Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/abz_UWw6CUZ7mueiaXwkabfZ-Zs.roa
File: abz_UWw6CUZ7mueiaXwkabfZ-Zs.roa (raw, json)
Hash identifier: RgsUrnPEmR03HWhwCVqIoK4TnGvObWXrDmEuVcH6i2g=
Subject key identifier: 69:BC:FF:51:6C:3A:09:46:7B:9A:E7:A2:69:7C:24:69:B7:D9:F9:9B
Certificate issuer: /CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Certificate serial: 019426D9EDBDE2E90F9331BD4AD04EBCA2B0
Authority key identifier: D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/abz_UWw6CUZ7mueiaXwkabfZ-Zs.roa
Signing time: Thu 02 Jan 2025 11:50:03 +0000
ROA not before: Thu 02 Jan 2025 11:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 185.85.72.0/24 maxlen: 24
185.85.73.0/24 maxlen: 24
185.85.74.0/24 maxlen: 24
185.85.75.0/24 maxlen: 24
185.160.29.0/24 maxlen: 24
185.160.30.0/24 maxlen: 24
185.160.31.0/24 maxlen: 24
2a05:abc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 23:11:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ed:bd:e2:e9:0f:93:31:bd:4a:d0:4e:bc:a2:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Validity
Not Before: Jan 2 11:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69bcff516c3a09467b9ae7a2697c2469b7d9f99b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:1e:ac:33:c7:8b:1e:a1:21:45:c9:a5:3e:cb:
70:54:a8:27:12:8b:67:ca:45:ed:55:44:1b:b2:b9:
4c:43:87:3f:35:bb:c5:d5:87:95:ea:97:14:54:04:
fa:2b:e9:e7:95:39:3a:db:7b:f6:a8:1a:6a:66:01:
34:0f:c6:aa:fe:0e:d6:26:4f:d3:ae:82:78:ef:bd:
e7:70:04:91:ba:4c:aa:64:bb:0b:66:24:e6:43:05:
34:1f:fd:f5:0b:e7:65:c2:12:b0:5b:60:c3:93:09:
70:86:7b:fb:11:6c:bf:45:0d:4c:57:33:76:38:38:
73:31:e7:6d:fb:eb:3c:69:4c:b2:f3:5f:92:ce:55:
00:79:a0:6c:01:57:40:17:a9:2c:b2:08:43:8d:85:
15:fd:b7:48:58:ce:50:50:f2:c9:ac:8a:76:35:72:
43:35:d5:b6:cb:f5:96:e4:20:70:9f:7d:ae:8d:bf:
6f:ea:3b:c0:f4:83:ac:99:b0:42:ab:17:b3:43:cc:
b1:39:ff:4e:66:53:48:3a:67:2e:96:7c:05:0e:be:
b3:b6:03:9b:44:12:14:c7:3e:3d:79:dd:6a:63:67:
95:b7:74:db:ea:34:70:06:ba:0c:d6:96:4f:b2:bd:
23:05:df:62:b0:91:62:19:59:2a:9a:6c:fa:61:01:
96:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:BC:FF:51:6C:3A:09:46:7B:9A:E7:A2:69:7C:24:69:B7:D9:F9:9B
X509v3 Authority Key Identifier:
keyid:D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/abz_UWw6CUZ7mueiaXwkabfZ-Zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/0eAT7IpcVt8kGpslY9ER-OVDv5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.72.0/22
185.160.29.0-185.160.31.255
IPv6:
2a05:abc0::/29
Signature Algorithm: sha256WithRSAEncryption
53:fb:cf:85:6b:ea:67:00:c3:8a:ec:d2:da:2f:2c:9f:41:6c:
02:f1:69:51:8e:e2:a0:e9:65:69:ee:8b:c9:e3:a1:ab:f3:e5:
b6:d5:e1:dd:76:ff:23:22:bf:f6:85:22:17:3c:d8:86:fe:ef:
e9:94:43:88:39:9d:e7:20:1a:7d:5d:23:aa:d0:4d:91:48:28:
c8:66:e5:48:c8:92:72:e1:72:72:62:5f:85:26:11:94:c1:ec:
6d:9a:fb:85:f3:03:04:da:6a:00:97:f2:f2:74:ef:1e:fa:a7:
3a:98:f9:e2:53:5f:63:87:2c:78:f3:bf:42:ad:61:d2:55:96:
ce:2d:b5:93:6f:ca:08:4d:1e:01:79:d2:3a:c8:97:68:29:d9:
58:ec:00:ff:05:2e:c1:5c:b3:f5:02:88:e6:55:33:73:33:27:
54:c2:79:37:72:f5:40:7f:f2:3a:d8:6a:17:dd:9d:4a:6d:ba:
77:6e:61:29:2a:41:9b:82:90:bc:a6:7e:6a:42:b6:c9:36:7c:
24:2b:c2:97:19:6e:6d:30:b9:c3:72:9d:d9:7b:52:62:27:46:
f7:ac:a1:f0:1e:a8:cc:52:bc:5a:9c:6d:a1:11:e0:75:09:2c:
11:7a:30:d3:f7:5a:48:5f:06:ea:3a:ca:12:32:d9:dd:b7:89:
b4:20:d1:85
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQm2e294ukPkzG9StBOvKKwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZTAxM2VjOGE1YzU2ZGYyNDFhOWIyNTYzZDExMWY4ZTU0
M2JmOTEwHhcNMjUwMTAyMTE1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWJjZmY1MTZjM2EwOTQ2N2I5YWU3YTI2OTdjMjQ2OWI3ZDlmOTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzx6sM8eLHqEhRcmlPstwVKgnEotn
ykXtVUQbsrlMQ4c/NbvF1YeV6pcUVAT6K+nnlTk623v2qBpqZgE0D8aq/g7WJk/T
roJ4773ncASRukyqZLsLZiTmQwU0H/31C+dlwhKwW2DDkwlwhnv7EWy/RQ1MVzN2
ODhzMedt++s8aUyy81+SzlUAeaBsAVdAF6kssghDjYUV/bdIWM5QUPLJrIp2NXJD
NdW2y/WW5CBwn32ujb9v6jvA9IOsmbBCqxezQ8yxOf9OZlNIOmculnwFDr6ztgOb
RBIUxz49ed1qY2eVt3Tb6jRwBroM1pZPsr0jBd9isJFiGVkqmmz6YQGW4wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGm8/1FsOglGe5rnoml8JGm32fmbMB8GA1UdIwQY
MBaAFNHgE+yKXFbfJBqbJWPREfjlQ7+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQt
NDQwNTI4YzFlNDllLzEvYWJ6X1VXdzZDVVo3bXVlaWFYd2thYmZaLVpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQtNDQwNTI4YzFlNDll
LzEvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCuVVIMAwD
BAC5oB0DBAW5oAAwDQQCAAIwBwMFAyoFq8AwDQYJKoZIhvcNAQELBQADggEBAFP7
z4Vr6mcAw4rs0tovLJ9BbALxaVGO4qDpZWnui8njoavz5bbV4d12/yMiv/aFIhc8
2Ib+7+mUQ4g5necgGn1dI6rQTZFIKMhm5UjIknLhcnJiX4UmEZTB7G2a+4XzAwTa
agCX8vJ07x76pzqY+eJTX2OHLHjzv0KtYdJVls4ttZNvyghNHgF50jrIl2gp2Vjs
AP8FLsFcs/UCiOZVM3MzJ1TCeTdy9UB/8jrYahfdnUptunduYSkqQZuCkLymfmpC
tsk2fCQrwpcZbm0wucNyndl7UmInRvesofAeqMxSvFqcbaER4HUJLBF6MNP3Wkhf
Buo6yhIy2d23ibQg0YU=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:49:16 2025 by rpki-client