Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Ty9ziF0Wb-xLNKlodwpZMSe4CUQ.roa
File: Ty9ziF0Wb-xLNKlodwpZMSe4CUQ.roa (raw, json)
Hash identifier: /BSx4Qmd9NiAFTPxgN7ePx16w67hl/gOF/txEiZ+/SI=
Subject key identifier: 4F:2F:73:88:5D:16:6F:EC:4B:34:A9:68:77:0A:59:31:27:B8:09:44
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 018CEDD04D9D62AC6043620AE61386489B31
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Ty9ziF0Wb-xLNKlodwpZMSe4CUQ.roa
Signing time: Tue 09 Jan 2024 10:41:40 +0000
ROA not before: Tue 09 Jan 2024 10:41:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.98.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
85.117.106.0/24 maxlen: 24
85.117.107.0/24 maxlen: 24
85.117.108.0/24 maxlen: 24
85.117.109.0/24 maxlen: 24
185.57.72.0/24 maxlen: 24
185.57.73.0/24 maxlen: 24
185.57.74.0/24 maxlen: 24
185.57.75.0/24 maxlen: 24
217.76.68.0/24 maxlen: 24
217.76.72.0/24 maxlen: 24
217.76.74.0/24 maxlen: 24
2a03:32c0:300e::/48 maxlen: 48
2a03:32c0:18::/48 maxlen: 48
2a03:32c0:17::/48 maxlen: 48
2a03:32c0:b::/48 maxlen: 48
2a03:32c0:d::/48 maxlen: 48
2a03:32c0:16::/48 maxlen: 48
2a03:32c0:c::/48 maxlen: 48
2a03:32c0:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jan 2024 03:25:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:d0:4d:9d:62:ac:60:43:62:0a:e6:13:86:48:9b:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Jan 9 10:41:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f2f73885d166fec4b34a968770a593127b80944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b0:10:ae:50:99:f9:04:02:1b:51:e1:3a:45:
e1:dc:6c:d1:48:8a:ea:3b:6c:5c:28:08:6c:88:5b:
68:f0:9e:13:a9:1b:cb:0f:c5:3e:f7:cb:34:b3:0b:
93:b4:2e:da:b8:4d:75:43:fc:8d:b2:af:df:93:e1:
a4:e9:ff:b4:e3:0f:d2:c5:82:a1:0d:f2:dd:12:0e:
59:e6:1f:cb:1b:78:c8:07:d8:1a:d1:09:e5:97:64:
63:c0:d3:0c:aa:5e:83:78:9f:12:6b:f0:df:c8:51:
72:a2:bc:a9:74:95:5e:27:74:a5:32:7d:b7:db:9c:
06:67:26:c9:17:8b:91:49:45:74:75:6a:4b:d6:4a:
09:5c:97:42:6e:cc:96:66:57:af:7e:4a:f9:65:24:
be:24:53:fb:56:01:66:c2:b3:07:54:96:ee:33:9f:
ff:7e:85:b4:cb:8b:c2:56:53:b4:ca:b2:42:cc:7d:
f7:c9:3d:7a:eb:04:30:67:84:49:f7:c9:6c:98:ba:
12:23:3a:0e:e7:37:7a:92:c9:9d:7e:82:1e:51:39:
51:66:42:d7:73:bd:cd:bd:45:65:75:0c:19:1f:83:
d9:d5:11:73:87:64:3e:b4:58:1b:48:87:ed:f9:08:
2f:68:8f:8d:7a:f7:08:f9:d0:1a:41:0e:2c:d7:d8:
89:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:2F:73:88:5D:16:6F:EC:4B:34:A9:68:77:0A:59:31:27:B8:09:44
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Ty9ziF0Wb-xLNKlodwpZMSe4CUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0-85.117.109.255
185.57.72.0/22
217.76.68.0/24
217.76.72.0/24
217.76.74.0/24
IPv6:
2a03:32c0:a::-2a03:32c0:d:ffff:ffff:ffff:ffff:ffff
2a03:32c0:16::-2a03:32c0:18:ffff:ffff:ffff:ffff:ffff
2a03:32c0:300e::/48
Signature Algorithm: sha256WithRSAEncryption
3a:a5:65:d2:34:35:8d:dd:a4:ee:05:c5:ca:4e:d4:3c:27:31:
19:3c:57:66:f8:fc:42:56:37:3e:18:97:19:e1:a9:18:97:50:
94:9a:d8:2e:ad:5c:7f:95:a7:53:a5:83:6b:72:14:a2:bc:e8:
68:bd:77:d7:15:87:72:d8:66:71:88:25:95:03:df:a4:f5:78:
83:a7:59:88:e1:90:33:b7:57:a1:22:52:86:39:e7:ef:51:81:
e6:68:86:e2:2c:c6:01:09:38:2b:01:9b:f3:4a:d1:c9:db:c6:
3c:60:b0:7a:ad:3b:0a:e0:5b:d5:03:d2:a3:06:4b:37:bb:09:
97:72:5f:0c:da:f5:97:48:d6:66:03:f3:42:69:c3:21:f5:0d:
b5:a7:85:22:6a:3c:d1:fc:62:93:34:3f:8f:09:d8:4a:1d:cf:
56:9d:35:17:13:0f:f8:68:58:5b:81:4d:f7:75:13:02:a2:3b:
6d:d7:da:5e:a2:0c:05:ca:9c:8d:f0:ff:a0:30:18:11:e1:40:
58:90:de:2c:3b:5d:53:8c:45:f3:b4:ce:11:72:46:ef:5e:d2:
d9:d3:12:64:e0:7c:0d:d7:36:22:d5:49:83:3a:64:b3:51:70:
83:9d:d7:26:d6:2f:2a:d0:b6:28:2b:89:5a:a3:fb:c2:ed:8e:
d3:14:c6:9c
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAYzt0E2dYqxgQ2IK5hOGSJsxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQwMTA5MTA0MTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjJmNzM4ODVkMTY2ZmVjNGIzNGE5Njg3NzBhNTkzMTI3YjgwOTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrAQrlCZ+QQCG1HhOkXh3GzRSIrq
O2xcKAhsiFto8J4TqRvLD8U+98s0swuTtC7auE11Q/yNsq/fk+Gk6f+04w/SxYKh
DfLdEg5Z5h/LG3jIB9ga0Qnll2RjwNMMql6DeJ8Sa/DfyFFyorypdJVeJ3SlMn23
25wGZybJF4uRSUV0dWpL1koJXJdCbsyWZlevfkr5ZSS+JFP7VgFmwrMHVJbuM5//
foW0y4vCVlO0yrJCzH33yT166wQwZ4RJ98lsmLoSIzoO5zd6ksmdfoIeUTlRZkLX
c73NvUVldQwZH4PZ1RFzh2Q+tFgbSIft+QgvaI+NevcI+dAaQQ4s19iJuwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFE8vc4hdFm/sSzSpaHcKWTEnuAlEMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvVHk5emlGMFdiLXhMTktsb2R3cFpNU2U0Q1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzAsBAIAATAmMAwDBAVVdWAD
BAFVdWwDBAK5OUgDBADZTEQDBADZTEgDBADZTEowNwQCAAIwMTASAwcBKgMywAAK
AwcBKgMywAAMMBIDBwEqAzLAABYDBwAqAzLAABgDBwAqAzLAMA4wDQYJKoZIhvcN
AQELBQADggEBADqlZdI0NY3dpO4FxcpO1DwnMRk8V2b4/EJWNz4YlxnhqRiXUJSa
2C6tXH+Vp1Olg2tyFKK86Gi9d9cVh3LYZnGIJZUD36T1eIOnWYjhkDO3V6EiUoY5
5+9RgeZohuIsxgEJOCsBm/NK0cnbxjxgsHqtOwrgW9UD0qMGSze7CZdyXwza9ZdI
1mYD80JpwyH1DbWnhSJqPNH8YpM0P48J2Eodz1adNRcTD/hoWFuBTfd1EwKiO23X
2l6iDAXKnI3w/6AwGBHhQFiQ3iw7XVOMRfO0zhFyRu9e0tnTEmTgfA3XNiLVSYM6
ZLNRcIOd1ybWLyrQtigriVqj+8LtjtMUxpw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:54 2024 by rpki-client on console-ams.rpki-client.org