Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/f5my6wpmkXYdRvCexyrLfb2EJRM.roa
File: f5my6wpmkXYdRvCexyrLfb2EJRM.roa (raw, json)
Hash identifier: ek9h7dtvz6IRiVUkraYVmfaWK/0X00a7nlsUVWcw6tw=
Subject key identifier: 7F:99:B2:EB:0A:66:91:76:1D:46:F0:9E:C7:2A:CB:7D:BD:84:25:13
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019200327432CADDF1867EF8918FF076EC7E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/f5my6wpmkXYdRvCexyrLfb2EJRM.roa
Signing time: Tue 17 Sep 2024 13:35:59 +0000
ROA not before: Tue 17 Sep 2024 13:35:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31490
IP address blocks: 85.217.188.0/24 maxlen: 24
87.121.121.0/24 maxlen: 32
93.123.23.0/24 maxlen: 24
185.219.124.0/24 maxlen: 24
2a00:1728:20::/48 maxlen: 48
2a00:1728:20:100::/56 maxlen: 56
2a00:1728:33::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:00:32:74:32:ca:dd:f1:86:7e:f8:91:8f:f0:76:ec:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 17 13:35:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f99b2eb0a6691761d46f09ec72acb7dbd842513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e4:56:92:2b:a5:04:25:1a:f5:b1:f6:f7:0d:
fe:de:af:2b:26:48:14:ec:a7:14:5a:3a:0e:91:19:
6f:cf:e2:0d:b0:45:42:48:47:27:29:74:ff:44:a3:
89:e7:96:e7:04:54:28:9b:89:6d:b3:65:e7:3c:d4:
a6:99:d5:1c:97:6d:c2:d9:7f:5e:3a:06:cd:c3:10:
15:17:71:1a:9a:cb:f3:80:c9:7c:2b:bf:de:f2:00:
2b:88:41:a6:95:09:c3:ec:b5:64:e9:b3:33:37:f7:
65:72:a0:15:ad:37:55:62:72:b0:ac:19:34:5f:2b:
6b:b3:22:a5:e0:1b:12:6c:02:80:49:ce:47:28:d3:
2b:f1:54:a3:85:d3:cb:46:88:4f:ac:c9:17:ce:a4:
5a:ec:b6:05:1a:6f:ca:ab:a6:e6:e0:7e:1c:3b:7d:
e8:36:83:2a:16:29:fb:51:08:3d:4e:3d:17:28:54:
91:82:8e:b1:79:47:af:92:18:e2:0f:0e:52:f5:86:
a4:95:e1:6e:90:9e:ad:0f:2d:1b:9e:d5:b7:d6:b7:
a5:0c:14:a5:bb:18:f0:23:eb:a7:92:df:1c:15:f3:
e5:30:45:a7:de:84:73:f0:34:25:8c:dc:65:25:1c:
78:55:46:18:69:ad:78:52:b8:7a:06:39:b6:1e:75:
d6:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:99:B2:EB:0A:66:91:76:1D:46:F0:9E:C7:2A:CB:7D:BD:84:25:13
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/f5my6wpmkXYdRvCexyrLfb2EJRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.188.0/24
87.121.121.0/24
93.123.23.0/24
185.219.124.0/24
IPv6:
2a00:1728:20::/48
2a00:1728:33::/48
Signature Algorithm: sha256WithRSAEncryption
5c:6d:77:6b:96:ee:bf:41:3a:74:5a:ef:63:e5:be:8d:de:3f:
1a:97:60:87:87:c3:cc:38:2b:93:53:a0:0f:f1:3a:3c:09:bf:
3d:e6:14:44:71:5d:a0:03:98:5a:b6:f2:0e:1b:58:49:e4:4e:
cf:c5:20:a1:56:cb:73:ae:c3:05:47:09:bc:c4:fa:d2:73:70:
a8:69:4b:77:cb:b6:96:dc:7a:d0:84:37:6c:fe:6a:21:5f:19:
b9:08:52:14:f4:dd:f4:9b:6d:85:9d:58:ca:4e:b4:91:a2:9a:
8e:25:a0:04:57:66:0f:d8:97:0a:7b:a9:07:92:f8:2e:38:a4:
de:47:96:90:48:75:2b:71:b0:19:ab:3a:96:fa:ed:45:f3:76:
ea:b2:b9:d0:42:6b:d0:b3:8b:9e:1a:36:f3:6c:1d:7a:76:51:
a4:ba:f9:e1:22:ef:09:7f:7a:c7:f6:a1:56:14:bd:41:36:57:
b7:19:1d:c4:d7:98:c6:57:4b:4f:1c:ba:cb:2d:07:19:39:56:
88:44:bd:88:77:12:96:ed:b8:a7:8d:c8:35:1d:44:46:9f:99:
7f:a7:bd:dc:e5:93:8d:c2:3c:88:9a:4a:5f:56:00:9c:c8:8c:
5d:34:30:9a:f8:ab:59:04:e6:5e:02:f3:4c:6a:e8:5c:0c:cd:
cd:ce:73:a8
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZIAMnQyyt3xhn74kY/wdux+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwOTE3MTMzNTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Zjk5YjJlYjBhNjY5MTc2MWQ0NmYwOWVjNzJhY2I3ZGJkODQyNTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+RWkiulBCUa9bH29w3+3q8rJkgU
7KcUWjoOkRlvz+INsEVCSEcnKXT/RKOJ55bnBFQom4lts2XnPNSmmdUcl23C2X9e
OgbNwxAVF3EamsvzgMl8K7/e8gAriEGmlQnD7LVk6bMzN/dlcqAVrTdVYnKwrBk0
XytrsyKl4BsSbAKASc5HKNMr8VSjhdPLRohPrMkXzqRa7LYFGm/Kq6bm4H4cO33o
NoMqFin7UQg9Tj0XKFSRgo6xeUevkhjiDw5S9YakleFukJ6tDy0bntW31relDBSl
uxjwI+unkt8cFfPlMEWn3oRz8DQljNxlJRx4VUYYaa14Urh6Bjm2HnXWswIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFH+ZsusKZpF2HUbwnscqy329hCUTMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZjVteTZ3cG1rWFlkUnZDZXh5ckxmYjJFSlJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQAVdm8AwQA
V3l5AwQAXXsXAwQAudt8MBgEAgACMBIDBwAqABcoACADBwAqABcoADMwDQYJKoZI
hvcNAQELBQADggEBAFxtd2uW7r9BOnRa72Plvo3ePxqXYIeHw8w4K5NToA/xOjwJ
vz3mFERxXaADmFq28g4bWEnkTs/FIKFWy3OuwwVHCbzE+tJzcKhpS3fLtpbcetCE
N2z+aiFfGbkIUhT03fSbbYWdWMpOtJGimo4loARXZg/Ylwp7qQeS+C44pN5HlpBI
dStxsBmrOpb67UXzduqyudBCa9Czi54aNvNsHXp2UaS6+eEi7wl/esf2oVYUvUE2
V7cZHcTXmMZXS08cusstBxk5VohEvYh3EpbtuKeNyDUdREafmX+nvdzlk43CPIia
Sl9WAJzIjF00MJr4q1kE5l4C80xq6FwMzc3Oc6g=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:30:20 2025 by rpki-client