Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/V85s1k5N9NxYMHhfhpimLaq-FKY.roa
File: V85s1k5N9NxYMHhfhpimLaq-FKY.roa (raw, json)
Hash identifier: 8eRb95ck6UAXz4p9+IgPzG90FpLdPRyPWST9glsZF9U=
Subject key identifier: 57:CE:6C:D6:4E:4D:F4:DC:58:30:78:5F:86:98:A6:2D:AA:BE:14:A6
Certificate issuer: /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial: 0196F324C06B47980E96E05B69E26466B17C
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/V85s1k5N9NxYMHhfhpimLaq-FKY.roa
Signing time: Wed 21 May 2025 13:59:54 +0000
ROA not before: Wed 21 May 2025 13:59:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59437
IP address blocks: 85.234.64.0/24 maxlen: 24
85.234.84.0/24 maxlen: 24
85.234.86.0/24 maxlen: 24
93.119.168.0/24 maxlen: 24
93.119.169.0/24 maxlen: 24
109.61.121.0/24 maxlen: 24
2a03:90c0:680::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 05 Jun 2025 09:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f3:24:c0:6b:47:98:0e:96:e0:5b:69:e2:64:66:b1:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Validity
Not Before: May 21 13:59:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=57ce6cd64e4df4dc5830785f8698a62daabe14a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e0:d0:2b:86:75:02:64:9a:38:15:02:54:d3:
c7:8a:1b:c0:58:d1:8a:6f:64:1b:22:c8:79:c8:cc:
e0:82:9e:74:da:50:5c:86:90:9b:7a:a0:31:93:84:
cf:80:37:ef:0c:51:10:17:bf:10:77:a7:f9:1a:fb:
7f:40:5a:08:39:c5:a1:c6:b7:2c:96:8c:cb:fb:2f:
60:33:9f:3f:00:a1:8e:98:f7:2f:f8:b2:6e:b1:cd:
f1:03:17:27:e2:84:21:51:4e:3a:53:e6:5f:56:9c:
ea:78:f8:b6:e8:e2:c3:cf:3c:80:58:e7:a7:0a:db:
09:00:84:4f:4b:d0:3e:41:3e:71:e2:59:16:0d:54:
84:69:49:55:95:a1:f1:d5:53:56:84:96:0a:5f:23:
61:e7:ec:ce:fe:b5:49:e3:8b:8c:55:30:d0:c3:6f:
cc:cd:df:68:4b:2a:00:a8:c0:a5:be:ee:33:bb:21:
1f:fb:6a:97:4d:52:f9:cc:4f:8c:42:7c:cd:6a:0a:
7d:c1:00:ee:3e:66:42:dc:90:d3:b8:1a:f5:f5:63:
44:3a:de:b4:42:a9:3b:a8:d8:c2:40:8d:cc:0c:35:
82:2c:b6:40:c3:16:24:a3:20:a7:c9:d4:c7:8a:eb:
82:41:24:d8:bd:75:4a:70:a6:2b:14:e3:aa:77:f1:
20:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:CE:6C:D6:4E:4D:F4:DC:58:30:78:5F:86:98:A6:2D:AA:BE:14:A6
X509v3 Authority Key Identifier:
keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/V85s1k5N9NxYMHhfhpimLaq-FKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.64.0/24
85.234.84.0/24
85.234.86.0/24
93.119.168.0/23
109.61.121.0/24
IPv6:
2a03:90c0:680::/44
Signature Algorithm: sha256WithRSAEncryption
d5:76:be:c0:ce:2f:de:94:50:51:6f:84:7d:54:f3:6a:a2:cc:
ce:4f:7f:3b:92:b9:e6:16:12:71:2d:41:03:10:79:df:a8:c6:
19:14:b6:4a:3a:af:1c:29:4d:f4:aa:ba:e2:cf:0e:e9:80:23:
ad:dd:fc:c4:c3:bf:16:81:c8:0a:43:dc:d0:24:93:42:ce:64:
3f:d0:41:2a:83:de:40:62:3b:d2:2b:45:a3:51:cf:ca:96:cb:
35:55:43:26:a3:b4:2a:4b:69:11:d6:e1:a5:d9:03:87:0f:6e:
c5:30:2e:5a:09:a1:54:fa:db:b6:5d:3f:94:5c:a3:59:b3:a0:
cf:df:31:16:a4:ec:e6:3b:85:88:c1:d5:a8:49:84:7f:7e:74:
bc:83:c8:31:63:fa:f0:03:52:e0:84:9f:38:83:69:cb:40:e7:
06:f3:d4:79:3b:05:52:2b:7d:1a:45:64:23:9e:87:19:bb:e1:
b2:f1:f1:4c:e8:ef:cd:65:62:59:24:d8:cd:59:4a:0a:44:0b:
a6:e4:b8:58:15:87:93:90:02:50:74:9b:39:10:92:61:e8:ad:
a6:b6:8b:ec:da:c4:e1:fa:62:1a:45:aa:fc:c1:8b:28:2b:e6:
ea:2a:ae:30:ce:3f:43:35:f9:e2:de:85:09:b9:a5:c7:1f:56:
37:86:1d:39
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZbzJMBrR5gOluBbaeJkZrF8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw
MDhhZWMwHhcNMjUwNTIxMTM1OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2NlNmNkNjRlNGRmNGRjNTgzMDc4NWY4Njk4YTYyZGFhYmUxNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+DQK4Z1AmSaOBUCVNPHihvAWNGK
b2QbIsh5yMzggp502lBchpCbeqAxk4TPgDfvDFEQF78Qd6f5Gvt/QFoIOcWhxrcs
lozL+y9gM58/AKGOmPcv+LJusc3xAxcn4oQhUU46U+ZfVpzqePi26OLDzzyAWOen
CtsJAIRPS9A+QT5x4lkWDVSEaUlVlaHx1VNWhJYKXyNh5+zO/rVJ44uMVTDQw2/M
zd9oSyoAqMClvu4zuyEf+2qXTVL5zE+MQnzNagp9wQDuPmZC3JDTuBr19WNEOt60
Qqk7qNjCQI3MDDWCLLZAwxYkoyCnydTHiuuCQSTYvXVKcKYrFOOqd/EgoQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFFfObNZOTfTcWDB4X4aYpi2qvhSmMB8GA1UdIwQY
MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt
YjA3ZDg0MTZhZTRhLzEvVjg1czFrNU45TnhZTUhoZmhwaW1MYXEtRktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh
LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAVepAAwQA
VepUAwQAVepWAwQBXXeoAwQAbT15MA8EAgACMAkDBwQqA5DABoAwDQYJKoZIhvcN
AQELBQADggEBANV2vsDOL96UUFFvhH1U82qizM5PfzuSueYWEnEtQQMQed+oxhkU
tko6rxwpTfSquuLPDumAI63d/MTDvxaByApD3NAkk0LOZD/QQSqD3kBiO9IrRaNR
z8qWyzVVQyajtCpLaRHW4aXZA4cPbsUwLloJoVT627ZdP5Rco1mzoM/fMRak7OY7
hYjB1ahJhH9+dLyDyDFj+vADUuCEnziDactA5wbz1Hk7BVIrfRpFZCOehxm74bLx
8Uzo781lYlkk2M1ZSgpEC6bkuFgVh5OQAlB0mzkQkmHoraa2i+zaxOH6YhpFqvzB
iygr5uoqrjDOP0M1+eLehQm5pccfVjeGHTk=
-----END CERTIFICATE-----
Generated at Sat Jun 7 16:49:32 2025 by rpki-client