Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/Ty30HsF_aCkxmY1eweIhUpYX34k.roa
File: Ty30HsF_aCkxmY1eweIhUpYX34k.roa (raw, json)
Hash identifier: Rce4Boyc5PXsQsYuEZ1Jtra4IP8qyAhAg/pGUgoiAQQ=
Subject key identifier: 4F:2D:F4:1E:C1:7F:68:29:31:99:8D:5E:C1:E2:21:52:96:17:DF:89
Certificate issuer: /CN=13932782ee7758990404fa1ccfb09ec23a86123f
Certificate serial: 018CC4936FB0C7F36DAA11930518853C8E55
Authority key identifier: 13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/Ty30HsF_aCkxmY1eweIhUpYX34k.roa
Signing time: Mon 01 Jan 2024 10:30:45 +0000
ROA not before: Mon 01 Jan 2024 10:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25098
IP address blocks: 85.116.10.0/24 maxlen: 24
85.116.8.0/24 maxlen: 24
85.116.12.0/23 maxlen: 23
46.248.100.0/24 maxlen: 24
82.136.7.0/24 maxlen: 24
82.136.16.0/22 maxlen: 22
82.136.12.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:6f:b0:c7:f3:6d:aa:11:93:05:18:85:3c:8e:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13932782ee7758990404fa1ccfb09ec23a86123f
Validity
Not Before: Jan 1 10:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f2df41ec17f682931998d5ec1e221529617df89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2b:8f:77:dc:81:da:71:b2:84:fc:22:49:3e:
32:78:15:b5:79:7c:d4:56:c3:39:e5:52:23:12:45:
72:26:1c:0a:b4:53:06:bf:d9:1d:e5:23:91:52:65:
93:e4:54:48:81:fe:89:36:ac:68:84:3c:b9:b2:6a:
b6:c2:ed:cb:53:5a:3f:1f:f5:33:21:f2:b7:2e:3b:
94:b2:67:e6:6a:47:02:34:c1:1d:30:33:d5:41:74:
10:f4:aa:8c:0f:77:74:10:f4:9c:fa:f8:2b:9a:78:
89:42:89:e2:33:66:ff:1a:73:db:53:76:48:93:ed:
b7:d7:2c:6b:de:69:81:63:be:73:9c:27:30:f6:a7:
c5:92:71:e3:65:cb:9a:c1:de:ed:ff:62:71:63:92:
8a:7a:f5:fe:0d:73:a2:02:cb:52:37:ee:69:bc:7b:
3b:f6:88:8b:83:de:29:0f:7b:d7:e2:3a:fd:86:dc:
53:c2:52:c9:87:08:d8:56:3b:79:03:65:7b:4e:d5:
1a:ea:1d:91:1c:d8:f9:3e:c9:00:1d:a7:28:bc:66:
49:ea:ca:c6:a5:78:25:72:0c:67:2d:c6:8f:93:75:
b5:ac:09:f2:fb:1c:9b:38:b5:09:df:24:5e:ff:53:
13:86:f5:c9:ce:8c:64:7b:ca:4f:7a:47:fa:76:bf:
8e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:2D:F4:1E:C1:7F:68:29:31:99:8D:5E:C1:E2:21:52:96:17:DF:89
X509v3 Authority Key Identifier:
keyid:13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/Ty30HsF_aCkxmY1eweIhUpYX34k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/E5Mngu53WJkEBPocz7CewjqGEj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.248.100.0/24
82.136.7.0/24
82.136.12.0-82.136.19.255
85.116.8.0/24
85.116.10.0/24
85.116.12.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:ea:e5:fd:c6:d9:92:fa:0c:b8:5f:5f:68:b0:df:a8:fe:69:
87:b6:2c:e5:11:73:3b:7f:6d:45:2f:51:8c:d6:6b:be:e9:57:
e3:11:39:58:a0:49:65:11:d9:75:13:d8:83:81:98:37:ac:3a:
49:67:ea:28:d6:6a:71:3f:11:3b:93:a7:f0:9d:1f:1e:40:dc:
0d:1e:99:61:eb:7e:54:47:e8:56:e1:f3:01:4a:46:21:ea:c8:
47:0c:01:24:06:fc:14:8a:15:d0:52:1c:7e:d6:1f:7f:e7:72:
4e:fd:f0:29:10:c3:46:1f:18:fb:b2:4e:ae:df:ad:6a:d3:b6:
75:08:6d:7e:91:df:16:0a:1d:59:de:45:a2:0b:d4:39:20:71:
24:80:c1:2f:dd:42:e0:04:83:2e:ad:cc:40:5f:16:97:ae:84:
49:0e:99:d5:fa:f8:d0:5d:0f:36:44:a2:e0:29:c5:85:61:e7:
0c:d3:7e:fc:1e:5f:2d:00:de:88:55:a9:eb:56:99:b1:02:56:
16:a2:f8:99:ca:9a:4a:75:a3:23:e3:61:7e:cb:c4:31:8a:0d:
bc:23:d0:87:f7:4b:4f:b5:29:1f:37:ba:eb:d7:fb:a9:a6:ba:
24:48:ea:35:a0:b3:25:c2:89:ec:8d:e6:30:a2:9c:d3:02:ef:
48:7f:5d:ab
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzEk2+wx/NtqhGTBRiFPI5VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzOTMyNzgyZWU3NzU4OTkwNDA0ZmExY2NmYjA5ZWMyM2E4
NjEyM2YwHhcNMjQwMTAxMTAzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjJkZjQxZWMxN2Y2ODI5MzE5OThkNWVjMWUyMjE1Mjk2MTdkZjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiuPd9yB2nGyhPwiST4yeBW1eXzU
VsM55VIjEkVyJhwKtFMGv9kd5SORUmWT5FRIgf6JNqxohDy5smq2wu3LU1o/H/Uz
IfK3LjuUsmfmakcCNMEdMDPVQXQQ9KqMD3d0EPSc+vgrmniJQoniM2b/GnPbU3ZI
k+231yxr3mmBY75znCcw9qfFknHjZcuawd7t/2JxY5KKevX+DXOiAstSN+5pvHs7
9oiLg94pD3vX4jr9htxTwlLJhwjYVjt5A2V7TtUa6h2RHNj5PskAHacovGZJ6srG
pXglcgxnLcaPk3W1rAny+xybOLUJ3yRe/1MThvXJzoxke8pPekf6dr+OpwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFE8t9B7Bf2gpMZmNXsHiIVKWF9+JMB8GA1UdIwQY
MBaAFBOTJ4Lud1iZBAT6HM+wnsI6hhI/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYt
NGIxZjYxNjUzZjNkLzEvVHkzMEhzRl9hQ2t4bVkxZXdlSWhVcFlYMzRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYtNGIxZjYxNjUzZjNk
LzEvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQALvhkAwQA
UogHMAwDBAJSiAwDBAJSiBADBABVdAgDBABVdAoDBAFVdAwwDQYJKoZIhvcNAQEL
BQADggEBAGzq5f3G2ZL6DLhfX2iw36j+aYe2LOURczt/bUUvUYzWa77pV+MROVig
SWUR2XUT2IOBmDesOkln6ijWanE/ETuTp/CdHx5A3A0emWHrflRH6Fbh8wFKRiHq
yEcMASQG/BSKFdBSHH7WH3/nck798CkQw0YfGPuyTq7frWrTtnUIbX6R3xYKHVne
RaIL1DkgcSSAwS/dQuAEgy6tzEBfFpeuhEkOmdX6+NBdDzZEouApxYVh5wzTfvwe
Xy0A3ohVqetWmbECVhai+JnKmkp1oyPjYX7LxDGKDbwj0If3S0+1KR83uuvX+6mm
uiRI6jWgsyXCieyN5jCinNMC70h/Xas=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:43:26 2025 by rpki-client