Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/WdLQoaVovrcsXSl13ABxpOeRWqo.roa
File: WdLQoaVovrcsXSl13ABxpOeRWqo.roa (raw, json)
Hash identifier: 4edQ97pR3JI2K1hhpT4GCqzzQLim2rUU04b6yZBBeo4=
Subject key identifier: 59:D2:D0:A1:A5:68:BE:B7:2C:5D:29:75:DC:00:71:A4:E7:91:5A:AA
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 0193296ED64C5D4C02A39DCCAE26EA77F71F
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/WdLQoaVovrcsXSl13ABxpOeRWqo.roa
Signing time: Thu 14 Nov 2024 06:49:09 +0000
ROA not before: Thu 14 Nov 2024 06:49:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.98.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.106.0/24 maxlen: 24
85.117.107.0/24 maxlen: 24
85.117.108.0/24 maxlen: 24
85.117.109.0/24 maxlen: 24
85.117.110.0/24 maxlen: 24
85.117.111.0/24 maxlen: 24
85.117.112.0/24 maxlen: 24
85.117.113.0/24 maxlen: 24
85.117.114.0/24 maxlen: 24
85.117.115.0/24 maxlen: 24
85.117.116.0/24 maxlen: 24
85.117.117.0/24 maxlen: 24
85.117.118.0/24 maxlen: 24
85.117.119.0/24 maxlen: 24
85.117.120.0/24 maxlen: 24
85.117.121.0/24 maxlen: 24
85.117.122.0/24 maxlen: 24
85.117.123.0/24 maxlen: 24
85.117.124.0/24 maxlen: 24
85.117.125.0/24 maxlen: 24
85.117.126.0/24 maxlen: 24
85.117.127.0/24 maxlen: 24
185.57.72.0/24 maxlen: 24
185.57.73.0/24 maxlen: 24
185.57.74.0/24 maxlen: 24
185.57.75.0/24 maxlen: 24
217.76.64.0/24 maxlen: 24
217.76.65.0/24 maxlen: 24
217.76.68.0/24 maxlen: 24
217.76.71.0/24 maxlen: 24
217.76.72.0/24 maxlen: 24
217.76.74.0/24 maxlen: 24
217.76.75.0/24 maxlen: 24
217.76.76.0/24 maxlen: 24
217.76.77.0/24 maxlen: 24
217.76.78.0/24 maxlen: 24
217.76.79.0/24 maxlen: 24
2a03:32c0:a::/48 maxlen: 48
2a03:32c0:b::/48 maxlen: 48
2a03:32c0:c::/48 maxlen: 48
2a03:32c0:d::/48 maxlen: 48
2a03:32c0:16::/48 maxlen: 48
2a03:32c0:17::/48 maxlen: 48
2a03:32c0:18::/48 maxlen: 48
2a03:32c0:27::/48 maxlen: 48
2a03:32c0:28::/48 maxlen: 48
2a03:32c0:29::/48 maxlen: 48
2a03:32c0:2a::/48 maxlen: 48
2a03:32c0:2b::/48 maxlen: 48
2a03:32c0:2c::/48 maxlen: 48
2a03:32c0:2d::/48 maxlen: 48
2a03:32c0:2e::/48 maxlen: 48
2a03:32c0:2f::/48 maxlen: 48
2a03:32c0:30::/48 maxlen: 48
2a03:32c0:31::/48 maxlen: 48
2a03:32c0:32::/48 maxlen: 48
2a03:32c0:33::/48 maxlen: 48
2a03:32c0:300a::/48 maxlen: 48
2a03:32c0:300b::/48 maxlen: 48
2a03:32c0:300c::/48 maxlen: 48
2a03:32c0:300d::/48 maxlen: 48
2a03:32c0:300e::/48 maxlen: 48
2a03:32c0:300f::/48 maxlen: 48
2a03:32c0:3010::/48 maxlen: 48
2a03:32c0:3011::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:29:6e:d6:4c:5d:4c:02:a3:9d:cc:ae:26:ea:77:f7:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Nov 14 06:49:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59d2d0a1a568beb72c5d2975dc0071a4e7915aaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:67:ea:7e:64:f5:33:89:68:cf:db:33:fb:56:
30:9d:66:fa:4a:f1:05:76:e1:d4:35:84:28:73:1d:
fb:68:bf:ed:23:74:42:0f:ea:fe:02:11:94:75:5a:
57:cd:3b:8f:d9:7d:65:89:ee:cf:73:84:f3:1d:05:
a5:a8:d3:c3:dc:38:63:ac:bf:fb:d1:f1:e7:79:a0:
29:3f:25:05:e0:d2:4e:4f:fe:86:f0:aa:37:9c:4e:
84:f6:4c:20:d4:20:a3:a0:22:cf:c6:82:96:4d:e4:
be:75:f7:7c:27:cd:57:3b:68:a5:38:8c:bc:55:59:
aa:7f:06:89:f7:c1:30:17:a6:d4:03:92:0a:9a:b2:
fe:e0:60:06:a9:b8:28:a1:71:61:89:9b:38:e2:3c:
ba:c7:8b:94:3a:34:20:a7:67:44:55:22:fd:83:ad:
4e:68:dd:01:60:e6:69:c5:c6:ae:19:d4:d5:41:62:
ef:9b:68:9d:5b:3d:31:b1:a3:81:c5:f6:36:76:75:
0f:ec:1a:9f:16:3b:3c:cb:82:f9:df:d4:b1:c0:cf:
b2:50:c8:8a:95:6d:43:60:65:1e:68:2c:8c:2e:a6:
9c:c9:c3:b5:57:dc:31:9b:d8:a8:c3:63:75:df:28:
49:b1:95:ca:43:53:da:69:d4:54:60:57:96:fb:fd:
af:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:D2:D0:A1:A5:68:BE:B7:2C:5D:29:75:DC:00:71:A4:E7:91:5A:AA
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/WdLQoaVovrcsXSl13ABxpOeRWqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0/19
185.57.72.0/22
217.76.64.0/23
217.76.68.0/24
217.76.71.0-217.76.72.255
217.76.74.0-217.76.79.255
IPv6:
2a03:32c0:a::-2a03:32c0:d:ffff:ffff:ffff:ffff:ffff
2a03:32c0:16::-2a03:32c0:18:ffff:ffff:ffff:ffff:ffff
2a03:32c0:27::-2a03:32c0:33:ffff:ffff:ffff:ffff:ffff
2a03:32c0:300a::-2a03:32c0:3011:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
40:91:74:27:be:d7:4c:d5:5d:2c:22:62:82:a9:24:13:c5:51:
40:40:dc:fa:23:9a:4e:7d:87:9a:3f:64:95:d8:8b:20:d0:d1:
23:3e:e3:66:d4:4f:63:e8:29:6f:e7:c9:24:22:4d:7e:a5:70:
af:8c:e7:c6:54:5c:22:c4:43:a8:86:91:60:8c:10:0e:d0:94:
b3:e1:ae:33:29:e4:79:e0:79:45:e3:69:6c:2d:12:a4:db:0a:
a6:34:93:e8:10:d6:17:e7:66:e9:4d:02:7b:c9:9b:80:5a:6b:
ab:8f:3c:04:5a:77:2f:de:ff:56:bc:0f:09:4d:8d:be:88:52:
fe:e7:87:13:94:3e:62:15:88:a7:65:9c:d6:7b:20:92:bf:c0:
c1:22:db:5b:de:ad:2e:e8:6b:ac:f2:ae:e5:91:cf:74:2b:91:
ec:15:3d:2e:57:2d:0f:66:6a:0a:22:13:4d:e3:b2:52:fb:03:
e2:b5:98:66:cf:f5:8f:88:88:18:81:0b:f2:c7:55:3c:16:03:
b7:80:70:c6:93:18:ef:de:b8:33:45:6d:9b:0d:da:25:09:b9:
bf:1a:23:df:d1:47:63:3f:c0:ea:41:73:5c:5b:b6:7d:fa:6b:
07:df:69:46:66:4d:a2:37:c9:d2:7e:d2:1a:d9:8c:4b:b8:e6:
dd:ac:52:bc
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZMpbtZMXUwCo53Mribqd/cfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQxMTE0MDY0OTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWQyZDBhMWE1NjhiZWI3MmM1ZDI5NzVkYzAwNzFhNGU3OTE1YWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2fqfmT1M4loz9sz+1YwnWb6SvEF
duHUNYQocx37aL/tI3RCD+r+AhGUdVpXzTuP2X1lie7Pc4TzHQWlqNPD3DhjrL/7
0fHneaApPyUF4NJOT/6G8Ko3nE6E9kwg1CCjoCLPxoKWTeS+dfd8J81XO2ilOIy8
VVmqfwaJ98EwF6bUA5IKmrL+4GAGqbgooXFhiZs44jy6x4uUOjQgp2dEVSL9g61O
aN0BYOZpxcauGdTVQWLvm2idWz0xsaOBxfY2dnUP7BqfFjs8y4L539SxwM+yUMiK
lW1DYGUeaCyMLqacycO1V9wxm9iow2N13yhJsZXKQ1PaadRUYFeW+/2vHQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFFnS0KGlaL63LF0pddwAcaTnkVqqMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvV2RMUW9hVm92cmNzWFNsMTNBQnhwT2VSV3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDA6BAIAATA0AwQFVXVg
AwQCuTlIAwQB2UxAAwQA2UxEMAwDBADZTEcDBADZTEgwDAMEAdlMSgMEBNlMQDBW
BAIAAjBQMBIDBwEqAzLAAAoDBwEqAzLAAAwwEgMHASoDMsAAFgMHACoDMsAAGDAS
AwcAKgMywAAnAwcCKgMywAAwMBIDBwEqAzLAMAoDBwEqAzLAMBAwDQYJKoZIhvcN
AQELBQADggEBAECRdCe+10zVXSwiYoKpJBPFUUBA3Pojmk59h5o/ZJXYiyDQ0SM+
42bUT2PoKW/nySQiTX6lcK+M58ZUXCLEQ6iGkWCMEA7QlLPhrjMp5HngeUXjaWwt
EqTbCqY0k+gQ1hfnZulNAnvJm4Baa6uPPARady/e/1a8DwlNjb6IUv7nhxOUPmIV
iKdlnNZ7IJK/wMEi21verS7oa6zyruWRz3QrkewVPS5XLQ9magoiE03jslL7A+K1
mGbP9Y+IiBiBC/LHVTwWA7eAcMaTGO/euDNFbZsN2iUJub8aI9/RR2M/wOpBc1xb
tn36awffaUZmTaI3ydJ+0hrZjEu45t2sUrw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:08 2025 by rpki-client