Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/OufUb0eCK45njasK8ZsnLbuyBFE.roa
File: OufUb0eCK45njasK8ZsnLbuyBFE.roa (raw, json)
Hash identifier: rNxkkvCed4Z0uyV4skcBBzxbTiEJeY37zblBaaVBNjY=
Subject key identifier: 3A:E7:D4:6F:47:82:2B:8E:67:8D:AB:0A:F1:9B:27:2D:BB:B2:04:51
Certificate issuer: /CN=a76dd9dad75877f7d28d14e08dc55b1330bd13b7
Certificate serial: 0194F459F1F1AFDEA16FF715F9AB1172CB01
Authority key identifier: A7:6D:D9:DA:D7:58:77:F7:D2:8D:14:E0:8D:C5:5B:13:30:BD:13:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p23Z2tdYd_fSjRTgjcVbEzC9E7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/OufUb0eCK45njasK8ZsnLbuyBFE.roa
Signing time: Tue 11 Feb 2025 09:32:02 +0000
ROA not before: Tue 11 Feb 2025 09:32:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210099
IP address blocks: 85.117.236.0/24 maxlen: 24
85.117.237.0/24 maxlen: 24
185.17.113.0/24 maxlen: 24
185.73.200.0/22 maxlen: 22
185.73.200.0/24 maxlen: 24
185.73.201.0/24 maxlen: 24
185.73.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 13:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f4:59:f1:f1:af:de:a1:6f:f7:15:f9:ab:11:72:cb:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a76dd9dad75877f7d28d14e08dc55b1330bd13b7
Validity
Not Before: Feb 11 09:32:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ae7d46f47822b8e678dab0af19b272dbbb20451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:b6:27:31:8e:46:da:45:1a:42:35:a4:55:bb:
0f:59:ee:ac:cb:fd:ca:ea:90:f4:ec:b8:80:c1:44:
ab:19:09:c5:6c:49:c0:c6:85:54:50:80:d0:fa:96:
df:91:4d:5b:b6:7d:a9:d6:a9:0b:08:29:62:52:0b:
73:3b:b6:9f:ef:d3:a0:a5:42:ed:e3:36:54:1f:ab:
a1:b9:73:67:e5:f9:ac:d3:52:2f:a8:8b:90:d2:6c:
aa:f8:6d:c1:2a:fb:b9:61:f6:a5:e9:4a:99:81:4d:
d5:45:88:be:90:f1:58:f1:9d:b3:19:06:f0:3e:6c:
75:39:df:b1:27:0d:0d:20:dc:69:7b:18:9e:96:4a:
c8:d6:6c:fb:4e:da:86:1e:11:a1:62:07:f5:a5:38:
74:0e:79:c1:91:29:a7:da:4e:39:b9:5c:3d:72:10:
f7:89:37:d4:77:bd:97:2d:4e:1f:44:ba:61:07:8f:
9a:0e:72:ab:1e:53:ad:58:06:3a:ab:97:2c:84:f8:
eb:4d:51:b2:75:74:c9:1c:6a:4e:fd:db:85:d5:ee:
46:0d:6f:22:f7:99:4e:a0:52:58:c1:80:95:65:07:
38:13:30:9d:a0:cb:09:64:6c:96:e9:05:0d:02:b1:
81:4e:eb:06:6b:da:dc:d4:64:c0:bb:ee:df:1b:dd:
95:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:E7:D4:6F:47:82:2B:8E:67:8D:AB:0A:F1:9B:27:2D:BB:B2:04:51
X509v3 Authority Key Identifier:
keyid:A7:6D:D9:DA:D7:58:77:F7:D2:8D:14:E0:8D:C5:5B:13:30:BD:13:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p23Z2tdYd_fSjRTgjcVbEzC9E7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/OufUb0eCK45njasK8ZsnLbuyBFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/p23Z2tdYd_fSjRTgjcVbEzC9E7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.236.0/23
185.17.113.0/24
185.73.200.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:67:d7:cb:fc:5a:fe:99:61:8e:de:12:46:92:6c:3f:07:03:
a8:0d:99:6f:c2:e3:97:42:db:3b:08:1b:e2:ed:c0:1f:83:2e:
e4:07:d7:78:2c:8d:2f:8a:fd:7a:db:63:25:4b:77:e6:ba:72:
28:fa:a6:09:52:94:34:61:4e:5f:0a:4f:82:2b:bb:00:11:4a:
b9:9d:19:f4:b8:5a:0d:62:f8:42:72:de:1f:f7:dd:48:6b:bd:
c2:f2:2d:61:ba:a8:1c:0f:d2:71:46:9b:fc:08:04:86:97:da:
09:77:d7:78:50:12:cf:b7:b4:0a:12:61:f5:d0:91:f7:50:be:
93:12:c5:28:e0:46:7b:09:ff:15:98:70:69:1a:fa:3a:e5:0c:
63:cc:ad:e9:9f:23:68:a9:7c:0e:ff:00:c4:9b:99:6a:72:6a:
a1:14:29:a4:8e:56:0c:13:83:4b:4f:73:f6:99:9e:95:f9:46:
d8:33:68:17:9b:4e:2f:24:10:d4:30:81:16:4c:e4:78:87:eb:
6c:0e:84:b6:dd:fe:35:cc:db:44:ca:e5:da:a3:69:9e:50:fa:
f8:5f:54:b3:3b:98:83:1e:d5:44:2a:59:e0:92:af:6c:d9:80:
16:29:56:fc:cf:46:68:25:87:9d:9a:f2:be:fc:8e:26:09:c5:
da:dc:6c:34
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZT0WfHxr96hb/cV+asRcssBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NmRkOWRhZDc1ODc3ZjdkMjhkMTRlMDhkYzU1YjEzMzBi
ZDEzYjcwHhcNMjUwMjExMDkzMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWU3ZDQ2ZjQ3ODIyYjhlNjc4ZGFiMGFmMTliMjcyZGJiYjIwNDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27YnMY5G2kUaQjWkVbsPWe6sy/3K
6pD07LiAwUSrGQnFbEnAxoVUUIDQ+pbfkU1btn2p1qkLCCliUgtzO7af79OgpULt
4zZUH6uhuXNn5fms01IvqIuQ0myq+G3BKvu5Yfal6UqZgU3VRYi+kPFY8Z2zGQbw
Pmx1Od+xJw0NINxpexielkrI1mz7TtqGHhGhYgf1pTh0DnnBkSmn2k45uVw9chD3
iTfUd72XLU4fRLphB4+aDnKrHlOtWAY6q5cshPjrTVGydXTJHGpO/duF1e5GDW8i
95lOoFJYwYCVZQc4EzCdoMsJZGyW6QUNArGBTusGa9rc1GTAu+7fG92VawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDrn1G9HgiuOZ42rCvGbJy27sgRRMB8GA1UdIwQY
MBaAFKdt2drXWHf30o0U4I3FWxMwvRO3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDIzWjJ0ZFlkX2ZTalJUZ2pjVmJFekM5RTdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9kMDA4ODktZTVjYS00MDkwLWE2YTQt
MmFjNmZmNzViZWIwLzEvT3VmVWIwZUNLNDVuamFzSzhac25MYnV5QkZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9kMDA4ODktZTVjYS00MDkwLWE2YTQtMmFjNmZmNzViZWIw
LzEvcDIzWjJ0ZFlkX2ZTalJUZ2pjVmJFekM5RTdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVXXsAwQA
uRFxAwQCuUnIMA0GCSqGSIb3DQEBCwUAA4IBAQC5Z9fL/Fr+mWGO3hJGkmw/BwOo
DZlvwuOXQts7CBvi7cAfgy7kB9d4LI0viv1622MlS3fmunIo+qYJUpQ0YU5fCk+C
K7sAEUq5nRn0uFoNYvhCct4f991Ia73C8i1huqgcD9JxRpv8CASGl9oJd9d4UBLP
t7QKEmH10JH3UL6TEsUo4EZ7Cf8VmHBpGvo65QxjzK3pnyNoqXwO/wDEm5lqcmqh
FCmkjlYME4NLT3P2mZ6V+UbYM2gXm04vJBDUMIEWTOR4h+tsDoS23f41zNtEyuXa
o2meUPr4X1SzO5iDHtVEKlngkq9s2YAWKVb8z0ZoJYedmvK+/I4mCcXa3Gw0
-----END CERTIFICATE-----
Generated at Wed Apr 30 11:55:30 2025 by rpki-client