Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/DC5n3zMJoqcikxRtfMDah5usRlk.roa
File: DC5n3zMJoqcikxRtfMDah5usRlk.roa (raw, json)
Hash identifier: EeBYoGjFHjUhj4Y206nR0DfkPoAwh/q0TmlhDph04s4=
Subject key identifier: 0C:2E:67:DF:33:09:A2:A7:22:93:14:6D:7C:C0:DA:87:9B:AC:46:59
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 0193CE43AFAF01BCD29A41FEDBA6DD42AED1
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/DC5n3zMJoqcikxRtfMDah5usRlk.roa
Signing time: Mon 16 Dec 2024 06:59:22 +0000
ROA not before: Mon 16 Dec 2024 06:59:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398373
IP address blocks: 85.115.207.0/24 maxlen: 24
85.153.4.0/24 maxlen: 24
85.153.29.0/24 maxlen: 24
85.153.32.0/24 maxlen: 24
85.153.34.0/24 maxlen: 24
85.153.68.0/22 maxlen: 22
85.153.81.0/24 maxlen: 24
85.153.82.0/24 maxlen: 24
85.153.84.0/22 maxlen: 22
85.153.92.0/24 maxlen: 24
85.153.94.0/24 maxlen: 24
85.153.95.0/24 maxlen: 24
85.153.108.0/22 maxlen: 22
85.153.113.0/24 maxlen: 24
85.153.118.0/24 maxlen: 24
85.153.119.0/24 maxlen: 24
85.153.120.0/24 maxlen: 24
85.153.121.0/24 maxlen: 24
85.153.122.0/24 maxlen: 24
85.153.123.0/24 maxlen: 24
85.153.124.0/24 maxlen: 24
85.153.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Dec 2024 07:04:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ce:43:af:af:01:bc:d2:9a:41:fe:db:a6:dd:42:ae:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Dec 16 06:59:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c2e67df3309a2a72293146d7cc0da879bac4659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:34:75:f5:b7:5a:cd:c4:12:99:49:48:93:30:
c5:64:48:4c:43:da:ba:c5:84:4e:35:f0:d1:3f:4e:
0b:25:f7:f5:c1:f6:12:ac:21:b4:75:9c:f7:5e:ed:
4a:77:77:31:7f:9b:08:c6:8d:71:37:9d:31:a0:15:
b2:ab:1c:41:d5:11:39:ab:4b:27:2f:93:9f:a4:d1:
58:bf:66:8d:3a:ec:d4:b6:17:59:f6:f3:71:cf:5b:
20:c7:10:ab:9c:53:bc:59:db:35:ce:3b:27:a3:10:
1c:ee:79:f7:81:e3:2b:c5:61:71:aa:44:86:a3:1a:
36:2e:31:2f:98:92:75:95:41:f6:81:72:c8:6f:90:
cd:fe:10:d5:e4:06:68:7c:ad:2b:a9:4a:a5:eb:41:
e6:54:05:1b:65:bc:ec:d1:ab:56:7e:26:20:02:10:
e9:f3:0a:5d:5d:61:1c:17:fd:0f:3b:6d:8a:9b:43:
26:30:d3:8c:03:98:71:29:22:46:44:99:50:d4:46:
1e:36:fb:d9:c9:87:ae:6f:6e:df:29:40:f2:2f:00:
fc:f6:84:0a:40:e0:c9:73:a5:f1:46:56:a9:81:60:
b2:80:ed:ea:27:a9:01:6f:00:25:2f:c0:1c:03:c1:
f5:6b:28:87:cb:23:9f:e1:27:c7:06:1a:84:84:ee:
ab:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:2E:67:DF:33:09:A2:A7:22:93:14:6D:7C:C0:DA:87:9B:AC:46:59
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/DC5n3zMJoqcikxRtfMDah5usRlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.207.0/24
85.153.4.0/24
85.153.29.0/24
85.153.32.0/24
85.153.34.0/24
85.153.68.0/22
85.153.81.0-85.153.82.255
85.153.84.0/22
85.153.92.0/24
85.153.94.0/23
85.153.108.0/22
85.153.113.0/24
85.153.118.0-85.153.125.255
Signature Algorithm: sha256WithRSAEncryption
9c:e8:66:ec:3d:21:73:20:94:a9:ef:2e:3d:2a:6f:1a:ef:f5:
03:39:50:c9:b7:80:b7:ae:02:3c:c0:26:68:a5:0e:03:28:18:
fd:85:0b:f4:b7:7f:53:e1:54:7a:7f:3a:f8:43:6e:bf:80:da:
f2:31:ea:e4:55:05:5d:b5:eb:aa:d8:83:89:db:f2:63:e4:1f:
1c:06:2e:62:0a:84:c5:68:c9:6b:a4:2c:82:a4:97:f6:3d:3f:
a3:f9:c4:a1:1d:30:52:3f:57:f8:a1:a7:5f:b3:d9:c2:d4:92:
44:f7:57:3d:84:43:1c:56:95:19:cc:8b:ac:1d:f3:bf:79:16:
dc:0e:28:b8:83:75:75:c2:8b:12:32:b2:b5:f1:0c:7b:5e:f5:
65:5c:51:6f:0d:e7:ca:b0:24:2f:aa:ee:c3:48:cc:f5:ae:eb:
b9:f8:ac:88:cc:f7:7b:77:0f:19:e5:cc:f7:56:cd:54:a7:36:
05:a0:4e:8b:b1:cf:43:c1:c9:01:aa:b4:a3:05:06:d4:c6:c3:
7f:99:db:f4:7b:e6:57:20:c5:34:2d:87:34:4f:fb:a8:94:40:
6c:2f:de:0c:ab:6a:65:33:e4:f9:21:40:46:60:a9:af:56:fd:
21:9d:3f:65:97:d9:52:3d:32:8e:4e:4f:0a:bc:19:84:cc:37:
42:a5:c1:6d
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZPOQ6+vAbzSmkH+26bdQq7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjQxMjE2MDY1OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzJlNjdkZjMzMDlhMmE3MjI5MzE0NmQ3Y2MwZGE4NzliYWM0NjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDR19bdazcQSmUlIkzDFZEhMQ9q6
xYRONfDRP04LJff1wfYSrCG0dZz3Xu1Kd3cxf5sIxo1xN50xoBWyqxxB1RE5q0sn
L5OfpNFYv2aNOuzUthdZ9vNxz1sgxxCrnFO8Wds1zjsnoxAc7nn3geMrxWFxqkSG
oxo2LjEvmJJ1lUH2gXLIb5DN/hDV5AZofK0rqUql60HmVAUbZbzs0atWfiYgAhDp
8wpdXWEcF/0PO22Km0MmMNOMA5hxKSJGRJlQ1EYeNvvZyYeub27fKUDyLwD89oQK
QODJc6XxRlapgWCygO3qJ6kBbwAlL8AcA8H1ayiHyyOf4SfHBhqEhO6rRwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFAwuZ98zCaKnIpMUbXzA2oebrEZZMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvREM1bjN6TUpvcWNpa3hSdGZNRGFoNXVzUmxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQAVXPPAwQA
VZkEAwQAVZkdAwQAVZkgAwQAVZkiAwQCVZlEMAwDBABVmVEDBABVmVIDBAJVmVQD
BABVmVwDBAFVmV4DBAJVmWwDBABVmXEwDAMEAVWZdgMEAVWZfDANBgkqhkiG9w0B
AQsFAAOCAQEAnOhm7D0hcyCUqe8uPSpvGu/1AzlQybeAt64CPMAmaKUOAygY/YUL
9Ld/U+FUen86+ENuv4Da8jHq5FUFXbXrqtiDidvyY+QfHAYuYgqExWjJa6QsgqSX
9j0/o/nEoR0wUj9X+KGnX7PZwtSSRPdXPYRDHFaVGcyLrB3zv3kW3A4ouIN1dcKL
EjKytfEMe171ZVxRbw3nyrAkL6ruw0jM9a7rufisiMz3e3cPGeXM91bNVKc2BaBO
i7HPQ8HJAaq0owUG1MbDf5nb9HvmVyDFNC2HNE/7qJRAbC/eDKtqZTPk+SFARmCp
r1b9IZ0/ZZfZUj0yjk5PCrwZhMw3QqXBbQ==
-----END CERTIFICATE-----
Generated at Mon Apr 28 20:02:38 2025 by rpki-client