Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/BV4qO4sTln3xWlXZZbs5-bbQS6s.roa
File: BV4qO4sTln3xWlXZZbs5-bbQS6s.roa (raw, json)
Hash identifier: zSPc2V1R3Ay1MmoXHVo30OSmSARzNqYtYWqX3aaZ9R8=
Subject key identifier: 05:5E:2A:3B:8B:13:96:7D:F1:5A:55:D9:65:BB:39:F9:B6:D0:4B:AB
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0191FFD5D4113BA8406EB9184EF18DB2D277
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/BV4qO4sTln3xWlXZZbs5-bbQS6s.roa
Signing time: Tue 17 Sep 2024 11:54:49 +0000
ROA not before: Tue 17 Sep 2024 11:54:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39347
IP address blocks: 85.120.224.0/21 maxlen: 24
85.121.48.0/21 maxlen: 24
85.121.120.0/21 maxlen: 24
85.121.208.0/21 maxlen: 24
85.121.240.0/21 maxlen: 24
85.122.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:d5:d4:11:3b:a8:40:6e:b9:18:4e:f1:8d:b2:d2:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Sep 17 11:54:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=055e2a3b8b13967df15a55d965bb39f9b6d04bab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:63:8d:92:35:9f:f5:eb:0f:fb:d0:cb:b7:8d:
0a:25:17:15:75:bb:0a:9c:43:10:a3:9f:f2:73:f4:
6b:48:54:10:5d:8c:91:22:39:dd:84:d4:56:59:70:
d7:29:a2:1c:55:89:a2:a0:87:4b:3e:1e:02:bd:12:
cc:23:2c:a5:d7:f3:c8:54:f4:ca:13:1f:93:94:c5:
0a:52:07:a1:31:56:9c:98:07:d8:7d:64:9c:53:c6:
cc:43:2c:c2:e3:b1:0e:bb:78:40:ab:22:59:8b:72:
81:7a:9c:2d:95:0b:ae:84:4f:cd:8a:06:84:6b:43:
6d:91:b9:34:54:7f:11:63:99:7b:b4:c2:c5:07:fd:
9d:63:4d:c2:fe:a9:74:eb:ec:04:71:d6:6d:51:6e:
5b:b4:18:a5:40:54:a7:8e:33:15:70:d7:45:5f:a2:
fb:c9:c9:00:d8:f5:2c:95:34:2a:8a:7e:a2:2b:5e:
de:63:38:58:d0:56:22:7c:3a:02:93:e8:51:ea:5a:
9e:da:af:e0:d0:3e:f4:19:9d:fa:eb:80:a4:3a:17:
47:39:b9:91:04:1a:54:76:43:5b:18:32:d1:47:c3:
3f:f9:aa:14:97:0c:2b:36:1c:45:c1:a6:ab:2d:f2:
b2:dc:66:96:5b:ac:ae:5e:2d:79:21:1f:9c:fb:a5:
8f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:5E:2A:3B:8B:13:96:7D:F1:5A:55:D9:65:BB:39:F9:B6:D0:4B:AB
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/BV4qO4sTln3xWlXZZbs5-bbQS6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.224.0/21
85.121.48.0/21
85.121.120.0/21
85.121.208.0/21
85.121.240.0/21
85.122.120.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:80:c7:b7:e6:61:0e:67:6a:a3:5f:c1:f3:69:f9:95:83:08:
58:1c:70:ed:68:31:60:3d:bf:24:a8:40:a2:88:07:8c:2a:95:
54:cb:17:8a:2e:53:58:a6:84:39:a9:0a:43:00:83:f9:2c:f8:
e3:c1:99:70:7d:07:b6:7f:fc:67:28:ae:5f:1a:d2:8d:92:1f:
85:19:29:b9:01:4f:92:b3:d0:d8:2c:24:9b:40:58:b1:f4:91:
0c:99:9b:1b:77:67:3a:ca:a3:f5:af:15:64:9b:1a:4b:b1:39:
72:57:c0:be:15:41:fe:2f:8d:c5:9d:18:3d:5b:10:41:ca:db:
9f:a6:56:c3:2c:52:49:b7:ac:b3:44:fc:1a:d3:d2:aa:c1:e1:
e7:4c:9a:90:64:d3:b3:c1:90:84:95:b0:e9:61:45:78:02:b8:
a0:14:08:54:7e:b8:2f:9a:4b:99:f4:80:6f:78:18:53:b1:9a:
66:f7:71:35:2f:4b:19:76:b9:17:65:5e:af:ff:ea:38:bd:cf:
a3:cf:73:8d:17:ba:3a:f1:02:7d:17:ee:da:c4:2b:36:e5:69:
a6:c8:29:93:01:07:64:a3:25:9e:c0:1c:54:2a:a0:c0:fb:af:
4a:1f:a0:18:a9:61:0c:90:33:d5:99:24:7d:8a:3d:0d:53:bf:
03:70:39:f5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZH/1dQRO6hAbrkYTvGNstJ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwOTE3MTE1NDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTVlMmEzYjhiMTM5NjdkZjE1YTU1ZDk2NWJiMzlmOWI2ZDA0YmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmONkjWf9esP+9DLt40KJRcVdbsK
nEMQo5/yc/RrSFQQXYyRIjndhNRWWXDXKaIcVYmioIdLPh4CvRLMIyyl1/PIVPTK
Ex+TlMUKUgehMVacmAfYfWScU8bMQyzC47EOu3hAqyJZi3KBepwtlQuuhE/NigaE
a0Ntkbk0VH8RY5l7tMLFB/2dY03C/ql06+wEcdZtUW5btBilQFSnjjMVcNdFX6L7
yckA2PUslTQqin6iK17eYzhY0FYifDoCk+hR6lqe2q/g0D70GZ3664CkOhdHObmR
BBpUdkNbGDLRR8M/+aoUlwwrNhxFwaarLfKy3GaWW6yuXi15IR+c+6WPFQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAVeKjuLE5Z98VpV2WW7Ofm20EurMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvQlY0cU80c1RsbjN4V2xYWlpiczUtYmJRUzZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDVXjgAwQD
VXkwAwQDVXl4AwQDVXnQAwQDVXnwAwQCVXp4MA0GCSqGSIb3DQEBCwUAA4IBAQC5
gMe35mEOZ2qjX8HzafmVgwhYHHDtaDFgPb8kqECiiAeMKpVUyxeKLlNYpoQ5qQpD
AIP5LPjjwZlwfQe2f/xnKK5fGtKNkh+FGSm5AU+Ss9DYLCSbQFix9JEMmZsbd2c6
yqP1rxVkmxpLsTlyV8C+FUH+L43FnRg9WxBBytufplbDLFJJt6yzRPwa09KqweHn
TJqQZNOzwZCElbDpYUV4ArigFAhUfrgvmkuZ9IBveBhTsZpm93E1L0sZdrkXZV6v
/+o4vc+jz3ONF7o68QJ9F+7axCs25WmmyCmTAQdkoyWewBxUKqDA+69KH6AYqWEM
kDPVmSR9ij0NU78DcDn1
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:15:03 2025 by rpki-client