Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/a3ccce-c0d6-49a8-bbb8-b8ae16b35c31/1/iaa1eHHhac5G0mpDJjwro_1QOpY.roa
File: iaa1eHHhac5G0mpDJjwro_1QOpY.roa (raw, json)
Hash identifier: njFl2KBgd2EIzru/WiEpiPEUdU8iP2tUKEMQqh/ozGw=
Subject key identifier: 89:A6:B5:78:71:E1:69:CE:46:D2:6A:43:26:3C:2B:A3:FD:50:3A:96
Certificate issuer: /CN=790d1ca78761310ac39a714ff62f3b92b2e77d8a
Certificate serial: 018CC2DAEBDBAE5F5427001AF6DE288653FB
Authority key identifier: 79:0D:1C:A7:87:61:31:0A:C3:9A:71:4F:F6:2F:3B:92:B2:E7:7D:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eQ0cp4dhMQrDmnFP9i87krLnfYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/a3ccce-c0d6-49a8-bbb8-b8ae16b35c31/1/iaa1eHHhac5G0mpDJjwro_1QOpY.roa
Signing time: Mon 01 Jan 2024 02:29:36 +0000
ROA not before: Mon 01 Jan 2024 02:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15830
IP address blocks: 85.119.0.0/21 maxlen: 21
178.250.56.0/21 maxlen: 21
185.172.92.0/22 maxlen: 22
2a03:bd81::/32 maxlen: 32
2a03:bd82::/32 maxlen: 32
2a03:bd80::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:eb:db:ae:5f:54:27:00:1a:f6:de:28:86:53:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=790d1ca78761310ac39a714ff62f3b92b2e77d8a
Validity
Not Before: Jan 1 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89a6b57871e169ce46d26a43263c2ba3fd503a96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:15:f1:f7:5e:a6:5c:83:4a:cd:a5:a3:b8:5f:
75:3a:b8:3f:21:ab:b7:9b:40:dc:0b:db:72:5b:2e:
29:2e:80:60:f9:dd:5d:14:25:af:13:ca:be:86:e4:
ea:f5:91:0c:28:d2:9f:29:f1:d7:e7:3c:d4:5d:c0:
ea:20:15:8b:57:83:c9:1d:73:61:8e:d8:c6:15:ea:
54:5e:43:12:b5:92:e3:65:43:4f:91:46:83:97:e4:
c6:16:d9:d2:65:32:28:80:c8:23:95:1a:7e:e8:ab:
82:33:29:e4:c0:7a:5e:7a:e4:19:64:4d:d2:a9:69:
6e:6c:c9:77:c3:14:a7:cd:a3:bc:20:ef:3e:c0:97:
e0:4e:60:d9:08:fa:b5:f7:26:26:cb:f4:2a:0c:b4:
68:58:a9:ae:48:4d:c0:a0:d7:10:eb:c8:07:d7:c5:
e6:f8:8a:b4:c2:cb:4d:71:ec:01:b4:29:ed:e4:bc:
8e:f1:bd:aa:7d:ce:44:c8:52:2c:77:73:71:59:e0:
07:67:1b:ba:8d:a8:b3:84:db:e6:d9:fe:70:34:5d:
81:8b:92:ef:96:d5:9a:26:3c:52:e4:5c:c0:9e:7a:
3d:06:d0:70:bb:d2:12:05:01:b6:f6:b4:b1:ce:c9:
28:2b:6d:74:a9:2c:da:d4:93:a0:7a:cd:e0:82:19:
9d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A6:B5:78:71:E1:69:CE:46:D2:6A:43:26:3C:2B:A3:FD:50:3A:96
X509v3 Authority Key Identifier:
keyid:79:0D:1C:A7:87:61:31:0A:C3:9A:71:4F:F6:2F:3B:92:B2:E7:7D:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eQ0cp4dhMQrDmnFP9i87krLnfYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a3ccce-c0d6-49a8-bbb8-b8ae16b35c31/1/iaa1eHHhac5G0mpDJjwro_1QOpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a3ccce-c0d6-49a8-bbb8-b8ae16b35c31/1/eQ0cp4dhMQrDmnFP9i87krLnfYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.0.0/21
178.250.56.0/21
185.172.92.0/22
IPv6:
2a03:bd80::-2a03:bd82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6f:dc:23:4f:6f:7a:4d:db:5c:ac:d1:f7:23:8d:3f:d3:14:2a:
33:33:40:63:fd:fe:89:6b:c1:27:d5:7a:74:7a:00:3b:64:64:
ee:65:dd:17:51:06:a5:b3:60:3e:38:ca:8c:7f:83:fc:be:3e:
55:70:28:97:27:cd:47:7e:27:13:9f:aa:2a:f4:e9:78:14:3f:
a7:3c:83:5f:d2:ba:ac:8e:32:0f:73:1e:8c:74:9c:e2:c0:ea:
0b:dd:ba:0c:40:c0:36:31:09:69:6e:f7:fd:82:5e:c9:22:d9:
9b:5f:e8:8c:f6:d3:2f:ba:d8:2e:4d:cb:4e:7c:81:64:d7:0e:
44:36:68:c0:ee:04:f1:84:24:e7:b3:34:ab:48:12:41:44:84:
56:55:48:3b:0a:1d:c4:74:4b:53:b1:a7:1f:8c:2a:75:ca:ac:
f7:c0:ab:f1:0a:3e:0e:08:ae:f1:5e:4f:7d:1c:5a:4e:70:5d:
c5:4b:80:93:d3:03:31:64:b8:72:c8:50:fe:19:78:93:a1:95:
c5:3e:6e:de:a9:13:bb:4f:7a:f9:96:1c:82:cf:16:74:6e:bf:
fb:a9:2e:aa:16:8a:d0:88:56:ff:1f:e8:0e:df:ed:28:37:13:
c1:73:8e:6f:8b:5c:ab:e0:c3:bf:02:3e:1b:b8:64:40:c1:66:
0c:e2:c0:70
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzC2uvbrl9UJwAa9t4ohlP7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5MGQxY2E3ODc2MTMxMGFjMzlhNzE0ZmY2MmYzYjkyYjJl
NzdkOGEwHhcNMjQwMTAxMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWE2YjU3ODcxZTE2OWNlNDZkMjZhNDMyNjNjMmJhM2ZkNTAzYTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhXx916mXINKzaWjuF91Org/Iau3
m0DcC9tyWy4pLoBg+d1dFCWvE8q+huTq9ZEMKNKfKfHX5zzUXcDqIBWLV4PJHXNh
jtjGFepUXkMStZLjZUNPkUaDl+TGFtnSZTIogMgjlRp+6KuCMynkwHpeeuQZZE3S
qWlubMl3wxSnzaO8IO8+wJfgTmDZCPq19yYmy/QqDLRoWKmuSE3AoNcQ68gH18Xm
+Iq0wstNcewBtCnt5LyO8b2qfc5EyFIsd3NxWeAHZxu6jaizhNvm2f5wNF2Bi5Lv
ltWaJjxS5FzAnno9BtBwu9ISBQG29rSxzskoK210qSza1JOges3gghmd1wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFImmtXhx4WnORtJqQyY8K6P9UDqWMB8GA1UdIwQY
MBaAFHkNHKeHYTEKw5pxT/YvO5Ky532KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVEwY3A0ZGhNUXJEbW5GUDlpODdrckxuZllvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9hM2NjY2UtYzBkNi00OWE4LWJiYjgt
YjhhZTE2YjM1YzMxLzEvaWFhMWVISGhhYzVHMG1wREpqd3JvXzFRT3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9hM2NjY2UtYzBkNi00OWE4LWJiYjgtYjhhZTE2YjM1YzMx
LzEvZVEwY3A0ZGhNUXJEbW5GUDlpODdrckxuZllvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQDVXcAAwQD
svo4AwQCuaxcMBYEAgACMBAwDgMFByoDvYADBQAqA72CMA0GCSqGSIb3DQEBCwUA
A4IBAQBv3CNPb3pN21ys0fcjjT/TFCozM0Bj/f6Ja8En1Xp0egA7ZGTuZd0XUQal
s2A+OMqMf4P8vj5VcCiXJ81HficTn6oq9Ol4FD+nPINf0rqsjjIPcx6MdJziwOoL
3boMQMA2MQlpbvf9gl7JItmbX+iM9tMvutguTctOfIFk1w5ENmjA7gTxhCTnszSr
SBJBRIRWVUg7Ch3EdEtTsacfjCp1yqz3wKvxCj4OCK7xXk99HFpOcF3FS4CT0wMx
ZLhyyFD+GXiToZXFPm7eqRO7T3r5lhyCzxZ0br/7qS6qForQiFb/H+gO3+0oNxPB
c45vi1yr4MO/Aj4buGRAwWYM4sBw
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:51:27 2025 by rpki-client