Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/d8f145-1e0d-471d-8536-ae6b84c28195/1/FZiFdPKChxITxDzCQ6cPSzcC4AA.roa
File: FZiFdPKChxITxDzCQ6cPSzcC4AA.roa (raw, json)
Hash identifier: Spc4KysOlNm49c7rIDLql28HTfwqgj220F5tU9saDUo=
Subject key identifier: 15:98:85:74:F2:82:87:12:13:C4:3C:C2:43:A7:0F:4B:37:02:E0:00
Certificate issuer: /CN=4982b1719b4fec708ba66b297abe0db08fad0e1e
Certificate serial: 018CC79338559FEB1832256BFCC8C017CFC3
Authority key identifier: 49:82:B1:71:9B:4F:EC:70:8B:A6:6B:29:7A:BE:0D:B0:8F:AD:0E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYKxcZtP7HCLpmsper4NsI-tDh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/d8f145-1e0d-471d-8536-ae6b84c28195/1/FZiFdPKChxITxDzCQ6cPSzcC4AA.roa
Signing time: Tue 02 Jan 2024 00:29:23 +0000
ROA not before: Tue 02 Jan 2024 00:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201026
IP address blocks: 185.85.223.0/24 maxlen: 24
185.85.220.0/24 maxlen: 24
185.85.220.0/23 maxlen: 23
185.85.220.0/22 maxlen: 24
185.85.221.0/24 maxlen: 24
185.85.222.0/24 maxlen: 24
2a05:aec0::/44 maxlen: 44
2a05:aec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:38:55:9f:eb:18:32:25:6b:fc:c8:c0:17:cf:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4982b1719b4fec708ba66b297abe0db08fad0e1e
Validity
Not Before: Jan 2 00:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15988574f282871213c43cc243a70f4b3702e000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b9:56:05:b0:b2:d5:fe:c5:50:82:59:05:fc:
27:74:05:17:ce:8a:e4:d7:6d:ab:ab:3d:40:2a:18:
1f:d3:0b:bc:9e:bb:89:32:40:a9:93:cf:05:59:b9:
57:df:dc:90:9d:aa:53:3f:b4:c6:02:11:54:18:1a:
66:a0:c4:92:55:d0:d3:7e:88:29:bf:29:a6:2f:3b:
87:fe:5b:4a:8e:ef:c9:41:b0:44:f0:23:29:66:71:
e7:db:24:fa:97:1e:ff:62:9f:49:54:93:78:6d:5c:
86:ff:5b:81:76:46:83:dc:06:e3:b4:46:8e:4a:24:
ee:38:d2:a1:ba:66:9c:6e:3d:04:3b:35:41:d4:74:
c8:ce:7c:5c:fa:26:92:6a:4a:07:73:8e:31:4c:97:
25:38:ab:d9:f9:29:f6:ef:a8:c2:16:46:44:a1:04:
1f:91:79:ca:33:2a:b4:f3:c3:95:41:37:20:dc:86:
e1:6e:d2:ea:20:af:f4:6e:48:a1:9e:85:d6:2c:db:
19:d9:bc:9f:d1:74:4e:e2:9d:17:25:43:8d:45:a2:
bf:fb:22:e1:93:86:f1:79:a2:9d:d4:b7:46:1e:65:
54:b7:b2:0c:37:7b:84:fe:e6:5d:a6:bb:f8:e7:d8:
d3:06:00:4c:91:4c:5e:77:40:3b:0a:69:55:64:84:
1e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:98:85:74:F2:82:87:12:13:C4:3C:C2:43:A7:0F:4B:37:02:E0:00
X509v3 Authority Key Identifier:
keyid:49:82:B1:71:9B:4F:EC:70:8B:A6:6B:29:7A:BE:0D:B0:8F:AD:0E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYKxcZtP7HCLpmsper4NsI-tDh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/d8f145-1e0d-471d-8536-ae6b84c28195/1/FZiFdPKChxITxDzCQ6cPSzcC4AA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/d8f145-1e0d-471d-8536-ae6b84c28195/1/SYKxcZtP7HCLpmsper4NsI-tDh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.220.0/22
IPv6:
2a05:aec0::/29
Signature Algorithm: sha256WithRSAEncryption
18:df:bd:ce:ac:62:8b:00:98:e1:b7:68:fc:f1:71:50:dd:1f:
c2:a4:e7:64:5c:fe:cd:2e:ed:b4:36:f2:02:a2:73:45:47:3d:
b5:55:fc:f2:15:a4:70:55:23:69:a0:13:59:84:4b:ef:24:0a:
70:ea:a9:00:d3:e0:11:2e:be:72:b7:71:d0:7c:d8:8f:5a:7d:
7a:06:67:47:bc:99:73:b3:5c:e1:02:a9:85:62:f3:ae:19:dc:
a0:3b:e1:e9:19:95:43:c6:84:6c:8c:8c:4c:2b:11:a8:f4:8d:
79:96:69:15:01:33:de:70:36:5f:a9:3b:47:58:2d:72:13:b8:
01:ee:94:63:ed:7e:a2:41:0b:73:dc:60:6b:08:37:0c:7e:de:
95:63:12:3c:a8:97:0e:ba:0c:7f:b3:27:f2:02:5b:97:fb:68:
da:7a:d0:7d:ad:37:76:8e:b5:5d:24:d2:8f:86:b8:ee:dd:70:
16:d2:3b:43:0c:a9:00:d5:f8:ba:bb:a9:a7:fe:79:88:d8:2c:
4f:24:6f:4a:e2:13:11:40:99:96:bf:10:50:97:8a:14:0a:a2:
6c:dd:c8:61:2b:a0:5a:a0:d0:95:8c:c3:73:77:34:9b:e9:fa:
38:72:a5:e8:52:35:98:b4:2c:ac:02:ba:7c:c4:8c:09:5d:08:
6e:59:f1:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHkzhVn+sYMiVr/MjAF8/DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODJiMTcxOWI0ZmVjNzA4YmE2NmIyOTdhYmUwZGIwOGZh
ZDBlMWUwHhcNMjQwMTAyMDAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTk4ODU3NGYyODI4NzEyMTNjNDNjYzI0M2E3MGY0YjM3MDJlMDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7lWBbCy1f7FUIJZBfwndAUXzork
122rqz1AKhgf0wu8nruJMkCpk88FWblX39yQnapTP7TGAhFUGBpmoMSSVdDTfogp
vymmLzuH/ltKju/JQbBE8CMpZnHn2yT6lx7/Yp9JVJN4bVyG/1uBdkaD3AbjtEaO
SiTuONKhumacbj0EOzVB1HTIznxc+iaSakoHc44xTJclOKvZ+Sn276jCFkZEoQQf
kXnKMyq088OVQTcg3IbhbtLqIK/0bkihnoXWLNsZ2byf0XRO4p0XJUONRaK/+yLh
k4bxeaKd1LdGHmVUt7IMN3uE/uZdprv459jTBgBMkUxed0A7CmlVZIQeRQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBWYhXTygocSE8Q8wkOnD0s3AuAAMB8GA1UdIwQY
MBaAFEmCsXGbT+xwi6ZrKXq+DbCPrQ4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1lLeGNadFA3SENMcG1zcGVyNE5zSS10RGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9kOGYxNDUtMWUwZC00NzFkLTg1MzYt
YWU2Yjg0YzI4MTk1LzEvRlppRmRQS0NoeElUeER6Q1E2Y1BTemNDNEFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9kOGYxNDUtMWUwZC00NzFkLTg1MzYtYWU2Yjg0YzI4MTk1
LzEvU1lLeGNadFA3SENMcG1zcGVyNE5zSS10RGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVXcMA0E
AgACMAcDBQMqBa7AMA0GCSqGSIb3DQEBCwUAA4IBAQAY373OrGKLAJjht2j88XFQ
3R/CpOdkXP7NLu20NvIConNFRz21VfzyFaRwVSNpoBNZhEvvJApw6qkA0+ARLr5y
t3HQfNiPWn16BmdHvJlzs1zhAqmFYvOuGdygO+HpGZVDxoRsjIxMKxGo9I15lmkV
ATPecDZfqTtHWC1yE7gB7pRj7X6iQQtz3GBrCDcMft6VYxI8qJcOugx/syfyAluX
+2jaetB9rTd2jrVdJNKPhrju3XAW0jtDDKkA1fi6u6mn/nmI2CxPJG9K4hMRQJmW
vxBQl4oUCqJs3chhK6BaoNCVjMNzdzSb6fo4cqXoUjWYtCysArp8xIwJXQhuWfHN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:38 2025 by rpki-client