Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/V3O7eZLKR8_FhOrO5ARF5BOhyQY.roa
File: V3O7eZLKR8_FhOrO5ARF5BOhyQY.roa (raw, json)
Hash identifier: I4Sv1ApduVc5ncqdaOjAnJ5by7T0FriAUc8Aa+RXSJs=
Subject key identifier: 57:73:BB:79:92:CA:47:CF:C5:84:EA:CE:E4:04:45:E4:13:A1:C9:06
Certificate issuer: /CN=5975d519de239cf164cb94a6660c2530ceaef254
Certificate serial: 01936CE46E09A0EAA06A598AD89B7F5E9E6D
Authority key identifier: 59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/V3O7eZLKR8_FhOrO5ARF5BOhyQY.roa
Signing time: Wed 27 Nov 2024 09:12:09 +0000
ROA not before: Wed 27 Nov 2024 09:12:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207144
IP address blocks: 85.11.167.0/24 maxlen: 24
85.11.172.0/24 maxlen: 24
85.11.173.0/24 maxlen: 24
85.11.175.0/24 maxlen: 24
85.11.176.0/24 maxlen: 24
85.11.178.0/24 maxlen: 24
85.11.184.0/24 maxlen: 24
85.11.188.0/24 maxlen: 24
185.164.240.0/24 maxlen: 24
185.164.241.0/24 maxlen: 24
185.164.242.0/24 maxlen: 24
185.164.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6c:e4:6e:09:a0:ea:a0:6a:59:8a:d8:9b:7f:5e:9e:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5975d519de239cf164cb94a6660c2530ceaef254
Validity
Not Before: Nov 27 09:12:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5773bb7992ca47cfc584eacee40445e413a1c906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:df:29:c6:13:61:83:92:e4:ba:79:f8:85:d1:
3a:f9:39:12:59:2f:53:aa:d3:bc:75:aa:65:f0:f5:
23:64:28:c6:cc:f8:13:0c:f9:42:d4:8a:72:ee:bf:
87:a5:f9:30:7a:f0:c9:c1:b6:83:12:11:8a:df:2e:
3c:2a:fc:63:5b:55:a6:c1:12:f4:bd:02:ce:cd:66:
5e:a1:b0:88:33:6d:33:4a:c9:36:e4:ea:89:52:c4:
d1:83:58:9f:59:d7:8f:8f:53:ee:b7:7f:0e:7d:42:
1e:3f:06:2a:76:e0:9f:bb:39:05:6b:b6:4a:e4:aa:
20:7a:6b:11:ac:70:1f:18:b5:7e:61:33:a4:61:71:
56:4c:09:10:79:e9:c3:e3:e0:d8:17:56:cc:0f:93:
c5:49:a3:8d:53:e0:7b:b0:b2:03:ba:4d:c4:00:64:
8f:20:13:ed:33:50:62:eb:5a:ae:5a:d3:35:55:08:
d6:95:c9:da:47:2b:4d:b9:4b:d2:11:06:2b:8d:50:
4c:88:d2:39:b5:7f:26:98:80:17:6a:f7:31:e7:3f:
1f:a2:01:43:1f:97:3a:6d:99:20:35:7f:d6:69:ed:
3b:36:3c:6e:f7:ee:d0:df:73:6a:d7:8e:f0:c1:df:
f1:87:a2:82:e3:ac:20:46:b8:9f:20:5e:c2:1e:33:
fe:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:73:BB:79:92:CA:47:CF:C5:84:EA:CE:E4:04:45:E4:13:A1:C9:06
X509v3 Authority Key Identifier:
keyid:59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/V3O7eZLKR8_FhOrO5ARF5BOhyQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.11.167.0/24
85.11.172.0/23
85.11.175.0-85.11.176.255
85.11.178.0/24
85.11.184.0/24
85.11.188.0/24
185.164.240.0/22
Signature Algorithm: sha256WithRSAEncryption
36:a6:aa:b4:26:87:e2:28:79:f8:61:3a:8c:fa:dd:3e:14:c7:
28:43:a4:36:4f:ad:8c:4c:6c:a2:63:12:f4:b4:8a:38:83:fa:
ce:86:7e:09:c0:57:58:36:7d:7f:f1:c1:9f:09:52:a6:50:5c:
81:d4:b1:53:75:97:56:4b:fb:64:51:c5:2a:7b:4f:75:b7:cd:
99:8a:da:16:8c:59:92:ad:8e:43:6d:10:88:94:5e:9c:e5:5d:
5b:3a:61:16:71:c7:1c:89:cd:61:67:c2:cc:3b:ef:9c:11:d0:
78:38:c0:7f:6f:94:90:9f:b0:a2:8d:f5:aa:d0:bc:b2:af:b6:
42:c6:71:dc:6f:4d:ad:8c:49:c8:2d:0f:2e:46:c6:cc:b5:13:
8a:a0:db:53:6c:2c:50:ca:01:62:6e:ed:61:c7:94:4f:27:30:
05:af:cd:ab:aa:42:2c:00:bd:52:55:a6:2f:32:a7:16:07:3b:
a9:36:ca:e6:b7:8e:25:fd:43:85:12:44:55:10:5d:4b:97:0c:
ef:62:42:09:28:8c:1f:66:74:87:ca:cb:20:f3:a8:f1:67:3c:
41:d6:cb:8f:56:79:f0:27:ca:14:32:5f:ee:bc:e8:e4:32:fb:
c5:cf:c6:d8:55:c9:41:b9:64:58:be:68:f3:1d:f6:4b:53:c9:
44:2c:8d:21
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZNs5G4JoOqgalmK2Jt/Xp5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NzVkNTE5ZGUyMzljZjE2NGNiOTRhNjY2MGMyNTMwY2Vh
ZWYyNTQwHhcNMjQxMTI3MDkxMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzczYmI3OTkyY2E0N2NmYzU4NGVhY2VlNDA0NDVlNDEzYTFjOTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo98pxhNhg5Lkunn4hdE6+TkSWS9T
qtO8dapl8PUjZCjGzPgTDPlC1Ipy7r+HpfkwevDJwbaDEhGK3y48KvxjW1WmwRL0
vQLOzWZeobCIM20zSsk25OqJUsTRg1ifWdePj1Put38OfUIePwYqduCfuzkFa7ZK
5KogemsRrHAfGLV+YTOkYXFWTAkQeenD4+DYF1bMD5PFSaONU+B7sLIDuk3EAGSP
IBPtM1Bi61quWtM1VQjWlcnaRytNuUvSEQYrjVBMiNI5tX8mmIAXavcx5z8fogFD
H5c6bZkgNX/Wae07Njxu9+7Q33Nq147wwd/xh6KC46wgRrifIF7CHjP+1wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFFdzu3mSykfPxYTqzuQEReQTockGMB8GA1UdIwQY
MBaAFFl11RneI5zxZMuUpmYMJTDOrvJUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUt
MmNjNjc1NzI2OTc1LzEvVjNPN2VaTEtSOF9GaE9yTzVBUkY1Qk9oeVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUtMmNjNjc1NzI2OTc1
LzEvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAVQunAwQB
VQusMAwDBABVC68DBABVC7ADBABVC7IDBABVC7gDBABVC7wDBAK5pPAwDQYJKoZI
hvcNAQELBQADggEBADamqrQmh+IoefhhOoz63T4UxyhDpDZPrYxMbKJjEvS0ijiD
+s6GfgnAV1g2fX/xwZ8JUqZQXIHUsVN1l1ZL+2RRxSp7T3W3zZmK2haMWZKtjkNt
EIiUXpzlXVs6YRZxxxyJzWFnwsw775wR0Hg4wH9vlJCfsKKN9arQvLKvtkLGcdxv
Ta2MScgtDy5Gxsy1E4qg21NsLFDKAWJu7WHHlE8nMAWvzauqQiwAvVJVpi8ypxYH
O6k2yua3jiX9Q4USRFUQXUuXDO9iQgkojB9mdIfKyyDzqPFnPEHWy49WefAnyhQy
X+686OQy+8XPxthVyUG5ZFi+aPMd9ktTyUQsjSE=
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:01:17 2025 by rpki-client