Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/x3cELy55ul4hk7LimVE9xizHrD8.roa
File: x3cELy55ul4hk7LimVE9xizHrD8.roa (raw, json)
Hash identifier: Di1mypOMscKT92okuSMPW+couhzTqRWW9JVVoCutuEY=
Subject key identifier: C7:77:04:2F:2E:79:BA:5E:21:93:B2:E2:99:51:3D:C6:2C:C7:AC:3F
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 0193CE4846C6045D821FC45050A6F9791D8E
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/x3cELy55ul4hk7LimVE9xizHrD8.roa
Signing time: Mon 16 Dec 2024 07:04:23 +0000
ROA not before: Mon 16 Dec 2024 07:04:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398373
IP address blocks: 85.115.207.0/24 maxlen: 24
85.153.4.0/24 maxlen: 24
85.153.32.0/24 maxlen: 24
85.153.68.0/22 maxlen: 22
85.153.84.0/22 maxlen: 22
85.153.92.0/24 maxlen: 24
85.153.108.0/22 maxlen: 22
85.153.113.0/24 maxlen: 24
85.153.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ce:48:46:c6:04:5d:82:1f:c4:50:50:a6:f9:79:1d:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Dec 16 07:04:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c777042f2e79ba5e2193b2e299513dc62cc7ac3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:03:b8:5d:92:5a:8f:3f:b7:21:23:42:f7:6a:
34:d2:08:a2:9d:d4:75:ea:61:1f:c2:e7:bd:34:96:
51:fb:62:74:fa:5f:6b:10:3d:af:da:0c:69:46:ae:
42:46:dc:5e:4f:ce:a5:d7:d3:29:9d:55:53:26:c5:
b8:6a:3a:37:b1:ae:c8:c2:d6:75:e9:ca:b8:d1:f7:
b0:31:ec:fa:98:ec:84:e6:86:68:9c:14:1b:ad:07:
c0:c2:6d:89:d0:df:1a:3b:e0:15:e5:d7:eb:7c:49:
d8:0d:ac:66:3d:4a:5f:b4:8b:43:ee:61:e5:08:89:
2c:2e:60:8f:3d:33:d6:7a:ea:2f:4a:eb:0c:e7:64:
ec:86:f5:e6:4f:1f:2f:5f:d0:fd:80:a5:01:93:b4:
f0:8c:bd:61:c3:5c:9d:0f:6b:5e:ff:80:b2:44:5e:
56:e2:3b:05:4f:b6:34:ff:ce:85:cd:ad:91:d6:66:
a2:eb:95:14:ba:f0:d3:bc:40:20:d6:84:0e:f3:8a:
1b:b5:2f:79:8e:c5:dd:aa:5c:42:a2:8c:33:8d:4c:
a6:71:b5:93:4f:c2:f1:53:37:1f:a5:01:a5:a6:a7:
6a:c5:30:9c:71:86:6f:6f:d8:8b:99:48:cd:ff:04:
6e:0c:fd:44:55:2a:90:95:79:bd:b7:86:b0:ed:11:
78:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:77:04:2F:2E:79:BA:5E:21:93:B2:E2:99:51:3D:C6:2C:C7:AC:3F
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/x3cELy55ul4hk7LimVE9xizHrD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.207.0/24
85.153.4.0/24
85.153.32.0/24
85.153.68.0/22
85.153.84.0/22
85.153.92.0/24
85.153.108.0/22
85.153.113.0/24
85.153.118.0/24
Signature Algorithm: sha256WithRSAEncryption
65:2d:02:84:50:74:65:00:ac:2b:7f:0d:1c:e0:e7:72:5c:48:
32:c6:18:b5:fc:c1:d2:72:4c:17:57:e1:a9:08:6a:56:ad:75:
92:4c:20:85:8a:93:76:31:79:ea:99:37:87:bd:3e:d2:fb:22:
2d:0d:fc:84:c8:21:9e:3c:14:0f:5e:4b:67:5d:aa:c2:8e:9b:
15:18:a7:99:40:ea:81:b3:50:7d:70:ac:31:21:30:6a:d1:e5:
02:38:e5:dc:db:3d:42:b3:a5:ec:b1:20:02:d3:1c:0e:6b:b3:
2f:f6:4b:96:f4:ab:25:29:0c:53:f6:20:77:bd:d2:51:19:15:
56:af:08:4e:69:49:e0:d5:b9:67:84:dc:68:52:da:04:98:ee:
8c:92:51:75:6d:c1:64:65:49:92:f9:11:e3:81:81:c7:dc:5d:
7a:6c:d8:73:ab:bf:b3:3f:a9:81:8d:7f:b3:e8:a8:5a:74:3e:
f3:7c:82:bf:0c:9c:47:af:e6:42:b9:54:27:c3:d3:1d:68:aa:
6f:ce:70:3c:1c:57:53:57:fe:22:6d:4a:92:07:ad:c1:10:41:
a0:8b:01:85:92:08:ad:29:8e:a8:44:ac:5d:4e:bf:1e:d4:ba:
5e:22:72:9b:1e:aa:f7:a7:44:19:99:a1:06:46:9f:19:2d:3f:
3f:85:c8:9b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZPOSEbGBF2CH8RQUKb5eR2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjQxMjE2MDcwNDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzc3MDQyZjJlNzliYTVlMjE5M2IyZTI5OTUxM2RjNjJjYzdhYzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQO4XZJajz+3ISNC92o00giindR1
6mEfwue9NJZR+2J0+l9rED2v2gxpRq5CRtxeT86l19MpnVVTJsW4ajo3sa7IwtZ1
6cq40fewMez6mOyE5oZonBQbrQfAwm2J0N8aO+AV5dfrfEnYDaxmPUpftItD7mHl
CIksLmCPPTPWeuovSusM52TshvXmTx8vX9D9gKUBk7TwjL1hw1ydD2te/4CyRF5W
4jsFT7Y0/86Fza2R1mai65UUuvDTvEAg1oQO84obtS95jsXdqlxCoowzjUymcbWT
T8LxUzcfpQGlpqdqxTCccYZvb9iLmUjN/wRuDP1EVSqQlXm9t4aw7RF4IwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMd3BC8uebpeIZOy4plRPcYsx6w/MB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEveDNjRUx5NTV1bDRoazdMaW1WRTl4aXpIckQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVXPPAwQA
VZkEAwQAVZkgAwQCVZlEAwQCVZlUAwQAVZlcAwQCVZlsAwQAVZlxAwQAVZl2MA0G
CSqGSIb3DQEBCwUAA4IBAQBlLQKEUHRlAKwrfw0c4OdyXEgyxhi1/MHSckwXV+Gp
CGpWrXWSTCCFipN2MXnqmTeHvT7S+yItDfyEyCGePBQPXktnXarCjpsVGKeZQOqB
s1B9cKwxITBq0eUCOOXc2z1Cs6XssSAC0xwOa7Mv9kuW9KslKQxT9iB3vdJRGRVW
rwhOaUng1blnhNxoUtoEmO6MklF1bcFkZUmS+RHjgYHH3F16bNhzq7+zP6mBjX+z
6KhadD7zfIK/DJxHr+ZCuVQnw9MdaKpvznA8HFdTV/4ibUqSB63BEEGgiwGFkgit
KY6oRKxdTr8e1LpeInKbHqr3p0QZmaEGRp8ZLT8/hcib
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:03:20 2025 by rpki-client