Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/B52UqlJLffbN3LnLmlRs-XPjTGg.roa
File: B52UqlJLffbN3LnLmlRs-XPjTGg.roa (raw, json)
Hash identifier: 545SRTO+hBdLBgXstx7j1tMI83vi1KsAL+Vq/023mYc=
Subject key identifier: 07:9D:94:AA:52:4B:7D:F6:CD:DC:B9:CB:9A:54:6C:F9:73:E3:4C:68
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 0193CE43AF2C7AE0FD9A3C0C1179DFFB6B74
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/B52UqlJLffbN3LnLmlRs-XPjTGg.roa
Signing time: Mon 16 Dec 2024 06:59:22 +0000
ROA not before: Mon 16 Dec 2024 06:59:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 85.115.204.0/24 maxlen: 24
85.153.12.0/22 maxlen: 22
85.153.24.0/22 maxlen: 22
85.153.35.0/24 maxlen: 24
85.153.36.0/22 maxlen: 22
85.153.40.0/24 maxlen: 24
85.153.41.0/24 maxlen: 24
85.153.42.0/24 maxlen: 24
85.153.48.0/22 maxlen: 22
85.153.52.0/22 maxlen: 22
85.153.59.0/24 maxlen: 24
85.153.60.0/22 maxlen: 22
85.153.65.0/24 maxlen: 24
85.153.66.0/24 maxlen: 24
85.153.67.0/24 maxlen: 24
85.153.72.0/24 maxlen: 24
85.153.73.0/24 maxlen: 24
85.153.80.0/24 maxlen: 24
85.153.88.0/22 maxlen: 22
85.153.96.0/22 maxlen: 22
85.153.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Dec 2024 07:04:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ce:43:af:2c:7a:e0:fd:9a:3c:0c:11:79:df:fb:6b:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Dec 16 06:59:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=079d94aa524b7df6cddcb9cb9a546cf973e34c68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:12:b4:e9:f0:03:4e:53:b6:20:6b:42:33:25:
8b:74:7d:f2:6c:43:5f:1b:70:ff:a2:ae:e1:8a:94:
de:04:35:99:b2:22:97:f5:f9:2b:f8:c2:23:a0:99:
51:4b:45:ac:c6:12:67:b3:e3:0f:10:ae:b7:be:23:
75:b6:4a:56:f9:a7:e2:67:62:f2:d7:ad:f8:85:4b:
7b:39:dd:cf:82:63:5f:a3:50:24:1a:99:19:05:b5:
48:bd:27:1d:d7:0c:3a:15:9e:2d:e0:af:cf:0f:f1:
1a:90:2f:98:0c:d6:38:0a:ea:1f:86:b2:d5:7c:a6:
98:c1:38:9d:4e:d4:3c:c4:16:2f:23:fd:67:84:ca:
0b:3a:c9:fe:27:73:b4:99:70:a7:9b:67:1b:49:b1:
a2:fb:e3:78:c6:1e:8b:0a:6f:3f:db:58:df:ca:2e:
01:e0:3e:b4:1c:56:f3:46:92:87:53:3b:24:42:70:
05:82:96:a1:de:80:c7:5d:f7:88:22:fe:6f:91:13:
b0:22:a4:7e:98:25:7f:06:c0:8c:21:96:9c:2b:17:
6f:ab:33:a9:ad:0d:58:0e:6e:9e:4a:4c:01:81:1a:
2a:d3:83:6b:04:f6:06:ef:d8:3d:4c:99:92:8d:a9:
74:53:f7:7b:c1:25:c0:ee:7c:4a:48:28:c9:da:ac:
fb:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:9D:94:AA:52:4B:7D:F6:CD:DC:B9:CB:9A:54:6C:F9:73:E3:4C:68
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/B52UqlJLffbN3LnLmlRs-XPjTGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.204.0/24
85.153.12.0/22
85.153.24.0/22
85.153.35.0-85.153.42.255
85.153.48.0/21
85.153.59.0-85.153.63.255
85.153.65.0-85.153.67.255
85.153.72.0/23
85.153.80.0/24
85.153.88.0/22
85.153.96.0/22
85.153.114.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:bc:f1:22:e9:04:61:5b:f6:fa:1e:32:69:b0:26:cb:30:ad:
1d:6e:84:3b:8d:f6:bf:48:36:4f:9c:17:83:d7:77:3f:75:32:
ae:8f:e8:39:0a:20:57:e0:fc:75:24:d8:c4:ee:24:db:f8:4f:
e7:b9:c4:81:70:28:1b:a1:3a:7d:e3:e8:9d:68:6b:07:e4:69:
10:39:f2:20:1b:eb:19:c8:ab:b9:3f:5c:4c:a8:0b:d9:64:6d:
4c:aa:7b:fe:41:01:86:b9:ec:05:27:fb:05:84:4e:85:fc:ab:
e4:2f:bd:ed:72:f2:25:8a:34:99:c5:f2:b0:3c:07:bb:2f:13:
85:f3:e9:98:50:92:da:62:85:69:f1:e9:02:15:60:bb:3d:52:
f5:4f:17:f0:f5:5d:ad:04:d3:52:9e:f8:b9:18:cb:81:8f:1f:
15:90:f5:08:9e:32:83:5a:44:77:8f:2d:84:5b:81:f1:2e:34:
04:a2:9e:46:47:f3:4b:13:85:f7:7a:69:7a:b8:a6:0d:f8:fc:
b7:3d:48:a8:71:42:d2:aa:a6:e1:6b:fc:55:75:09:68:1d:7c:
14:0c:bb:51:d4:8c:7d:32:fe:43:66:6c:c1:28:76:82:ea:ad:
8a:8f:7a:e3:97:d6:ab:91:54:1c:f9:53:0f:65:2b:54:35:8f:
82:52:84:90
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZPOQ68seuD9mjwMEXnf+2t0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjQxMjE2MDY1OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzlkOTRhYTUyNGI3ZGY2Y2RkY2I5Y2I5YTU0NmNmOTczZTM0YzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBK06fADTlO2IGtCMyWLdH3ybENf
G3D/oq7hipTeBDWZsiKX9fkr+MIjoJlRS0WsxhJns+MPEK63viN1tkpW+afiZ2Ly
1634hUt7Od3PgmNfo1AkGpkZBbVIvScd1ww6FZ4t4K/PD/EakC+YDNY4CuofhrLV
fKaYwTidTtQ8xBYvI/1nhMoLOsn+J3O0mXCnm2cbSbGi++N4xh6LCm8/21jfyi4B
4D60HFbzRpKHUzskQnAFgpah3oDHXfeIIv5vkROwIqR+mCV/BsCMIZacKxdvqzOp
rQ1YDm6eSkwBgRoq04NrBPYG79g9TJmSjal0U/d7wSXA7nxKSCjJ2qz7RQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFAedlKpSS332zdy5y5pUbPlz40xoMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvQjUyVXFsSkxmZmJOM0xuTG1sUnMtWFBqVEdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAVXPMAwQC
VZkMAwQCVZkYMAwDBABVmSMDBABVmSoDBANVmTAwDAMEAFWZOwMEBlWZADAMAwQA
VZlBAwQCVZlAAwQBVZlIAwQAVZlQAwQCVZlYAwQCVZlgAwQAVZlyMA0GCSqGSIb3
DQEBCwUAA4IBAQCkvPEi6QRhW/b6HjJpsCbLMK0dboQ7jfa/SDZPnBeD13c/dTKu
j+g5CiBX4Px1JNjE7iTb+E/nucSBcCgboTp94+idaGsH5GkQOfIgG+sZyKu5P1xM
qAvZZG1Mqnv+QQGGuewFJ/sFhE6F/KvkL73tcvIlijSZxfKwPAe7LxOF8+mYUJLa
YoVp8ekCFWC7PVL1Txfw9V2tBNNSnvi5GMuBjx8VkPUInjKDWkR3jy2EW4HxLjQE
op5GR/NLE4X3eml6uKYN+Py3PUiocULSqqbha/xVdQloHXwUDLtR1Ix9Mv5DZmzB
KHaC6q2Kj3rjl9arkVQc+VMPZStUNY+CUoSQ
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:53:57 2025 by rpki-client