Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/5OjHs994IvCyFRS4XNxSU7U-LeY.roa
File: 5OjHs994IvCyFRS4XNxSU7U-LeY.roa (raw, json)
Hash identifier: WtNzd6YeY2ccpKqEC8FYklWerUeg+kOUP/AZCjjyJww=
Subject key identifier: E4:E8:C7:B3:DF:78:22:F0:B2:15:14:B8:5C:DC:52:53:B5:3E:2D:E6
Certificate issuer: /CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Certificate serial: 01942143E56513A2DD897133BDF6B0039C5D
Authority key identifier: 4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/5OjHs994IvCyFRS4XNxSU7U-LeY.roa
Signing time: Wed 01 Jan 2025 09:48:05 +0000
ROA not before: Wed 01 Jan 2025 09:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 85.234.106.0/24 maxlen: 24
85.234.107.0/24 maxlen: 24
85.234.110.0/24 maxlen: 24
185.154.192.0/24 maxlen: 24
185.154.193.0/24 maxlen: 24
185.154.194.0/24 maxlen: 24
185.154.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Jan 2025 07:40:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:e5:65:13:a2:dd:89:71:33:bd:f6:b0:03:9c:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Validity
Not Before: Jan 1 09:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4e8c7b3df7822f0b21514b85cdc5253b53e2de6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5c:a4:45:5f:84:b6:16:c3:d1:83:94:10:57:
48:51:db:d1:aa:d3:a9:d7:3f:fb:c0:c2:69:66:79:
88:46:73:40:4b:b3:42:97:0c:47:9d:fe:a3:a4:32:
ce:bc:19:9d:73:50:78:a7:36:1f:fa:51:7e:22:34:
45:70:62:73:c1:0f:7c:2a:f3:df:5c:82:24:e1:28:
7a:31:2c:db:bc:f7:30:50:ac:36:7d:bf:da:46:ac:
3a:a9:72:ee:b3:2a:bc:a1:57:77:bd:59:96:66:d2:
1b:5d:b0:1c:f9:3b:21:cc:65:82:b8:af:d5:a9:09:
fa:fa:a9:d1:83:e4:55:c0:50:16:da:65:d2:91:b0:
a3:4e:d5:fa:dc:6f:a9:0d:99:0a:de:29:93:97:04:
b7:b7:df:a0:51:43:ef:6f:90:b5:5d:0b:da:cf:3b:
11:4f:b4:75:63:c9:d5:cf:a1:fe:3f:5a:1a:ad:67:
84:f7:e5:cd:65:00:2f:d9:ff:93:3e:72:93:32:d9:
6a:27:e7:6c:35:79:45:13:cf:ab:46:5f:45:cc:59:
1f:79:8f:9e:4a:0d:ec:53:27:48:3c:70:88:8e:86:
2f:d9:0d:c2:99:53:94:cb:c4:2d:1c:26:55:17:77:
7b:e0:5b:d3:3b:30:73:73:83:4e:00:6a:f3:a5:72:
9b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E8:C7:B3:DF:78:22:F0:B2:15:14:B8:5C:DC:52:53:B5:3E:2D:E6
X509v3 Authority Key Identifier:
keyid:4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/5OjHs994IvCyFRS4XNxSU7U-LeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.106.0/23
85.234.110.0/24
185.154.192.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:be:c4:99:7b:fc:04:d1:de:ee:2d:f0:f1:9a:10:94:fb:c3:
a0:a4:15:ec:db:68:c2:f7:5c:c1:28:46:c7:55:8a:6c:df:65:
88:99:31:9a:b0:4e:4e:50:5d:c0:9a:6a:12:13:c6:51:e4:50:
c1:45:e0:a7:e4:ae:14:e8:a0:a6:7e:44:49:d7:a3:36:94:fb:
c0:29:ee:d4:ee:f8:dd:43:f6:50:b4:28:49:9d:bf:99:d1:4b:
e6:da:8e:ec:1d:16:f0:d0:ad:8c:2a:91:ee:bc:ca:6c:4d:c0:
fb:da:44:6f:f7:29:a4:87:11:1b:3d:46:00:16:97:c9:86:0a:
08:9e:ea:e3:66:d7:00:2c:c5:83:8c:9a:cd:32:42:b0:52:76:
90:ef:18:80:d7:8e:2f:1e:43:7a:1e:7e:96:6e:f6:79:91:4c:
bc:cc:6a:c5:6e:a4:38:18:95:a4:10:b2:d9:dd:93:1f:2e:14:
df:be:b0:9a:da:0c:d1:d4:02:ab:e2:ab:80:e2:49:14:ea:5b:
20:95:d5:b5:18:3c:1d:2c:1c:85:89:fd:58:39:5e:6a:31:03:
5c:aa:e6:2c:48:69:9e:34:db:fd:63:94:4a:3e:f2:e3:f5:8a:
48:a0:cd:32:3b:50:7e:ed:a8:86:1d:5b:6f:8d:35:09:fc:83:
4a:89:dc:4c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhQ+VlE6LdiXEzvfawA5xdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMmI4OWMzYzU3YTNlMjk2YWE0MDYxZTk2Mjg0MGJlN2Fl
OGYwMTgwHhcNMjUwMTAxMDk0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGU4YzdiM2RmNzgyMmYwYjIxNTE0Yjg1Y2RjNTI1M2I1M2UyZGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1ykRV+EthbD0YOUEFdIUdvRqtOp
1z/7wMJpZnmIRnNAS7NClwxHnf6jpDLOvBmdc1B4pzYf+lF+IjRFcGJzwQ98KvPf
XIIk4Sh6MSzbvPcwUKw2fb/aRqw6qXLusyq8oVd3vVmWZtIbXbAc+TshzGWCuK/V
qQn6+qnRg+RVwFAW2mXSkbCjTtX63G+pDZkK3imTlwS3t9+gUUPvb5C1XQvazzsR
T7R1Y8nVz6H+P1oarWeE9+XNZQAv2f+TPnKTMtlqJ+dsNXlFE8+rRl9FzFkfeY+e
Sg3sUydIPHCIjoYv2Q3CmVOUy8QtHCZVF3d74FvTOzBzc4NOAGrzpXKbYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOTox7PfeCLwshUUuFzcUlO1Pi3mMB8GA1UdIwQY
MBaAFEwricPFej4paqQGHpYoQL566PAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQt
MTEyOGU1Y2U2YTViLzEvNU9qSHM5OTRJdkN5RlJTNFhOeFNVN1UtTGVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQtMTEyOGU1Y2U2YTVi
LzEvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVepqAwQA
VepuAwQCuZrAMA0GCSqGSIb3DQEBCwUAA4IBAQCOvsSZe/wE0d7uLfDxmhCU+8Og
pBXs22jC91zBKEbHVYps32WImTGasE5OUF3AmmoSE8ZR5FDBReCn5K4U6KCmfkRJ
16M2lPvAKe7U7vjdQ/ZQtChJnb+Z0Uvm2o7sHRbw0K2MKpHuvMpsTcD72kRv9ymk
hxEbPUYAFpfJhgoInurjZtcALMWDjJrNMkKwUnaQ7xiA144vHkN6Hn6WbvZ5kUy8
zGrFbqQ4GJWkELLZ3ZMfLhTfvrCa2gzR1AKr4quA4kkU6lsgldW1GDwdLByFif1Y
OV5qMQNcquYsSGmeNNv9Y5RKPvLj9YpIoM0yO1B+7aiGHVtvjTUJ/INKidxM
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:10:16 2025 by rpki-client