Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/85Y-xuwmevo-7i4YUT6gXERukOw.roa
File: 85Y-xuwmevo-7i4YUT6gXERukOw.roa (raw, json)
Hash identifier: WO9l9jEP1swmmQ1D9t7KQpqRP60JQDk1XrxbuYwUV4Q=
Subject key identifier: F3:96:3E:C6:EC:26:7A:FA:3E:EE:2E:18:51:3E:A0:5C:44:6E:90:EC
Certificate issuer: /CN=07f2a175be20108641c649553213f212511667a5
Certificate serial: 018CCA2A13B1F953B9641F8622B624EF7205
Authority key identifier: 07:F2:A1:75:BE:20:10:86:41:C6:49:55:32:13:F2:12:51:16:67:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B_Khdb4gEIZBxklVMhPyElEWZ6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/85Y-xuwmevo-7i4YUT6gXERukOw.roa
Signing time: Tue 02 Jan 2024 12:33:24 +0000
ROA not before: Tue 02 Jan 2024 12:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39806
IP address blocks: 195.190.149.0/24 maxlen: 24
195.190.150.0/24 maxlen: 24
195.190.154.0/24 maxlen: 24
195.190.157.0/24 maxlen: 24
185.166.232.0/23 maxlen: 24
185.166.235.0/24 maxlen: 24
185.166.234.0/24 maxlen: 24
2a0b:2200::/29 maxlen: 64
2a0f:c140::/29 maxlen: 64
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:13:b1:f9:53:b9:64:1f:86:22:b6:24:ef:72:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07f2a175be20108641c649553213f212511667a5
Validity
Not Before: Jan 2 12:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3963ec6ec267afa3eee2e18513ea05c446e90ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:68:65:e6:07:f5:cf:47:49:02:ee:f7:b4:5f:
ab:8e:ca:75:90:03:69:57:46:bb:98:77:b6:58:8b:
15:c3:a9:1c:09:0c:cb:98:8a:8c:42:c9:a2:2c:b2:
07:e3:f1:ad:ec:52:b6:6b:40:3e:87:27:fe:de:54:
6b:d9:07:d5:42:76:26:0f:00:1e:77:56:49:a4:3d:
df:0d:74:b4:51:23:97:d3:61:db:e4:6f:b9:2e:50:
88:fd:7e:a2:47:ba:1c:cf:89:08:86:db:95:58:b2:
f7:a1:eb:1d:a3:8d:b7:92:59:bb:a2:6b:ad:3f:34:
1e:d9:db:ac:26:06:71:fc:be:dc:11:cc:7f:07:c8:
58:2c:5e:54:17:b7:7c:61:6e:c6:4f:47:fb:cc:2b:
4a:6d:d8:93:ce:e9:c2:a7:39:8d:83:0e:9e:70:7a:
cc:8a:a4:ec:5c:d5:86:68:b5:e3:15:c7:86:6f:df:
c6:ed:e4:03:bd:a5:f5:34:c7:5c:7b:2d:f8:48:80:
61:89:21:02:fd:2b:ca:c8:ba:5c:d3:17:f8:4f:1e:
cc:32:f3:43:ac:04:68:9c:7e:6f:c1:d3:60:24:e3:
ad:02:0f:ba:2f:ca:c3:ed:77:29:e8:95:5d:69:f9:
bf:7a:e1:a0:1f:fa:11:ab:01:32:07:ce:7e:7d:a5:
b9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:96:3E:C6:EC:26:7A:FA:3E:EE:2E:18:51:3E:A0:5C:44:6E:90:EC
X509v3 Authority Key Identifier:
keyid:07:F2:A1:75:BE:20:10:86:41:C6:49:55:32:13:F2:12:51:16:67:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_Khdb4gEIZBxklVMhPyElEWZ6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/85Y-xuwmevo-7i4YUT6gXERukOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/B_Khdb4gEIZBxklVMhPyElEWZ6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.232.0/22
195.190.149.0-195.190.150.255
195.190.154.0/24
195.190.157.0/24
IPv6:
2a0b:2200::/29
2a0f:c140::/29
Signature Algorithm: sha256WithRSAEncryption
86:f0:5a:25:91:37:99:ef:51:03:54:a6:c7:d9:f0:e2:44:32:
d3:10:89:24:9a:51:b5:e1:b9:02:28:95:b3:e7:00:aa:8b:fc:
fc:0e:c0:0e:ed:a5:b6:3d:7b:15:c8:c9:98:7f:19:e6:25:c7:
8d:ff:f2:22:95:aa:f8:02:40:41:4b:b8:21:d7:65:85:00:01:
bd:38:2f:47:e5:16:e5:65:d2:2d:f4:f6:d7:bf:f5:be:a6:f5:
d2:41:8e:89:c5:83:e1:8f:3b:83:e1:4e:00:7f:1e:51:ad:ee:
ca:a4:b8:73:4d:30:94:2e:8a:79:6c:1d:e5:11:11:45:62:6b:
f5:d0:6c:1e:6d:e5:0e:00:41:7a:65:ae:cf:08:ad:45:b3:a0:
e5:38:bd:47:26:5c:06:0e:e1:f6:7c:58:5b:3a:dc:0c:4f:17:
01:4b:e1:28:59:ed:78:62:66:b8:38:19:59:b1:db:8e:59:e0:
0f:d0:63:19:d5:0c:93:08:d7:77:c6:c8:10:73:77:4e:ed:96:
db:c7:3d:c9:c0:1f:58:07:f5:5d:cb:11:36:e3:16:3a:08:d8:
09:2b:63:9e:35:f9:b7:0c:87:53:a8:85:ba:c7:70:48:d6:44:
73:3d:5c:c8:2f:54:1f:97:56:77:b7:48:ca:8f:8a:2e:62:40:
fa:7d:bc:b8
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzKKhOx+VO5ZB+GIrYk73IFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZjJhMTc1YmUyMDEwODY0MWM2NDk1NTMyMTNmMjEyNTEx
NjY3YTUwHhcNMjQwMTAyMTIzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzk2M2VjNmVjMjY3YWZhM2VlZTJlMTg1MTNlYTA1YzQ0NmU5MGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2hl5gf1z0dJAu73tF+rjsp1kANp
V0a7mHe2WIsVw6kcCQzLmIqMQsmiLLIH4/Gt7FK2a0A+hyf+3lRr2QfVQnYmDwAe
d1ZJpD3fDXS0USOX02Hb5G+5LlCI/X6iR7ocz4kIhtuVWLL3oesdo423klm7omut
PzQe2dusJgZx/L7cEcx/B8hYLF5UF7d8YW7GT0f7zCtKbdiTzunCpzmNgw6ecHrM
iqTsXNWGaLXjFceGb9/G7eQDvaX1NMdcey34SIBhiSEC/SvKyLpc0xf4Tx7MMvND
rARonH5vwdNgJOOtAg+6L8rD7Xcp6JVdafm/euGgH/oRqwEyB85+faW5kQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFPOWPsbsJnr6Pu4uGFE+oFxEbpDsMB8GA1UdIwQY
MBaAFAfyoXW+IBCGQcZJVTIT8hJRFmelMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9LaGRiNGdFSVpCeGtsVk1oUHlFbEVXWjZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zNmIwODUtMWE1Yi00YWY5LTg3OGIt
Mzc2NDI2ZmZkNjYyLzEvODVZLXh1d21ldm8tN2k0WVVUNmdYRVJ1a093LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8zNmIwODUtMWE1Yi00YWY5LTg3OGItMzc2NDI2ZmZkNjYy
LzEvQl9LaGRiNGdFSVpCeGtsVk1oUHlFbEVXWjZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAmBAIAATAgAwQCuaboMAwD
BADDvpUDBADDvpYDBADDvpoDBADDvp0wFAQCAAIwDgMFAyoLIgADBQMqD8FAMA0G
CSqGSIb3DQEBCwUAA4IBAQCG8FolkTeZ71EDVKbH2fDiRDLTEIkkmlG14bkCKJWz
5wCqi/z8DsAO7aW2PXsVyMmYfxnmJceN//Iilar4AkBBS7gh12WFAAG9OC9H5Rbl
ZdIt9PbXv/W+pvXSQY6JxYPhjzuD4U4Afx5Rre7KpLhzTTCULop5bB3lERFFYmv1
0GwebeUOAEF6Za7PCK1Fs6DlOL1HJlwGDuH2fFhbOtwMTxcBS+EoWe14Yma4OBlZ
sduOWeAP0GMZ1QyTCNd3xsgQc3dO7Zbbxz3JwB9YB/VdyxE24xY6CNgJK2OeNfm3
DIdTqIW6x3BI1kRzPVzIL1Qfl1Z3t0jKj4ouYkD6fby4
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:00 2025 by rpki-client