
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/a0e8e3-a4e7-4a9e-b798-04e1fa808426/1/KtNaaFbYVIm-jy7G4IRmNvMhsJQ.roa
File: KtNaaFbYVIm-jy7G4IRmNvMhsJQ.roa (raw, json)
Hash identifier: HYeHOqAMp3wWUzhR2RdoKRc9ip/2BFeyQhjl6lyzI04=
Subject key identifier: 2A:D3:5A:68:56:D8:54:89:BE:8F:2E:C6:E0:84:66:36:F3:21:B0:94
Certificate issuer: /CN=b01a59d0a61aa6174438988cc83598dbfea5a998
Certificate serial: 018CC94E5B9D9061CF37CD0CC4BE219BB046
Authority key identifier: B0:1A:59:D0:A6:1A:A6:17:44:38:98:8C:C8:35:98:DB:FE:A5:A9:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBpZ0KYaphdEOJiMyDWY2_6lqZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/a0e8e3-a4e7-4a9e-b798-04e1fa808426/1/KtNaaFbYVIm-jy7G4IRmNvMhsJQ.roa
Signing time: Tue 02 Jan 2024 08:33:24 +0000
ROA not before: Tue 02 Jan 2024 08:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209348
IP address blocks: 85.208.228.0/24 maxlen: 24
85.208.231.0/24 maxlen: 24
85.208.229.0/24 maxlen: 24
85.208.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:5b:9d:90:61:cf:37:cd:0c:c4:be:21:9b:b0:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b01a59d0a61aa6174438988cc83598dbfea5a998
Validity
Not Before: Jan 2 08:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ad35a6856d85489be8f2ec6e0846636f321b094
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ee:c7:b6:af:72:10:02:7d:00:a9:01:47:20:
7a:d7:50:24:ba:fb:2a:b4:25:5e:7e:09:f2:58:70:
dd:5c:47:11:e3:46:85:40:e3:e8:82:11:40:22:2e:
0d:ab:9b:e1:df:49:01:c5:39:28:29:f9:b1:61:34:
20:51:d0:7f:be:25:d5:0e:d6:5c:99:e2:63:ec:84:
d1:5f:fb:9c:eb:8c:65:89:18:1b:32:af:f3:bb:d0:
69:cc:92:5e:3b:84:ec:67:ab:a5:7d:3a:ce:c0:17:
8b:e3:90:95:ca:d3:07:ec:8c:8d:81:00:30:c7:66:
5e:e0:1a:8b:63:99:55:a1:f2:50:f7:24:dd:1f:0a:
20:9a:34:02:19:02:28:de:08:a4:79:ea:1c:84:24:
38:4c:5b:7b:f8:df:54:a0:96:6c:1b:35:f5:da:fb:
6a:3e:ec:28:eb:27:5e:27:a8:45:90:58:4d:9f:b5:
68:9e:de:3d:8a:73:4c:fe:76:53:66:e9:a5:9c:41:
60:b2:65:cd:0d:fd:b0:70:06:71:d7:89:cb:c4:55:
09:ed:c2:7b:f2:40:7d:57:4e:0f:ef:ef:9c:05:cb:
b9:cc:89:12:db:26:08:8d:5f:17:4a:2d:a1:00:50:
ae:5f:be:66:dc:12:a9:56:dd:e2:48:4b:10:72:a4:
f6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D3:5A:68:56:D8:54:89:BE:8F:2E:C6:E0:84:66:36:F3:21:B0:94
X509v3 Authority Key Identifier:
keyid:B0:1A:59:D0:A6:1A:A6:17:44:38:98:8C:C8:35:98:DB:FE:A5:A9:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBpZ0KYaphdEOJiMyDWY2_6lqZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a0e8e3-a4e7-4a9e-b798-04e1fa808426/1/KtNaaFbYVIm-jy7G4IRmNvMhsJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a0e8e3-a4e7-4a9e-b798-04e1fa808426/1/sBpZ0KYaphdEOJiMyDWY2_6lqZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.228.0/22
Signature Algorithm: sha256WithRSAEncryption
93:ab:e7:58:fb:ae:13:27:5b:17:f8:a8:4a:af:6e:8a:33:ea:
22:94:15:54:b8:58:ec:1b:0f:31:f7:fa:bb:b1:3f:30:b0:fd:
72:47:e6:f0:b1:ca:12:93:43:44:1e:bf:d8:25:ab:ab:8e:5a:
b3:72:57:35:5f:1d:08:c6:c0:2c:0e:89:f2:af:79:18:ce:cb:
38:68:e8:eb:7d:ea:98:8e:50:62:47:b6:f5:0d:50:cc:9a:dd:
d6:f0:1a:d9:e1:ed:42:46:9a:81:be:56:30:bf:c5:d8:79:16:
69:e5:5f:b0:82:2c:84:c1:0d:57:2c:93:15:98:c2:f9:7e:a9:
df:de:13:3d:2d:80:36:55:50:0c:0d:45:bc:f9:9e:6f:91:5a:
66:3a:17:3d:2e:be:ae:c3:32:26:10:11:67:71:1d:b9:fc:df:
01:d0:24:1e:14:9b:b9:f3:3c:c4:c2:dd:e1:c9:cc:59:98:16:
51:68:a5:c1:34:64:35:30:2c:53:48:02:ef:dc:b6:09:05:0a:
3b:11:a1:15:4c:e6:42:ae:dd:ea:24:d1:11:1a:17:61:c2:be:
18:98:90:70:a5:86:d0:5b:c0:b5:8e:0d:0f:57:bd:5f:a6:fa:
80:cb:ae:87:47:0c:7d:95:ef:93:de:00:8a:3e:f3:16:9c:ce:
56:17:f7:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTludkGHPN80MxL4hm7BGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMWE1OWQwYTYxYWE2MTc0NDM4OTg4Y2M4MzU5OGRiZmVh
NWE5OTgwHhcNMjQwMTAyMDgzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWQzNWE2ODU2ZDg1NDg5YmU4ZjJlYzZlMDg0NjYzNmYzMjFiMDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+7Htq9yEAJ9AKkBRyB611Akuvsq
tCVefgnyWHDdXEcR40aFQOPoghFAIi4Nq5vh30kBxTkoKfmxYTQgUdB/viXVDtZc
meJj7ITRX/uc64xliRgbMq/zu9BpzJJeO4TsZ6ulfTrOwBeL45CVytMH7IyNgQAw
x2Ze4BqLY5lVofJQ9yTdHwogmjQCGQIo3gikeeochCQ4TFt7+N9UoJZsGzX12vtq
Puwo6ydeJ6hFkFhNn7Vont49inNM/nZTZumlnEFgsmXNDf2wcAZx14nLxFUJ7cJ7
8kB9V04P7++cBcu5zIkS2yYIjV8XSi2hAFCuX75m3BKpVt3iSEsQcqT2WQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCrTWmhW2FSJvo8uxuCEZjbzIbCUMB8GA1UdIwQY
MBaAFLAaWdCmGqYXRDiYjMg1mNv+pamYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0JwWjBLWWFwaGRFT0ppTXlEV1kyXzZscVpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9hMGU4ZTMtYTRlNy00YTllLWI3OTgt
MDRlMWZhODA4NDI2LzEvS3ROYWFGYllWSW0tank3RzRJUm1Odk1oc0pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9hMGU4ZTMtYTRlNy00YTllLWI3OTgtMDRlMWZhODA4NDI2
LzEvc0JwWjBLWWFwaGRFT0ppTXlEV1kyXzZscVpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdDkMA0G
CSqGSIb3DQEBCwUAA4IBAQCTq+dY+64TJ1sX+KhKr26KM+oilBVUuFjsGw8x9/q7
sT8wsP1yR+bwscoSk0NEHr/YJaurjlqzclc1Xx0IxsAsDonyr3kYzss4aOjrfeqY
jlBiR7b1DVDMmt3W8BrZ4e1CRpqBvlYwv8XYeRZp5V+wgiyEwQ1XLJMVmML5fqnf
3hM9LYA2VVAMDUW8+Z5vkVpmOhc9Lr6uwzImEBFncR25/N8B0CQeFJu58zzEwt3h
ycxZmBZRaKXBNGQ1MCxTSALv3LYJBQo7EaEVTOZCrt3qJNERGhdhwr4YmJBwpYbQ
W8C1jg0PV71fpvqAy66HRwx9le+T3gCKPvMWnM5WF/fE
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:38:14 2025 by rpki-client