Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/eOD1ynUUbfQbcc2_1jDvrSQBtq0.roa
File: eOD1ynUUbfQbcc2_1jDvrSQBtq0.roa (raw, json)
Hash identifier: ANkYjIT6/5PACF4Xa50T6IW2xKrKbJjxRFVdQ3pG0VU=
Subject key identifier: 78:E0:F5:CA:75:14:6D:F4:1B:71:CD:BF:D6:30:EF:AD:24:01:B6:AD
Certificate issuer: /CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Certificate serial: 018FBE807D4A49D8334DDF6E1448EF7D34A5
Authority key identifier: 99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/eOD1ynUUbfQbcc2_1jDvrSQBtq0.roa
Signing time: Tue 28 May 2024 09:20:42 +0000
ROA not before: Tue 28 May 2024 09:20:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42018
IP address blocks: 85.255.193.0/24 maxlen: 24
85.255.194.0/24 maxlen: 24
85.255.195.0/24 maxlen: 24
85.255.196.0/24 maxlen: 24
85.255.198.0/24 maxlen: 24
85.255.199.0/24 maxlen: 24
85.255.202.0/24 maxlen: 24
85.255.203.0/24 maxlen: 24
85.255.204.0/24 maxlen: 24
85.255.205.0/24 maxlen: 24
85.255.206.0/24 maxlen: 24
85.255.207.0/24 maxlen: 24
185.35.52.0/22 maxlen: 22
185.35.52.0/24 maxlen: 24
185.35.53.0/24 maxlen: 24
2a01:498::/32 maxlen: 32
2a01:498:500::/40 maxlen: 40
2a01:498:8100::/40 maxlen: 40
2a01:498:8500::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 28 May 2024 11:52:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:be:80:7d:4a:49:d8:33:4d:df:6e:14:48:ef:7d:34:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Validity
Not Before: May 28 09:20:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78e0f5ca75146df41b71cdbfd630efad2401b6ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:86:ee:c6:10:c6:16:84:98:a0:ab:44:55:ff:
e9:3a:75:9d:bf:82:ec:90:fa:2d:a9:6a:f8:31:60:
9c:76:6c:30:fc:e1:f1:fc:77:f2:e1:e4:2c:63:42:
49:1f:d6:37:33:3a:39:97:85:d6:e2:3f:97:d4:7c:
14:6d:2a:ab:02:b7:0d:c6:f9:05:c3:98:fd:96:3f:
21:72:11:cc:ce:19:39:c8:69:48:13:a8:49:ff:a0:
0a:44:54:58:95:6d:30:b2:d6:08:e0:90:77:a6:ec:
df:0d:13:e4:23:7f:4b:2a:ef:65:9a:aa:81:53:d1:
40:c0:11:91:6a:e8:32:3e:8d:66:f1:4c:08:ad:06:
40:cd:8a:c1:da:7a:2b:9e:29:dd:88:41:bc:fd:5a:
18:55:6b:02:53:c2:38:ed:3e:32:84:ee:a1:c3:2a:
3b:0d:f5:66:4b:9c:2d:80:13:ab:31:08:ce:3e:97:
de:31:3f:c7:5f:6c:60:28:66:dc:81:3b:eb:39:4c:
e9:00:cf:7a:b5:d7:95:94:88:34:a4:00:2c:77:cf:
9a:80:ff:ea:ef:a6:ad:b2:3b:ff:97:52:9a:fc:b5:
40:f8:b2:2e:aa:26:09:c2:ff:79:f4:60:45:e4:8d:
9f:29:5c:8c:b5:53:fc:6c:4e:55:e6:f9:01:50:25:
b8:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:E0:F5:CA:75:14:6D:F4:1B:71:CD:BF:D6:30:EF:AD:24:01:B6:AD
X509v3 Authority Key Identifier:
keyid:99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/eOD1ynUUbfQbcc2_1jDvrSQBtq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.193.0-85.255.196.255
85.255.198.0/23
85.255.202.0-85.255.207.255
185.35.52.0/22
IPv6:
2a01:498::/32
Signature Algorithm: sha256WithRSAEncryption
b3:c8:ad:67:7f:0e:26:2f:08:ff:40:e1:bc:4e:6d:81:1a:01:
9c:94:95:19:4b:49:f3:b7:4b:c1:3c:4f:0a:3b:41:e5:75:d2:
ff:35:88:27:13:42:cd:20:8c:04:55:3b:cd:22:65:e2:eb:4a:
2a:24:5f:39:ef:15:ea:61:c0:3a:96:7b:bf:f0:5a:ca:0b:1f:
99:6d:05:b2:0e:62:67:e0:64:c3:8b:7c:b6:e1:df:dc:ce:70:
6c:7d:cb:84:6b:0e:67:e9:47:41:f6:e3:c3:d8:a6:fe:41:16:
1c:a7:8e:66:c2:79:ab:94:72:20:0e:c6:79:52:f9:84:3e:26:
ca:a0:2f:eb:26:72:d8:02:65:d5:4d:a9:5e:37:b9:60:47:0e:
63:99:4d:ce:06:cc:b2:d3:5d:4c:77:37:8c:84:36:44:6a:3c:
35:57:de:ac:a8:d5:12:77:90:76:c7:ab:b3:e7:90:46:9c:0f:
1d:0a:33:b8:46:0d:de:c3:90:b8:8a:f0:97:e4:af:1c:47:b0:
30:e2:c1:7a:60:7a:93:6f:8c:cc:ea:f7:8c:52:a4:34:59:1f:
ed:04:97:fc:74:f9:b9:b2:82:e7:7f:81:4a:d0:43:66:10:76:
18:b6:0c:4a:25:31:ca:4e:d7:e5:69:0b:c4:10:13:3e:b8:65:
f6:ed:30:3a
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAY++gH1KSdgzTd9uFEjvfTSlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5OWRmN2RjMGVkNTE4ZjFlYzY5OTc0Y2Y5OGNlY2FhZGEx
YTg2ODAwHhcNMjQwNTI4MDkyMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGUwZjVjYTc1MTQ2ZGY0MWI3MWNkYmZkNjMwZWZhZDI0MDFiNmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2IbuxhDGFoSYoKtEVf/pOnWdv4Ls
kPotqWr4MWCcdmww/OHx/Hfy4eQsY0JJH9Y3Mzo5l4XW4j+X1HwUbSqrArcNxvkF
w5j9lj8hchHMzhk5yGlIE6hJ/6AKRFRYlW0wstYI4JB3puzfDRPkI39LKu9lmqqB
U9FAwBGRaugyPo1m8UwIrQZAzYrB2nornindiEG8/VoYVWsCU8I47T4yhO6hwyo7
DfVmS5wtgBOrMQjOPpfeMT/HX2xgKGbcgTvrOUzpAM96tdeVlIg0pAAsd8+agP/q
76atsjv/l1Ka/LVA+LIuqiYJwv959GBF5I2fKVyMtVP8bE5V5vkBUCW4VQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFHjg9cp1FG30G3HNv9Yw760kAbatMB8GA1UdIwQY
MBaAFJmd99wO1Rjx7GmXTPmM7KraGoaAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYt
MTM4Yjc4N2RlM2UzLzEvZU9EMXluVVViZlFiY2MyXzFqRHZyU1FCdHEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYtMTM4Yjc4N2RlM2Uz
LzEvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoMAwDBABV/8ED
BABV/8QDBAFV/8YwDAMEAVX/ygMEBFX/wAMEArkjNDANBAIAAjAHAwUAKgEEmDAN
BgkqhkiG9w0BAQsFAAOCAQEAs8itZ38OJi8I/0DhvE5tgRoBnJSVGUtJ87dLwTxP
CjtB5XXS/zWIJxNCzSCMBFU7zSJl4utKKiRfOe8V6mHAOpZ7v/BaygsfmW0Fsg5i
Z+Bkw4t8tuHf3M5wbH3LhGsOZ+lHQfbjw9im/kEWHKeOZsJ5q5RyIA7GeVL5hD4m
yqAv6yZy2AJl1U2pXje5YEcOY5lNzgbMstNdTHc3jIQ2RGo8NVferKjVEneQdser
s+eQRpwPHQozuEYN3sOQuIrwl+SvHEewMOLBemB6k2+MzOr3jFKkNFkf7QSX/HT5
ubKC53+BStBDZhB2GLYMSiUxyk7X5WkLxBATPrhl9u0wOg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:33 2024 by rpki-client on console-fra.rpki-client.org