Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Ed5r_IfWGD80yiK2cXvsb7q5hqs.roa
File: Ed5r_IfWGD80yiK2cXvsb7q5hqs.roa (raw, json)
Hash identifier: Owu8mWGf/0kF5N1U5J3+tU0bqlPUQ3Vj25YOP6rnIXY=
Subject key identifier: 11:DE:6B:FC:87:D6:18:3F:34:CA:22:B6:71:7B:EC:6F:BA:B9:86:AB
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 018CF68DDA69467E425DA898DF8210FF93E9
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Ed5r_IfWGD80yiK2cXvsb7q5hqs.roa
Signing time: Thu 11 Jan 2024 03:25:40 +0000
ROA not before: Thu 11 Jan 2024 03:25:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.98.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
85.117.106.0/24 maxlen: 24
85.117.107.0/24 maxlen: 24
85.117.108.0/24 maxlen: 24
85.117.109.0/24 maxlen: 24
185.57.72.0/24 maxlen: 24
185.57.73.0/24 maxlen: 24
185.57.74.0/24 maxlen: 24
185.57.75.0/24 maxlen: 24
217.76.68.0/24 maxlen: 24
217.76.72.0/24 maxlen: 24
217.76.74.0/24 maxlen: 24
217.76.75.0/24 maxlen: 24
217.76.76.0/24 maxlen: 24
217.76.77.0/24 maxlen: 24
2a03:32c0:300e::/48 maxlen: 48
2a03:32c0:18::/48 maxlen: 48
2a03:32c0:17::/48 maxlen: 48
2a03:32c0:b::/48 maxlen: 48
2a03:32c0:d::/48 maxlen: 48
2a03:32c0:16::/48 maxlen: 48
2a03:32c0:c::/48 maxlen: 48
2a03:32c0:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 12 Jan 2024 03:27:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f6:8d:da:69:46:7e:42:5d:a8:98:df:82:10:ff:93:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Jan 11 03:25:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11de6bfc87d6183f34ca22b6717bec6fbab986ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:5e:3c:3a:17:58:3f:91:fb:eb:42:5e:18:db:
cd:80:cd:b9:34:e1:94:9d:67:a8:51:48:5e:08:cc:
1d:77:21:b8:a5:b2:f9:99:4c:3e:69:98:32:20:0f:
9b:4b:64:b9:d6:37:91:26:73:97:b7:43:a2:ae:e2:
37:da:3f:70:c0:76:60:b4:34:9b:25:ee:a9:1c:bf:
96:34:d6:07:d9:d8:28:a7:da:db:42:02:50:49:74:
66:7c:14:94:7b:b9:37:4e:2c:08:06:fe:60:a8:c3:
0a:d0:55:cc:4e:8f:d2:8f:54:62:aa:a9:34:ac:fb:
cc:bf:cb:4b:af:46:91:cc:46:90:56:01:7f:5a:a9:
3f:48:ee:a9:52:24:bd:e3:2f:92:63:74:1c:e5:38:
bf:89:2b:f8:aa:2b:89:83:b2:b4:71:73:89:e5:8c:
08:5b:7a:8c:02:01:f4:09:94:0f:d8:b8:69:bb:27:
41:84:c7:e1:dc:f6:44:3e:60:58:89:39:d5:b7:56:
50:14:36:12:24:57:bf:8a:20:3f:6d:78:3f:49:fc:
33:14:f8:74:64:c8:0f:6b:72:ad:66:d4:6c:66:37:
9a:71:85:90:0e:05:b9:d4:da:db:f9:27:80:8f:3a:
b2:2e:07:5d:f4:db:06:63:76:e8:ba:71:bb:f4:62:
e1:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:DE:6B:FC:87:D6:18:3F:34:CA:22:B6:71:7B:EC:6F:BA:B9:86:AB
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Ed5r_IfWGD80yiK2cXvsb7q5hqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0-85.117.109.255
185.57.72.0/22
217.76.68.0/24
217.76.72.0/24
217.76.74.0-217.76.77.255
IPv6:
2a03:32c0:a::-2a03:32c0:d:ffff:ffff:ffff:ffff:ffff
2a03:32c0:16::-2a03:32c0:18:ffff:ffff:ffff:ffff:ffff
2a03:32c0:300e::/48
Signature Algorithm: sha256WithRSAEncryption
e8:42:62:2b:e6:1c:37:4a:17:a4:39:d2:1a:50:b2:69:12:a5:
b9:4f:ce:50:fb:c1:c7:9f:6e:2a:23:95:61:20:af:73:60:4d:
8e:5f:cf:2a:eb:30:26:70:56:f9:72:e4:89:89:05:b8:c6:2d:
5c:14:82:8f:65:f0:9a:13:da:57:79:49:e3:bf:35:35:33:91:
9d:95:ca:51:05:bf:ea:9c:f3:ba:65:0c:e2:98:bc:67:2a:db:
75:7b:11:7d:fb:b4:95:33:df:34:9b:14:06:1e:98:24:f9:54:
e8:0c:ef:a0:77:e7:0a:a5:72:48:55:3c:37:41:a3:e2:16:b3:
7d:c6:60:02:76:19:6e:14:aa:0c:28:59:11:3c:f3:cc:3b:2e:
49:4b:16:e8:be:37:49:59:b4:2e:80:ff:ce:a7:e0:1f:23:23:
75:a0:ce:f2:9c:5a:45:0a:31:d5:c6:05:ea:09:27:30:b6:bd:
b0:a1:a6:b5:bc:a4:2a:67:6f:5c:01:4d:00:14:5c:bf:1d:8b:
71:46:c8:cc:76:d0:cc:ba:3f:6d:32:70:94:43:b2:79:42:a4:
ee:36:68:6c:b3:2d:1c:da:d8:d7:b8:55:43:ff:de:82:63:29:
fc:79:95:02:b5:ff:3f:4f:84:b3:75:2d:0b:f3:b1:aa:59:19:
0c:0e:53:29
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAYz2jdppRn5CXaiY34IQ/5PpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQwMTExMDMyNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWRlNmJmYzg3ZDYxODNmMzRjYTIyYjY3MTdiZWM2ZmJhYjk4NmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhV48OhdYP5H760JeGNvNgM25NOGU
nWeoUUheCMwddyG4pbL5mUw+aZgyIA+bS2S51jeRJnOXt0OiruI32j9wwHZgtDSb
Je6pHL+WNNYH2dgop9rbQgJQSXRmfBSUe7k3TiwIBv5gqMMK0FXMTo/Sj1Riqqk0
rPvMv8tLr0aRzEaQVgF/Wqk/SO6pUiS94y+SY3Qc5Ti/iSv4qiuJg7K0cXOJ5YwI
W3qMAgH0CZQP2LhpuydBhMfh3PZEPmBYiTnVt1ZQFDYSJFe/iiA/bXg/SfwzFPh0
ZMgPa3KtZtRsZjeacYWQDgW51Nrb+SeAjzqyLgdd9NsGY3bounG79GLhPQIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFBHea/yH1hg/NMoitnF77G+6uYarMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvRWQ1cl9JZldHRDgweWlLMmNYdnNiN3E1aHFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wNAQCAAEwLjAMAwQFVXVg
AwQBVXVsAwQCuTlIAwQA2UxEAwQA2UxIMAwDBAHZTEoDBAHZTEwwNwQCAAIwMTAS
AwcBKgMywAAKAwcBKgMywAAMMBIDBwEqAzLAABYDBwAqAzLAABgDBwAqAzLAMA4w
DQYJKoZIhvcNAQELBQADggEBAOhCYivmHDdKF6Q50hpQsmkSpblPzlD7wcefbioj
lWEgr3NgTY5fzyrrMCZwVvly5ImJBbjGLVwUgo9l8JoT2ld5SeO/NTUzkZ2VylEF
v+qc87plDOKYvGcq23V7EX37tJUz3zSbFAYemCT5VOgM76B35wqlckhVPDdBo+IW
s33GYAJ2GW4UqgwoWRE888w7LklLFui+N0lZtC6A/86n4B8jI3WgzvKcWkUKMdXG
BeoJJzC2vbChprW8pCpnb1wBTQAUXL8di3FGyMx20My6P20ycJRDsnlCpO42aGyz
LRza2Ne4VUP/3oJjKfx5lQK1/z9PhLN1LQvzsapZGQwOUyk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:54 2024 by rpki-client on console-ams.rpki-client.org