwQAn5TMAwQAn5TYAwQAn5TaAwQAn5TqAwQA
n5TxMAwDBAGflPYDBACflPgDBAC5G14DBADZRXkwDAMEANlFfQMEB9lFADANBgkq
hkiG9w0BAQsFAAOCAQEAa3AVuKYh2piY0WxngnjX3QtLRKrAAmvOUEgBOrqQFnbY
79RxS+Hpr76+noE0nKgzPRtC40oEaYjgqpunebwhOW6yEmcoxs4N3kkl+DSF7PYR
Osw6OkLJTSHZvTwjWSAgESlt8IqgwHowsN3/1X1nFDbGUBb9PC+YtzR22KanScPw
nyshNYQlFEqVzq66FiOYJrwC8E2VIjctBj+V/bXMkukXdWyNZQh/yWbmQdP9h8vW
i2u4FQYLEpXgIGG0ViukO7AuYS7Nih9ZjNT6O5ZsH+9S1vCr49O6Kso8nSLL358Q
nN8NiC1Zimu7v48wFo0PCblF0YTV1JlA/9E7Btsa2A==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:25 2025 by rpki-client