Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/tTMWeIl1wVMyz4zJOPD0mK51tlo.roa
File: tTMWeIl1wVMyz4zJOPD0mK51tlo.roa (raw, json)
Hash identifier: VIAllskvHAeEMwBjeArtapENancxfHW73/3eYpEGA2k=
Subject key identifier: B5:33:16:78:89:75:C1:53:32:CF:8C:C9:38:F0:F4:98:AE:75:B6:5A
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 01930B5B204E74C1F668DFE105D7B4957296
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/tTMWeIl1wVMyz4zJOPD0mK51tlo.roa
Signing time: Fri 08 Nov 2024 10:39:01 +0000
ROA not before: Fri 08 Nov 2024 10:39:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 85.142.0.0/21 maxlen: 24
85.142.40.0/21 maxlen: 24
85.142.48.0/22 maxlen: 24
85.142.64.0/22 maxlen: 24
85.142.72.0/21 maxlen: 24
85.142.80.0/20 maxlen: 24
85.142.96.0/22 maxlen: 24
85.142.100.0/23 maxlen: 24
85.142.112.0/22 maxlen: 24
85.142.128.0/20 maxlen: 24
85.142.212.0/23 maxlen: 24
85.142.215.0/24 maxlen: 24
85.142.240.0/23 maxlen: 24
85.142.242.0/24 maxlen: 24
85.142.244.0/23 maxlen: 24
85.142.246.0/24 maxlen: 24
85.142.250.0/24 maxlen: 24
85.142.252.0/22 maxlen: 24
85.143.41.0/24 maxlen: 24
85.143.42.0/23 maxlen: 24
85.143.44.0/24 maxlen: 24
85.143.48.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Nov 2024 10:50:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0b:5b:20:4e:74:c1:f6:68:df:e1:05:d7:b4:95:72:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Nov 8 10:39:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b53316788975c15332cf8cc938f0f498ae75b65a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ca:36:5f:6a:08:a2:d6:b7:58:8a:6e:81:14:
f8:e5:f6:76:14:f6:f2:b6:8f:63:fb:48:ef:52:0d:
e7:0d:05:7e:b4:20:49:d7:42:6d:5a:c7:22:86:a2:
55:87:ca:c6:e2:2f:3f:05:41:10:2c:97:ca:5e:10:
f9:ad:58:7b:18:c7:1e:97:8c:40:1f:18:ed:e8:f4:
c7:8b:f8:bf:d8:36:70:5d:e3:2f:cd:d2:ef:37:9b:
32:3b:24:7c:b1:ac:87:3f:96:ae:4d:c2:f6:7d:85:
fd:9c:8d:0c:b8:c1:b8:7d:71:95:62:8d:e3:8f:3a:
1a:a9:09:f3:10:27:27:d8:5b:fe:01:86:c3:79:9f:
19:f6:85:03:df:62:c3:c5:dd:84:1c:0a:5a:b9:eb:
3c:aa:aa:2e:7f:70:b3:9d:59:40:af:77:32:14:ae:
f7:4f:a5:f2:cb:73:ec:ec:b9:da:b4:bb:92:ee:92:
c6:e6:6f:a5:ea:2f:a9:e2:0e:19:2c:a6:0d:52:eb:
5c:6e:3e:ea:8b:4e:46:cc:ad:15:9a:3b:e7:c9:15:
e8:a7:0a:7f:19:c7:90:08:2b:81:fd:2e:53:ff:e5:
d4:06:49:0b:bb:57:15:00:14:fc:31:ed:1c:80:6f:
47:bc:67:8e:73:66:45:b8:80:8b:25:89:99:bd:4f:
77:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:33:16:78:89:75:C1:53:32:CF:8C:C9:38:F0:F4:98:AE:75:B6:5A
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/tTMWeIl1wVMyz4zJOPD0mK51tlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.142.0.0/21
85.142.40.0-85.142.51.255
85.142.64.0/22
85.142.72.0-85.142.101.255
85.142.112.0/22
85.142.128.0/20
85.142.212.0/23
85.142.215.0/24
85.142.240.0-85.142.242.255
85.142.244.0-85.142.246.255
85.142.250.0/24
85.142.252.0/22
85.143.41.0-85.143.44.255
85.143.48.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:ba:a1:f7:87:fb:2e:fa:85:eb:ba:a7:31:f1:f6:b0:51:f7:
b7:a8:83:3e:be:e0:06:94:35:ab:ff:01:f8:b7:e3:b9:bc:6d:
72:df:b4:75:6a:9e:87:61:5a:42:4c:83:1d:65:08:28:ed:55:
bc:9c:c3:4c:4b:8e:c9:cd:9a:3a:35:c4:02:d2:ea:ab:4b:29:
47:6b:38:95:25:1c:eb:9d:59:2b:ae:00:98:8b:77:a6:db:21:
c0:1e:d6:1c:4e:b6:b4:82:a8:4f:10:ef:12:31:48:20:57:87:
e4:a3:75:f5:7b:c7:66:6a:43:f3:88:bb:e6:38:cc:ad:02:4e:
df:96:e1:54:0e:e7:a8:99:59:37:94:1c:ed:23:24:a4:ba:60:
6d:b8:79:9c:c3:67:17:77:07:6b:52:df:9f:78:4d:e2:71:0f:
c9:ea:53:8b:43:8b:a0:ae:de:72:38:c7:5d:cd:3f:1d:c6:17:
97:b6:a9:3a:b0:48:be:ac:70:30:47:17:2b:ae:73:11:3b:26:
19:aa:f0:cd:9e:2d:e2:5d:74:0e:5a:86:2d:dd:cc:32:96:cb:
d0:88:fe:61:52:2f:50:98:62:e0:49:da:1b:24:ae:9a:51:c1:
82:3c:d8:23:8f:ca:f4:65:49:02:53:9c:ec:0b:e2:b6:88:3f:
a3:24:a0:df
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZMLWyBOdMH2aN/hBde0lXKWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQxMTA4MTAzOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTMzMTY3ODg5NzVjMTUzMzJjZjhjYzkzOGYwZjQ5OGFlNzViNjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8o2X2oIota3WIpugRT45fZ2FPby
to9j+0jvUg3nDQV+tCBJ10JtWscihqJVh8rG4i8/BUEQLJfKXhD5rVh7GMcel4xA
Hxjt6PTHi/i/2DZwXeMvzdLvN5syOyR8sayHP5auTcL2fYX9nI0MuMG4fXGVYo3j
jzoaqQnzECcn2Fv+AYbDeZ8Z9oUD32LDxd2EHApaues8qqouf3CznVlAr3cyFK73
T6Xyy3Ps7LnatLuS7pLG5m+l6i+p4g4ZLKYNUutcbj7qi05GzK0VmjvnyRXopwp/
GceQCCuB/S5T/+XUBkkLu1cVABT8Me0cgG9HvGeOc2ZFuICLJYmZvU93RwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFLUzFniJdcFTMs+MyTjw9JiudbZaMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvdFRNV2VJbDF3Vk15ejR6Sk9QRDBtSzUxdGxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEA1WO
ADAMAwQDVY4oAwQCVY4wAwQCVY5AMAwDBANVjkgDBAFVjmQDBAJVjnADBARVjoAD
BAFVjtQDBABVjtcwDAMEBFWO8AMEAFWO8jAMAwQCVY70AwQAVY72AwQAVY76AwQC
VY78MAwDBABVjykDBABVjywDBAJVjzAwDQYJKoZIhvcNAQELBQADggEBAAu6ofeH
+y76heu6pzHx9rBR97eogz6+4AaUNav/Afi347m8bXLftHVqnodhWkJMgx1lCCjt
Vbycw0xLjsnNmjo1xALS6qtLKUdrOJUlHOudWSuuAJiLd6bbIcAe1hxOtrSCqE8Q
7xIxSCBXh+SjdfV7x2ZqQ/OIu+Y4zK0CTt+W4VQO56iZWTeUHO0jJKS6YG24eZzD
Zxd3B2tS3594TeJxD8nqU4tDi6Cu3nI4x13NPx3GF5e2qTqwSL6scDBHFyuucxE7
Jhmq8M2eLeJddA5ahi3dzDKWy9CI/mFSL1CYYuBJ2hskrppRwYI82COPyvRlSQJT
nOwL4raIP6MkoN8=
-----END CERTIFICATE-----
Generated at Fri Nov 8 16:57:55 2024 by rpki-client on console-ams.rpki-client.org