Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/5c5138-aee4-482c-913c-3a4dff8e8ded/1/cMVMgBCgtMIcaekpGAikMZY-9IU.roa
File: cMVMgBCgtMIcaekpGAikMZY-9IU.roa (raw, json)
Hash identifier: Ysl0ri9b2WV1kMbtI8AS/k0Al81ShYRCjmP+cb3k/x4=
Subject key identifier: 70:C5:4C:80:10:A0:B4:C2:1C:69:E9:29:18:08:A4:31:96:3E:F4:85
Certificate issuer: /CN=35730bb8b2623e7f65a6163604d1c85f9106288f
Certificate serial: 018CC349051D842D2557F9E16CEDC9BD1A50
Authority key identifier: 35:73:0B:B8:B2:62:3E:7F:65:A6:16:36:04:D1:C8:5F:91:06:28:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NXMLuLJiPn9lphY2BNHIX5EGKI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/5c5138-aee4-482c-913c-3a4dff8e8ded/1/cMVMgBCgtMIcaekpGAikMZY-9IU.roa
Signing time: Mon 01 Jan 2024 04:29:51 +0000
ROA not before: Mon 01 Jan 2024 04:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34513
IP address blocks: 85.198.0.0/24 maxlen: 24
85.198.4.0/24 maxlen: 24
85.198.1.0/24 maxlen: 24
85.198.2.0/24 maxlen: 24
85.198.3.0/24 maxlen: 24
85.198.7.0/24 maxlen: 24
85.198.5.0/24 maxlen: 24
85.198.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:05:1d:84:2d:25:57:f9:e1:6c:ed:c9:bd:1a:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35730bb8b2623e7f65a6163604d1c85f9106288f
Validity
Not Before: Jan 1 04:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70c54c8010a0b4c21c69e9291808a431963ef485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5f:d8:c0:56:5b:b4:6e:75:f9:1b:fd:ed:86:
73:80:a0:0c:a2:35:23:b9:d5:af:57:87:e7:06:4b:
b8:f2:74:af:fa:25:08:2b:58:7d:da:91:04:d8:f1:
24:ca:53:54:5b:13:17:3d:9b:a9:0c:c6:1b:42:43:
1c:67:1f:67:b9:cd:84:76:d3:6b:42:13:14:b2:d8:
43:dd:33:7b:8d:cf:91:6d:e9:ad:fa:f4:70:45:ef:
35:09:50:ec:02:e2:c2:ba:f6:2d:84:b9:48:ed:c7:
67:96:99:99:3c:09:77:98:ef:5f:41:c0:f5:af:3d:
ed:02:5e:ee:f1:2a:41:0f:43:61:d5:da:77:8d:a5:
bf:b2:de:51:53:38:2e:5c:28:6b:bf:6c:26:84:b8:
74:5b:6a:d5:fc:a2:c7:59:cd:01:c1:a0:e0:06:d0:
a7:7c:2d:15:2d:59:d9:35:2f:22:4c:bd:6a:d9:71:
72:fb:9b:81:28:4f:79:4c:af:99:3a:3a:71:bd:d2:
d5:18:98:1a:bc:86:bf:00:ae:14:49:4f:9b:f0:bd:
ba:89:43:6f:d6:44:ad:4e:39:7a:01:13:e5:b5:0d:
32:3b:9a:cb:9f:7a:a0:d4:e1:b1:1f:e1:f4:4a:b3:
30:20:00:4f:98:5d:d9:96:2f:97:aa:79:66:de:c0:
c0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C5:4C:80:10:A0:B4:C2:1C:69:E9:29:18:08:A4:31:96:3E:F4:85
X509v3 Authority Key Identifier:
keyid:35:73:0B:B8:B2:62:3E:7F:65:A6:16:36:04:D1:C8:5F:91:06:28:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NXMLuLJiPn9lphY2BNHIX5EGKI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/5c5138-aee4-482c-913c-3a4dff8e8ded/1/cMVMgBCgtMIcaekpGAikMZY-9IU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/5c5138-aee4-482c-913c-3a4dff8e8ded/1/NXMLuLJiPn9lphY2BNHIX5EGKI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.198.0.0/21
Signature Algorithm: sha256WithRSAEncryption
6b:e6:a0:f0:f1:59:ae:ff:ff:2e:89:d7:6e:ff:54:0f:de:5c:
a5:dc:57:98:34:68:27:33:f0:4f:43:f2:53:e4:fc:b5:1b:9d:
3b:06:40:76:3f:73:7a:c1:71:08:5d:e0:39:95:b8:a2:f3:a8:
9c:7f:a8:c1:9f:a8:3c:69:a6:13:ab:a3:34:39:cd:cd:02:17:
dc:2d:82:aa:8b:eb:a6:04:f4:d7:df:67:d1:f6:81:2c:40:6a:
ea:a0:6b:26:a7:e8:71:5d:47:62:92:e1:29:ae:95:8b:96:fd:
f3:18:8d:f0:87:0f:7e:6a:19:ba:20:ef:a7:02:5e:10:35:f0:
97:12:d2:15:aa:27:87:cc:a4:a6:0c:49:72:4c:93:b7:e8:4f:
c8:2b:fa:18:64:ef:e1:b5:6a:d3:b4:f4:1b:02:8f:e3:80:42:
e6:ea:a7:c2:9c:b0:24:0f:b1:a8:f8:11:ae:1d:7b:21:01:30:
54:af:ca:a4:3a:ca:b5:dd:05:e6:de:46:07:18:d1:73:1f:ca:
89:63:7c:2a:98:d3:f4:18:29:55:44:1c:39:da:a7:d8:c1:b2:
e9:15:d2:ff:4c:98:60:8d:4c:33:57:4e:5e:1b:4e:18:a2:e6:
ea:ea:91:97:78:0d:e1:a2:b2:89:f0:0c:63:b2:2c:4a:fd:df:
4b:ef:b5:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSQUdhC0lV/nhbO3JvRpQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NzMwYmI4YjI2MjNlN2Y2NWE2MTYzNjA0ZDFjODVmOTEw
NjI4OGYwHhcNMjQwMTAxMDQyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGM1NGM4MDEwYTBiNGMyMWM2OWU5MjkxODA4YTQzMTk2M2VmNDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1/YwFZbtG51+Rv97YZzgKAMojUj
udWvV4fnBku48nSv+iUIK1h92pEE2PEkylNUWxMXPZupDMYbQkMcZx9nuc2EdtNr
QhMUsthD3TN7jc+Rbemt+vRwRe81CVDsAuLCuvYthLlI7cdnlpmZPAl3mO9fQcD1
rz3tAl7u8SpBD0Nh1dp3jaW/st5RUzguXChrv2wmhLh0W2rV/KLHWc0BwaDgBtCn
fC0VLVnZNS8iTL1q2XFy+5uBKE95TK+ZOjpxvdLVGJgavIa/AK4USU+b8L26iUNv
1kStTjl6ARPltQ0yO5rLn3qg1OGxH+H0SrMwIABPmF3Zli+Xqnlm3sDAvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHDFTIAQoLTCHGnpKRgIpDGWPvSFMB8GA1UdIwQY
MBaAFDVzC7iyYj5/ZaYWNgTRyF+RBiiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlhNTHVMSmlQbjlscGhZMkJOSElYNUVHS0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC81YzUxMzgtYWVlNC00ODJjLTkxM2Mt
M2E0ZGZmOGU4ZGVkLzEvY01WTWdCQ2d0TUljYWVrcEdBaWtNWlktOUlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC81YzUxMzgtYWVlNC00ODJjLTkxM2MtM2E0ZGZmOGU4ZGVk
LzEvTlhNTHVMSmlQbjlscGhZMkJOSElYNUVHS0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVcYAMA0G
CSqGSIb3DQEBCwUAA4IBAQBr5qDw8Vmu//8uiddu/1QP3lyl3FeYNGgnM/BPQ/JT
5Py1G507BkB2P3N6wXEIXeA5lbii86icf6jBn6g8aaYTq6M0Oc3NAhfcLYKqi+um
BPTX32fR9oEsQGrqoGsmp+hxXUdikuEprpWLlv3zGI3whw9+ahm6IO+nAl4QNfCX
EtIVqieHzKSmDElyTJO36E/IK/oYZO/htWrTtPQbAo/jgELm6qfCnLAkD7Go+BGu
HXshATBUr8qkOsq13QXm3kYHGNFzH8qJY3wqmNP0GClVRBw52qfYwbLpFdL/TJhg
jUwzV05eG04Youbq6pGXeA3horKJ8AxjsixK/d9L77VJ
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:28:24 2025 by rpki-client