Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/7ql7rLzj9hWG02iDVxzkrUj7XUQ.roa
File: 7ql7rLzj9hWG02iDVxzkrUj7XUQ.roa (raw, json)
Hash identifier: HTp/ss76GnWYXlWp7I2i6nBbTrgKuhwLISIU/ICoAxY=
Subject key identifier: EE:A9:7B:AC:BC:E3:F6:15:86:D3:68:83:57:1C:E4:AD:48:FB:5D:44
Certificate issuer: /CN=20b5100e798fab7577bf725ac9569ea80e6c2a04
Certificate serial: 019426D9E5C1DE302911CE285ACA2E949CD7
Authority key identifier: 20:B5:10:0E:79:8F:AB:75:77:BF:72:5A:C9:56:9E:A8:0E:6C:2A:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ILUQDnmPq3V3v3JayVaeqA5sKgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/7ql7rLzj9hWG02iDVxzkrUj7XUQ.roa
Signing time: Thu 02 Jan 2025 11:50:01 +0000
ROA not before: Thu 02 Jan 2025 11:50:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44703
IP address blocks: 85.115.64.0/19 maxlen: 19
85.115.64.0/24 maxlen: 24
85.115.65.0/24 maxlen: 24
85.115.70.0/24 maxlen: 24
85.115.71.0/24 maxlen: 24
85.115.72.0/21 maxlen: 21
85.115.80.0/21 maxlen: 21
85.115.93.0/24 maxlen: 24
85.115.94.0/24 maxlen: 24
85.115.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Apr 2025 05:37:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:e5:c1:de:30:29:11:ce:28:5a:ca:2e:94:9c:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20b5100e798fab7577bf725ac9569ea80e6c2a04
Validity
Not Before: Jan 2 11:50:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eea97bacbce3f61586d36883571ce4ad48fb5d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0a:1e:c5:eb:49:af:17:6c:32:40:f9:29:d4:
32:b2:61:3e:9a:be:a4:77:83:14:7f:e6:a7:fa:7c:
1e:5c:1d:a1:97:3f:3b:b7:62:9b:de:fa:ae:77:aa:
ae:9f:ba:b3:27:f6:dd:26:8f:df:1e:e6:f7:cc:ed:
1f:7f:7b:26:41:41:5c:e4:b1:f8:46:95:f9:2c:f2:
5b:2f:84:48:c5:2d:d7:06:0f:12:cb:73:3a:45:58:
2f:f5:f1:fa:55:92:7e:e7:6e:6c:22:1a:04:ba:c5:
9a:26:8f:b5:00:b9:7e:51:66:4e:19:0c:73:5e:bf:
26:f1:e4:17:5a:4a:f6:dd:e1:1e:70:36:1f:93:bb:
cf:30:6d:b3:02:99:12:29:b7:05:68:f5:3a:eb:8d:
56:30:6b:df:77:d9:f7:a3:c2:4c:a7:09:65:fc:80:
6c:f2:08:14:e9:12:fa:1a:f3:7d:71:73:44:a5:2b:
ef:e2:9d:75:97:1d:fe:38:b7:f9:d4:24:b1:89:7c:
8f:86:07:f9:a3:29:58:a3:62:7d:a5:a3:f5:e0:e7:
a9:e0:83:47:40:9e:ce:07:c9:d8:f0:28:52:b0:00:
cc:f7:6d:2d:16:54:bc:bc:d5:3a:35:46:38:d8:0a:
51:57:3d:ab:29:b6:a6:e1:74:a1:7c:c8:ae:b6:62:
d0:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:A9:7B:AC:BC:E3:F6:15:86:D3:68:83:57:1C:E4:AD:48:FB:5D:44
X509v3 Authority Key Identifier:
keyid:20:B5:10:0E:79:8F:AB:75:77:BF:72:5A:C9:56:9E:A8:0E:6C:2A:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ILUQDnmPq3V3v3JayVaeqA5sKgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/7ql7rLzj9hWG02iDVxzkrUj7XUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/ILUQDnmPq3V3v3JayVaeqA5sKgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.64.0/19
Signature Algorithm: sha256WithRSAEncryption
0a:80:44:2d:22:27:e1:5c:64:26:0a:01:0f:47:f9:e2:5f:4a:
21:28:88:8e:65:0f:59:53:32:c3:d6:5b:0e:d7:74:7e:4b:6d:
37:eb:26:1b:d7:18:c9:77:d0:31:0a:63:f8:29:b6:40:b7:47:
a5:38:c4:b3:8e:b7:e7:99:9a:f1:e8:5c:e5:92:ac:47:64:67:
19:cd:7e:a9:93:a9:18:fe:bf:64:1b:a4:51:9b:68:0e:1a:4d:
0e:ab:c2:18:b8:31:b5:2f:f0:d0:b9:27:59:0a:8f:d5:7e:62:
85:a4:8f:fa:1b:c9:8d:90:c4:26:f4:21:e0:c5:d3:31:3b:f3:
0e:4a:a6:e2:03:0c:e1:12:00:6a:de:bc:a0:02:c8:67:57:7c:
58:94:bc:f9:62:27:a5:26:22:b0:d1:a0:87:56:5b:f4:f3:3b:
15:82:55:99:6b:e5:3a:f4:48:0f:a1:78:b9:fe:bc:7f:44:40:
a8:34:35:bd:1c:39:c4:7a:73:52:a4:a0:1c:6c:c2:ca:dd:8d:
24:ef:73:7f:ad:4c:cd:1e:c0:8a:76:b3:32:95:89:22:43:3e:
2b:29:bc:fa:07:a1:d2:3b:8b:18:92:10:57:57:af:bd:d2:5b:
fd:53:4a:d3:89:0d:2a:92:45:55:04:3a:c3:d4:17:2b:71:92:
7f:f7:6a:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2eXB3jApEc4oWsoulJzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYjUxMDBlNzk4ZmFiNzU3N2JmNzI1YWM5NTY5ZWE4MGU2
YzJhMDQwHhcNMjUwMTAyMTE1MDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWE5N2JhY2JjZTNmNjE1ODZkMzY4ODM1NzFjZTRhZDQ4ZmI1ZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwoexetJrxdsMkD5KdQysmE+mr6k
d4MUf+an+nweXB2hlz87t2Kb3vqud6qun7qzJ/bdJo/fHub3zO0ff3smQUFc5LH4
RpX5LPJbL4RIxS3XBg8Sy3M6RVgv9fH6VZJ+525sIhoEusWaJo+1ALl+UWZOGQxz
Xr8m8eQXWkr23eEecDYfk7vPMG2zApkSKbcFaPU6641WMGvfd9n3o8JMpwll/IBs
8ggU6RL6GvN9cXNEpSvv4p11lx3+OLf51CSxiXyPhgf5oylYo2J9paP14Oep4INH
QJ7OB8nY8ChSsADM920tFlS8vNU6NUY42ApRVz2rKbam4XShfMiutmLQYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO6pe6y84/YVhtNog1cc5K1I+11EMB8GA1UdIwQY
MBaAFCC1EA55j6t1d79yWslWnqgObCoEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUxVUURubVBxM1YzdjNKYXlWYWVxQTVzS2dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS85ZTQ5ZmYtNDI2NC00NjQ3LTk1YTQt
ODAzNzk2NTY5M2EyLzEvN3FsN3JMemo5aFdHMDJpRFZ4emtyVWo3WFVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS85ZTQ5ZmYtNDI2NC00NjQ3LTk1YTQtODAzNzk2NTY5M2Ey
LzEvSUxVUURubVBxM1YzdjNKYXlWYWVxQTVzS2dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFVXNAMA0G
CSqGSIb3DQEBCwUAA4IBAQAKgEQtIifhXGQmCgEPR/niX0ohKIiOZQ9ZUzLD1lsO
13R+S2036yYb1xjJd9AxCmP4KbZAt0elOMSzjrfnmZrx6FzlkqxHZGcZzX6pk6kY
/r9kG6RRm2gOGk0Oq8IYuDG1L/DQuSdZCo/VfmKFpI/6G8mNkMQm9CHgxdMxO/MO
SqbiAwzhEgBq3rygAshnV3xYlLz5YielJiKw0aCHVlv08zsVglWZa+U69EgPoXi5
/rx/RECoNDW9HDnEenNSpKAcbMLK3Y0k73N/rUzNHsCKdrMylYkiQz4rKbz6B6HS
O4sYkhBXV6+90lv9U0rTiQ0qkkVVBDrD1BcrcZJ/92rl
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:33:15 2025 by rpki-client