Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/ob3LZlHSpZ53d-MShabcpYVt_Rg.roa
File: ob3LZlHSpZ53d-MShabcpYVt_Rg.roa (raw, json)
Hash identifier: gg0DaVKETVmJxqvM4zwBPz2zTaI4hIIPj3lwwnFVtPY=
Subject key identifier: A1:BD:CB:66:51:D2:A5:9E:77:77:E3:12:85:A6:DC:A5:85:6D:FD:18
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 018D156BAB4F41CA855A17D740AE5EDE5841
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/ob3LZlHSpZ53d-MShabcpYVt_Rg.roa
Signing time: Wed 17 Jan 2024 03:16:34 +0000
ROA not before: Wed 17 Jan 2024 03:16:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.98.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.106.0/24 maxlen: 24
85.117.107.0/24 maxlen: 24
85.117.108.0/24 maxlen: 24
85.117.109.0/24 maxlen: 24
85.117.110.0/24 maxlen: 24
85.117.111.0/24 maxlen: 24
85.117.112.0/24 maxlen: 24
85.117.113.0/24 maxlen: 24
85.117.114.0/24 maxlen: 24
85.117.115.0/24 maxlen: 24
185.57.72.0/24 maxlen: 24
185.57.73.0/24 maxlen: 24
185.57.74.0/24 maxlen: 24
185.57.75.0/24 maxlen: 24
217.76.68.0/24 maxlen: 24
217.76.71.0/24 maxlen: 24
217.76.72.0/24 maxlen: 24
217.76.74.0/24 maxlen: 24
217.76.75.0/24 maxlen: 24
217.76.76.0/24 maxlen: 24
217.76.77.0/24 maxlen: 24
217.76.78.0/24 maxlen: 24
217.76.79.0/24 maxlen: 24
2a03:32c0:a::/48 maxlen: 48
2a03:32c0:b::/48 maxlen: 48
2a03:32c0:c::/48 maxlen: 48
2a03:32c0:d::/48 maxlen: 48
2a03:32c0:16::/48 maxlen: 48
2a03:32c0:17::/48 maxlen: 48
2a03:32c0:18::/48 maxlen: 48
2a03:32c0:300e::/48 maxlen: 48
2a03:32c0:300f::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 17 Jan 2024 08:45:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:15:6b:ab:4f:41:ca:85:5a:17:d7:40:ae:5e:de:58:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Jan 17 03:16:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1bdcb6651d2a59e7777e31285a6dca5856dfd18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:35:f9:9f:a2:91:7c:de:e4:8c:0b:f2:7e:57:
e7:39:94:b9:d3:48:87:31:f5:85:d1:1b:ae:c6:d3:
73:f3:d2:7f:15:20:4a:a5:ac:4d:f3:81:f5:f7:14:
ed:52:a9:29:e0:56:e0:d4:66:15:bd:29:5e:1f:d5:
c0:7f:5d:20:96:7c:fb:cf:c7:6d:03:42:f8:a5:2b:
22:8e:fc:46:27:ee:dd:20:4a:e9:72:a9:67:ea:fa:
05:ff:80:44:1f:38:68:e2:a7:09:ab:ae:05:2a:80:
f2:a3:e3:53:7f:d4:7f:72:30:e9:ad:f6:3c:7d:ce:
fb:c0:a5:d3:b9:fa:eb:65:bf:82:74:c6:f7:6a:3e:
d0:d8:ee:f7:28:a2:fb:09:98:9e:3d:d7:89:0b:99:
13:c8:ef:1f:5b:22:48:06:3b:b9:0d:eb:4e:eb:46:
5c:ac:6c:4f:70:fb:ef:7c:a0:b5:16:cf:28:f9:7f:
2d:e6:6c:ec:33:58:b7:9d:09:7a:f2:1e:fa:1f:05:
52:e4:46:64:6f:78:5f:74:38:5b:7a:f5:dc:e3:f9:
0c:4a:11:a7:15:3a:64:4d:05:15:23:36:51:57:27:
08:a7:a3:d3:2f:08:d6:dc:3d:3d:3e:d1:e4:16:b1:
27:41:ff:29:90:d6:bc:63:c0:9c:2f:a0:f4:49:cb:
69:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:BD:CB:66:51:D2:A5:9E:77:77:E3:12:85:A6:DC:A5:85:6D:FD:18
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/ob3LZlHSpZ53d-MShabcpYVt_Rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0-85.117.115.255
185.57.72.0/22
217.76.68.0/24
217.76.71.0-217.76.72.255
217.76.74.0-217.76.79.255
IPv6:
2a03:32c0:a::-2a03:32c0:d:ffff:ffff:ffff:ffff:ffff
2a03:32c0:16::-2a03:32c0:18:ffff:ffff:ffff:ffff:ffff
2a03:32c0:300e::/47
Signature Algorithm: sha256WithRSAEncryption
6e:a1:ee:af:e7:18:7d:ef:47:86:c9:1c:d3:08:fa:78:75:39:
a0:c5:5a:00:ca:64:e1:95:80:ae:9e:7d:00:14:6f:d6:bd:7a:
6f:2e:2e:42:8d:0e:a0:42:07:c5:ff:80:57:af:f9:5f:b8:08:
16:3b:75:f2:60:8b:5a:2e:57:b4:a1:0c:ad:93:6b:c9:fa:0b:
93:95:85:00:10:a5:5d:99:6a:a8:38:c1:8e:10:10:5e:c1:4f:
eb:d1:9c:ea:cd:03:fe:ae:77:f8:b0:9d:c1:10:6f:38:32:89:
6b:2d:e9:2f:92:52:6b:8f:35:bc:ba:ec:06:8c:c9:cc:ac:04:
b9:f8:66:87:b4:cc:a3:f2:8b:71:90:d5:78:85:05:40:f1:6c:
28:37:23:c5:8a:95:bd:dd:d2:5a:3f:f8:63:58:53:ed:d6:c8:
5e:7f:19:3a:64:df:69:b0:90:ce:25:02:e2:4c:89:6d:cd:3b:
70:f1:12:7b:7d:b6:8a:5f:f5:bd:90:69:35:46:79:31:2f:cb:
58:31:92:62:cf:60:3a:2b:62:6d:9f:7e:d8:eb:23:41:29:75:
e0:7b:28:d3:2a:4d:63:16:42:cf:da:8f:27:bc:36:a0:2e:38:
ec:3a:db:4b:08:f7:63:8c:dc:c9:ea:b5:86:fe:0e:50:eb:0e:
8b:e6:17:6f
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAY0Va6tPQcqFWhfXQK5e3lhBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQwMTE3MDMxNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWJkY2I2NjUxZDJhNTllNzc3N2UzMTI4NWE2ZGNhNTg1NmRmZDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzX5n6KRfN7kjAvyflfnOZS500iH
MfWF0RuuxtNz89J/FSBKpaxN84H19xTtUqkp4Fbg1GYVvSleH9XAf10glnz7z8dt
A0L4pSsijvxGJ+7dIErpcqln6voF/4BEHzho4qcJq64FKoDyo+NTf9R/cjDprfY8
fc77wKXTufrrZb+CdMb3aj7Q2O73KKL7CZiePdeJC5kTyO8fWyJIBju5DetO60Zc
rGxPcPvvfKC1Fs8o+X8t5mzsM1i3nQl68h76HwVS5EZkb3hfdDhbevXc4/kMShGn
FTpkTQUVIzZRVycIp6PTLwjW3D09PtHkFrEnQf8pkNa8Y8CcL6D0SctpfQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFKG9y2ZR0qWed3fjEoWm3KWFbf0YMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvb2IzTFpsSFNwWjUzZC1NU2hhYmNwWVZ0X1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwPAQCAAEwNjAMAwQFVXVg
AwQCVXVwAwQCuTlIAwQA2UxEMAwDBADZTEcDBADZTEgwDAMEAdlMSgMEBNlMQDA3
BAIAAjAxMBIDBwEqAzLAAAoDBwEqAzLAAAwwEgMHASoDMsAAFgMHACoDMsAAGAMH
ASoDMsAwDjANBgkqhkiG9w0BAQsFAAOCAQEAbqHur+cYfe9Hhskc0wj6eHU5oMVa
AMpk4ZWArp59ABRv1r16by4uQo0OoEIHxf+AV6/5X7gIFjt18mCLWi5XtKEMrZNr
yfoLk5WFABClXZlqqDjBjhAQXsFP69Gc6s0D/q53+LCdwRBvODKJay3pL5JSa481
vLrsBozJzKwEufhmh7TMo/KLcZDVeIUFQPFsKDcjxYqVvd3SWj/4Y1hT7dbIXn8Z
OmTfabCQziUC4kyJbc07cPESe322il/1vZBpNUZ5MS/LWDGSYs9gOitibZ9+2Osj
QSl14Hso0ypNYxZCz9qPJ7w2oC447DrbSwj3Y4zcyeq1hv4OUOsOi+YXbw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:08 2024 by rpki-client on console-fra.rpki-client.org