Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/IAY9ixp7_j0y0plleyVPgn0qXXY.roa
File: IAY9ixp7_j0y0plleyVPgn0qXXY.roa (raw, json)
Hash identifier: K5x5PqnKZ4GCiNx7yt+M3W75HLB0aXzr7AZKIygnH1s=
Subject key identifier: 20:06:3D:8B:1A:7B:FE:3D:32:D2:99:65:7B:25:4F:82:7D:2A:5D:76
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 018CEC42F7F26A4456B11D5869C225A157C7
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/IAY9ixp7_j0y0plleyVPgn0qXXY.roa
Signing time: Tue 09 Jan 2024 03:27:40 +0000
ROA not before: Tue 09 Jan 2024 03:27:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.98.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
85.117.106.0/24 maxlen: 24
85.117.107.0/24 maxlen: 24
85.117.108.0/24 maxlen: 24
85.117.109.0/24 maxlen: 24
185.57.72.0/24 maxlen: 24
185.57.73.0/24 maxlen: 24
185.57.74.0/24 maxlen: 24
185.57.75.0/24 maxlen: 24
2a03:32c0:18::/48 maxlen: 48
2a03:32c0:17::/48 maxlen: 48
2a03:32c0:b::/48 maxlen: 48
2a03:32c0:d::/48 maxlen: 48
2a03:32c0:16::/48 maxlen: 48
2a03:32c0:c::/48 maxlen: 48
2a03:32c0:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Jan 2024 05:59:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ec:42:f7:f2:6a:44:56:b1:1d:58:69:c2:25:a1:57:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Jan 9 03:27:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20063d8b1a7bfe3d32d299657b254f827d2a5d76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7d:bd:08:ce:c4:41:fa:85:57:10:5a:09:06:
0f:b1:35:8b:69:50:de:86:06:4f:50:35:90:99:2c:
50:69:24:ce:0d:88:c3:70:3e:e2:33:9e:5a:a7:f0:
24:c4:b9:21:93:24:3c:81:4e:f6:70:8e:84:22:a9:
2e:fc:bd:16:71:b4:97:9e:63:50:31:e8:b5:2b:a7:
cf:6e:af:a3:0e:51:10:1f:63:24:cd:72:e9:f8:c9:
16:0f:d5:d4:c0:8a:27:6a:b1:8d:d2:a7:89:bb:ae:
a0:9b:3c:fc:7f:e7:3f:ea:71:07:d3:ea:d3:52:e4:
f4:1a:00:2d:b3:c0:1d:a1:c1:7d:24:87:b6:41:ef:
8d:da:db:87:13:da:fd:e0:d9:bf:51:a2:64:e5:75:
ab:0f:34:36:a9:59:8f:b8:4e:cd:d2:90:8b:a8:f7:
d5:9c:57:15:8b:a0:9a:3b:86:4b:a6:9a:a8:df:f7:
db:db:47:e5:e7:c1:ae:c7:57:7f:c3:31:9c:1b:28:
03:5c:9f:97:c0:61:9a:30:b1:42:8f:0b:f4:f4:e7:
3a:e6:92:1a:b4:41:a9:e2:bc:e8:77:ff:c7:5b:d9:
05:50:7d:c9:ba:c8:94:ab:67:0a:b7:92:03:54:fd:
2b:90:49:8b:82:5d:a9:3a:69:b9:50:8a:53:d6:00:
f7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:06:3D:8B:1A:7B:FE:3D:32:D2:99:65:7B:25:4F:82:7D:2A:5D:76
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/IAY9ixp7_j0y0plleyVPgn0qXXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0-85.117.109.255
185.57.72.0/22
IPv6:
2a03:32c0:a::-2a03:32c0:d:ffff:ffff:ffff:ffff:ffff
2a03:32c0:16::-2a03:32c0:18:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
58:59:04:40:96:66:22:c7:9e:27:b6:05:7a:7e:89:63:57:b0:
97:b4:a3:5c:92:3f:0c:3e:cb:1d:90:81:92:2b:16:fe:d5:9a:
0a:cf:df:8a:45:71:fb:63:c2:00:0a:92:5f:cd:6e:3c:d1:c9:
fc:ae:0f:a8:3d:82:c2:9c:9b:27:b8:83:83:25:98:e0:d7:9d:
35:71:61:12:63:02:19:bc:90:8c:43:85:40:e6:61:9c:df:bc:
63:54:0e:da:ba:42:ce:3e:cf:4e:d8:fa:c3:0e:ea:75:b4:95:
68:8e:9e:ee:46:79:29:ca:cd:27:9d:1d:e7:12:1c:be:5a:b7:
4b:41:42:a6:a6:64:e2:22:c9:65:48:74:cd:9d:23:b8:89:1e:
88:4c:37:4c:61:f5:8a:09:e9:8c:de:f4:24:49:5e:af:94:2e:
9d:53:45:ae:08:11:86:56:5d:a6:a3:01:8a:b6:18:54:6d:f9:
08:2a:da:0b:03:54:f3:3e:2f:6f:b8:23:8b:3a:fb:ff:a0:19:
15:05:97:ba:c3:92:22:f7:75:c4:d3:a1:00:7e:69:85:af:60:
42:a8:14:4a:23:a9:eb:ac:43:93:37:32:ac:4b:74:17:cb:fb:
6b:1f:58:3e:07:7c:39:6e:a4:9e:8c:36:af:59:43:e1:9a:30:
43:c3:49:af
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYzsQvfyakRWsR1YacIloVfHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQwMTA5MDMyNzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDA2M2Q4YjFhN2JmZTNkMzJkMjk5NjU3YjI1NGY4MjdkMmE1ZDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoX29CM7EQfqFVxBaCQYPsTWLaVDe
hgZPUDWQmSxQaSTODYjDcD7iM55ap/AkxLkhkyQ8gU72cI6EIqku/L0WcbSXnmNQ
Mei1K6fPbq+jDlEQH2MkzXLp+MkWD9XUwIonarGN0qeJu66gmzz8f+c/6nEH0+rT
UuT0GgAts8AdocF9JIe2Qe+N2tuHE9r94Nm/UaJk5XWrDzQ2qVmPuE7N0pCLqPfV
nFcVi6CaO4ZLppqo3/fb20fl58Gux1d/wzGcGygDXJ+XwGGaMLFCjwv09Oc65pIa
tEGp4rzod//HW9kFUH3JusiUq2cKt5IDVP0rkEmLgl2pOmm5UIpT1gD36wIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFCAGPYsae/49MtKZZXslT4J9Kl12MB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvSUFZOWl4cDdfajB5MHBsbGV5VlBnbjBxWFhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAaBAIAATAUMAwDBAVVdWAD
BAFVdWwDBAK5OUgwLgQCAAIwKDASAwcBKgMywAAKAwcBKgMywAAMMBIDBwEqAzLA
ABYDBwAqAzLAABgwDQYJKoZIhvcNAQELBQADggEBAFhZBECWZiLHnie2BXp+iWNX
sJe0o1ySPww+yx2QgZIrFv7VmgrP34pFcftjwgAKkl/NbjzRyfyuD6g9gsKcmye4
g4MlmODXnTVxYRJjAhm8kIxDhUDmYZzfvGNUDtq6Qs4+z07Y+sMO6nW0lWiOnu5G
eSnKzSedHecSHL5at0tBQqamZOIiyWVIdM2dI7iJHohMN0xh9YoJ6Yze9CRJXq+U
Lp1TRa4IEYZWXaajAYq2GFRt+Qgq2gsDVPM+L2+4I4s6+/+gGRUFl7rDkiL3dcTT
oQB+aYWvYEKoFEojqeusQ5M3MqxLdBfL+2sfWD4HfDlupJ6MNq9ZQ+GaMEPDSa8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:54 2024 by rpki-client on console-ams.rpki-client.org