Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/eJUzUuLZwr2Nfj3KFnLiU4-RltQ.roa
File: eJUzUuLZwr2Nfj3KFnLiU4-RltQ.roa (raw, json)
Hash identifier: lu+eJFP9wajNe86//yxwiH5LIlWgiX8o0CLjHHryxF4=
Subject key identifier: 78:95:33:52:E2:D9:C2:BD:8D:7E:3D:CA:16:72:E2:53:8F:91:96:D4
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018F28B727B2AE4B96A77B497338FFB3B6EC
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/eJUzUuLZwr2Nfj3KFnLiU4-RltQ.roa
Signing time: Mon 29 Apr 2024 07:17:22 +0000
ROA not before: Mon 29 Apr 2024 07:17:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210906
IP address blocks: 85.254.2.0/24 maxlen: 24
85.254.4.0/24 maxlen: 24
85.254.7.0/24 maxlen: 24
85.254.29.0/24 maxlen: 24
85.254.30.0/24 maxlen: 24
85.254.40.0/24 maxlen: 24
85.254.42.0/23 maxlen: 23
85.254.51.0/24 maxlen: 24
85.254.59.0/24 maxlen: 24
85.254.64.0/23 maxlen: 23
85.254.76.0/22 maxlen: 22
85.254.84.0/23 maxlen: 23
85.254.103.0/24 maxlen: 24
85.254.112.0/22 maxlen: 22
85.254.124.0/23 maxlen: 23
85.254.126.0/24 maxlen: 24
85.254.128.0/22 maxlen: 22
85.254.134.0/24 maxlen: 24
85.254.137.0/24 maxlen: 24
85.254.138.0/23 maxlen: 23
85.254.140.0/24 maxlen: 24
85.254.174.0/23 maxlen: 23
85.254.180.0/23 maxlen: 23
159.148.26.0/24 maxlen: 24
159.148.54.0/24 maxlen: 24
159.148.62.0/24 maxlen: 24
159.148.66.0/24 maxlen: 24
159.148.126.0/24 maxlen: 24
159.148.128.0/24 maxlen: 24
159.148.130.0/24 maxlen: 24
159.148.157.0/24 maxlen: 24
159.148.158.0/24 maxlen: 24
159.148.163.0/24 maxlen: 24
159.148.166.0/23 maxlen: 23
159.148.179.0/24 maxlen: 24
159.148.180.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
159.148.216.0/24 maxlen: 24
159.148.218.0/24 maxlen: 24
159.148.234.0/24 maxlen: 24
159.148.236.0/24 maxlen: 24
159.148.239.0/24 maxlen: 24
159.148.241.0/24 maxlen: 24
159.148.246.0/23 maxlen: 23
159.148.248.0/24 maxlen: 24
185.27.94.0/24 maxlen: 24
217.69.121.0/24 maxlen: 24
217.69.125.0/24 maxlen: 24
217.69.126.0/24 maxlen: 24
217.69.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Apr 2024 07:18:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:28:b7:27:b2:ae:4b:96:a7:7b:49:73:38:ff:b3:b6:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Apr 29 07:17:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78953352e2d9c2bd8d7e3dca1672e2538f9196d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6e:10:11:d4:7a:58:d8:4c:27:47:24:bb:9f:
16:44:f9:2d:cd:9b:e8:e8:f1:b7:68:4c:75:f6:f9:
15:d3:d7:c6:01:15:16:b3:75:5b:1e:f0:c4:fd:23:
df:bb:ad:be:4c:2e:c9:2a:5d:94:a3:13:36:14:57:
bf:e0:7d:09:f5:f6:14:fc:11:4a:cf:d3:99:84:f6:
d8:b2:c1:79:1d:ea:33:d0:b6:bd:bf:16:42:cf:33:
43:23:4f:5b:8a:2c:2a:25:7d:35:db:cf:f5:a8:04:
ac:b3:a5:27:85:d4:14:e7:c7:3b:c6:4b:03:f3:b5:
04:05:6c:59:9f:d6:5b:7f:5b:78:85:a7:61:65:ae:
aa:a8:66:25:72:3a:71:67:f9:92:7a:21:e5:bb:84:
b0:37:6c:88:af:01:75:22:52:77:d2:52:14:77:2e:
9d:4b:be:df:6a:42:c8:89:19:0f:cb:62:bb:17:24:
e8:35:9d:e8:a7:4e:a9:3b:f7:c2:6f:b8:e8:d0:01:
0c:30:4f:d4:17:2c:1d:fa:38:76:9f:f9:f7:26:72:
4a:1a:fa:2d:80:6f:11:10:4a:a1:38:56:89:8a:de:
df:51:8a:4b:13:38:1c:1d:2b:89:09:eb:51:12:a9:
0d:d0:41:1f:83:df:73:30:48:3b:53:df:56:4b:fd:
fa:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:95:33:52:E2:D9:C2:BD:8D:7E:3D:CA:16:72:E2:53:8F:91:96:D4
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/eJUzUuLZwr2Nfj3KFnLiU4-RltQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.2.0/24
85.254.4.0/24
85.254.7.0/24
85.254.29.0-85.254.30.255
85.254.40.0/24
85.254.42.0/23
85.254.51.0/24
85.254.59.0/24
85.254.64.0/23
85.254.76.0/22
85.254.84.0/23
85.254.103.0/24
85.254.112.0/22
85.254.124.0-85.254.126.255
85.254.128.0/22
85.254.134.0/24
85.254.137.0-85.254.140.255
85.254.174.0/23
85.254.180.0/23
159.148.26.0/24
159.148.54.0/24
159.148.62.0/24
159.148.66.0/24
159.148.126.0/24
159.148.128.0/24
159.148.130.0/24
159.148.157.0-159.148.158.255
159.148.163.0/24
159.148.166.0/23
159.148.179.0-159.148.180.255
159.148.204.0/24
159.148.216.0/24
159.148.218.0/24
159.148.234.0/24
159.148.236.0/24
159.148.239.0/24
159.148.241.0/24
159.148.246.0-159.148.248.255
185.27.94.0/24
217.69.121.0/24
217.69.125.0-217.69.127.255
Signature Algorithm: sha256WithRSAEncryption
4b:6a:0c:16:cb:40:aa:08:e3:0f:b7:f9:23:63:99:eb:10:41:
26:64:9b:e1:b9:a3:9f:c8:9b:f8:79:6c:4a:37:98:f2:2b:9c:
4c:3b:16:0a:45:65:69:c9:48:17:c8:30:61:68:25:45:ad:1c:
07:e0:7a:14:49:c8:bf:4e:ec:8f:7a:b4:b1:0d:97:cd:01:ad:
f9:fc:c0:3b:bf:89:25:21:9d:68:07:bd:4a:2e:38:60:11:7a:
d4:6c:b3:65:c3:83:98:e1:bd:0e:82:dc:4b:18:af:43:76:1a:
a9:cd:40:35:d9:a8:20:c2:1a:ac:ab:e8:1c:ce:43:ae:83:5a:
67:b9:e4:0c:d8:3f:75:14:ba:23:ca:72:18:5b:0c:b9:a6:42:
7f:bc:95:58:34:0e:14:6d:d6:11:d7:f1:fc:63:74:5c:69:36:
9c:5c:b7:ec:df:d7:e9:9b:4a:38:9e:39:8c:31:9e:f7:aa:b0:
e7:3d:fc:a0:a0:64:2b:29:9e:8a:bf:ae:f6:fa:01:a9:8b:c9:
c6:dc:ff:f0:7a:73:32:1f:ee:b8:15:92:9a:9c:4d:b8:64:ad:
b4:25:bf:d4:40:c7:5e:a7:8a:9b:59:68:96:68:fa:fa:5b:9d:
e0:28:dc:61:88:1f:7d:db:6f:92:41:e5:73:63:c9:78:85:d3:
87:64:60:e8
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgISAY8otyeyrkuWp3tJczj/s7bsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwNDI5MDcxNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODk1MzM1MmUyZDljMmJkOGQ3ZTNkY2ExNjcyZTI1MzhmOTE5NmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvG4QEdR6WNhMJ0cku58WRPktzZvo
6PG3aEx19vkV09fGARUWs3VbHvDE/SPfu62+TC7JKl2UoxM2FFe/4H0J9fYU/BFK
z9OZhPbYssF5Heoz0La9vxZCzzNDI09biiwqJX0128/1qASss6UnhdQU58c7xksD
87UEBWxZn9Zbf1t4hadhZa6qqGYlcjpxZ/mSeiHlu4SwN2yIrwF1IlJ30lIUdy6d
S77fakLIiRkPy2K7FyToNZ3op06pO/fCb7jo0AEMME/UFywd+jh2n/n3JnJKGvot
gG8REEqhOFaJit7fUYpLEzgcHSuJCetREqkN0EEfg99zMEg7U99WS/364wIDAQAB
o4IDOzCCAzcwHQYDVR0OBBYEFHiVM1Li2cK9jX49yhZy4lOPkZbUMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvZUpVelV1TFp3cjJOZmozS0ZuTGlVNC1SbHRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTwYIKwYBBQUHAQcBAf8EggE+MIIBOjCCATYEAgABMIIB
LgMEAFX+AgMEAFX+BAMEAFX+BzAMAwQAVf4dAwQAVf4eAwQAVf4oAwQBVf4qAwQA
Vf4zAwQAVf47AwQBVf5AAwQCVf5MAwQBVf5UAwQAVf5nAwQCVf5wMAwDBAJV/nwD
BABV/n4DBAJV/oADBABV/oYwDAMEAFX+iQMEAFX+jAMEAVX+rgMEAVX+tAMEAJ+U
GgMEAJ+UNgMEAJ+UPgMEAJ+UQgMEAJ+UfgMEAJ+UgAMEAJ+UgjAMAwQAn5SdAwQA
n5SeAwQAn5SjAwQBn5SmMAwDBACflLMDBACflLQDBACflMwDBACflNgDBACflNoD
BACflOoDBACflOwDBACflO8DBACflPEwDAMEAZ+U9gMEAJ+U+AMEALkbXgMEANlF
eTAMAwQA2UV9AwQH2UUAMA0GCSqGSIb3DQEBCwUAA4IBAQBLagwWy0CqCOMPt/kj
Y5nrEEEmZJvhuaOfyJv4eWxKN5jyK5xMOxYKRWVpyUgXyDBhaCVFrRwH4HoUSci/
TuyPerSxDZfNAa35/MA7v4klIZ1oB71KLjhgEXrUbLNlw4OY4b0OgtxLGK9Ddhqp
zUA12aggwhqsq+gczkOug1pnueQM2D91FLojynIYWwy5pkJ/vJVYNA4UbdYR1/H8
Y3RcaTacXLfs39fpm0o4njmMMZ73qrDnPfygoGQrKZ6Kv672+gGpi8nG3P/wenMy
H+64FZKanE24ZK20Jb/UQMdep4qbWWiWaPr6W53gKNxhiB9922+SQeVzY8l4hdOH
ZGDo
-----END CERTIFICATE-----
Generated at Sat May 10 05:14:59 2025 by rpki-client