Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Ykeq6J8pHH4J-isoALaV05y2P1M.roa
File: Ykeq6J8pHH4J-isoALaV05y2P1M.roa (raw, json)
Hash identifier: K5BvF63s5OltwyYZhAzy0pY2AyJTHU29bDPElkcIfD0=
Subject key identifier: 62:47:AA:E8:9F:29:1C:7E:09:FA:2B:28:00:B6:95:D3:9C:B6:3F:53
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 018CD79F91AEFD6A237D0D519C6754DE6906
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Ykeq6J8pHH4J-isoALaV05y2P1M.roa
Signing time: Fri 05 Jan 2024 03:16:48 +0000
ROA not before: Fri 05 Jan 2024 03:16:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.98.0/24 maxlen: 24
85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
85.117.106.0/24 maxlen: 24
85.117.107.0/24 maxlen: 24
85.117.108.0/24 maxlen: 24
85.117.109.0/24 maxlen: 24
2a03:32c0:d::/48 maxlen: 48
2a03:32c0:16::/48 maxlen: 48
2a03:32c0:c::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 08 Jan 2024 03:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d7:9f:91:ae:fd:6a:23:7d:0d:51:9c:67:54:de:69:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Jan 5 03:16:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6247aae89f291c7e09fa2b2800b695d39cb63f53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:10:50:db:81:aa:87:a4:34:e6:57:c4:9c:fc:
70:7a:f7:a3:c1:24:05:5b:20:9e:f0:90:82:d1:86:
05:cd:60:9d:51:1b:06:5c:16:6a:fb:62:0e:82:8b:
a9:9b:c6:a9:c2:2f:dd:90:82:c5:af:da:2e:ef:b2:
5c:5c:95:83:ee:d9:b2:16:fe:7a:df:4f:e7:3a:4c:
4a:eb:ac:12:3d:a0:9a:2f:09:e9:0f:6c:65:8e:82:
a5:e4:3c:21:9e:9f:4e:5e:d5:5a:21:90:f9:cb:e1:
48:28:02:d6:32:77:f4:3a:44:9f:4a:b2:f0:6e:f5:
de:11:4b:72:71:04:ce:e6:b4:51:80:ec:78:80:c3:
7f:07:a9:c9:11:15:03:3a:a5:68:8d:5f:7b:c0:67:
34:eb:40:3d:6e:57:f7:9b:5d:cf:75:3f:8f:25:98:
80:ca:8d:cd:f9:c3:aa:db:55:f4:9d:98:3f:01:2c:
77:45:69:c5:0c:44:2b:54:c1:f5:63:82:d9:ae:9c:
ff:c6:dc:d0:f8:50:d6:59:2c:b2:82:b8:98:ba:c0:
55:03:d8:cf:f9:31:fb:41:36:72:a0:a1:5e:44:2b:
69:c7:26:df:00:cb:11:e6:55:03:f7:e2:38:cb:b2:
7e:d9:6d:e1:a5:ec:48:00:ab:ae:e0:03:28:36:88:
e3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:47:AA:E8:9F:29:1C:7E:09:FA:2B:28:00:B6:95:D3:9C:B6:3F:53
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Ykeq6J8pHH4J-isoALaV05y2P1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0-85.117.109.255
IPv6:
2a03:32c0:c::/47
2a03:32c0:16::/48
Signature Algorithm: sha256WithRSAEncryption
8e:62:1c:88:56:ae:9e:30:7b:ed:2c:b4:fe:15:19:61:1d:e4:
45:da:5a:1e:bf:31:c5:5e:7f:d7:21:77:e0:e8:e3:4d:d2:f7:
8e:62:27:c9:a7:70:41:c4:e3:1e:ae:b0:34:e2:af:cb:5f:df:
e0:02:58:68:41:56:da:a9:04:bf:9f:34:eb:c7:fd:09:1f:c4:
4e:56:40:c8:c5:4a:a1:b4:41:f1:76:99:67:61:fb:37:a7:ad:
00:c8:6e:11:8b:19:b5:03:c4:c9:1f:5b:79:cc:72:fc:0c:dc:
db:16:08:a9:47:3b:25:ef:39:e9:0a:a6:8e:b3:07:30:47:02:
14:1e:26:60:d4:93:75:9c:9c:5c:e6:64:81:6b:40:47:d2:b2:
2c:40:7f:f8:35:7a:4b:f0:98:ef:e8:ac:a8:d4:b5:bf:96:70:
62:67:ea:b7:5f:81:17:81:64:6e:49:14:b5:d4:fa:bd:f4:74:
76:ed:ef:47:a0:b6:fa:c0:7c:54:d0:7f:e2:be:c7:0c:92:18:
da:e0:e2:78:33:01:13:f9:72:c9:b1:20:d2:8d:95:d3:9b:9a:
4e:a8:5c:1b:c7:f0:d7:fe:de:20:0a:04:85:8e:55:6a:54:c2:
95:3b:e0:23:f5:e4:b8:21:04:42:cd:cb:a1:53:aa:03:5b:f6:
c2:80:aa:f2
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzXn5Gu/WojfQ1RnGdU3mkGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQwMTA1MDMxNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjQ3YWFlODlmMjkxYzdlMDlmYTJiMjgwMGI2OTVkMzljYjYzZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhBQ24Gqh6Q05lfEnPxwevejwSQF
WyCe8JCC0YYFzWCdURsGXBZq+2IOgoupm8apwi/dkILFr9ou77JcXJWD7tmyFv56
30/nOkxK66wSPaCaLwnpD2xljoKl5Dwhnp9OXtVaIZD5y+FIKALWMnf0OkSfSrLw
bvXeEUtycQTO5rRRgOx4gMN/B6nJERUDOqVojV97wGc060A9blf3m13PdT+PJZiA
yo3N+cOq21X0nZg/ASx3RWnFDEQrVMH1Y4LZrpz/xtzQ+FDWWSyygriYusBVA9jP
+TH7QTZyoKFeRCtpxybfAMsR5lUD9+I4y7J+2W3hpexIAKuu4AMoNojjiwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFGJHquifKRx+CforKAC2ldOctj9TMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvWWtlcTZKOHBISDRKLWlzb0FMYVYwNXkyUDFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAUBAIAATAOMAwDBAVVdWAD
BAFVdWwwGAQCAAIwEgMHASoDMsAADAMHACoDMsAAFjANBgkqhkiG9w0BAQsFAAOC
AQEAjmIciFaunjB77Sy0/hUZYR3kRdpaHr8xxV5/1yF34OjjTdL3jmInyadwQcTj
Hq6wNOKvy1/f4AJYaEFW2qkEv58068f9CR/ETlZAyMVKobRB8XaZZ2H7N6etAMhu
EYsZtQPEyR9becxy/Azc2xYIqUc7Je856QqmjrMHMEcCFB4mYNSTdZycXOZkgWtA
R9KyLEB/+DV6S/CY7+isqNS1v5ZwYmfqt1+BF4FkbkkUtdT6vfR0du3vR6C2+sB8
VNB/4r7HDJIY2uDieDMBE/lyybEg0o2V05uaTqhcG8fw1/7eIAoEhY5ValTClTvg
I/XkuCEEQs3LoVOqA1v2woCq8g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:44 2025 by rpki-client