Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/mtdklF0CzvxS6DGVAw-ecZiXgR0.roa
File: mtdklF0CzvxS6DGVAw-ecZiXgR0.roa (raw, json)
Hash identifier: nmJeMEoowbsnv/IoWLx2PVLOll0jy9XM2GjqxMhlHjQ=
Subject key identifier: 9A:D7:64:94:5D:02:CE:FC:52:E8:31:95:03:0F:9E:71:98:97:81:1D
Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Certificate serial: 018CC493901386ECE613F5F3EBF147BD3940
Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/mtdklF0CzvxS6DGVAw-ecZiXgR0.roa
Signing time: Mon 01 Jan 2024 10:30:54 +0000
ROA not before: Mon 01 Jan 2024 10:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39401
IP address blocks: 85.217.232.0/24 maxlen: 24
85.217.233.0/24 maxlen: 24
85.217.230.0/24 maxlen: 24
85.217.231.0/24 maxlen: 24
85.217.228.0/24 maxlen: 24
85.217.229.0/24 maxlen: 24
85.217.227.0/24 maxlen: 24
85.217.240.0/22 maxlen: 24
85.217.240.0/24 maxlen: 24
85.217.237.0/24 maxlen: 24
85.217.235.0/24 maxlen: 24
85.217.236.0/24 maxlen: 24
85.217.234.0/24 maxlen: 24
85.217.244.0/23 maxlen: 24
85.217.244.0/24 maxlen: 24
85.217.245.0/24 maxlen: 24
85.217.242.0/24 maxlen: 24
85.217.243.0/24 maxlen: 24
85.217.241.0/24 maxlen: 24
85.217.246.0/24 maxlen: 24
85.217.251.0/24 maxlen: 24
85.217.250.0/23 maxlen: 23
85.217.249.0/24 maxlen: 24
85.217.250.0/24 maxlen: 24
85.217.248.0/24 maxlen: 24
85.217.248.0/23 maxlen: 23
85.217.247.0/24 maxlen: 24
85.217.225.0/24 maxlen: 24
85.217.226.0/24 maxlen: 24
85.217.224.0/24 maxlen: 24
85.217.224.0/20 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jul 2024 07:31:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:90:13:86:ec:e6:13:f5:f3:eb:f1:47:bd:39:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Validity
Not Before: Jan 1 10:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ad764945d02cefc52e83195030f9e719897811d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e4:69:a6:f8:f6:ec:bd:32:31:9f:d7:47:a6:
20:b7:ab:b3:9f:95:26:f8:04:95:3b:d9:16:08:44:
8e:b6:62:ef:bd:73:d7:c6:ff:34:7d:51:59:57:17:
75:93:43:af:ec:7d:24:1d:1c:a6:80:3d:5f:92:f0:
d5:1e:e8:4d:e3:e9:f5:d3:c7:e5:b7:b0:74:09:15:
42:58:81:d5:b2:c0:64:86:40:ea:8d:86:e6:7f:f2:
63:c2:22:94:96:40:af:ec:99:65:8e:27:c0:40:bd:
9d:42:66:bf:0c:4c:09:4c:8b:c2:f9:97:57:5f:49:
bd:91:1c:d9:61:96:82:c4:a6:2d:c7:62:c9:d7:91:
14:18:9b:0a:f8:8a:3d:5c:64:c6:ea:14:f2:b7:10:
b9:3e:1b:ca:95:f8:2b:0f:7a:a4:c9:b1:c8:bb:9c:
86:16:c3:91:24:f5:68:4d:d4:ba:b6:71:10:89:f6:
58:d1:88:e6:a7:9b:68:d8:29:a1:a5:fd:ca:93:76:
9c:67:2f:67:14:e6:f2:90:69:4c:05:90:ba:63:37:
2c:33:66:ec:8b:63:fb:55:ee:ba:aa:44:3e:d7:75:
fa:5d:8e:82:96:45:8b:6c:2f:90:eb:ef:85:7a:ec:
2b:f2:ad:19:40:3c:af:e9:91:11:45:23:62:dd:67:
e9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D7:64:94:5D:02:CE:FC:52:E8:31:95:03:0F:9E:71:98:97:81:1D
X509v3 Authority Key Identifier:
keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/mtdklF0CzvxS6DGVAw-ecZiXgR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.224.0-85.217.251.255
Signature Algorithm: sha256WithRSAEncryption
28:c8:16:50:e7:a3:85:5f:f4:d1:b7:b1:bf:8d:9b:b9:bc:90:
03:2a:c0:e4:f7:98:38:31:1f:44:28:45:70:9a:fb:fc:15:ef:
40:da:a9:23:e0:57:c4:e8:4d:b8:f5:4b:d0:19:9c:30:8f:f7:
8d:a2:ae:85:0c:61:e2:b4:43:0f:14:bb:48:2e:a8:08:97:6a:
75:96:cb:98:2c:04:44:aa:61:cb:9a:0c:e8:d3:b0:3e:5f:dd:
7b:2b:57:5e:ca:9c:3f:a6:ad:1d:0f:ed:a5:14:7b:88:e1:ba:
6d:f4:f6:c2:11:2c:4a:74:47:ae:e5:0d:d5:9a:43:83:84:ed:
25:62:31:fc:11:35:64:c9:dc:67:d9:41:ac:70:88:76:e3:2b:
18:6f:6d:dd:cf:d4:ac:88:36:e6:d9:31:07:40:2e:3e:12:4f:
ae:fd:85:d8:d4:e2:e6:d7:52:5a:54:9b:ca:e7:bb:88:e0:9b:
36:35:1f:52:43:9e:e8:14:61:63:2a:e1:a6:78:02:3b:27:af:
e7:70:3b:2f:f4:de:d8:a5:e3:e0:39:e8:f4:ec:91:9b:f7:c6:
4b:27:86:85:ee:d1:2d:8e:e4:f6:09:5c:bd:8f:04:ed:3b:71:
80:b6:0f:b1:1c:ab:80:6f:7a:31:59:8b:13:1d:3f:74:af:7c:
17:00:c8:39
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzEk5AThuzmE/Xz6/FHvTlAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey
NTY4MTMwHhcNMjQwMTAxMTAzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWQ3NjQ5NDVkMDJjZWZjNTJlODMxOTUwMzBmOWU3MTk4OTc4MTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+Rppvj27L0yMZ/XR6Ygt6uzn5Um
+ASVO9kWCESOtmLvvXPXxv80fVFZVxd1k0Ov7H0kHRymgD1fkvDVHuhN4+n108fl
t7B0CRVCWIHVssBkhkDqjYbmf/JjwiKUlkCv7JlljifAQL2dQma/DEwJTIvC+ZdX
X0m9kRzZYZaCxKYtx2LJ15EUGJsK+Io9XGTG6hTytxC5PhvKlfgrD3qkybHIu5yG
FsORJPVoTdS6tnEQifZY0Yjmp5to2Cmhpf3Kk3acZy9nFObykGlMBZC6YzcsM2bs
i2P7Ve66qkQ+13X6XY6ClkWLbC+Q6++Feuwr8q0ZQDyv6ZERRSNi3WfpBQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJrXZJRdAs78UugxlQMPnnGYl4EdMB8GA1UdIwQY
MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt
NjRkMjljODZiZjNlLzEvbXRka2xGMEN6dnhTNkRHVkF3LWVjWmlYZ1IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl
LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVV2eAD
BAJV2fgwDQYJKoZIhvcNAQELBQADggEBACjIFlDno4Vf9NG3sb+Nm7m8kAMqwOT3
mDgxH0QoRXCa+/wV70DaqSPgV8ToTbj1S9AZnDCP942iroUMYeK0Qw8Uu0guqAiX
anWWy5gsBESqYcuaDOjTsD5f3XsrV17KnD+mrR0P7aUUe4jhum309sIRLEp0R67l
DdWaQ4OE7SViMfwRNWTJ3GfZQaxwiHbjKxhvbd3P1KyINubZMQdALj4ST679hdjU
4ubXUlpUm8rnu4jgmzY1H1JDnugUYWMq4aZ4Ajsnr+dwOy/03til4+A56PTskZv3
xksnhoXu0S2O5PYJXL2PBO07cYC2D7Ecq4BvejFZixMdP3SvfBcAyDk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:21 2025 by rpki-client