Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/0VWIWQt3f5FhUiqy9gBPjIkHTkI.roa
File: 0VWIWQt3f5FhUiqy9gBPjIkHTkI.roa (raw, json)
Hash identifier: wnmCL6mszY2gynriaTNNjlkx7UTAWnW+gWc+EALPDIE=
Subject key identifier: D1:55:88:59:0B:77:7F:91:61:52:2A:B2:F6:00:4F:8C:89:07:4E:42
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 018CC9BC5322C0F7C01DD14E2DAEF8ECE7B9
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/0VWIWQt3f5FhUiqy9gBPjIkHTkI.roa
Signing time: Tue 02 Jan 2024 10:33:31 +0000
ROA not before: Tue 02 Jan 2024 10:33:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.98.0/24 maxlen: 24
85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
2a03:32c0:d::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 03 Jan 2024 03:21:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:53:22:c0:f7:c0:1d:d1:4e:2d:ae:f8:ec:e7:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Jan 2 10:33:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d15588590b777f9161522ab2f6004f8c89074e42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d2:b3:92:c5:73:3d:30:68:ee:34:80:cd:84:
04:13:8e:ac:bb:83:d3:fe:e0:e2:2f:54:2a:b5:19:
f3:65:b5:f7:1a:25:ac:ab:f4:2d:6e:0e:e2:a0:a0:
77:ab:3d:44:f5:1c:04:e7:bb:32:6d:8c:1c:6a:5c:
9d:04:b9:83:ee:6c:e0:fa:0a:96:1b:0b:79:06:0d:
33:00:35:61:59:1b:7d:50:29:b9:c3:9b:50:1c:6e:
44:a9:f5:68:99:b1:a8:66:2d:b3:73:dc:b0:d6:54:
c6:e0:65:07:2a:cb:f7:be:8f:3c:d0:43:6a:04:c2:
1d:1f:e6:1c:c9:b5:a9:ea:af:e7:07:96:3e:b4:aa:
af:84:2e:3b:aa:83:13:e2:4b:54:08:ee:c1:52:b8:
4b:87:cc:a9:53:42:d7:6d:ec:23:83:27:fd:27:c4:
fc:cc:cc:5f:2a:b4:b0:d1:d8:4e:67:13:08:57:74:
74:b4:b0:66:a4:2a:33:7a:e3:72:3e:dc:c0:11:4d:
b5:c5:20:49:ed:c4:2e:fc:e1:08:4d:3b:bb:48:ba:
c6:fd:bd:d1:aa:5c:55:2a:1a:e4:a2:25:84:7a:d1:
20:a4:66:53:c2:0a:4c:72:e0:0d:79:63:85:be:5f:
30:40:74:bb:af:97:19:62:47:6b:a4:21:75:c2:91:
95:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:55:88:59:0B:77:7F:91:61:52:2A:B2:F6:00:4F:8C:89:07:4E:42
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/0VWIWQt3f5FhUiqy9gBPjIkHTkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0-85.117.105.255
IPv6:
2a03:32c0:d::/48
Signature Algorithm: sha256WithRSAEncryption
b7:36:32:c2:48:13:c4:a0:c2:07:7f:f5:11:91:7d:05:c6:6a:
4a:71:59:8a:85:c3:eb:f0:09:20:c3:ab:5a:11:3f:66:ba:90:
60:a1:15:6e:e6:78:5e:c1:8d:ae:c6:4e:8c:43:46:92:95:0a:
2f:33:25:28:6a:28:53:4d:98:c0:06:de:cf:a9:1f:93:b3:71:
df:f3:60:e4:60:21:75:7e:06:1b:fb:1d:cf:97:4e:d8:14:23:
6e:2e:d2:44:5a:fd:96:93:03:b1:21:f4:ee:e2:96:8e:08:8b:
f0:07:99:76:a2:6b:6e:b4:57:ee:14:27:30:38:87:1b:29:08:
27:f7:59:39:92:79:7d:03:4a:45:78:f8:d8:2b:c2:1f:0a:df:
43:d5:1d:12:dc:15:08:f9:29:b2:40:ee:8c:b6:0f:ab:cc:a4:
a8:fe:cd:2d:95:52:85:4d:45:31:65:33:bd:bf:38:a5:a3:4d:
50:ca:ea:a5:79:ec:3f:e7:2f:a3:c3:c1:98:38:63:b1:61:07:
b8:a8:7c:e6:c3:8c:0e:b6:fe:47:df:5e:18:44:67:83:8a:59:
78:20:e4:55:61:f5:b3:78:a9:d0:94:cb:7f:28:a0:f9:54:e4:
fd:e8:be:80:3f:13:98:e3:ae:c0:2a:49:05:4d:b7:19:4f:db:
64:2c:af:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzJvFMiwPfAHdFOLa747Oe5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQwMTAyMTAzMzMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTU1ODg1OTBiNzc3ZjkxNjE1MjJhYjJmNjAwNGY4Yzg5MDc0ZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNKzksVzPTBo7jSAzYQEE46su4PT
/uDiL1QqtRnzZbX3GiWsq/Qtbg7ioKB3qz1E9RwE57sybYwcalydBLmD7mzg+gqW
Gwt5Bg0zADVhWRt9UCm5w5tQHG5EqfVombGoZi2zc9yw1lTG4GUHKsv3vo880ENq
BMIdH+YcybWp6q/nB5Y+tKqvhC47qoMT4ktUCO7BUrhLh8ypU0LXbewjgyf9J8T8
zMxfKrSw0dhOZxMIV3R0tLBmpCozeuNyPtzAEU21xSBJ7cQu/OEITTu7SLrG/b3R
qlxVKhrkoiWEetEgpGZTwgpMcuANeWOFvl8wQHS7r5cZYkdrpCF1wpGVzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNFViFkLd3+RYVIqsvYAT4yJB05CMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvMFZXSVdRdDNmNUZoVWlxeTlnQlBqSWtIVGtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAVVdWAD
BAFVdWgwDwQCAAIwCQMHACoDMsAADTANBgkqhkiG9w0BAQsFAAOCAQEAtzYywkgT
xKDCB3/1EZF9BcZqSnFZioXD6/AJIMOrWhE/ZrqQYKEVbuZ4XsGNrsZOjENGkpUK
LzMlKGooU02YwAbez6kfk7Nx3/Ng5GAhdX4GG/sdz5dO2BQjbi7SRFr9lpMDsSH0
7uKWjgiL8AeZdqJrbrRX7hQnMDiHGykIJ/dZOZJ5fQNKRXj42CvCHwrfQ9UdEtwV
CPkpskDujLYPq8ykqP7NLZVShU1FMWUzvb84paNNUMrqpXnsP+cvo8PBmDhjsWEH
uKh85sOMDrb+R99eGERng4pZeCDkVWH1s3ip0JTLfyig+VTk/ei+gD8TmOOuwCpJ
BU23GU/bZCyvMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:54 2024 by rpki-client on console-ams.rpki-client.org