Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/gkqVo30R22ay5bP8klG71jm7ykE.roa
File: gkqVo30R22ay5bP8klG71jm7ykE.roa (raw, json)
Hash identifier: 9fBLSxCByOTl47s526dFXpjETjLcBzt4aiEIZCoPm1w=
Subject key identifier: 82:4A:95:A3:7D:11:DB:66:B2:E5:B3:FC:92:51:BB:D6:39:BB:CA:41
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 018D1E78865C3F7EC283BC60474EC62A6B14
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/gkqVo30R22ay5bP8klG71jm7ykE.roa
Signing time: Thu 18 Jan 2024 21:27:11 +0000
ROA not before: Thu 18 Jan 2024 21:27:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.98.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.106.0/24 maxlen: 24
85.117.107.0/24 maxlen: 24
85.117.108.0/24 maxlen: 24
85.117.109.0/24 maxlen: 24
85.117.110.0/24 maxlen: 24
85.117.111.0/24 maxlen: 24
85.117.112.0/24 maxlen: 24
85.117.113.0/24 maxlen: 24
85.117.114.0/24 maxlen: 24
85.117.115.0/24 maxlen: 24
85.117.116.0/24 maxlen: 24
85.117.117.0/24 maxlen: 24
85.117.118.0/24 maxlen: 24
85.117.119.0/24 maxlen: 24
85.117.120.0/24 maxlen: 24
85.117.121.0/24 maxlen: 24
85.117.122.0/24 maxlen: 24
85.117.123.0/24 maxlen: 24
185.57.72.0/24 maxlen: 24
185.57.73.0/24 maxlen: 24
185.57.74.0/24 maxlen: 24
185.57.75.0/24 maxlen: 24
217.76.68.0/24 maxlen: 24
217.76.71.0/24 maxlen: 24
217.76.72.0/24 maxlen: 24
217.76.74.0/24 maxlen: 24
217.76.75.0/24 maxlen: 24
217.76.76.0/24 maxlen: 24
217.76.77.0/24 maxlen: 24
217.76.78.0/24 maxlen: 24
217.76.79.0/24 maxlen: 24
2a03:32c0:a::/48 maxlen: 48
2a03:32c0:b::/48 maxlen: 48
2a03:32c0:c::/48 maxlen: 48
2a03:32c0:d::/48 maxlen: 48
2a03:32c0:16::/48 maxlen: 48
2a03:32c0:17::/48 maxlen: 48
2a03:32c0:18::/48 maxlen: 48
2a03:32c0:300e::/48 maxlen: 48
2a03:32c0:300f::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 19 Jan 2024 08:51:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1e:78:86:5c:3f:7e:c2:83:bc:60:47:4e:c6:2a:6b:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Jan 18 21:27:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=824a95a37d11db66b2e5b3fc9251bbd639bbca41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:30:3f:8b:c2:7f:52:0e:98:9b:db:96:db:c4:
b1:52:28:73:76:46:31:e7:ba:4e:81:fc:70:e5:13:
cd:79:a5:13:80:ed:eb:4e:63:2b:6e:cb:6e:9e:fe:
fe:57:d3:eb:31:aa:c5:00:c6:00:dc:51:af:d1:68:
d5:1f:7e:16:a9:a0:6a:a9:6f:a4:30:c1:9f:f9:eb:
e4:17:de:a1:02:77:39:d6:d2:81:a0:41:fb:df:bd:
23:86:eb:42:c6:53:06:2c:dc:6e:7e:06:25:3d:f9:
ef:62:74:14:d0:f3:11:99:94:bc:74:dd:60:1a:b0:
96:f4:5b:d5:36:70:8b:85:d1:a9:9e:ae:ba:65:88:
62:48:9d:33:dc:b1:bc:59:56:1e:68:7c:c2:0a:91:
0d:98:7a:7e:7f:f9:64:4a:c7:b9:4f:74:69:e9:43:
17:8e:13:85:79:97:45:9f:37:3d:08:34:2c:0e:92:
3a:5b:87:a1:8b:4f:3d:0b:3b:82:a9:cb:ad:37:6e:
e2:57:ef:5e:0f:3a:75:d7:d9:4f:9e:c9:2b:fb:3c:
f3:25:84:a8:b0:db:5e:ef:67:e7:7b:8b:ea:da:91:
c0:2c:c2:45:af:e0:ca:62:ac:5d:4b:68:26:b2:e0:
06:8d:3a:e4:85:c1:0e:aa:0e:2f:4b:5a:74:27:a0:
72:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:4A:95:A3:7D:11:DB:66:B2:E5:B3:FC:92:51:BB:D6:39:BB:CA:41
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/gkqVo30R22ay5bP8klG71jm7ykE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0-85.117.123.255
185.57.72.0/22
217.76.68.0/24
217.76.71.0-217.76.72.255
217.76.74.0-217.76.79.255
IPv6:
2a03:32c0:a::-2a03:32c0:d:ffff:ffff:ffff:ffff:ffff
2a03:32c0:16::-2a03:32c0:18:ffff:ffff:ffff:ffff:ffff
2a03:32c0:300e::/47
Signature Algorithm: sha256WithRSAEncryption
0c:64:90:85:51:c5:da:6c:c8:e9:9a:38:72:06:12:d7:dc:d1:
a4:5a:66:a1:40:1f:53:ac:30:c0:a4:73:7f:0d:d6:4a:7a:b0:
7e:5d:b9:e3:1e:46:08:79:fa:24:94:c7:30:31:16:29:75:00:
ed:3e:cc:21:e1:c1:fb:35:f7:17:19:b4:61:10:32:c4:51:0e:
01:2a:29:6f:03:5e:be:28:27:e2:0c:c6:db:22:90:da:1a:5b:
98:ac:6c:5e:fd:6f:c0:93:79:c0:6b:e2:52:ed:57:a8:f6:40:
66:ae:e0:51:b9:38:eb:73:76:46:f3:27:28:49:b7:cd:ae:fb:
26:c2:9f:35:03:fe:63:a2:66:75:3b:29:fe:aa:5c:50:24:2f:
5f:30:38:73:b9:46:e6:a3:ea:65:54:25:5f:b3:a6:91:a9:68:
ea:e0:61:8d:3d:4a:6f:7a:66:ec:3f:92:5d:a2:0c:95:47:75:
3b:7d:21:cf:06:c8:3c:5b:74:46:1f:82:6d:4c:f0:1d:03:80:
17:30:77:c1:97:57:55:86:e9:84:ee:5b:34:c8:de:e6:d9:f7:
8e:8f:7f:ec:29:29:c3:57:c1:3a:f0:b3:b4:86:27:96:51:53:
3b:6d:fb:e5:14:97:4b:39:57:ed:98:d9:11:f6:8d:e2:a3:be:
61:b3:1f:fe
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAY0eeIZcP37Cg7xgR07GKmsUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQwMTE4MjEyNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjRhOTVhMzdkMTFkYjY2YjJlNWIzZmM5MjUxYmJkNjM5YmJjYTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjA/i8J/Ug6Ym9uW28SxUihzdkYx
57pOgfxw5RPNeaUTgO3rTmMrbstunv7+V9PrMarFAMYA3FGv0WjVH34WqaBqqW+k
MMGf+evkF96hAnc51tKBoEH7370jhutCxlMGLNxufgYlPfnvYnQU0PMRmZS8dN1g
GrCW9FvVNnCLhdGpnq66ZYhiSJ0z3LG8WVYeaHzCCpENmHp+f/lkSse5T3Rp6UMX
jhOFeZdFnzc9CDQsDpI6W4ehi089CzuCqcutN27iV+9eDzp119lPnskr+zzzJYSo
sNte72fne4vq2pHALMJFr+DKYqxdS2gmsuAGjTrkhcEOqg4vS1p0J6BynQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFIJKlaN9EdtmsuWz/JJRu9Y5u8pBMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvZ2txVm8zMFIyMmF5NWJQOGtsRzcxam03eWtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwPAQCAAEwNjAMAwQFVXVg
AwQCVXV4AwQCuTlIAwQA2UxEMAwDBADZTEcDBADZTEgwDAMEAdlMSgMEBNlMQDA3
BAIAAjAxMBIDBwEqAzLAAAoDBwEqAzLAAAwwEgMHASoDMsAAFgMHACoDMsAAGAMH
ASoDMsAwDjANBgkqhkiG9w0BAQsFAAOCAQEADGSQhVHF2mzI6Zo4cgYS19zRpFpm
oUAfU6wwwKRzfw3WSnqwfl254x5GCHn6JJTHMDEWKXUA7T7MIeHB+zX3Fxm0YRAy
xFEOASopbwNevign4gzG2yKQ2hpbmKxsXv1vwJN5wGviUu1XqPZAZq7gUbk463N2
RvMnKEm3za77JsKfNQP+Y6JmdTsp/qpcUCQvXzA4c7lG5qPqZVQlX7Omkalo6uBh
jT1Kb3pm7D+SXaIMlUd1O30hzwbIPFt0Rh+CbUzwHQOAFzB3wZdXVYbphO5bNMje
5tn3jo9/7Ckpw1fBOvCztIYnllFTO2375RSXSzlX7ZjZEfaN4qO+YbMf/g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:54 2025 by rpki-client