Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/iDH7eY9MycLRPBuoHkeXUFhbinI.roa
File: iDH7eY9MycLRPBuoHkeXUFhbinI.roa (raw, json)
Hash identifier: JtNDFqHVGgpMCfLqaWACq4dbhgEvkSRrMo46aS4XaOQ=
Subject key identifier: 88:31:FB:79:8F:4C:C9:C2:D1:3C:1B:A8:1E:47:97:50:58:5B:8A:72
Certificate issuer: /CN=757f9fdea350a766bb98c604d3b9c27916732209
Certificate serial: 01904EA107E5FA17DA70CFDCE942E3F289CA
Authority key identifier: 75:7F:9F:DE:A3:50:A7:66:BB:98:C6:04:D3:B9:C2:79:16:73:22:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/iDH7eY9MycLRPBuoHkeXUFhbinI.roa
Signing time: Tue 25 Jun 2024 09:01:34 +0000
ROA not before: Tue 25 Jun 2024 09:01:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34403
IP address blocks: 85.158.96.0/21 maxlen: 21
85.158.96.0/22 maxlen: 22
85.158.96.0/24 maxlen: 24
85.158.97.0/24 maxlen: 24
85.158.98.0/24 maxlen: 24
85.158.99.0/24 maxlen: 24
85.158.100.0/24 maxlen: 24
85.158.101.0/24 maxlen: 24
85.158.102.0/24 maxlen: 24
85.158.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4e:a1:07:e5:fa:17:da:70:cf:dc:e9:42:e3:f2:89:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757f9fdea350a766bb98c604d3b9c27916732209
Validity
Not Before: Jun 25 09:01:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8831fb798f4cc9c2d13c1ba81e479750585b8a72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:60:a6:d8:31:e8:dc:7e:1d:9a:71:cb:02:cb:
fe:31:40:68:f6:0b:1e:0f:47:0c:78:d0:88:66:69:
bd:a9:ec:6c:ab:46:86:30:22:68:95:55:27:eb:58:
29:a1:7b:39:ec:e1:06:a5:4c:7b:70:fe:18:cb:f0:
1c:67:45:e7:0e:b9:8f:81:1f:8c:65:0d:60:9e:4e:
06:5f:6b:86:74:2e:6d:e1:01:1f:30:11:b5:a2:98:
ec:46:b0:e3:67:43:0c:1f:d4:d4:08:86:0a:62:f1:
6a:73:9e:9b:c0:41:27:aa:5e:ce:34:71:5a:ba:c1:
e5:aa:4d:a4:b8:85:b9:5a:f3:ba:af:35:ed:6a:37:
39:ae:fb:10:cd:b9:af:9f:78:8e:20:18:eb:43:77:
76:59:4e:52:a9:24:88:19:a2:44:f2:ac:9b:60:3b:
20:11:66:d4:27:82:62:95:3b:39:85:d2:e7:9e:ce:
17:e9:bf:51:7c:bd:ca:96:bb:ed:4d:09:a5:77:7b:
dd:89:eb:54:95:d9:55:01:56:02:91:81:48:51:e4:
d7:88:5e:a2:75:1a:05:da:d4:14:39:8b:0b:23:bb:
2d:c0:46:61:81:62:dd:55:58:e7:98:41:59:3a:4a:
37:eb:b6:5d:1f:96:a0:a8:6c:df:7d:c4:29:ad:4c:
44:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:31:FB:79:8F:4C:C9:C2:D1:3C:1B:A8:1E:47:97:50:58:5B:8A:72
X509v3 Authority Key Identifier:
keyid:75:7F:9F:DE:A3:50:A7:66:BB:98:C6:04:D3:B9:C2:79:16:73:22:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/iDH7eY9MycLRPBuoHkeXUFhbinI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/dX-f3qNQp2a7mMYE07nCeRZzIgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.96.0/21
Signature Algorithm: sha256WithRSAEncryption
43:26:27:99:53:6b:d1:34:20:a3:9b:94:44:ed:15:b3:e0:0a:
7c:94:a2:87:4f:47:13:eb:fc:cf:3d:4b:20:6e:7a:1b:2f:36:
6f:63:48:dd:7e:2f:12:c5:21:99:ff:6a:93:d6:ce:bc:8f:6b:
d2:d6:e3:07:ab:57:de:89:69:70:43:37:75:f2:ed:cc:e5:8e:
a2:cc:d7:ba:15:a7:fe:3e:ac:98:93:31:ab:64:19:be:33:bd:
b0:37:a7:73:3f:81:94:99:64:8e:03:81:11:f9:7e:6e:ec:0c:
68:e6:3a:6f:ab:2c:8f:af:ef:7d:89:e0:02:85:1a:a5:85:64:
ac:11:75:5c:88:b7:e5:43:4c:45:99:3e:01:b3:c9:f7:76:71:
c4:95:34:08:01:40:26:d7:7d:23:08:3d:bb:8f:61:6e:26:fe:
2a:18:e2:9a:ad:7f:ec:92:51:24:cc:b7:ab:a2:48:a3:b9:bd:
6a:71:15:f8:a7:52:57:2e:2b:8f:3b:93:1d:b0:82:4a:1c:3c:
7b:b0:45:29:8d:c9:36:39:41:42:69:34:7e:92:07:a1:df:52:
00:26:6d:05:fb:02:5c:48:bb:3e:64:1e:6d:43:7b:e2:44:00:
eb:90:2b:64:0a:d8:94:12:29:d3:03:24:c0:0c:62:46:6a:f8:
22:69:9c:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBOoQfl+hfacM/c6ULj8onKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1N2Y5ZmRlYTM1MGE3NjZiYjk4YzYwNGQzYjljMjc5MTY3
MzIyMDkwHhcNMjQwNjI1MDkwMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODMxZmI3OThmNGNjOWMyZDEzYzFiYTgxZTQ3OTc1MDU4NWI4YTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WCm2DHo3H4dmnHLAsv+MUBo9gse
D0cMeNCIZmm9qexsq0aGMCJolVUn61gpoXs57OEGpUx7cP4Yy/AcZ0XnDrmPgR+M
ZQ1gnk4GX2uGdC5t4QEfMBG1opjsRrDjZ0MMH9TUCIYKYvFqc56bwEEnql7ONHFa
usHlqk2kuIW5WvO6rzXtajc5rvsQzbmvn3iOIBjrQ3d2WU5SqSSIGaJE8qybYDsg
EWbUJ4JilTs5hdLnns4X6b9RfL3KlrvtTQmld3vdietUldlVAVYCkYFIUeTXiF6i
dRoF2tQUOYsLI7stwEZhgWLdVVjnmEFZOko367ZdH5agqGzffcQprUxEKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIgx+3mPTMnC0TwbqB5Hl1BYW4pyMB8GA1UdIwQY
MBaAFHV/n96jUKdmu5jGBNO5wnkWcyIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFgtZjNxTlFwMmE3bU1ZRTA3bkNlUlp6SWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi81YTNiNmItOWE2MS00NTU3LWEzZDYt
YzI1YWJhNmI1NWFmLzEvaURIN2VZOU15Y0xSUEJ1b0hrZVhVRmhiaW5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi81YTNiNmItOWE2MS00NTU3LWEzZDYtYzI1YWJhNmI1NWFm
LzEvZFgtZjNxTlFwMmE3bU1ZRTA3bkNlUlp6SWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVZ5gMA0G
CSqGSIb3DQEBCwUAA4IBAQBDJieZU2vRNCCjm5RE7RWz4Ap8lKKHT0cT6/zPPUsg
bnobLzZvY0jdfi8SxSGZ/2qT1s68j2vS1uMHq1feiWlwQzd18u3M5Y6izNe6Faf+
PqyYkzGrZBm+M72wN6dzP4GUmWSOA4ER+X5u7Axo5jpvqyyPr+99ieAChRqlhWSs
EXVciLflQ0xFmT4Bs8n3dnHElTQIAUAm130jCD27j2FuJv4qGOKarX/sklEkzLer
okijub1qcRX4p1JXLiuPO5MdsIJKHDx7sEUpjck2OUFCaTR+kgeh31IAJm0F+wJc
SLs+ZB5tQ3viRADrkCtkCtiUEinTAyTADGJGavgiaZxD
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:13 2025 by rpki-client