Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/85-W9-0uJDjXyHGh6xjpZO6bpxA.roa
File: 85-W9-0uJDjXyHGh6xjpZO6bpxA.roa (raw, json)
Hash identifier: 9HFI02vNzgJeclzWrTWrdyRYnNuwl914/HG202dX298=
Subject key identifier: F3:9F:96:F7:ED:2E:24:38:D7:C8:71:A1:EB:18:E9:64:EE:9B:A7:10
Certificate issuer: /CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Certificate serial: 0194748E8BDCA6F73E1595D04CECF498BBE8
Authority key identifier: D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/85-W9-0uJDjXyHGh6xjpZO6bpxA.roa
Signing time: Fri 17 Jan 2025 13:58:06 +0000
ROA not before: Fri 17 Jan 2025 13:58:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216244
IP address blocks: 185.85.72.0/24 maxlen: 24
185.85.73.0/24 maxlen: 24
185.85.74.0/24 maxlen: 24
185.85.75.0/24 maxlen: 24
185.160.28.0/24 maxlen: 24
185.160.29.0/24 maxlen: 24
185.160.31.0/24 maxlen: 24
2a05:abc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 23 Jan 2025 23:42:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:74:8e:8b:dc:a6:f7:3e:15:95:d0:4c:ec:f4:98:bb:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Validity
Not Before: Jan 17 13:58:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f39f96f7ed2e2438d7c871a1eb18e964ee9ba710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:09:10:8c:31:ab:36:e9:3a:0f:49:16:23:82:
57:50:81:a2:b9:36:80:ea:c8:ec:fc:04:e1:65:a8:
66:3f:45:74:40:f4:2e:7c:83:03:71:2f:84:5f:4b:
72:d6:c3:ff:b7:6d:a9:c7:90:ac:f2:15:b9:bb:4b:
bc:db:72:ee:c4:a5:7c:f1:e4:44:73:23:0a:7b:e0:
6a:7f:a1:3a:6a:e6:db:29:59:f8:0b:b2:be:b4:40:
ce:da:33:24:fc:9c:58:5e:73:1f:d9:e8:ef:e6:87:
7d:f7:c3:b8:5c:24:63:2d:b8:c7:33:13:36:49:2e:
02:68:6e:00:33:b5:d1:9b:84:62:f8:d9:b2:ff:dc:
0c:17:ce:31:d6:6f:dd:e4:38:81:bd:dd:96:c5:ed:
83:60:fc:db:3f:94:a2:74:b4:61:e8:ea:cc:3a:31:
38:d7:f9:12:bb:76:b8:9f:04:17:35:8e:50:98:14:
ed:e2:30:2e:a0:64:9e:de:86:8d:8d:16:57:41:33:
ab:66:06:e2:ca:4d:11:d0:00:06:13:c7:45:7d:35:
4c:45:fc:4b:de:ce:ae:2c:3e:07:7f:7c:9e:2a:ed:
2f:e5:ca:e7:5b:03:ba:33:f8:1b:c2:58:62:cf:fd:
a5:4c:68:7c:5a:c1:4f:b8:db:13:e2:49:12:c4:4b:
3b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:9F:96:F7:ED:2E:24:38:D7:C8:71:A1:EB:18:E9:64:EE:9B:A7:10
X509v3 Authority Key Identifier:
keyid:D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/85-W9-0uJDjXyHGh6xjpZO6bpxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/0eAT7IpcVt8kGpslY9ER-OVDv5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.72.0/22
185.160.28.0/23
185.160.31.0/24
IPv6:
2a05:abc0::/29
Signature Algorithm: sha256WithRSAEncryption
7a:c9:6d:a1:6e:c0:f0:5c:1f:0d:4e:84:2b:62:cc:f4:ab:ab:
d5:4f:2c:b9:bb:40:18:91:8d:df:ce:33:7b:e8:cd:ce:61:8a:
a0:79:b5:2b:c6:41:0d:33:27:4b:83:af:97:f8:35:e4:27:68:
bc:11:70:e7:76:1e:99:bb:6d:ad:8f:27:97:b8:0f:f7:5a:ab:
f0:88:95:fa:25:3f:71:ba:85:d6:0a:ee:ea:5b:36:03:b9:89:
92:61:ee:c7:36:7e:eb:ba:b6:9d:f7:b2:5e:10:04:b5:ec:92:
6a:ab:69:f5:bf:96:e2:00:b6:d0:e6:e0:e9:4a:e6:f7:9f:7b:
34:b2:e5:7f:4c:fe:1c:d0:f1:8b:b1:c4:f5:b0:2d:27:71:57:
88:f6:ef:dc:48:7e:65:ac:14:ca:39:2c:ca:a5:d5:01:b6:fe:
d2:dd:47:dd:64:09:12:c7:e3:c1:33:39:08:c1:6a:7a:6d:28:
7b:07:e0:22:e5:82:65:dc:ea:f0:50:cb:13:2a:25:29:4c:97:
7a:f4:1a:89:21:b3:c5:c3:65:46:f7:c7:7a:38:88:83:8e:d5:
b8:e3:a7:a6:5d:5d:17:2e:14:00:44:c3:6b:06:13:aa:62:cb:
b1:14:cf:85:0a:32:ed:f2:2e:de:4d:8b:07:9b:8c:32:32:77:
6a:92:2d:12
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZR0jovcpvc+FZXQTOz0mLvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZTAxM2VjOGE1YzU2ZGYyNDFhOWIyNTYzZDExMWY4ZTU0
M2JmOTEwHhcNMjUwMTE3MTM1ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzlmOTZmN2VkMmUyNDM4ZDdjODcxYTFlYjE4ZTk2NGVlOWJhNzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7AkQjDGrNuk6D0kWI4JXUIGiuTaA
6sjs/AThZahmP0V0QPQufIMDcS+EX0ty1sP/t22px5Cs8hW5u0u823LuxKV88eRE
cyMKe+Bqf6E6aubbKVn4C7K+tEDO2jMk/JxYXnMf2ejv5od998O4XCRjLbjHMxM2
SS4CaG4AM7XRm4Ri+Nmy/9wMF84x1m/d5DiBvd2Wxe2DYPzbP5SidLRh6OrMOjE4
1/kSu3a4nwQXNY5QmBTt4jAuoGSe3oaNjRZXQTOrZgbiyk0R0AAGE8dFfTVMRfxL
3s6uLD4Hf3yeKu0v5crnWwO6M/gbwlhiz/2lTGh8WsFPuNsT4kkSxEs7wQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPOflvftLiQ418hxoesY6WTum6cQMB8GA1UdIwQY
MBaAFNHgE+yKXFbfJBqbJWPREfjlQ7+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQt
NDQwNTI4YzFlNDllLzEvODUtVzktMHVKRGpYeUhHaDZ4anBaTzZicHhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQtNDQwNTI4YzFlNDll
LzEvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuVVIAwQB
uaAcAwQAuaAfMA0EAgACMAcDBQMqBavAMA0GCSqGSIb3DQEBCwUAA4IBAQB6yW2h
bsDwXB8NToQrYsz0q6vVTyy5u0AYkY3fzjN76M3OYYqgebUrxkENMydLg6+X+DXk
J2i8EXDndh6Zu22tjyeXuA/3WqvwiJX6JT9xuoXWCu7qWzYDuYmSYe7HNn7rurad
97JeEAS17JJqq2n1v5biALbQ5uDpSub3n3s0suV/TP4c0PGLscT1sC0ncVeI9u/c
SH5lrBTKOSzKpdUBtv7S3UfdZAkSx+PBMzkIwWp6bSh7B+Ai5YJl3OrwUMsTKiUp
TJd69BqJIbPFw2VG98d6OIiDjtW446emXV0XLhQARMNrBhOqYsuxFM+FCjLt8i7e
TYsHm4wyMndqki0S
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:53:58 2025 by rpki-client