Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/SYUdbwLAgUnwggOpQD826Lt70c8.roa
File: SYUdbwLAgUnwggOpQD826Lt70c8.roa (raw, json)
Hash identifier: gLJpdhrRW4cQxS31Tb3+tzeuD32b7hmSwCqYLAgjJUE=
Subject key identifier: 49:85:1D:6F:02:C0:81:49:F0:82:03:A9:40:3F:36:E8:BB:7B:D1:CF
Certificate issuer: /CN=0fe39b41074c7d6adc8ee274e239f7b8eb3585e9
Certificate serial: 018E2CB9123B20399B89DD79D8488EF216C2
Authority key identifier: 0F:E3:9B:41:07:4C:7D:6A:DC:8E:E2:74:E2:39:F7:B8:EB:35:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-ObQQdMfWrcjuJ04jn3uOs1hek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/SYUdbwLAgUnwggOpQD826Lt70c8.roa
Signing time: Mon 11 Mar 2024 08:55:10 +0000
ROA not before: Mon 11 Mar 2024 08:55:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12338
IP address blocks: 85.84.0.0/16 maxlen: 16
85.84.16.0/21 maxlen: 21
85.84.168.0/21 maxlen: 21
85.84.176.0/21 maxlen: 21
85.85.0.0/16 maxlen: 16
85.85.16.0/21 maxlen: 21
85.85.48.0/21 maxlen: 21
85.85.144.0/21 maxlen: 21
185.116.180.0/22 maxlen: 22
212.8.64.0/18 maxlen: 18
212.55.0.0/19 maxlen: 19
Validation: Failed, certificate revoked on Mon 18 Mar 2024 10:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2c:b9:12:3b:20:39:9b:89:dd:79:d8:48:8e:f2:16:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fe39b41074c7d6adc8ee274e239f7b8eb3585e9
Validity
Not Before: Mar 11 08:55:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49851d6f02c08149f08203a9403f36e8bb7bd1cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4a:68:bd:41:f7:66:48:4f:e2:3b:65:9d:b3:
83:0f:ba:f3:2e:ca:71:d2:49:5b:43:cf:d6:c4:6c:
8b:46:3a:21:a3:ec:8a:86:df:c1:7d:88:fa:b7:78:
78:6a:e4:e8:32:65:9d:20:0a:83:27:e7:e0:6e:f7:
de:b8:a8:b4:1c:17:54:3f:1e:8f:01:f2:25:b1:5a:
6a:4a:51:ac:fe:05:b3:f4:a1:cc:6d:49:9e:8c:91:
75:04:c0:ca:45:4b:54:48:f6:e2:f3:33:fe:a1:58:
62:97:45:73:e3:45:b6:10:27:cb:a7:a7:6e:ad:16:
d1:65:03:c7:4c:93:9a:b7:5c:e1:9b:05:71:67:f2:
6e:52:9b:b4:75:b1:69:17:4c:cd:c2:aa:6b:d4:3a:
9f:b4:31:1e:c0:3d:94:58:51:b7:6b:a9:55:83:94:
19:cc:06:2a:bc:2b:c2:40:1b:ec:c5:8a:72:3a:64:
86:db:0b:0b:56:2b:92:d6:89:21:4b:7f:be:03:f5:
06:99:dd:3c:80:47:0c:c6:7a:4a:c0:9d:2f:3d:80:
65:8e:8a:3f:5b:fe:be:fe:ad:99:54:16:64:11:0a:
b9:0a:17:c9:ab:1d:53:92:ca:91:30:93:29:28:ac:
bb:93:7f:9a:3e:53:24:39:f8:2c:78:56:b0:71:55:
23:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:85:1D:6F:02:C0:81:49:F0:82:03:A9:40:3F:36:E8:BB:7B:D1:CF
X509v3 Authority Key Identifier:
keyid:0F:E3:9B:41:07:4C:7D:6A:DC:8E:E2:74:E2:39:F7:B8:EB:35:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-ObQQdMfWrcjuJ04jn3uOs1hek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/SYUdbwLAgUnwggOpQD826Lt70c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/D-ObQQdMfWrcjuJ04jn3uOs1hek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.84.0.0/15
185.116.180.0/22
212.8.64.0/18
212.55.0.0/19
Signature Algorithm: sha256WithRSAEncryption
7b:46:ec:db:90:f8:a1:20:0f:42:1a:81:42:87:75:09:04:bd:
72:eb:0d:06:14:d2:6c:3c:8c:59:c8:90:19:5a:45:b7:fd:e0:
50:62:2c:bb:08:6c:e3:46:2c:18:e1:f8:32:42:13:42:58:68:
18:01:b4:c4:9a:c1:68:5e:ae:17:0e:30:ab:4b:30:73:1b:28:
49:a3:2c:8f:ec:d3:63:ad:7a:f7:f8:c2:78:8f:5d:d5:f4:55:
67:70:35:55:c5:92:2c:85:05:16:d3:ea:0f:7d:b0:60:4d:df:
53:6b:fd:e4:f2:12:93:08:95:e8:28:78:cb:9a:99:ad:7d:b4:
fa:7e:39:31:78:8e:5c:11:c9:9f:f1:e7:7e:a1:d9:c6:ab:5e:
0c:a4:ef:f8:70:3c:42:0e:68:a8:a2:29:d8:6b:ec:1f:47:27:
26:ef:1c:65:8c:cb:27:d4:fb:7b:31:fa:cd:c6:e0:b9:b9:a2:
4d:73:5c:16:22:26:90:ee:28:b9:cc:66:22:87:21:bd:f9:76:
4f:62:2b:21:b8:3e:2d:2e:88:0c:d6:ad:83:cd:6b:6d:f4:10:
e9:1b:92:b3:cc:31:10:33:cf:a9:72:42:8f:58:ac:64:db:bf:
80:99:11:69:67:bd:00:5f:f8:12:dd:0d:42:20:37:52:e0:a6:
64:88:49:3c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4suRI7IDmbid152EiO8hbCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZTM5YjQxMDc0YzdkNmFkYzhlZTI3NGUyMzlmN2I4ZWIz
NTg1ZTkwHhcNMjQwMzExMDg1NTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTg1MWQ2ZjAyYzA4MTQ5ZjA4MjAzYTk0MDNmMzZlOGJiN2JkMWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUpovUH3ZkhP4jtlnbODD7rzLspx
0klbQ8/WxGyLRjoho+yKht/BfYj6t3h4auToMmWdIAqDJ+fgbvfeuKi0HBdUPx6P
AfIlsVpqSlGs/gWz9KHMbUmejJF1BMDKRUtUSPbi8zP+oVhil0Vz40W2ECfLp6du
rRbRZQPHTJOat1zhmwVxZ/JuUpu0dbFpF0zNwqpr1DqftDEewD2UWFG3a6lVg5QZ
zAYqvCvCQBvsxYpyOmSG2wsLViuS1okhS3++A/UGmd08gEcMxnpKwJ0vPYBljoo/
W/6+/q2ZVBZkEQq5ChfJqx1TksqRMJMpKKy7k3+aPlMkOfgseFawcVUjkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEmFHW8CwIFJ8IIDqUA/Nui7e9HPMB8GA1UdIwQY
MBaAFA/jm0EHTH1q3I7idOI597jrNYXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC1PYlFRZE1mV3JjanVKMDRqbjN1T3MxaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8xM2VhMWYtMGJjMS00NTdjLThhYjUt
MDRlODEyZDQ4ZTcyLzEvU1lVZGJ3TEFnVW53Z2dPcFFEODI2THQ3MGM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8xM2VhMWYtMGJjMS00NTdjLThhYjUtMDRlODEyZDQ4ZTcy
LzEvRC1PYlFRZE1mV3JjanVKMDRqbjN1T3MxaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAATAXAwMBVVQDBAK5
dLQDBAbUCEADBAXUNwAwDQYJKoZIhvcNAQELBQADggEBAHtG7NuQ+KEgD0IagUKH
dQkEvXLrDQYU0mw8jFnIkBlaRbf94FBiLLsIbONGLBjh+DJCE0JYaBgBtMSawWhe
rhcOMKtLMHMbKEmjLI/s02Otevf4wniPXdX0VWdwNVXFkiyFBRbT6g99sGBN31Nr
/eTyEpMIlegoeMuama19tPp+OTF4jlwRyZ/x536h2carXgyk7/hwPEIOaKiiKdhr
7B9HJybvHGWMyyfU+3sx+s3G4Lm5ok1zXBYiJpDuKLnMZiKHIb35dk9iKyG4Pi0u
iAzWrYPNa230EOkbkrPMMRAzz6lyQo9YrGTbv4CZEWlnvQBf+BLdDUIgN1LgpmSI
STw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:21 2025 by rpki-client