Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/JWFNc2692_YImULSflN5cWKHCi4.roa
File: JWFNc2692_YImULSflN5cWKHCi4.roa (raw, json)
Hash identifier: uHBDFSsTvHHjU3Hp0Ny1vMU54URHk3WUEbf3J+iSjgE=
Subject key identifier: 25:61:4D:73:6E:BD:DB:F6:08:99:42:D2:7E:53:79:71:62:87:0A:2E
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 018D20EA9A78B1251BD34DCB85FFF868C332
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/JWFNc2692_YImULSflN5cWKHCi4.roa
Signing time: Fri 19 Jan 2024 08:51:02 +0000
ROA not before: Fri 19 Jan 2024 08:51:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.98.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.106.0/24 maxlen: 24
85.117.107.0/24 maxlen: 24
85.117.108.0/24 maxlen: 24
85.117.109.0/24 maxlen: 24
85.117.110.0/24 maxlen: 24
85.117.111.0/24 maxlen: 24
85.117.112.0/24 maxlen: 24
85.117.113.0/24 maxlen: 24
85.117.114.0/24 maxlen: 24
85.117.115.0/24 maxlen: 24
85.117.116.0/24 maxlen: 24
85.117.117.0/24 maxlen: 24
85.117.118.0/24 maxlen: 24
85.117.119.0/24 maxlen: 24
85.117.120.0/24 maxlen: 24
85.117.121.0/24 maxlen: 24
85.117.122.0/24 maxlen: 24
85.117.123.0/24 maxlen: 24
85.117.124.0/24 maxlen: 24
85.117.125.0/24 maxlen: 24
85.117.126.0/24 maxlen: 24
85.117.127.0/24 maxlen: 24
185.57.72.0/24 maxlen: 24
185.57.73.0/24 maxlen: 24
185.57.74.0/24 maxlen: 24
185.57.75.0/24 maxlen: 24
217.76.68.0/24 maxlen: 24
217.76.71.0/24 maxlen: 24
217.76.72.0/24 maxlen: 24
217.76.74.0/24 maxlen: 24
217.76.75.0/24 maxlen: 24
217.76.76.0/24 maxlen: 24
217.76.77.0/24 maxlen: 24
217.76.78.0/24 maxlen: 24
217.76.79.0/24 maxlen: 24
2a03:32c0:a::/48 maxlen: 48
2a03:32c0:b::/48 maxlen: 48
2a03:32c0:c::/48 maxlen: 48
2a03:32c0:d::/48 maxlen: 48
2a03:32c0:16::/48 maxlen: 48
2a03:32c0:17::/48 maxlen: 48
2a03:32c0:18::/48 maxlen: 48
2a03:32c0:300e::/48 maxlen: 48
2a03:32c0:300f::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 19 Jan 2024 11:33:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:20:ea:9a:78:b1:25:1b:d3:4d:cb:85:ff:f8:68:c3:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Jan 19 08:51:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25614d736ebddbf6089942d27e53797162870a2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a3:d5:dc:e1:fb:3e:82:63:52:e9:ba:b3:07:
ca:4d:65:e1:49:1a:b8:79:fe:b1:d3:e8:10:96:7c:
d8:a1:4f:46:cc:82:f2:cd:b1:64:8f:5d:f5:0c:5d:
5d:b5:0c:0f:86:25:6f:c5:1a:02:6d:b4:0e:fb:80:
9d:c8:2e:49:ba:f0:63:c4:f4:22:e0:2c:e2:14:80:
6d:f5:fd:7d:a0:3f:ba:d2:81:5b:8e:8a:e6:c1:02:
4d:fe:2b:bd:60:1e:a6:5b:e1:16:71:5d:07:f2:f2:
a7:9f:9d:ad:68:e2:5f:d6:0e:fd:9e:42:24:c3:95:
87:a6:94:ad:af:ca:da:15:28:4d:f1:8b:d9:53:0e:
6c:26:78:6c:63:73:d5:be:97:a8:7f:99:a1:4e:5d:
ed:1c:82:3a:a7:4c:7a:40:de:ac:bb:9d:fb:ec:c0:
87:ea:26:1c:22:e1:77:61:af:a4:e2:0f:a1:25:ab:
97:bc:cb:6a:20:a6:94:6d:00:dd:48:16:69:8c:ee:
6c:b8:41:ca:28:e9:8a:ad:57:5f:29:49:40:fb:50:
b5:f0:12:e0:a7:22:90:d9:d3:0c:8b:45:ac:ff:d0:
00:1e:38:0e:b1:18:35:e5:21:c8:41:f1:f7:b7:2e:
ab:67:37:e4:d9:af:4c:c7:85:18:bc:15:f2:88:37:
d8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:61:4D:73:6E:BD:DB:F6:08:99:42:D2:7E:53:79:71:62:87:0A:2E
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/JWFNc2692_YImULSflN5cWKHCi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0/19
185.57.72.0/22
217.76.68.0/24
217.76.71.0-217.76.72.255
217.76.74.0-217.76.79.255
IPv6:
2a03:32c0:a::-2a03:32c0:d:ffff:ffff:ffff:ffff:ffff
2a03:32c0:16::-2a03:32c0:18:ffff:ffff:ffff:ffff:ffff
2a03:32c0:300e::/47
Signature Algorithm: sha256WithRSAEncryption
11:21:8e:44:0f:fd:0b:76:e1:95:95:24:ed:99:7a:23:12:df:
09:9f:92:f0:44:60:86:99:f3:90:cf:8b:75:42:11:32:08:97:
77:43:fd:ca:f3:48:56:f4:1c:ec:d0:17:c2:05:5f:85:48:d7:
ba:9f:48:f9:ee:97:d6:d3:dd:b6:e6:99:26:c5:33:d5:e3:c9:
aa:46:56:67:83:04:4e:e2:41:92:c1:82:22:0b:04:c7:a4:fe:
16:27:31:f4:ee:91:7a:17:2e:c6:ce:61:29:e6:8b:56:59:18:
16:bc:ba:24:e9:fc:9f:05:3a:35:54:0a:43:f4:85:aa:df:25:
03:55:bb:94:c3:6b:38:09:9a:9e:a5:0a:56:a5:0c:0c:ac:89:
a3:12:3b:a3:90:63:99:c1:ff:a6:29:ff:fd:ae:78:9b:ec:0d:
57:9e:7b:59:12:32:95:b1:9d:8f:78:55:72:2e:fa:19:12:7f:
72:36:f4:9a:bc:af:61:a4:e7:0a:bf:19:bc:c7:77:6e:58:30:
1c:c0:ae:15:b1:e3:23:0f:70:32:2f:42:d9:20:b2:71:3f:e6:
76:f9:04:08:22:ef:0c:b9:ac:49:06:b9:91:01:a2:8e:92:83:
80:ce:2d:93:80:aa:fe:6d:b3:66:d5:0d:8f:db:6d:6c:f1:bc:
fa:e7:2f:68
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAY0g6pp4sSUb003Lhf/4aMMyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQwMTE5MDg1MTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTYxNGQ3MzZlYmRkYmY2MDg5OTQyZDI3ZTUzNzk3MTYyODcwYTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKPV3OH7PoJjUum6swfKTWXhSRq4
ef6x0+gQlnzYoU9GzILyzbFkj131DF1dtQwPhiVvxRoCbbQO+4CdyC5JuvBjxPQi
4CziFIBt9f19oD+60oFbjormwQJN/iu9YB6mW+EWcV0H8vKnn52taOJf1g79nkIk
w5WHppStr8raFShN8YvZUw5sJnhsY3PVvpeof5mhTl3tHII6p0x6QN6su5377MCH
6iYcIuF3Ya+k4g+hJauXvMtqIKaUbQDdSBZpjO5suEHKKOmKrVdfKUlA+1C18BLg
pyKQ2dMMi0Ws/9AAHjgOsRg15SHIQfH3ty6rZzfk2a9Mx4UYvBXyiDfY5wIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFCVhTXNuvdv2CJlC0n5TeXFihwouMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvSldGTmMyNjkyX1lJbVVMU2ZsTjVjV0tIQ2k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wNAQCAAEwLgMEBVV1YAME
Ark5SAMEANlMRDAMAwQA2UxHAwQA2UxIMAwDBAHZTEoDBATZTEAwNwQCAAIwMTAS
AwcBKgMywAAKAwcBKgMywAAMMBIDBwEqAzLAABYDBwAqAzLAABgDBwEqAzLAMA4w
DQYJKoZIhvcNAQELBQADggEBABEhjkQP/Qt24ZWVJO2ZeiMS3wmfkvBEYIaZ85DP
i3VCETIIl3dD/crzSFb0HOzQF8IFX4VI17qfSPnul9bT3bbmmSbFM9XjyapGVmeD
BE7iQZLBgiILBMek/hYnMfTukXoXLsbOYSnmi1ZZGBa8uiTp/J8FOjVUCkP0harf
JQNVu5TDazgJmp6lClalDAysiaMSO6OQY5nB/6Yp//2ueJvsDVeee1kSMpWxnY94
VXIu+hkSf3I29Jq8r2Gk5wq/GbzHd25YMBzArhWx4yMPcDIvQtkgsnE/5nb5BAgi
7wy5rEkGuZEBoo6Sg4DOLZOAqv5ts2bVDY/bbWzxvPrnL2g=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:32 2025 by rpki-client