Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/AzA4W_zOnI6c69tleGjktwvNT30.roa
File: AzA4W_zOnI6c69tleGjktwvNT30.roa (raw, json)
Hash identifier: KNa05bKxhaUOZzF/M/QuaQ8+lvacXqbv4W9zYfXlGbM=
Subject key identifier: 03:30:38:5B:FC:CE:9C:8E:9C:EB:DB:65:78:68:E4:B7:0B:CD:4F:7D
Certificate issuer: /CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Certificate serial: 019445A04680C09F5127164B593EEFB47240
Authority key identifier: D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/AzA4W_zOnI6c69tleGjktwvNT30.roa
Signing time: Wed 08 Jan 2025 11:15:19 +0000
ROA not before: Wed 08 Jan 2025 11:15:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 185.85.72.0/24 maxlen: 24
185.85.73.0/24 maxlen: 24
185.85.74.0/24 maxlen: 24
185.85.75.0/24 maxlen: 24
185.160.29.0/24 maxlen: 24
185.160.30.0/24 maxlen: 24
185.160.31.0/24 maxlen: 24
2a05:abc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 15 Jan 2025 09:29:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:a0:46:80:c0:9f:51:27:16:4b:59:3e:ef:b4:72:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Validity
Not Before: Jan 8 11:15:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0330385bfcce9c8e9cebdb657868e4b70bcd4f7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:fb:6b:c2:15:37:b3:2d:a2:cf:b3:e3:06:35:
2e:d4:a9:68:98:23:58:b7:24:15:50:6b:73:0c:30:
0b:f2:6f:fb:91:74:69:3d:65:e4:65:66:7b:20:12:
6f:b0:f1:82:e2:6c:92:5a:e6:6f:76:88:6e:90:ca:
ee:b8:27:2d:3d:e3:09:fa:2c:a8:34:8e:1e:19:3c:
a8:34:46:8d:72:5d:96:f5:e0:6f:4d:a8:a5:c5:ce:
c6:8b:af:ce:c4:67:87:ea:41:b5:c6:73:21:19:76:
cf:fd:21:1e:29:c5:29:32:51:fa:40:0e:14:01:96:
55:ba:85:8b:18:2e:b0:b8:d1:17:96:02:11:b9:9a:
0e:4c:19:b0:b0:ee:65:5f:15:ea:f4:bb:73:43:1d:
66:48:b5:26:0d:f7:2a:71:79:ac:f7:94:5f:2e:02:
94:ff:8e:bd:2b:6e:df:80:df:63:a7:42:56:ea:62:
9c:4f:47:1c:82:ab:b3:e3:0a:c9:3a:65:0e:8e:71:
f3:eb:8c:76:25:cb:fe:02:c3:6d:84:06:6e:60:dd:
b5:48:b9:c7:e2:7a:56:ac:54:ed:24:e9:e6:1a:54:
27:26:93:4d:c4:1c:c8:a2:53:b9:f6:f9:41:93:94:
f4:2a:12:db:40:ee:06:1e:95:76:b7:42:4a:6d:32:
41:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:30:38:5B:FC:CE:9C:8E:9C:EB:DB:65:78:68:E4:B7:0B:CD:4F:7D
X509v3 Authority Key Identifier:
keyid:D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/AzA4W_zOnI6c69tleGjktwvNT30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/0eAT7IpcVt8kGpslY9ER-OVDv5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.72.0/22
185.160.29.0-185.160.31.255
IPv6:
2a05:abc0::/29
Signature Algorithm: sha256WithRSAEncryption
3c:7e:e8:d2:8e:6a:54:ef:f5:3b:e0:98:f6:4b:d2:fc:7d:4f:
bf:b9:cc:79:82:e9:8e:5a:0e:50:f3:06:db:f4:4a:39:47:f2:
58:c3:80:f6:33:8c:58:da:28:8f:47:20:50:95:f1:00:a3:de:
70:70:a0:8c:d8:40:61:da:78:ab:52:ab:d8:ee:05:1a:bf:b5:
dd:ca:5e:5b:9d:78:ed:c0:33:5e:1e:0d:36:89:32:a6:a8:1f:
a7:7a:5e:fa:2e:ab:32:ce:31:c2:2b:7e:fa:18:bc:0c:06:ee:
7f:0c:f8:86:51:84:c9:88:81:de:b4:b5:d2:00:00:79:44:86:
37:2c:d5:a6:99:33:b1:67:95:55:22:84:25:40:08:da:da:16:
54:ed:e5:25:d4:18:48:e9:53:a5:b0:af:e1:90:4f:c2:ab:13:
ff:cb:09:09:7a:2a:11:42:d2:aa:23:19:fc:23:c7:65:d9:7d:
27:aa:b0:3c:66:d9:dc:c8:bf:1c:8f:76:e7:6f:ca:8d:23:fa:
ab:60:03:a9:91:2b:32:ce:57:e7:07:08:74:6b:fc:9a:15:9e:
92:64:94:f4:21:7e:31:6a:3c:b5:08:1a:09:1d:85:fb:cf:ef:
d3:60:53:c4:43:7c:89:76:a5:00:1c:31:07:23:e4:aa:93:48:
be:c4:0f:95
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZRFoEaAwJ9RJxZLWT7vtHJAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZTAxM2VjOGE1YzU2ZGYyNDFhOWIyNTYzZDExMWY4ZTU0
M2JmOTEwHhcNMjUwMTA4MTExNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzMwMzg1YmZjY2U5YzhlOWNlYmRiNjU3ODY4ZTRiNzBiY2Q0ZjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vtrwhU3sy2iz7PjBjUu1KlomCNY
tyQVUGtzDDAL8m/7kXRpPWXkZWZ7IBJvsPGC4mySWuZvdohukMruuCctPeMJ+iyo
NI4eGTyoNEaNcl2W9eBvTailxc7Gi6/OxGeH6kG1xnMhGXbP/SEeKcUpMlH6QA4U
AZZVuoWLGC6wuNEXlgIRuZoOTBmwsO5lXxXq9LtzQx1mSLUmDfcqcXms95RfLgKU
/469K27fgN9jp0JW6mKcT0ccgquz4wrJOmUOjnHz64x2Jcv+AsNthAZuYN21SLnH
4npWrFTtJOnmGlQnJpNNxBzIolO59vlBk5T0KhLbQO4GHpV2t0JKbTJBZQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAMwOFv8zpyOnOvbZXho5LcLzU99MB8GA1UdIwQY
MBaAFNHgE+yKXFbfJBqbJWPREfjlQ7+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQt
NDQwNTI4YzFlNDllLzEvQXpBNFdfek9uSTZjNjl0bGVHamt0d3ZOVDMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQtNDQwNTI4YzFlNDll
LzEvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCuVVIMAwD
BAC5oB0DBAW5oAAwDQQCAAIwBwMFAyoFq8AwDQYJKoZIhvcNAQELBQADggEBADx+
6NKOalTv9TvgmPZL0vx9T7+5zHmC6Y5aDlDzBtv0SjlH8ljDgPYzjFjaKI9HIFCV
8QCj3nBwoIzYQGHaeKtSq9juBRq/td3KXludeO3AM14eDTaJMqaoH6d6XvouqzLO
McIrfvoYvAwG7n8M+IZRhMmIgd60tdIAAHlEhjcs1aaZM7FnlVUihCVACNraFlTt
5SXUGEjpU6Wwr+GQT8KrE//LCQl6KhFC0qojGfwjx2XZfSeqsDxm2dzIvxyPdudv
yo0j+qtgA6mRKzLOV+cHCHRr/JoVnpJklPQhfjFqPLUIGgkdhfvP79NgU8RDfIl2
pQAcMQcj5KqTSL7ED5U=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:58:26 2025 by rpki-client