Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/gl_8aqLFflY-sXXrOgToEr_TEcw.roa
File: gl_8aqLFflY-sXXrOgToEr_TEcw.roa (raw, json)
Hash identifier: yW48O8FrJagf8dF8QcEz+uGUW6mscXXCvTWYGZEzcdM=
Subject key identifier: 82:5F:FC:6A:A2:C5:7E:56:3E:B1:75:EB:3A:04:E8:12:BF:D3:11:CC
Certificate issuer: /CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Certificate serial: 01946BE17ACE096F9B0BC5F9151097B8FA93
Authority key identifier: D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/gl_8aqLFflY-sXXrOgToEr_TEcw.roa
Signing time: Wed 15 Jan 2025 21:32:06 +0000
ROA not before: Wed 15 Jan 2025 21:32:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216244
IP address blocks: 185.85.72.0/24 maxlen: 24
185.85.73.0/24 maxlen: 24
185.85.74.0/24 maxlen: 24
185.85.75.0/24 maxlen: 24
185.160.28.0/24 maxlen: 24
185.160.29.0/24 maxlen: 24
185.160.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Jan 2025 13:58:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6b:e1:7a:ce:09:6f:9b:0b:c5:f9:15:10:97:b8:fa:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Validity
Not Before: Jan 15 21:32:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=825ffc6aa2c57e563eb175eb3a04e812bfd311cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:62:1d:23:d3:bf:d3:f7:10:51:c1:ae:58:27:
2a:93:b5:d9:33:6d:6c:3d:13:a5:9a:60:7a:15:e8:
8a:3e:60:5b:a5:8d:c9:e9:48:83:7e:8c:ea:79:f5:
6f:28:a1:e1:a1:b9:7a:2d:43:9b:7e:b9:98:c7:cf:
a1:a6:bf:21:e4:bd:1c:ec:76:43:b2:46:fb:ea:69:
7e:a4:fe:9d:81:14:bb:43:b0:38:c8:47:a2:23:87:
c1:ee:4a:d0:c2:04:83:1b:d0:ef:ef:b9:29:cb:30:
0b:3a:f4:d6:39:24:6e:1a:21:0d:a5:15:f0:96:54:
ab:dd:00:80:f0:f6:60:80:d6:c7:ef:3e:7d:6c:50:
b0:ab:46:27:80:73:8b:22:bd:e6:58:fb:44:c3:ab:
02:27:00:65:e5:5c:70:80:c1:1f:ff:87:ba:d5:6d:
e8:ea:aa:fb:cc:6b:f5:c0:e9:b7:00:22:fc:86:d7:
66:01:be:b8:fa:7f:3b:a2:46:ef:19:4c:94:17:04:
05:6f:b7:e9:6c:52:49:86:9f:3a:8d:93:26:31:6c:
b4:ae:f8:b7:77:af:7b:9a:25:1d:1f:11:f6:39:90:
da:61:1d:14:a5:5c:3a:d9:d8:ad:34:98:50:65:5a:
da:e6:69:e2:1a:eb:10:d8:e8:a6:03:8e:9d:58:50:
0a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:5F:FC:6A:A2:C5:7E:56:3E:B1:75:EB:3A:04:E8:12:BF:D3:11:CC
X509v3 Authority Key Identifier:
keyid:D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/gl_8aqLFflY-sXXrOgToEr_TEcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/0eAT7IpcVt8kGpslY9ER-OVDv5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.72.0/22
185.160.28.0/23
185.160.31.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:ad:12:07:34:4e:24:42:d0:cf:0a:77:77:d3:1e:c6:45:1d:
14:b2:3f:2c:69:f6:3f:7e:34:14:6c:9a:10:6a:c4:c6:e8:2b:
f6:e7:36:dd:74:99:8e:27:64:64:e4:8f:b6:ed:38:cb:48:97:
94:be:4d:c6:2e:29:cc:e6:6d:4e:c1:db:48:3b:1b:fa:ad:4c:
9e:9a:7e:2e:21:b1:2c:31:e2:3a:a0:f2:ea:98:88:33:c1:75:
73:37:6d:37:ac:6a:f2:cc:9c:b1:9a:4c:e3:96:b8:f8:2c:68:
42:a9:c2:cc:1d:66:1f:0d:1b:3d:70:47:73:27:d8:c8:96:22:
f9:b8:a0:a3:da:de:70:96:97:b5:99:4b:be:fd:7a:f5:2b:14:
a8:52:d4:e5:a9:16:38:17:8c:4a:4a:cf:42:54:4c:1c:e4:4c:
ce:43:9f:83:ec:42:67:48:7a:18:82:5c:4d:db:d4:d2:96:62:
bc:8c:0c:1b:39:74:47:1e:d6:dc:94:63:09:5f:05:a6:58:6d:
c8:fb:9a:8d:3e:07:49:32:41:ed:34:ce:39:e7:1a:4b:16:39:
84:06:78:c3:99:55:6d:65:b9:ad:c1:9b:ea:81:25:e7:54:9e:
ab:85:40:68:29:8c:c5:7d:b4:a0:75:be:8a:b2:da:87:01:b6:
fd:1f:53:f0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRr4XrOCW+bC8X5FRCXuPqTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZTAxM2VjOGE1YzU2ZGYyNDFhOWIyNTYzZDExMWY4ZTU0
M2JmOTEwHhcNMjUwMTE1MjEzMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjVmZmM2YWEyYzU3ZTU2M2ViMTc1ZWIzYTA0ZTgxMmJmZDMxMWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWIdI9O/0/cQUcGuWCcqk7XZM21s
PROlmmB6FeiKPmBbpY3J6UiDfozqefVvKKHhobl6LUObfrmYx8+hpr8h5L0c7HZD
skb76ml+pP6dgRS7Q7A4yEeiI4fB7krQwgSDG9Dv77kpyzALOvTWOSRuGiENpRXw
llSr3QCA8PZggNbH7z59bFCwq0YngHOLIr3mWPtEw6sCJwBl5VxwgMEf/4e61W3o
6qr7zGv1wOm3ACL8htdmAb64+n87okbvGUyUFwQFb7fpbFJJhp86jZMmMWy0rvi3
d697miUdHxH2OZDaYR0UpVw62ditNJhQZVra5mniGusQ2OimA46dWFAK9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIJf/GqixX5WPrF16zoE6BK/0xHMMB8GA1UdIwQY
MBaAFNHgE+yKXFbfJBqbJWPREfjlQ7+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQt
NDQwNTI4YzFlNDllLzEvZ2xfOGFxTEZmbFktc1hYck9nVG9Fcl9URWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQtNDQwNTI4YzFlNDll
LzEvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuVVIAwQB
uaAcAwQAuaAfMA0GCSqGSIb3DQEBCwUAA4IBAQCLrRIHNE4kQtDPCnd30x7GRR0U
sj8safY/fjQUbJoQasTG6Cv25zbddJmOJ2Rk5I+27TjLSJeUvk3GLinM5m1OwdtI
Oxv6rUyemn4uIbEsMeI6oPLqmIgzwXVzN203rGryzJyxmkzjlrj4LGhCqcLMHWYf
DRs9cEdzJ9jIliL5uKCj2t5wlpe1mUu+/Xr1KxSoUtTlqRY4F4xKSs9CVEwc5EzO
Q5+D7EJnSHoYglxN29TSlmK8jAwbOXRHHtbclGMJXwWmWG3I+5qNPgdJMkHtNM45
5xpLFjmEBnjDmVVtZbmtwZvqgSXnVJ6rhUBoKYzFfbSgdb6KstqHAbb9H1Pw
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:44:57 2025 by rpki-client