Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/Mh2X3vH2ZeS827xFlBtrtRy-Eb0.roa
File: Mh2X3vH2ZeS827xFlBtrtRy-Eb0.roa (raw, json)
Hash identifier: lNjwEkSCW7rrBAFoEzJ93mFNmzCY3k3Uu1BRy13vWcY=
Subject key identifier: 32:1D:97:DE:F1:F6:65:E4:BC:DB:BC:45:94:1B:6B:B5:1C:BE:11:BD
Certificate issuer: /CN=0fe39b41074c7d6adc8ee274e239f7b8eb3585e9
Certificate serial: 0196631DF72AD0286EFC088BFE442C844941
Authority key identifier: 0F:E3:9B:41:07:4C:7D:6A:DC:8E:E2:74:E2:39:F7:B8:EB:35:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-ObQQdMfWrcjuJ04jn3uOs1hek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/Mh2X3vH2ZeS827xFlBtrtRy-Eb0.roa
Signing time: Wed 23 Apr 2025 14:47:10 +0000
ROA not before: Wed 23 Apr 2025 14:47:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15704
IP address blocks: 85.85.160.0/20 maxlen: 21
85.85.176.0/20 maxlen: 21
85.86.208.0/21 maxlen: 21
85.87.0.0/16 maxlen: 23
Validation: Failed, certificate revoked on Fri 25 Apr 2025 11:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:63:1d:f7:2a:d0:28:6e:fc:08:8b:fe:44:2c:84:49:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fe39b41074c7d6adc8ee274e239f7b8eb3585e9
Validity
Not Before: Apr 23 14:47:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=321d97def1f665e4bcdbbc45941b6bb51cbe11bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ce:e9:88:09:57:7b:fb:01:3b:c1:f7:32:15:
ec:dd:8f:c9:f6:f3:0b:75:90:35:b7:02:48:00:a8:
10:97:25:30:6d:f8:e7:2a:44:2d:73:28:4e:5b:eb:
40:49:22:34:ac:67:34:86:9c:52:55:dd:d6:ba:9d:
de:13:9f:f2:28:40:41:12:ed:e4:4c:89:57:31:08:
a4:e4:57:23:9a:93:40:77:a0:c5:d0:16:23:e9:f2:
55:b2:73:95:11:d4:80:b6:3c:f2:f6:3d:ae:11:1c:
d6:84:90:b2:d2:e2:ce:79:e3:2d:09:0b:2f:91:ab:
31:24:ef:3d:b6:9e:10:23:bb:2c:07:0c:a8:1b:64:
3e:63:58:96:46:75:f4:d5:be:a3:41:bd:11:fc:7c:
06:90:35:11:08:44:31:21:38:ca:5e:61:82:8b:db:
b5:eb:f7:6e:62:b4:60:3a:14:99:cf:cf:ea:56:6f:
64:48:24:5d:1c:66:a4:6a:8a:24:e4:cb:d8:08:09:
34:89:72:11:8e:ea:5f:61:47:07:ca:93:3e:33:24:
3b:fc:3d:1c:0c:ba:2e:52:12:a7:0b:eb:e9:a8:79:
9c:f3:8a:77:e6:f4:38:e2:d1:6a:6f:35:85:b2:5f:
d5:d8:67:cf:42:50:ab:5f:f0:4e:1e:ce:7c:eb:2b:
80:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:1D:97:DE:F1:F6:65:E4:BC:DB:BC:45:94:1B:6B:B5:1C:BE:11:BD
X509v3 Authority Key Identifier:
keyid:0F:E3:9B:41:07:4C:7D:6A:DC:8E:E2:74:E2:39:F7:B8:EB:35:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-ObQQdMfWrcjuJ04jn3uOs1hek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/Mh2X3vH2ZeS827xFlBtrtRy-Eb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/D-ObQQdMfWrcjuJ04jn3uOs1hek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.85.160.0/19
85.86.208.0/21
85.87.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:e3:bf:a8:16:fa:20:25:46:aa:0b:5d:2a:9a:5b:ea:03:fd:
dd:6a:84:0a:dc:bb:ab:29:f7:52:19:99:57:af:de:7d:8d:6d:
8d:10:e5:35:2c:59:00:2c:11:02:a9:67:cd:7d:6c:cd:e9:66:
62:15:18:83:a2:cb:47:51:67:cf:46:d0:71:0b:9c:95:fb:75:
5f:59:a6:f5:db:5d:53:30:4b:96:58:e1:19:a5:c7:70:7d:55:
c2:43:ad:94:e4:5c:59:a5:33:a6:fb:34:47:fa:b5:64:b8:f3:
f4:c9:0b:76:56:a8:45:e9:f0:9e:d2:e8:fe:f2:2a:17:af:ef:
1f:ce:50:88:11:ed:08:39:ca:82:20:5a:d8:af:be:bd:44:6c:
5e:6c:b1:39:bc:50:6a:bf:83:a5:35:0f:ce:7e:32:b3:6d:14:
fd:c7:0f:b1:73:07:39:27:3b:0c:25:25:a7:3f:fc:8c:9a:3b:
ef:a8:e0:e0:d7:cf:69:24:55:8d:a2:bd:c7:59:4e:6e:c0:51:
2b:44:25:16:b7:e6:3a:12:2e:b1:51:69:7e:e6:53:32:14:26:
95:dc:df:e7:85:df:21:07:91:c0:ca:f0:0c:13:1d:cb:88:ff:
8f:2d:c7:46:1f:35:5b:dc:67:e6:2f:4c:c8:d3:7e:fd:a7:a1:
f3:76:9e:14
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZZjHfcq0Chu/AiL/kQshElBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZTM5YjQxMDc0YzdkNmFkYzhlZTI3NGUyMzlmN2I4ZWIz
NTg1ZTkwHhcNMjUwNDIzMTQ0NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjFkOTdkZWYxZjY2NWU0YmNkYmJjNDU5NDFiNmJiNTFjYmUxMWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu87piAlXe/sBO8H3MhXs3Y/J9vML
dZA1twJIAKgQlyUwbfjnKkQtcyhOW+tASSI0rGc0hpxSVd3Wup3eE5/yKEBBEu3k
TIlXMQik5FcjmpNAd6DF0BYj6fJVsnOVEdSAtjzy9j2uERzWhJCy0uLOeeMtCQsv
kasxJO89tp4QI7ssBwyoG2Q+Y1iWRnX01b6jQb0R/HwGkDURCEQxITjKXmGCi9u1
6/duYrRgOhSZz8/qVm9kSCRdHGakaook5MvYCAk0iXIRjupfYUcHypM+MyQ7/D0c
DLouUhKnC+vpqHmc84p35vQ44tFqbzWFsl/V2GfPQlCrX/BOHs586yuAxwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFDIdl97x9mXkvNu8RZQba7UcvhG9MB8GA1UdIwQY
MBaAFA/jm0EHTH1q3I7idOI597jrNYXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC1PYlFRZE1mV3JjanVKMDRqbjN1T3MxaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8xM2VhMWYtMGJjMS00NTdjLThhYjUt
MDRlODEyZDQ4ZTcyLzEvTWgyWDN2SDJaZVM4Mjd4RmxCdHJ0UnktRWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8xM2VhMWYtMGJjMS00NTdjLThhYjUtMDRlODEyZDQ4ZTcy
LzEvRC1PYlFRZE1mV3JjanVKMDRqbjN1T3MxaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwQFVVWgAwQD
VVbQAwMAVVcwDQYJKoZIhvcNAQELBQADggEBAEzjv6gW+iAlRqoLXSqaW+oD/d1q
hArcu6sp91IZmVev3n2NbY0Q5TUsWQAsEQKpZ819bM3pZmIVGIOiy0dRZ89G0HEL
nJX7dV9ZpvXbXVMwS5ZY4Rmlx3B9VcJDrZTkXFmlM6b7NEf6tWS48/TJC3ZWqEXp
8J7S6P7yKhev7x/OUIgR7Qg5yoIgWtivvr1EbF5ssTm8UGq/g6U1D85+MrNtFP3H
D7FzBzknOwwlJac//IyaO++o4ODXz2kkVY2ivcdZTm7AUStEJRa35joSLrFRaX7m
UzIUJpXc3+eF3yEHkcDK8AwTHcuI/48tx0YfNVvcZ+YvTMjTfv2nofN2nhQ=
-----END CERTIFICATE-----
Generated at Wed May 14 18:38:52 2025 by rpki-client