Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/EVJQRiG9VSqEhMxnd1ZMuVNubZY.roa
File: EVJQRiG9VSqEhMxnd1ZMuVNubZY.roa (raw, json)
Hash identifier: X+dGDZfXyt6YEYrBXJ43XVgle3jbYd5k6B+OMJxF7Q4=
Subject key identifier: 11:52:50:46:21:BD:55:2A:84:84:CC:67:77:56:4C:B9:53:6E:6D:96
Certificate issuer: /CN=20b5100e798fab7577bf725ac9569ea80e6c2a04
Certificate serial: 018CC86EF9AC1B66CB47CF1A2C8506B571D5
Authority key identifier: 20:B5:10:0E:79:8F:AB:75:77:BF:72:5A:C9:56:9E:A8:0E:6C:2A:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ILUQDnmPq3V3v3JayVaeqA5sKgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/EVJQRiG9VSqEhMxnd1ZMuVNubZY.roa
Signing time: Tue 02 Jan 2024 04:29:25 +0000
ROA not before: Tue 02 Jan 2024 04:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44703
IP address blocks: 85.115.64.0/24 maxlen: 24
85.115.71.0/24 maxlen: 24
85.115.70.0/24 maxlen: 24
85.115.65.0/24 maxlen: 24
85.115.72.0/21 maxlen: 21
85.115.80.0/21 maxlen: 21
85.115.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 15:57:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:f9:ac:1b:66:cb:47:cf:1a:2c:85:06:b5:71:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20b5100e798fab7577bf725ac9569ea80e6c2a04
Validity
Not Before: Jan 2 04:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1152504621bd552a8484cc6777564cb9536e6d96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:80:aa:00:15:88:3b:07:65:99:cf:c9:78:b2:
e1:47:0b:d9:9e:03:b7:34:40:3d:99:71:3a:01:c3:
8a:a4:6d:5c:cf:8c:a9:61:e3:19:15:14:ff:a6:5d:
2e:9a:fd:a4:46:97:fa:d0:59:ad:59:85:d5:66:4e:
61:39:14:64:61:91:84:92:ce:94:f5:84:c0:a2:af:
70:6b:f3:df:f0:55:97:2f:c3:e6:68:64:5d:26:b6:
c0:e4:d2:1d:9e:80:a9:9b:bb:8c:f8:2c:64:61:87:
30:52:c3:85:f8:ab:df:8d:4a:bb:70:04:ad:0d:a3:
37:3a:4d:7a:75:bc:6c:64:ee:66:42:63:57:76:7e:
57:00:74:3d:4f:aa:63:df:4a:7a:d6:13:6e:44:67:
6b:28:f9:2c:69:a4:54:ce:8d:86:d7:fe:ce:db:f2:
f0:40:1c:6c:2f:45:5b:be:c5:d9:4c:fd:68:e7:4e:
a2:62:24:a2:7f:74:8d:0a:f2:31:6c:42:34:53:02:
12:26:db:57:56:9f:75:91:82:de:f1:ca:85:7c:19:
22:a1:7a:f4:c9:cb:34:4a:9f:55:ae:66:9a:9c:d6:
57:2a:b2:a1:49:be:47:59:db:5f:f6:8d:e0:4c:7a:
4b:67:4e:9c:bb:6a:55:22:8e:72:a3:0e:a1:44:f5:
bc:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:52:50:46:21:BD:55:2A:84:84:CC:67:77:56:4C:B9:53:6E:6D:96
X509v3 Authority Key Identifier:
keyid:20:B5:10:0E:79:8F:AB:75:77:BF:72:5A:C9:56:9E:A8:0E:6C:2A:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ILUQDnmPq3V3v3JayVaeqA5sKgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/EVJQRiG9VSqEhMxnd1ZMuVNubZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/ILUQDnmPq3V3v3JayVaeqA5sKgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.64.0/23
85.115.70.0-85.115.87.255
85.115.94.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:78:20:62:18:89:14:1f:3b:36:9d:ec:4c:b7:84:5a:e8:a9:
9e:1b:67:36:f1:3d:d7:8d:e9:93:f7:06:e4:92:76:e5:0f:0f:
8a:51:30:57:f8:c6:df:43:d9:59:5f:d9:b8:e9:48:75:8c:b8:
87:7c:bd:a9:0e:ee:6d:37:74:6a:15:76:f0:1e:8e:cb:dd:2f:
98:e2:98:01:14:a1:92:f3:f8:fc:a2:be:ca:a8:e2:d7:14:83:
de:35:3f:29:00:b1:96:23:87:52:d9:05:d6:cd:c2:f3:ce:c6:
57:a3:7c:fa:27:5c:ee:06:7f:4a:13:35:c6:19:4c:c1:08:e6:
10:3e:28:ca:ee:23:4d:0d:a9:c9:11:6e:37:47:5d:2c:66:58:
6d:40:78:b1:aa:a8:d1:6f:ca:3c:32:aa:35:34:34:e7:85:bf:
94:48:b7:f9:70:2e:40:83:ef:c2:c0:1a:db:89:48:30:71:b1:
f6:d0:1f:21:1d:69:a3:27:6e:7d:0e:65:3a:4f:44:85:c0:f9:
7a:c0:51:fa:3e:4d:34:c1:b8:38:ee:70:47:a6:bb:12:e2:cf:
de:3c:32:e8:fb:e7:6b:4a:fd:6d:0e:25:b6:7c:59:f3:88:df:
68:c6:ad:19:f2:db:c4:52:6a:03:12:01:93:47:89:93:18:67:
ab:19:87:32
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzIbvmsG2bLR88aLIUGtXHVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYjUxMDBlNzk4ZmFiNzU3N2JmNzI1YWM5NTY5ZWE4MGU2
YzJhMDQwHhcNMjQwMTAyMDQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTUyNTA0NjIxYmQ1NTJhODQ4NGNjNjc3NzU2NGNiOTUzNmU2ZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4CqABWIOwdlmc/JeLLhRwvZngO3
NEA9mXE6AcOKpG1cz4ypYeMZFRT/pl0umv2kRpf60FmtWYXVZk5hORRkYZGEks6U
9YTAoq9wa/Pf8FWXL8PmaGRdJrbA5NIdnoCpm7uM+CxkYYcwUsOF+KvfjUq7cASt
DaM3Ok16dbxsZO5mQmNXdn5XAHQ9T6pj30p61hNuRGdrKPksaaRUzo2G1/7O2/Lw
QBxsL0VbvsXZTP1o506iYiSif3SNCvIxbEI0UwISJttXVp91kYLe8cqFfBkioXr0
ycs0Sp9VrmaanNZXKrKhSb5HWdtf9o3gTHpLZ06cu2pVIo5yow6hRPW83wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBFSUEYhvVUqhITMZ3dWTLlTbm2WMB8GA1UdIwQY
MBaAFCC1EA55j6t1d79yWslWnqgObCoEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUxVUURubVBxM1YzdjNKYXlWYWVxQTVzS2dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS85ZTQ5ZmYtNDI2NC00NjQ3LTk1YTQt
ODAzNzk2NTY5M2EyLzEvRVZKUVJpRzlWU3FFaE14bmQxWk11Vk51YlpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS85ZTQ5ZmYtNDI2NC00NjQ3LTk1YTQtODAzNzk2NTY5M2Ey
LzEvSUxVUURubVBxM1YzdjNKYXlWYWVxQTVzS2dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBVXNAMAwD
BAFVc0YDBANVc1ADBABVc14wDQYJKoZIhvcNAQELBQADggEBAFx4IGIYiRQfOzad
7Ey3hFroqZ4bZzbxPdeN6ZP3BuSSduUPD4pRMFf4xt9D2Vlf2bjpSHWMuId8vakO
7m03dGoVdvAejsvdL5jimAEUoZLz+Pyivsqo4tcUg941PykAsZYjh1LZBdbNwvPO
xlejfPonXO4Gf0oTNcYZTMEI5hA+KMruI00NqckRbjdHXSxmWG1AeLGqqNFvyjwy
qjU0NOeFv5RIt/lwLkCD78LAGtuJSDBxsfbQHyEdaaMnbn0OZTpPRIXA+XrAUfo+
TTTBuDjucEemuxLiz948Muj752tK/W0OJbZ8WfOI32jGrRny28RSagMSAZNHiZMY
Z6sZhzI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:54 2024 by rpki-client on console-fra.rpki-client.org