Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/Gv6jK8Kw0kVNE48-0YEFKVDSIbQ.roa
File: Gv6jK8Kw0kVNE48-0YEFKVDSIbQ.roa (raw, json)
Hash identifier: xtQ2ThA06Z4FfhAq8a7+MrktsfstzRjcjFsq3cH+jWs=
Subject key identifier: 1A:FE:A3:2B:C2:B0:D2:45:4D:13:8F:3E:D1:81:05:29:50:D2:21:B4
Certificate issuer: /CN=0fe39b41074c7d6adc8ee274e239f7b8eb3585e9
Certificate serial: 019663036A00BF3C3C5E302AA8883E345525
Authority key identifier: 0F:E3:9B:41:07:4C:7D:6A:DC:8E:E2:74:E2:39:F7:B8:EB:35:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-ObQQdMfWrcjuJ04jn3uOs1hek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/Gv6jK8Kw0kVNE48-0YEFKVDSIbQ.roa
Signing time: Wed 23 Apr 2025 14:18:10 +0000
ROA not before: Wed 23 Apr 2025 14:18:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15704
IP address blocks: 85.85.160.0/21 maxlen: 21
85.85.168.0/21 maxlen: 21
85.85.176.0/21 maxlen: 21
85.85.184.0/21 maxlen: 21
85.86.208.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 23 Apr 2025 14:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:63:03:6a:00:bf:3c:3c:5e:30:2a:a8:88:3e:34:55:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fe39b41074c7d6adc8ee274e239f7b8eb3585e9
Validity
Not Before: Apr 23 14:18:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1afea32bc2b0d2454d138f3ed181052950d221b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:35:c9:5f:0d:3a:60:c8:e4:37:d5:b3:dd:e3:
15:61:05:40:88:0f:21:ce:a2:6c:73:ee:f3:c0:bc:
f5:dd:8d:9e:a6:ef:8c:72:85:b4:de:41:59:05:1b:
51:88:7a:76:05:84:f3:4a:ec:c2:a5:7d:66:48:42:
63:91:7a:a0:d2:10:ca:0c:de:a0:e6:a3:75:ad:82:
73:8f:54:e5:2e:9e:3f:15:b3:1e:ab:df:21:44:06:
94:d0:bd:05:35:50:43:8c:35:cf:51:d8:15:7d:6f:
74:05:d9:87:8a:3c:9f:a4:e5:71:f3:a1:91:c5:49:
54:c1:45:58:4c:4f:8b:45:ff:d2:ad:1f:d0:ea:a2:
9b:63:76:30:eb:24:d3:19:21:9c:7f:11:e3:56:87:
51:e0:a5:92:bf:8c:46:1c:7f:76:4c:fc:23:f7:c6:
cd:99:db:14:31:c0:6a:f2:68:ec:64:23:cc:8f:02:
61:3c:63:70:3b:ac:7f:86:6f:72:8b:f1:6d:fc:b7:
d0:bc:f4:de:36:31:72:e5:da:9e:e3:44:d4:42:57:
e8:ec:a8:36:71:3f:52:47:68:58:bb:08:f8:ba:25:
38:96:28:6f:46:81:0e:32:84:61:b9:fe:a4:b6:36:
18:b9:5b:af:4e:e0:81:cd:e0:d7:f9:62:2d:9f:9d:
b9:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:FE:A3:2B:C2:B0:D2:45:4D:13:8F:3E:D1:81:05:29:50:D2:21:B4
X509v3 Authority Key Identifier:
keyid:0F:E3:9B:41:07:4C:7D:6A:DC:8E:E2:74:E2:39:F7:B8:EB:35:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-ObQQdMfWrcjuJ04jn3uOs1hek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/Gv6jK8Kw0kVNE48-0YEFKVDSIbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/D-ObQQdMfWrcjuJ04jn3uOs1hek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.85.160.0/19
85.86.208.0/21
Signature Algorithm: sha256WithRSAEncryption
27:6d:d6:74:40:59:6f:40:35:0c:66:fe:56:1f:b2:ed:2b:55:
4d:80:18:29:49:b9:b2:7c:50:48:2d:2f:8e:93:57:ed:7c:85:
2b:2c:2a:27:62:db:fb:81:d3:98:90:21:f4:a1:5f:72:f4:b0:
dc:2b:92:09:e9:e0:28:4f:55:72:3c:19:01:2e:52:10:10:24:
e2:7a:b9:9a:99:dc:a3:74:a7:f8:8b:6a:e5:12:20:3c:b1:6f:
fb:e3:e8:79:4f:32:96:37:96:64:62:11:25:61:78:7b:4e:d2:
a8:40:5b:e6:c1:62:0a:7b:dd:1c:a0:07:09:af:b4:01:01:5f:
09:51:b8:24:6a:92:ec:8b:5c:94:1f:a3:81:4c:8f:b6:20:b3:
45:f6:0a:37:82:52:e8:29:eb:54:c2:c9:0a:0e:0c:66:27:55:
02:ec:d9:14:ba:fd:5f:8d:22:c2:68:20:c5:7c:46:27:b0:47:
79:3d:68:34:a5:6c:a5:f5:f0:ce:80:f6:20:03:18:22:ad:4e:
46:b7:76:39:b7:ba:7b:4d:87:e7:96:8f:ad:db:72:18:52:d8:
c3:68:36:fd:71:fe:08:1a:5c:93:9d:81:0e:9a:fd:02:e6:52:
3e:fa:57:8e:a0:50:ca:5f:81:11:9e:8e:61:a9:14:ae:26:95:
ec:f9:c7:0d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZZjA2oAvzw8XjAqqIg+NFUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZTM5YjQxMDc0YzdkNmFkYzhlZTI3NGUyMzlmN2I4ZWIz
NTg1ZTkwHhcNMjUwNDIzMTQxODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWZlYTMyYmMyYjBkMjQ1NGQxMzhmM2VkMTgxMDUyOTUwZDIyMWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjXJXw06YMjkN9Wz3eMVYQVAiA8h
zqJsc+7zwLz13Y2epu+McoW03kFZBRtRiHp2BYTzSuzCpX1mSEJjkXqg0hDKDN6g
5qN1rYJzj1TlLp4/FbMeq98hRAaU0L0FNVBDjDXPUdgVfW90BdmHijyfpOVx86GR
xUlUwUVYTE+LRf/SrR/Q6qKbY3Yw6yTTGSGcfxHjVodR4KWSv4xGHH92TPwj98bN
mdsUMcBq8mjsZCPMjwJhPGNwO6x/hm9yi/Ft/LfQvPTeNjFy5dqe40TUQlfo7Kg2
cT9SR2hYuwj4uiU4lihvRoEOMoRhuf6ktjYYuVuvTuCBzeDX+WItn525IQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBr+oyvCsNJFTROPPtGBBSlQ0iG0MB8GA1UdIwQY
MBaAFA/jm0EHTH1q3I7idOI597jrNYXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC1PYlFRZE1mV3JjanVKMDRqbjN1T3MxaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8xM2VhMWYtMGJjMS00NTdjLThhYjUt
MDRlODEyZDQ4ZTcyLzEvR3Y2aks4S3cwa1ZORTQ4LTBZRUZLVkRTSWJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8xM2VhMWYtMGJjMS00NTdjLThhYjUtMDRlODEyZDQ4ZTcy
LzEvRC1PYlFRZE1mV3JjanVKMDRqbjN1T3MxaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFVVWgAwQD
VVbQMA0GCSqGSIb3DQEBCwUAA4IBAQAnbdZ0QFlvQDUMZv5WH7LtK1VNgBgpSbmy
fFBILS+Ok1ftfIUrLConYtv7gdOYkCH0oV9y9LDcK5IJ6eAoT1VyPBkBLlIQECTi
ermamdyjdKf4i2rlEiA8sW/74+h5TzKWN5ZkYhElYXh7TtKoQFvmwWIKe90coAcJ
r7QBAV8JUbgkapLsi1yUH6OBTI+2ILNF9go3glLoKetUwskKDgxmJ1UC7NkUuv1f
jSLCaCDFfEYnsEd5PWg0pWyl9fDOgPYgAxgirU5Gt3Y5t7p7TYfnlo+t23IYUtjD
aDb9cf4IGlyTnYEOmv0C5lI++leOoFDKX4ERno5hqRSuJpXs+ccN
-----END CERTIFICATE-----
Generated at Mon Apr 28 01:25:59 2025 by rpki-client