Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/mI-ElCNqEOeVLqM0CtzaVwL0Xf8.roa
File: mI-ElCNqEOeVLqM0CtzaVwL0Xf8.roa (raw, json)
Hash identifier: XCZxJb+dzAp4XOO2jmFJ12ZDbIAZUa34OAzKnMJzuNE=
Subject key identifier: 98:8F:84:94:23:6A:10:E7:95:2E:A3:34:0A:DC:DA:57:02:F4:5D:FF
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018F62EEA1B4F850D0BFBD298A5AF66587A3
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/mI-ElCNqEOeVLqM0CtzaVwL0Xf8.roa
Signing time: Fri 10 May 2024 14:35:57 +0000
ROA not before: Fri 10 May 2024 14:35:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 85.203.8.0/24 maxlen: 24
85.203.24.0/24 maxlen: 24
85.203.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Jun 2024 11:19:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:62:ee:a1:b4:f8:50:d0:bf:bd:29:8a:5a:f6:65:87:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: May 10 14:35:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=988f8494236a10e7952ea3340adcda5702f45dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b7:f8:9a:a9:75:0c:a3:4e:5a:39:5e:8c:93:
82:92:98:b9:49:fa:5d:f9:4f:e7:1d:f2:86:1e:04:
f0:9b:42:72:a1:7d:4d:6c:74:4c:cc:b4:6b:78:42:
88:b7:80:76:c1:65:88:be:79:3d:8b:0b:7c:1a:4c:
19:13:ac:49:a3:6a:c7:4a:f8:df:b2:32:91:53:17:
bc:68:2b:e7:56:e4:a8:8e:70:be:f9:24:c4:e9:ad:
97:de:26:65:fe:9d:27:74:e6:db:1c:19:b8:fb:43:
1c:e3:3c:62:9f:c7:b6:0a:4d:0d:28:81:94:fd:c2:
9f:2f:5c:a8:de:f7:e3:c6:94:d7:09:af:6a:9a:95:
9e:b4:07:95:a6:1d:c4:21:2e:6c:31:4e:de:bb:33:
e4:3d:1d:1e:e3:96:2d:dd:ed:23:ce:e4:20:51:9a:
7d:55:2e:b9:ee:d6:60:f5:cf:d2:e3:53:6b:72:b2:
aa:f3:61:93:c9:d0:dd:10:9d:9c:3b:32:48:4d:64:
81:a9:8a:83:08:c4:ba:b9:cc:4f:47:4d:64:e5:8b:
94:b1:3f:a4:dd:8b:3d:c9:e6:ab:fb:40:7f:cd:4e:
36:cb:90:8a:c8:cf:43:02:25:9c:aa:63:8f:03:ea:
e2:ae:b8:21:64:3f:b8:57:2d:d7:d0:04:e0:17:3d:
5e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:8F:84:94:23:6A:10:E7:95:2E:A3:34:0A:DC:DA:57:02:F4:5D:FF
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/mI-ElCNqEOeVLqM0CtzaVwL0Xf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.8.0/24
85.203.24.0/24
85.203.35.0/24
Signature Algorithm: sha256WithRSAEncryption
84:a3:e6:d0:a2:6a:c8:9d:25:a5:a8:79:57:15:bf:76:4f:38:
cb:28:f1:b9:3f:86:d5:e7:e4:89:0b:3e:4f:b8:b8:aa:b8:b4:
f3:1b:f5:62:af:34:bb:8f:22:2d:2b:0b:f2:44:21:be:b3:1b:
5c:89:f0:16:46:f5:b1:46:b9:c0:b6:0c:cf:28:fb:79:49:7c:
c5:90:39:db:bd:3b:af:27:c1:ca:26:6c:7b:33:54:13:88:26:
8d:3c:1d:8c:e0:30:36:69:67:68:d0:cd:f6:39:fe:90:91:12:
c9:9b:67:3e:f2:b0:99:c5:7e:c1:82:60:93:76:8c:1b:bf:9f:
bf:a3:35:6c:bf:ae:38:55:f2:a1:c4:15:6b:49:b9:f8:d0:40:
5d:22:5b:a8:55:48:f8:90:be:d9:b8:db:94:79:29:d1:e0:85:
a5:6f:e9:e4:cf:35:5c:8d:ce:45:64:09:70:cb:ae:22:39:34:
f7:99:a8:09:1c:1a:d5:96:79:58:85:31:c2:de:86:40:c1:0d:
68:92:6b:15:ee:6a:a1:ff:9d:c1:1e:48:17:14:50:89:6a:db:
72:6f:b7:65:25:b9:d4:6c:cd:96:47:a5:36:0b:69:86:64:0f:
5d:e4:e1:40:3d:2f:04:c9:77:12:75:61:79:e5:40:d3:ac:1c:
68:d7:6c:8d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY9i7qG0+FDQv70pilr2ZYejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjQwNTEwMTQzNTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODhmODQ5NDIzNmExMGU3OTUyZWEzMzQwYWRjZGE1NzAyZjQ1ZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLf4mql1DKNOWjlejJOCkpi5Sfpd
+U/nHfKGHgTwm0JyoX1NbHRMzLRreEKIt4B2wWWIvnk9iwt8GkwZE6xJo2rHSvjf
sjKRUxe8aCvnVuSojnC++STE6a2X3iZl/p0ndObbHBm4+0Mc4zxin8e2Ck0NKIGU
/cKfL1yo3vfjxpTXCa9qmpWetAeVph3EIS5sMU7euzPkPR0e45Yt3e0jzuQgUZp9
VS657tZg9c/S41NrcrKq82GTydDdEJ2cOzJITWSBqYqDCMS6ucxPR01k5YuUsT+k
3Ys9year+0B/zU42y5CKyM9DAiWcqmOPA+rirrghZD+4Vy3X0ATgFz1e+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJiPhJQjahDnlS6jNArc2lcC9F3/MB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvbUktRWxDTnFFT2VWTHFNMEN0emFWd0wwWGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVcsIAwQA
VcsYAwQAVcsjMA0GCSqGSIb3DQEBCwUAA4IBAQCEo+bQomrInSWlqHlXFb92TzjL
KPG5P4bV5+SJCz5PuLiquLTzG/VirzS7jyItKwvyRCG+sxtcifAWRvWxRrnAtgzP
KPt5SXzFkDnbvTuvJ8HKJmx7M1QTiCaNPB2M4DA2aWdo0M32Of6QkRLJm2c+8rCZ
xX7BgmCTdowbv5+/ozVsv644VfKhxBVrSbn40EBdIluoVUj4kL7ZuNuUeSnR4IWl
b+nkzzVcjc5FZAlwy64iOTT3magJHBrVlnlYhTHC3oZAwQ1okmsV7mqh/53BHkgX
FFCJattyb7dlJbnUbM2WR6U2C2mGZA9d5OFAPS8EyXcSdWF55UDTrBxo12yN
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:59:33 2025 by rpki-client