Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/vy0wFgZTTwKXlAYxRUm-1_b7OWs.roa
File: vy0wFgZTTwKXlAYxRUm-1_b7OWs.roa (raw, json)
Hash identifier: y+JbuebjH+AYPIICUGUXLtR35FPiLcBBa5mbn2tfr+Q=
Subject key identifier: BF:2D:30:16:06:53:4F:02:97:94:06:31:45:49:BE:D7:F6:FB:39:6B
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 018CC86FF9CF284AFF6631E4BD86068E4163
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/vy0wFgZTTwKXlAYxRUm-1_b7OWs.roa
Signing time: Tue 02 Jan 2024 04:30:30 +0000
ROA not before: Tue 02 Jan 2024 04:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211996
IP address blocks: 85.153.135.0/24 maxlen: 24
85.153.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:f9:cf:28:4a:ff:66:31:e4:bd:86:06:8e:41:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 2 04:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf2d301606534f02979406314549bed7f6fb396b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6a:b9:7a:ff:e2:dd:af:4f:9e:9d:76:3f:f3:
a8:83:1a:f5:de:6c:57:6c:ef:fe:21:8f:87:75:a4:
fb:8d:6f:c8:13:15:9e:8c:6b:bb:c9:4e:ff:9f:82:
ca:f1:22:e7:fd:0b:e9:eb:d7:86:a3:ed:2e:a0:d4:
9a:5d:d0:a0:6f:01:9c:0b:42:ee:4e:15:6b:bd:9b:
0f:2d:59:6a:5f:75:5f:23:1e:a0:87:1d:e9:35:67:
ae:99:99:92:92:12:0a:52:10:b5:63:1a:98:44:cf:
ca:87:b2:39:a3:5e:db:5a:fb:dd:f4:b4:0c:57:ed:
49:89:01:19:43:ab:4a:39:6e:1b:6c:d4:6e:f7:b9:
51:ac:e0:7e:8b:e5:80:da:5b:25:0c:61:1f:11:2a:
b7:8f:27:8b:11:f2:9b:ec:af:9f:32:87:3d:fe:94:
91:9a:69:23:a5:54:2f:f5:3a:2b:45:07:12:c8:29:
aa:c9:ef:bc:7f:21:13:f4:93:b5:07:8c:14:5c:78:
31:c3:25:ec:e8:6d:ad:8b:ba:0e:54:9d:86:72:64:
68:f9:65:85:8c:92:3a:07:d3:f9:5c:39:b3:96:63:
79:72:3e:d5:e1:df:10:fa:8a:9e:72:82:2e:e8:3a:
a1:98:98:3a:d8:7f:48:0d:8b:de:25:f5:35:4a:80:
b7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:2D:30:16:06:53:4F:02:97:94:06:31:45:49:BE:D7:F6:FB:39:6B
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/vy0wFgZTTwKXlAYxRUm-1_b7OWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.135.0/24
85.153.140.0/24
Signature Algorithm: sha256WithRSAEncryption
62:4b:92:e6:bf:6a:44:0f:20:08:bf:0f:e7:af:5a:b8:15:13:
54:61:5d:7f:3b:12:24:d4:f5:76:cf:80:87:32:4f:71:01:b0:
fe:a9:10:f9:25:24:9f:8c:3c:7f:cf:d2:3f:12:fb:c2:a4:ee:
a7:a9:84:eb:89:f0:71:c2:a6:c2:a7:ba:f3:70:5c:96:80:30:
e3:5b:55:21:2a:67:58:0f:f7:ee:a2:1f:76:0c:c0:6a:6c:49:
0a:55:57:4c:bc:fb:2e:b9:47:54:e2:f3:67:ec:a2:07:3e:a0:
1c:94:f0:d1:04:d4:54:8f:e9:5a:07:bf:28:49:c4:62:90:60:
48:5e:ad:f8:0a:97:f5:df:97:78:41:e7:14:6e:b7:7e:1d:e4:
64:2d:8d:1c:46:02:bb:2b:be:53:e8:20:03:6f:75:2d:74:f6:
93:35:af:16:51:de:d1:48:89:14:34:47:51:d5:16:f7:4c:27:
4b:26:40:30:43:8d:4e:37:fe:e2:91:25:8e:1e:74:d1:27:ac:
a8:f2:a3:be:a5:07:03:68:24:7a:3f:06:9d:e1:2c:a9:13:0e:
6d:7e:5b:f7:3a:57:88:aa:5d:46:22:c4:a9:d9:25:70:82:bb:
8b:01:e7:ff:94:eb:28:0a:97:f1:ae:91:f5:b4:28:be:9e:4f:
47:7a:f6:77
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIb/nPKEr/ZjHkvYYGjkFjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjQwMTAyMDQzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjJkMzAxNjA2NTM0ZjAyOTc5NDA2MzE0NTQ5YmVkN2Y2ZmIzOTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGq5ev/i3a9Pnp12P/Oogxr13mxX
bO/+IY+HdaT7jW/IExWejGu7yU7/n4LK8SLn/Qvp69eGo+0uoNSaXdCgbwGcC0Lu
ThVrvZsPLVlqX3VfIx6ghx3pNWeumZmSkhIKUhC1YxqYRM/Kh7I5o17bWvvd9LQM
V+1JiQEZQ6tKOW4bbNRu97lRrOB+i+WA2lslDGEfESq3jyeLEfKb7K+fMoc9/pSR
mmkjpVQv9TorRQcSyCmqye+8fyET9JO1B4wUXHgxwyXs6G2ti7oOVJ2GcmRo+WWF
jJI6B9P5XDmzlmN5cj7V4d8Q+oqecoIu6DqhmJg62H9IDYveJfU1SoC3IQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL8tMBYGU08Cl5QGMUVJvtf2+zlrMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvdnkwd0ZnWlRUd0tYbEFZeFJVbS0xX2I3T1dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVZmHAwQA
VZmMMA0GCSqGSIb3DQEBCwUAA4IBAQBiS5Lmv2pEDyAIvw/nr1q4FRNUYV1/OxIk
1PV2z4CHMk9xAbD+qRD5JSSfjDx/z9I/EvvCpO6nqYTrifBxwqbCp7rzcFyWgDDj
W1UhKmdYD/fuoh92DMBqbEkKVVdMvPsuuUdU4vNn7KIHPqAclPDRBNRUj+laB78o
ScRikGBIXq34Cpf135d4QecUbrd+HeRkLY0cRgK7K75T6CADb3UtdPaTNa8WUd7R
SIkUNEdR1Rb3TCdLJkAwQ41ON/7ikSWOHnTRJ6yo8qO+pQcDaCR6Pwad4SypEw5t
flv3OleIql1GIsSp2SVwgruLAef/lOsoCpfxrpH1tCi+nk9HevZ3
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:00:52 2025 by rpki-client