Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/WNpNUN5HNgX6VsBiL9P-ZVuoUPU.roa
File: WNpNUN5HNgX6VsBiL9P-ZVuoUPU.roa (raw, json)
Hash identifier: BPUp87ZoC9GJsdgWpO5J2Wryp3AfUj1EIPLGawprZps=
Subject key identifier: 58:DA:4D:50:DE:47:36:05:FA:56:C0:62:2F:D3:FE:65:5B:A8:50:F5
Certificate issuer: /CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Certificate serial: 0194694BA0A641D92E32B53AEC62DB449A3E
Authority key identifier: D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/WNpNUN5HNgX6VsBiL9P-ZVuoUPU.roa
Signing time: Wed 15 Jan 2025 09:29:11 +0000
ROA not before: Wed 15 Jan 2025 09:29:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 185.85.72.0/24 maxlen: 24
185.85.73.0/24 maxlen: 24
185.85.75.0/24 maxlen: 24
185.160.29.0/24 maxlen: 24
185.160.30.0/24 maxlen: 24
185.160.31.0/24 maxlen: 24
2a05:abc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 16 Jan 2025 21:41:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:69:4b:a0:a6:41:d9:2e:32:b5:3a:ec:62:db:44:9a:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Validity
Not Before: Jan 15 09:29:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58da4d50de473605fa56c0622fd3fe655ba850f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:99:a5:8e:bb:cb:1e:9b:f2:6c:dd:fa:b2:ef:
c6:63:0d:ce:fa:75:f8:2d:6f:6a:2b:8b:13:85:1e:
d0:1f:9a:9e:65:a0:87:0a:cb:3f:0a:94:a7:5b:7e:
38:66:5f:27:70:98:67:7f:48:57:28:f9:52:62:c3:
fe:aa:d3:94:79:be:94:fb:80:5f:26:08:75:19:2c:
c8:1f:98:2d:78:d8:94:97:32:f8:aa:6a:de:bc:ac:
27:14:7b:dd:07:cc:6a:68:9e:d1:05:4d:fb:c6:09:
09:7f:7c:85:0d:aa:09:42:d6:4c:0a:46:f8:b4:d8:
6a:c9:0c:fb:19:1a:21:2d:4c:1f:1b:68:f6:a5:80:
90:d7:50:25:c5:42:13:d1:1a:19:b4:d5:3a:3c:3a:
f3:4c:a8:8f:09:0a:63:30:ed:12:bf:dd:f9:d8:c8:
31:9d:d1:02:b7:e4:bd:9f:84:2b:13:da:16:0a:14:
a6:a3:b8:b0:1e:de:17:a9:8d:62:ea:27:36:2e:e0:
e5:50:d2:a0:65:71:e9:c3:ce:17:29:16:3f:e0:e0:
f0:c4:d6:04:da:23:85:fa:68:60:ec:48:8b:1d:8e:
93:31:56:58:da:0a:62:fa:8f:99:63:d3:ed:df:90:
36:6e:42:17:61:97:95:f6:c3:dc:71:cd:58:df:10:
89:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:DA:4D:50:DE:47:36:05:FA:56:C0:62:2F:D3:FE:65:5B:A8:50:F5
X509v3 Authority Key Identifier:
keyid:D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/WNpNUN5HNgX6VsBiL9P-ZVuoUPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/0eAT7IpcVt8kGpslY9ER-OVDv5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.72.0/23
185.85.75.0/24
185.160.29.0-185.160.31.255
IPv6:
2a05:abc0::/29
Signature Algorithm: sha256WithRSAEncryption
2f:51:0d:1c:ec:0b:03:16:bf:a6:f3:c4:a4:5b:df:83:ff:fd:
d3:7e:2e:66:4d:6f:37:f3:67:b7:13:ae:33:df:10:bf:75:ab:
69:d4:a7:e5:4d:cf:75:a8:ab:d3:a0:cb:56:3f:18:c0:1f:ed:
ac:40:f9:c1:d5:6a:8e:40:59:ce:a5:1d:58:18:e9:3c:02:9f:
26:74:00:5f:fd:8e:3b:96:43:bf:6f:d5:f8:2d:42:a4:95:4a:
cf:10:aa:32:bc:7f:c7:be:ae:cb:8d:9f:ee:63:01:d0:16:32:
a1:81:2a:45:ad:fd:50:fa:e3:bb:13:55:67:47:aa:a6:28:dc:
8f:43:dc:33:03:f1:0c:c4:2f:31:71:32:0d:52:9f:b0:91:09:
73:a9:16:d9:af:37:52:27:2e:b4:f9:99:ea:9c:b0:0d:c5:01:
1a:66:da:e6:a0:7d:0b:0f:4f:e4:eb:9c:58:aa:8c:22:01:67:
41:26:c9:1c:75:69:25:04:79:c3:f9:22:bc:25:7f:91:76:3a:
94:00:d8:7d:11:01:ba:be:35:cf:d6:08:a0:00:8d:2d:a9:d6:
bf:4c:9f:e6:25:76:68:36:28:f7:0e:f4:76:29:7e:41:a7:c1:
a7:9f:4e:5c:33:0a:59:ee:4a:22:4a:13:d5:01:1a:57:63:d4:
1f:38:3e:7c
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZRpS6CmQdkuMrU67GLbRJo+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZTAxM2VjOGE1YzU2ZGYyNDFhOWIyNTYzZDExMWY4ZTU0
M2JmOTEwHhcNMjUwMTE1MDkyOTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGRhNGQ1MGRlNDczNjA1ZmE1NmMwNjIyZmQzZmU2NTViYTg1MGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZmljrvLHpvybN36su/GYw3O+nX4
LW9qK4sThR7QH5qeZaCHCss/CpSnW344Zl8ncJhnf0hXKPlSYsP+qtOUeb6U+4Bf
Jgh1GSzIH5gteNiUlzL4qmrevKwnFHvdB8xqaJ7RBU37xgkJf3yFDaoJQtZMCkb4
tNhqyQz7GRohLUwfG2j2pYCQ11AlxUIT0RoZtNU6PDrzTKiPCQpjMO0Sv9352Mgx
ndECt+S9n4QrE9oWChSmo7iwHt4XqY1i6ic2LuDlUNKgZXHpw84XKRY/4ODwxNYE
2iOF+mhg7EiLHY6TMVZY2gpi+o+ZY9Pt35A2bkIXYZeV9sPccc1Y3xCJKwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFFjaTVDeRzYF+lbAYi/T/mVbqFD1MB8GA1UdIwQY
MBaAFNHgE+yKXFbfJBqbJWPREfjlQ7+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQt
NDQwNTI4YzFlNDllLzEvV05wTlVONUhOZ1g2VnNCaUw5UC1aVnVvVVBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQtNDQwNTI4YzFlNDll
LzEvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQBuVVIAwQA
uVVLMAwDBAC5oB0DBAW5oAAwDQQCAAIwBwMFAyoFq8AwDQYJKoZIhvcNAQELBQAD
ggEBAC9RDRzsCwMWv6bzxKRb34P//dN+LmZNbzfzZ7cTrjPfEL91q2nUp+VNz3Wo
q9Ogy1Y/GMAf7axA+cHVao5AWc6lHVgY6TwCnyZ0AF/9jjuWQ79v1fgtQqSVSs8Q
qjK8f8e+rsuNn+5jAdAWMqGBKkWt/VD647sTVWdHqqYo3I9D3DMD8QzELzFxMg1S
n7CRCXOpFtmvN1InLrT5meqcsA3FARpm2uagfQsPT+TrnFiqjCIBZ0EmyRx1aSUE
ecP5Irwlf5F2OpQA2H0RAbq+Nc/WCKAAjS2p1r9Mn+Yldmg2KPcO9HYpfkGnwaef
TlwzClnuSiJKE9UBGldj1B84Pnw=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:56:14 2025 by rpki-client