Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/cu1QCI_FT_LDcec20Mb--yMpN9s.roa
File: cu1QCI_FT_LDcec20Mb--yMpN9s.roa (raw, json)
Hash identifier: joFc9rXAug666Q6vPinTX/P0Ltsu/3O5YOGuRlbs0k4=
Subject key identifier: 72:ED:50:08:8F:C5:4F:F2:C3:71:E7:36:D0:C6:FE:FB:23:29:37:DB
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 0194274846F9F477304B64CA302EB1AF379F
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/cu1QCI_FT_LDcec20Mb--yMpN9s.roa
Signing time: Thu 02 Jan 2025 13:50:35 +0000
ROA not before: Thu 02 Jan 2025 13:50:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 85.203.22.0/24 maxlen: 24
85.203.23.0/24 maxlen: 24
85.203.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Jan 2025 05:56:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:46:f9:f4:77:30:4b:64:ca:30:2e:b1:af:37:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 13:50:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72ed50088fc54ff2c371e736d0c6fefb232937db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6a:09:0e:b4:33:a6:98:b6:86:fe:d6:c0:f9:
75:a6:c5:6b:0c:c3:6b:fd:37:59:bf:9d:82:16:62:
f3:0f:fc:27:13:40:e6:22:f9:03:22:01:d4:e0:a8:
23:0f:cd:54:9d:79:5b:73:e4:96:12:24:b1:67:4f:
62:41:22:06:7b:f1:46:42:ad:a9:f5:91:c0:94:3b:
b3:af:4f:65:43:bf:8b:cd:fa:c8:03:fe:e3:d8:e4:
c8:64:86:47:d2:ef:2d:d0:6c:9d:8d:11:20:20:4b:
3b:b0:0f:5e:78:ec:9c:30:96:5a:a8:e7:df:0f:7c:
e8:d8:fa:1e:a6:9a:11:c6:16:15:07:e2:6b:62:43:
32:a1:16:ed:d6:b0:43:51:60:8e:2e:81:26:5c:13:
34:18:cc:ec:fa:62:da:51:e9:a7:ae:58:f8:ad:79:
d7:07:61:7b:10:3e:41:6d:4f:e9:c2:33:50:9f:52:
c3:37:c4:3c:6a:d9:8d:e5:3a:c5:de:a1:86:94:03:
3c:8e:b6:9e:59:63:8a:7e:18:46:0e:ee:39:b9:3f:
27:1f:9b:ee:b8:e0:ef:95:c7:0e:29:5a:61:e2:65:
66:10:b5:95:8a:37:fa:de:b6:e0:bc:eb:0d:c0:f9:
ce:81:cf:0d:c7:94:0c:21:f1:c1:de:bd:ce:f0:72:
fc:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:ED:50:08:8F:C5:4F:F2:C3:71:E7:36:D0:C6:FE:FB:23:29:37:DB
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/cu1QCI_FT_LDcec20Mb--yMpN9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.22.0/23
85.203.46.0/24
Signature Algorithm: sha256WithRSAEncryption
26:a4:bc:2a:3a:f7:be:ec:1f:a7:de:99:ee:34:30:cf:df:46:
78:6f:a4:ce:65:61:3f:70:ee:91:44:b6:f4:68:47:c2:4f:af:
4e:39:22:c3:07:89:67:69:f0:83:88:3f:fd:e1:5f:57:3f:93:
9b:ca:25:31:a3:2d:e2:e2:75:87:93:37:03:bf:a2:b2:26:ad:
f1:5e:32:30:97:3d:21:ec:59:54:97:b3:99:64:ec:65:4a:55:
52:77:aa:55:14:98:31:80:88:67:fe:26:d1:29:d6:ac:32:38:
7e:68:e3:82:3b:de:44:56:16:18:de:51:09:bc:7d:ab:b1:de:
73:73:e1:0f:67:57:c6:39:c9:d4:6d:6d:4f:a4:8e:12:d9:97:
11:df:27:e5:55:44:1a:7d:45:31:0e:0e:b6:4f:7b:0f:3d:5a:
f1:46:93:a4:5c:5e:21:fb:9c:48:9b:3e:22:dc:0b:3f:01:99:
bc:0c:22:d2:62:02:84:e6:8c:1e:31:f3:6a:84:ad:9e:20:12:
4b:9b:7d:25:c8:b1:69:56:f8:6e:ee:d8:da:11:da:ab:8a:0f:
90:f2:5b:07:8c:ae:41:ac:b7:7f:f1:00:2b:ff:81:60:04:51:
09:2c:13:8d:66:e0:88:2f:d1:6e:b3:af:c9:e0:83:01:cb:13:
c8:aa:58:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnSEb59HcwS2TKMC6xrzefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjUwMTAyMTM1MDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmVkNTAwODhmYzU0ZmYyYzM3MWU3MzZkMGM2ZmVmYjIzMjkzN2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmoJDrQzppi2hv7WwPl1psVrDMNr
/TdZv52CFmLzD/wnE0DmIvkDIgHU4KgjD81UnXlbc+SWEiSxZ09iQSIGe/FGQq2p
9ZHAlDuzr09lQ7+LzfrIA/7j2OTIZIZH0u8t0GydjREgIEs7sA9eeOycMJZaqOff
D3zo2PoeppoRxhYVB+JrYkMyoRbt1rBDUWCOLoEmXBM0GMzs+mLaUemnrlj4rXnX
B2F7ED5BbU/pwjNQn1LDN8Q8atmN5TrF3qGGlAM8jraeWWOKfhhGDu45uT8nH5vu
uODvlccOKVph4mVmELWVijf63rbgvOsNwPnOgc8Nx5QMIfHB3r3O8HL8tQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHLtUAiPxU/yw3HnNtDG/vsjKTfbMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvY3UxUUNJX0ZUX0xEY2VjMjBNYi0teU1wTjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVcsWAwQA
VcsuMA0GCSqGSIb3DQEBCwUAA4IBAQAmpLwqOve+7B+n3pnuNDDP30Z4b6TOZWE/
cO6RRLb0aEfCT69OOSLDB4lnafCDiD/94V9XP5ObyiUxoy3i4nWHkzcDv6KyJq3x
XjIwlz0h7FlUl7OZZOxlSlVSd6pVFJgxgIhn/ibRKdasMjh+aOOCO95EVhYY3lEJ
vH2rsd5zc+EPZ1fGOcnUbW1PpI4S2ZcR3yflVUQafUUxDg62T3sPPVrxRpOkXF4h
+5xImz4i3As/AZm8DCLSYgKE5oweMfNqhK2eIBJLm30lyLFpVvhu7tjaEdqrig+Q
8lsHjK5BrLd/8QAr/4FgBFEJLBONZuCIL9Fus6/J4IMByxPIqljy
-----END CERTIFICATE-----
Generated at Wed Feb 5 13:58:27 2025 by rpki-client