Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/eVYwLhDxcxDWCg5snA43mP4gz4U.roa
File: eVYwLhDxcxDWCg5snA43mP4gz4U.roa (raw, json)
Hash identifier: 5Jco9wvcVuXEiwJIHbAgN3mGqdiTymhB7O8CPLQ+2ao=
Subject key identifier: 79:56:30:2E:10:F1:73:10:D6:0A:0E:6C:9C:0E:37:98:FE:20:CF:85
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018CC80203F472080CD0E52B9BAB6467490A
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/eVYwLhDxcxDWCg5snA43mP4gz4U.roa
Signing time: Tue 02 Jan 2024 02:30:24 +0000
ROA not before: Tue 02 Jan 2024 02:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33934
IP address blocks: 85.174.84.0/24 maxlen: 24
85.174.80.0/22 maxlen: 22
85.172.168.0/22 maxlen: 22
85.172.170.0/24 maxlen: 24
85.174.100.0/24 maxlen: 24
85.173.84.0/23 maxlen: 23
85.173.80.0/22 maxlen: 22
85.173.64.0/19 maxlen: 19
85.173.192.0/19 maxlen: 19
83.239.128.0/18 maxlen: 18
83.239.128.0/22 maxlen: 22
83.239.132.0/24 maxlen: 24
85.173.208.0/23 maxlen: 23
83.239.138.0/23 maxlen: 23
83.239.144.0/24 maxlen: 24
83.239.142.0/23 maxlen: 23
178.35.128.0/18 maxlen: 18
85.172.112.0/20 maxlen: 20
85.172.120.0/23 maxlen: 23
85.172.122.0/24 maxlen: 24
85.172.126.0/23 maxlen: 23
85.174.63.0/24 maxlen: 24
85.174.69.0/24 maxlen: 24
85.174.70.0/23 maxlen: 23
83.239.152.0/22 maxlen: 22
83.239.151.0/24 maxlen: 24
83.239.158.0/24 maxlen: 24
83.239.156.0/23 maxlen: 23
83.239.161.0/24 maxlen: 24
83.239.164.0/24 maxlen: 24
83.239.162.0/23 maxlen: 23
83.239.168.0/23 maxlen: 23
83.239.167.0/24 maxlen: 24
83.239.172.0/22 maxlen: 22
83.239.176.0/24 maxlen: 24
83.239.179.0/24 maxlen: 24
85.174.0.0/17 maxlen: 17
83.239.184.0/22 maxlen: 22
83.239.180.0/22 maxlen: 22
83.239.188.0/23 maxlen: 23
83.239.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 09:54:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:03:f4:72:08:0c:d0:e5:2b:9b:ab:64:67:49:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 02:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7956302e10f17310d60a0e6c9c0e3798fe20cf85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e1:a5:31:d5:5a:36:ef:69:07:02:4b:1b:0f:
a0:30:ba:1f:c8:fa:f4:5f:54:cd:46:0a:4b:08:49:
7a:35:0f:77:3b:87:d8:b4:e8:3a:3f:3c:fc:80:96:
39:6d:75:01:ff:27:6f:82:e3:fa:d8:85:5f:2f:66:
7b:56:85:ca:12:a1:2c:fc:8b:40:1a:07:ef:2d:95:
ed:2f:b5:2c:94:25:05:1a:54:a9:45:4b:83:98:da:
aa:79:59:4c:59:6b:53:30:0f:31:59:d2:8e:45:ad:
ed:e2:28:84:1c:79:53:c4:21:fa:61:ee:14:ab:97:
a1:45:b7:ae:79:02:08:06:b8:1d:b8:5b:af:ff:b0:
56:89:70:50:ba:bd:8e:5c:a3:99:da:8c:43:e4:7b:
58:ec:00:e2:90:37:7f:77:ac:f6:0f:19:87:ef:bd:
f4:2a:15:11:43:e3:0a:42:89:d9:c5:0e:b4:31:0a:
64:8d:8f:f3:74:a0:21:c3:e9:64:ca:09:7d:ab:0f:
c9:9e:64:0d:b0:fd:b6:38:31:b1:24:17:f2:be:c5:
9f:d0:2d:91:73:b1:4b:c8:cf:d0:4c:b0:5f:d2:02:
dd:f7:a3:fb:b7:c4:78:39:55:c4:9a:13:a1:e5:f7:
5a:1e:45:1d:80:47:2c:d6:03:43:6b:b0:1e:10:f0:
30:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:56:30:2E:10:F1:73:10:D6:0A:0E:6C:9C:0E:37:98:FE:20:CF:85
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/eVYwLhDxcxDWCg5snA43mP4gz4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.239.128.0/18
85.172.112.0/20
85.172.168.0/22
85.173.64.0/19
85.173.192.0/19
85.174.0.0/17
178.35.128.0/18
Signature Algorithm: sha256WithRSAEncryption
2e:a5:29:83:b7:c6:11:cd:47:58:79:37:53:74:76:78:fb:71:
6d:6a:62:69:82:98:3d:b2:15:c6:10:e2:01:b9:fe:37:f9:f7:
dd:f2:cc:7b:e3:45:a1:56:3b:d9:df:96:85:ae:15:b5:f7:c7:
be:0b:12:80:41:33:78:48:5f:e4:54:42:5e:32:23:a5:3c:39:
89:f5:4b:4b:09:ee:c9:99:47:b4:20:07:02:5e:78:a7:36:26:
51:4a:d2:53:1c:f3:93:cb:03:fd:67:dd:bf:f8:2c:6c:98:ed:
1d:f1:c8:de:55:91:74:ab:7b:f6:ea:c7:e8:e6:51:1a:b7:92:
0f:f5:08:2c:4a:ba:85:74:97:c5:cd:5a:60:7c:43:d2:68:2a:
12:64:c1:11:aa:33:ba:49:8b:21:2a:13:cd:da:fa:25:1b:0f:
1a:7b:75:86:76:a9:bd:ab:9e:77:09:06:5f:fa:ce:86:11:7f:
59:79:ad:8f:83:07:c9:23:80:67:d0:02:c0:39:8d:a4:e2:ab:
f0:c9:e2:86:0c:02:87:7e:ed:c3:61:31:1b:35:c8:0c:ac:70:
c8:39:45:da:42:61:ea:33:ad:1d:59:75:13:6d:97:24:52:99:
1b:d0:72:52:d7:44:e3:d1:b1:86:03:a2:59:b8:eb:f9:0d:b5:
61:27:f7:e4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzIAgP0cggM0OUrm6tkZ0kKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMTAyMDIzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTU2MzAyZTEwZjE3MzEwZDYwYTBlNmM5YzBlMzc5OGZlMjBjZjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOGlMdVaNu9pBwJLGw+gMLofyPr0
X1TNRgpLCEl6NQ93O4fYtOg6Pzz8gJY5bXUB/ydvguP62IVfL2Z7VoXKEqEs/ItA
GgfvLZXtL7UslCUFGlSpRUuDmNqqeVlMWWtTMA8xWdKORa3t4iiEHHlTxCH6Ye4U
q5ehRbeueQIIBrgduFuv/7BWiXBQur2OXKOZ2oxD5HtY7ADikDd/d6z2DxmH7730
KhURQ+MKQonZxQ60MQpkjY/zdKAhw+lkygl9qw/JnmQNsP22ODGxJBfyvsWf0C2R
c7FLyM/QTLBf0gLd96P7t8R4OVXEmhOh5fdaHkUdgEcs1gNDa7AeEPAwoQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHlWMC4Q8XMQ1goObJwON5j+IM+FMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvZVZZd0xoRHhjeERXQ2c1c25BNDNtUDRnejRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQGU++AAwQE
VaxwAwQCVayoAwQFVa1AAwQFVa3AAwQHVa4AAwQGsiOAMA0GCSqGSIb3DQEBCwUA
A4IBAQAupSmDt8YRzUdYeTdTdHZ4+3FtamJpgpg9shXGEOIBuf43+ffd8sx740Wh
VjvZ35aFrhW198e+CxKAQTN4SF/kVEJeMiOlPDmJ9UtLCe7JmUe0IAcCXninNiZR
StJTHPOTywP9Z92/+CxsmO0d8cjeVZF0q3v26sfo5lEat5IP9QgsSrqFdJfFzVpg
fEPSaCoSZMERqjO6SYshKhPN2volGw8ae3WGdqm9q553CQZf+s6GEX9Zea2PgwfJ
I4Bn0ALAOY2k4qvwyeKGDAKHfu3DYTEbNcgMrHDIOUXaQmHqM60dWXUTbZckUpkb
0HJS10Tj0bGGA6JZuOv5DbVhJ/fk
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:29:59 2025 by rpki-client