Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/eAvs8B-yA3jmIwRgZjwjdXlgMns.roa
File: eAvs8B-yA3jmIwRgZjwjdXlgMns.roa (raw, json)
Hash identifier: w87X+P8AwR0OULvL4R8EdlH/IHSXIQhf+UK7mkdlo8c=
Subject key identifier: 78:0B:EC:F0:1F:B2:03:78:E6:23:04:60:66:3C:23:75:79:60:32:7B
Certificate issuer: /CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Certificate serial: 018A78C10CF43D8BA3E12069FB9F4213B00E
Authority key identifier: D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/eAvs8B-yA3jmIwRgZjwjdXlgMns.roa
Signing time: Sat 09 Sep 2023 07:03:52 +0000
ROA not before: Sat 09 Sep 2023 07:03:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 185.85.74.0/24 maxlen: 24
185.85.72.0/24 maxlen: 24
185.85.75.0/24 maxlen: 24
185.85.73.0/24 maxlen: 24
185.160.29.0/24 maxlen: 24
185.160.30.0/24 maxlen: 24
185.160.28.0/24 maxlen: 24
185.160.31.0/24 maxlen: 24
2a05:abc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:78:c1:0c:f4:3d:8b:a3:e1:20:69:fb:9f:42:13:b0:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Validity
Not Before: Sep 9 07:03:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=780becf01fb20378e6230460663c23757960327b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:37:29:a4:f9:de:82:d8:eb:c0:dd:67:24:69:
28:75:16:2a:f3:51:4b:41:be:c9:7e:12:4c:74:d9:
e2:b1:a3:6a:c8:3d:06:a4:b3:bf:b1:46:a0:b2:54:
7a:9d:fe:9c:3f:23:e1:55:ab:81:00:bb:08:70:57:
f4:79:aa:d3:3a:f3:48:0c:1e:26:4d:4c:82:e8:4a:
d4:3e:a2:1d:67:df:a7:95:28:9d:f6:df:98:4a:12:
bc:db:53:47:33:00:4e:01:0f:e3:47:79:63:84:15:
1f:89:e9:72:3f:13:2d:05:2d:5b:18:e5:ad:08:27:
27:c2:6f:ba:02:da:f6:a9:65:dd:1f:00:7d:59:89:
c5:1c:f5:e1:16:cd:5a:e7:5d:c9:00:57:e3:27:3b:
10:bc:54:a7:62:d8:e6:e0:3f:3d:c9:b9:97:39:16:
78:82:88:9a:a0:fd:b7:02:96:60:87:c6:34:eb:ab:
c3:4b:c4:f2:0f:fe:fb:2b:fe:07:c5:0f:88:6c:71:
f2:8b:3a:ec:47:c4:9f:24:51:17:53:b1:26:2c:d4:
70:56:a0:33:ca:55:f9:96:95:ec:cb:f2:e0:16:db:
b3:32:85:64:e2:35:9b:94:09:c0:e6:8c:6f:47:20:
66:89:d1:0c:c2:2b:e2:f7:96:98:ac:ab:40:91:5a:
4f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:0B:EC:F0:1F:B2:03:78:E6:23:04:60:66:3C:23:75:79:60:32:7B
X509v3 Authority Key Identifier:
keyid:D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/eAvs8B-yA3jmIwRgZjwjdXlgMns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/0eAT7IpcVt8kGpslY9ER-OVDv5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.72.0/22
185.160.28.0/22
IPv6:
2a05:abc0::/29
Signature Algorithm: sha256WithRSAEncryption
a0:15:68:0a:ae:d0:6e:71:47:2f:92:15:2b:87:b3:e9:fc:4f:
82:4a:d5:d3:33:9b:ca:46:97:4b:eb:be:61:8f:ce:df:49:ac:
7b:c0:45:ec:43:73:6c:f2:56:24:84:98:05:a4:20:e2:e6:7e:
a7:a2:cc:db:19:da:fc:94:77:4e:ee:05:8b:2b:48:13:da:6e:
ab:d4:2e:78:fd:cb:34:94:bd:3b:14:b8:13:f5:d3:c9:48:f0:
4d:3f:61:2f:07:a7:f9:2a:da:a3:1a:41:d9:26:b9:92:5b:23:
ec:2d:68:46:f7:1f:13:fd:80:ac:ac:98:34:be:49:4d:92:23:
97:85:bd:be:38:f9:14:50:b8:c0:b2:04:e1:2a:b5:c2:3a:e9:
38:2a:bd:72:2a:07:84:83:36:c0:d0:6f:9f:81:20:89:96:40:
aa:e8:b4:6d:78:4f:79:62:98:1e:e7:61:39:85:6a:30:f3:24:
22:3d:56:a8:e5:b8:47:36:d2:66:9a:fe:40:d4:73:2f:2e:f9:
7d:be:9d:9a:58:9d:7e:3a:7f:aa:f6:b0:39:1e:7b:21:df:3e:
6d:3d:d4:22:d2:f1:24:d2:ca:80:b0:57:97:67:86:81:25:de:
bb:f3:41:37:b0:67:f2:22:7a:02:5f:b7:3f:47:5b:2f:99:4f:
19:3d:2c:ff
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYp4wQz0PYuj4SBp+59CE7AOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZTAxM2VjOGE1YzU2ZGYyNDFhOWIyNTYzZDExMWY4ZTU0
M2JmOTEwHhcNMjMwOTA5MDcwMzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODBiZWNmMDFmYjIwMzc4ZTYyMzA0NjA2NjNjMjM3NTc5NjAzMjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTcppPnegtjrwN1nJGkodRYq81FL
Qb7JfhJMdNnisaNqyD0GpLO/sUagslR6nf6cPyPhVauBALsIcFf0earTOvNIDB4m
TUyC6ErUPqIdZ9+nlSid9t+YShK821NHMwBOAQ/jR3ljhBUfielyPxMtBS1bGOWt
CCcnwm+6Atr2qWXdHwB9WYnFHPXhFs1a513JAFfjJzsQvFSnYtjm4D89ybmXORZ4
goiaoP23ApZgh8Y066vDS8TyD/77K/4HxQ+IbHHyizrsR8SfJFEXU7EmLNRwVqAz
ylX5lpXsy/LgFtuzMoVk4jWblAnA5oxvRyBmidEMwivi95aYrKtAkVpPSwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHgL7PAfsgN45iMEYGY8I3V5YDJ7MB8GA1UdIwQY
MBaAFNHgE+yKXFbfJBqbJWPREfjlQ7+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQt
NDQwNTI4YzFlNDllLzEvZUF2czhCLXlBM2ptSXdSZ1pqd2pkWGxnTW5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQtNDQwNTI4YzFlNDll
LzEvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuVVIAwQC
uaAcMA0EAgACMAcDBQMqBavAMA0GCSqGSIb3DQEBCwUAA4IBAQCgFWgKrtBucUcv
khUrh7Pp/E+CStXTM5vKRpdL675hj87fSax7wEXsQ3Ns8lYkhJgFpCDi5n6noszb
Gdr8lHdO7gWLK0gT2m6r1C54/cs0lL07FLgT9dPJSPBNP2EvB6f5KtqjGkHZJrmS
WyPsLWhG9x8T/YCsrJg0vklNkiOXhb2+OPkUULjAsgThKrXCOuk4Kr1yKgeEgzbA
0G+fgSCJlkCq6LRteE95Ypge52E5hWow8yQiPVao5bhHNtJmmv5A1HMvLvl9vp2a
WJ1+On+q9rA5Hnsh3z5tPdQi0vEk0sqAsFeXZ4aBJd6780E3sGfyInoCX7c/R1sv
mU8ZPSz/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:37 2024 by rpki-client on console-fra.rpki-client.org