Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/aPPIx3UCB5y6UANQ_YDrjphkCiY.roa
File: aPPIx3UCB5y6UANQ_YDrjphkCiY.roa (raw, json)
Hash identifier: jWpR5lnefkFBYw8sSQgjkhMSfLrxTRGC0bYmOxi7ge8=
Subject key identifier: 68:F3:C8:C7:75:02:07:9C:BA:50:03:50:FD:80:EB:8E:98:64:0A:26
Certificate issuer: /CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Certificate serial: 01942949A298245FB75633DD48A34CFB398C
Authority key identifier: D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/aPPIx3UCB5y6UANQ_YDrjphkCiY.roa
Signing time: Thu 02 Jan 2025 23:11:19 +0000
ROA not before: Thu 02 Jan 2025 23:11:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 185.85.72.0/24 maxlen: 24
185.85.73.0/24 maxlen: 24
185.85.74.0/24 maxlen: 24
185.85.75.0/24 maxlen: 24
185.160.28.0/24 maxlen: 24
185.160.29.0/24 maxlen: 24
185.160.30.0/24 maxlen: 24
185.160.31.0/24 maxlen: 24
2a05:abc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 08 Jan 2025 11:15:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:29:49:a2:98:24:5f:b7:56:33:dd:48:a3:4c:fb:39:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Validity
Not Before: Jan 2 23:11:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68f3c8c77502079cba500350fd80eb8e98640a26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:30:44:f3:92:b4:c4:05:85:b4:1c:be:2f:64:
28:45:8c:ab:ab:83:75:aa:20:ee:92:3b:ab:e8:4a:
48:94:13:b5:3c:d4:42:e4:02:f3:e5:54:8d:ff:5d:
87:95:a0:fb:da:0f:8c:f4:f5:cf:2e:d8:41:62:76:
86:60:45:ff:ed:02:ad:ce:05:39:1d:3c:e2:93:87:
c2:a9:4b:7f:be:5f:69:66:4b:32:9c:ae:51:e9:9a:
ed:c0:5d:62:98:56:30:f4:17:08:2f:84:42:8e:fb:
32:94:46:ac:5e:96:97:0f:bc:54:95:95:4e:c3:20:
4c:2d:08:2d:5c:d3:c1:c4:7f:b6:f9:07:77:65:f1:
13:f4:7a:bd:22:10:e7:cb:dd:84:4d:bc:79:9d:98:
6d:d4:29:db:fd:66:4c:8a:77:97:80:ff:d1:a4:86:
64:3b:e3:bd:20:e0:7c:06:68:7d:11:02:e4:31:95:
42:91:31:43:e8:66:41:8b:44:66:f8:6f:8d:da:61:
0f:63:53:5e:df:57:1f:b3:23:51:20:ef:a6:26:44:
9c:20:fd:73:30:e3:c2:d9:52:bb:df:44:87:8f:bb:
f4:89:6b:9f:3f:dc:03:e7:9d:2e:5b:ba:2d:ac:40:
80:8f:c0:1e:84:e5:38:cf:d5:e9:d2:0c:b8:7c:e4:
25:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F3:C8:C7:75:02:07:9C:BA:50:03:50:FD:80:EB:8E:98:64:0A:26
X509v3 Authority Key Identifier:
keyid:D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/aPPIx3UCB5y6UANQ_YDrjphkCiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/0eAT7IpcVt8kGpslY9ER-OVDv5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.72.0/22
185.160.28.0/22
IPv6:
2a05:abc0::/29
Signature Algorithm: sha256WithRSAEncryption
44:0a:6d:0b:25:43:93:ca:eb:f1:d8:f8:65:e6:ce:ba:6d:15:
0d:b5:09:24:18:e3:91:0b:21:ae:57:7d:f0:64:9b:e4:d7:e2:
22:c9:85:c0:b8:ea:a5:0a:39:38:0f:67:4a:55:2e:b4:f4:be:
88:dc:a4:14:77:bc:4a:c9:1b:ce:7b:5d:f7:2d:9c:16:1b:30:
87:17:68:c4:65:05:6d:3a:3a:4e:94:df:c0:e6:68:cc:d5:a3:
49:24:cd:53:a4:4e:21:f6:3d:c1:90:04:9d:12:78:a5:ca:95:
85:91:c2:20:1a:e2:11:55:95:16:1a:6c:0d:56:d8:93:b4:a4:
8d:50:7a:6e:8a:72:85:88:02:ba:1f:49:25:88:27:35:ae:70:
0a:c3:0a:cf:37:1d:a8:10:bf:07:ba:cf:7a:b0:af:15:30:eb:
3d:9c:66:97:e3:30:74:bf:c0:9d:11:96:46:d4:26:da:fc:45:
94:48:cd:4b:8e:6b:93:84:95:7a:34:5b:05:de:d6:38:2d:13:
8a:d6:dd:7b:1f:40:fe:4e:47:ef:f3:9f:73:0f:9d:88:dc:cf:
c5:76:dc:f2:fd:80:e3:a8:b0:91:2d:1e:d4:87:22:c4:a9:23:
1a:14:79:cc:4a:b2:bd:b2:e1:98:d2:5c:1d:b0:a3:71:f3:17:
4b:80:06:d4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQpSaKYJF+3VjPdSKNM+zmMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZTAxM2VjOGE1YzU2ZGYyNDFhOWIyNTYzZDExMWY4ZTU0
M2JmOTEwHhcNMjUwMTAyMjMxMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGYzYzhjNzc1MDIwNzljYmE1MDAzNTBmZDgwZWI4ZTk4NjQwYTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTBE85K0xAWFtBy+L2QoRYyrq4N1
qiDukjur6EpIlBO1PNRC5ALz5VSN/12HlaD72g+M9PXPLthBYnaGYEX/7QKtzgU5
HTzik4fCqUt/vl9pZksynK5R6ZrtwF1imFYw9BcIL4RCjvsylEasXpaXD7xUlZVO
wyBMLQgtXNPBxH+2+Qd3ZfET9Hq9IhDny92ETbx5nZht1Cnb/WZMineXgP/RpIZk
O+O9IOB8Bmh9EQLkMZVCkTFD6GZBi0Rm+G+N2mEPY1Ne31cfsyNRIO+mJkScIP1z
MOPC2VK730SHj7v0iWufP9wD550uW7otrECAj8AehOU4z9Xp0gy4fOQl6wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGjzyMd1AgeculADUP2A646YZAomMB8GA1UdIwQY
MBaAFNHgE+yKXFbfJBqbJWPREfjlQ7+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQt
NDQwNTI4YzFlNDllLzEvYVBQSXgzVUNCNXk2VUFOUV9ZRHJqcGhrQ2lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQtNDQwNTI4YzFlNDll
LzEvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuVVIAwQC
uaAcMA0EAgACMAcDBQMqBavAMA0GCSqGSIb3DQEBCwUAA4IBAQBECm0LJUOTyuvx
2Phl5s66bRUNtQkkGOORCyGuV33wZJvk1+IiyYXAuOqlCjk4D2dKVS609L6I3KQU
d7xKyRvOe133LZwWGzCHF2jEZQVtOjpOlN/A5mjM1aNJJM1TpE4h9j3BkASdEnil
ypWFkcIgGuIRVZUWGmwNVtiTtKSNUHpuinKFiAK6H0kliCc1rnAKwwrPNx2oEL8H
us96sK8VMOs9nGaX4zB0v8CdEZZG1Cba/EWUSM1LjmuThJV6NFsF3tY4LROK1t17
H0D+Tkfv859zD52I3M/Fdtzy/YDjqLCRLR7UhyLEqSMaFHnMSrK9suGY0lwdsKNx
8xdLgAbU
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:00:48 2025 by rpki-client