Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/85uubsaf6_D72-oSgwDgf5QG1UQ.roa
File: 85uubsaf6_D72-oSgwDgf5QG1UQ.roa (raw, json)
Hash identifier: 1eViEOOEP4JIvzB8AIxTVcoTzSrcMf606jXRiYsaGBU=
Subject key identifier: F3:9B:AE:6E:C6:9F:EB:F0:FB:DB:EA:12:83:00:E0:7F:94:06:D5:44
Certificate issuer: /CN=0c90c356e2864f43894857443555d8b5c0352819
Certificate serial: 018DF42F2AFE2DA895E14DDF7523240620CC
Authority key identifier: 0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/85uubsaf6_D72-oSgwDgf5QG1UQ.roa
Signing time: Thu 29 Feb 2024 09:25:48 +0000
ROA not before: Thu 29 Feb 2024 09:25:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44395
IP address blocks: 5.77.128.0/17 maxlen: 24
37.157.208.0/20 maxlen: 24
37.157.208.0/22 maxlen: 24
37.157.209.0/24 maxlen: 24
37.157.210.0/24 maxlen: 24
37.157.212.0/22 maxlen: 24
37.157.216.0/21 maxlen: 24
37.157.216.0/22 maxlen: 24
37.157.220.0/22 maxlen: 24
37.252.64.0/19 maxlen: 24
46.36.112.0/20 maxlen: 24
46.162.192.0/18 maxlen: 24
46.162.240.0/20 maxlen: 24
46.241.128.0/17 maxlen: 24
81.16.0.0/20 maxlen: 24
82.199.192.0/20 maxlen: 24
92.43.136.0/21 maxlen: 24
92.43.136.0/22 maxlen: 24
92.43.140.0/22 maxlen: 24
109.75.34.0/23 maxlen: 24
109.75.36.0/22 maxlen: 24
109.75.40.0/21 maxlen: 24
141.136.64.0/19 maxlen: 24
178.78.128.0/19 maxlen: 24
178.78.160.0/20 maxlen: 24
178.78.176.0/21 maxlen: 24
185.59.68.0/22 maxlen: 24
185.86.195.0/24 maxlen: 24
188.115.192.0/18 maxlen: 24
212.34.224.0/19 maxlen: 24
212.34.232.0/21 maxlen: 24
212.34.240.0/20 maxlen: 24
212.34.240.0/21 maxlen: 24
2a00:cc40::/29 maxlen: 48
2a00:cc40::/32 maxlen: 32
2a00:cc40::/48 maxlen: 48
2a01:4a00::/32 maxlen: 32
2a03:1080::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 29 Feb 2024 13:28:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f4:2f:2a:fe:2d:a8:95:e1:4d:df:75:23:24:06:20:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c90c356e2864f43894857443555d8b5c0352819
Validity
Not Before: Feb 29 09:25:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f39bae6ec69febf0fbdbea128300e07f9406d544
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:9a:8f:90:db:e5:ff:84:d0:81:2e:45:f5:10:
e6:7e:11:64:77:2c:e7:c6:55:db:6f:b7:81:24:39:
68:57:e6:b0:0f:c6:68:c2:f5:7f:cd:25:71:ea:97:
56:33:b5:56:a6:a1:b1:52:6e:20:21:67:22:1c:e1:
89:a9:aa:ec:c8:a2:75:06:04:a0:5f:d6:c2:70:37:
47:b1:db:ba:b2:e9:73:0d:8c:9c:78:54:c7:ad:5e:
11:77:44:5a:e7:4d:b5:01:3a:32:f9:5c:a0:48:84:
2d:a4:08:2f:84:70:03:4e:89:0a:df:a0:69:38:77:
2d:13:50:ba:13:09:3f:ff:13:ca:7e:86:07:6a:90:
6f:e9:69:de:53:28:04:02:ea:23:d4:9d:91:e1:c0:
51:2b:8b:5d:57:0a:ec:ce:1f:c4:c1:1e:50:66:00:
a7:0e:d5:47:bb:e3:74:ce:57:51:a5:05:d2:8b:8d:
f5:31:4f:8b:ce:ed:82:91:b7:31:8f:48:d6:02:cc:
8c:9a:2b:92:0c:46:a9:5a:56:39:45:3a:80:d0:48:
33:a1:7f:bd:30:04:f5:72:c9:a4:7e:04:50:12:e1:
71:30:84:a4:07:54:0c:16:d1:48:bc:2e:23:9f:be:
82:9d:3a:ac:e4:b2:7f:5b:69:b8:13:f1:b1:fa:99:
4c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:9B:AE:6E:C6:9F:EB:F0:FB:DB:EA:12:83:00:E0:7F:94:06:D5:44
X509v3 Authority Key Identifier:
keyid:0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/85uubsaf6_D72-oSgwDgf5QG1UQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.77.128.0/17
37.157.208.0/20
37.252.64.0/19
46.36.112.0/20
46.162.192.0/18
46.241.128.0/17
81.16.0.0/20
82.199.192.0/20
92.43.136.0/21
109.75.34.0-109.75.47.255
141.136.64.0/19
178.78.128.0-178.78.183.255
185.59.68.0/22
185.86.195.0/24
188.115.192.0/18
212.34.224.0/19
IPv6:
2a00:cc40::/29
2a01:4a00::/32
2a03:1080::/32
Signature Algorithm: sha256WithRSAEncryption
1d:d9:2d:aa:73:87:eb:86:be:41:11:f2:39:e6:12:05:d5:ef:
9b:bd:65:66:9b:91:36:8c:f8:65:86:95:98:28:37:66:e3:91:
ce:70:5c:d8:89:6f:75:01:4f:81:29:4c:44:ad:9b:b3:4b:03:
34:98:67:f4:40:89:07:06:29:7e:18:fd:35:3b:9c:89:73:4e:
74:15:d5:bc:f0:10:30:c7:e9:d5:72:c4:6a:b3:d4:cc:c4:06:
ff:ff:fc:38:d1:9c:81:e5:e9:4b:7f:9c:13:0c:0f:ad:74:84:
3c:0c:97:b8:0c:6f:72:18:e5:58:e4:20:60:c7:3b:5d:66:e7:
fb:55:e3:b9:47:c4:7f:24:84:3b:c3:70:19:9e:4d:26:dc:14:
a0:4f:30:fb:40:49:36:e0:d2:46:82:02:fd:fe:dc:6b:cc:d4:
07:a5:d7:10:b9:0b:d0:d9:f8:42:8f:46:c1:86:7b:b4:49:e7:
dc:9f:ed:c8:45:0d:7b:fc:4e:a0:87:01:87:79:27:18:b3:5f:
84:2c:3f:ea:13:96:d3:70:3c:64:5c:06:77:12:1a:d0:f0:ad:
c1:5c:e3:b5:10:2d:9a:97:8b:d0:ba:cd:1b:b8:f0:a7:32:4a:
99:fd:d1:e1:c7:17:7b:b6:36:fa:ce:6c:4f:4e:31:63:de:8e:
fc:6d:fe:7c
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAY30Lyr+LaiV4U3fdSMkBiDMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjOTBjMzU2ZTI4NjRmNDM4OTQ4NTc0NDM1NTVkOGI1YzAz
NTI4MTkwHhcNMjQwMjI5MDkyNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzliYWU2ZWM2OWZlYmYwZmJkYmVhMTI4MzAwZTA3Zjk0MDZkNTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA45qPkNvl/4TQgS5F9RDmfhFkdyzn
xlXbb7eBJDloV+awD8ZowvV/zSVx6pdWM7VWpqGxUm4gIWciHOGJqarsyKJ1BgSg
X9bCcDdHsdu6sulzDYyceFTHrV4Rd0Ra5021AToy+VygSIQtpAgvhHADTokK36Bp
OHctE1C6Ewk//xPKfoYHapBv6WneUygEAuoj1J2R4cBRK4tdVwrszh/EwR5QZgCn
DtVHu+N0zldRpQXSi431MU+Lzu2Ckbcxj0jWAsyMmiuSDEapWlY5RTqA0EgzoX+9
MAT1csmkfgRQEuFxMISkB1QMFtFIvC4jn76CnTqs5LJ/W2m4E/Gx+plM+QIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFPObrm7Gn+vw+9vqEoMA4H+UBtVEMB8GA1UdIwQY
MBaAFAyQw1bihk9DiUhXRDVV2LXANSgZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDct
ZTM3OTlhZGU5ZGZlLzEvODV1dWJzYWY2X0Q3Mi1vU2d3RGdmNVFHMVVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDctZTM3OTlhZGU5ZGZl
LzEvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGoBggrBgEFBQcBBwEB/wSBmDCBlTB2BAIAATBwAwQHBU2A
AwQEJZ3QAwQFJfxAAwQELiRwAwQGLqLAAwQHLvGAAwQEURAAAwQEUsfAAwQDXCuI
MAwDBAFtSyIDBARtSyADBAWNiEAwDAMEB7JOgAMEA7JOsAMEArk7RAMEALlWwwME
BrxzwAMEBdQi4DAbBAIAAjAVAwUDKgDMQAMFACoBSgADBQAqAxCAMA0GCSqGSIb3
DQEBCwUAA4IBAQAd2S2qc4frhr5BEfI55hIF1e+bvWVmm5E2jPhlhpWYKDdm45HO
cFzYiW91AU+BKUxErZuzSwM0mGf0QIkHBil+GP01O5yJc050FdW88BAwx+nVcsRq
s9TMxAb///w40ZyB5elLf5wTDA+tdIQ8DJe4DG9yGOVY5CBgxztdZuf7VeO5R8R/
JIQ7w3AZnk0m3BSgTzD7QEk24NJGggL9/txrzNQHpdcQuQvQ2fhCj0bBhnu0Sefc
n+3IRQ17/E6ghwGHeScYs1+ELD/qE5bTcDxkXAZ3EhrQ8K3BXOO1EC2al4vQus0b
uPCnMkqZ/dHhxxd7tjb6zmxPTjFj3o78bf58
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:02 2025 by rpki-client