Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b0dc52-416e-4a02-8993-fbc5a1e382c5/1/4LlnjiENIpl-yKJGpLszpflYmG0.roa
File: 4LlnjiENIpl-yKJGpLszpflYmG0.roa (raw, json)
Hash identifier: iRdegii9z2z0WR1kEbE1SRV617hZnskynMWvG8wxDK4=
Subject key identifier: E0:B9:67:8E:21:0D:22:99:7E:C8:A2:46:A4:BB:33:A5:F9:58:98:6D
Certificate issuer: /CN=aedc8f327a461964c0a87a9c7809401c57c86d41
Certificate serial: 018FF18700F43156D4E8A552892671A016E9
Authority key identifier: AE:DC:8F:32:7A:46:19:64:C0:A8:7A:9C:78:09:40:1C:57:C8:6D:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtyPMnpGGWTAqHqceAlAHFfIbUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b0dc52-416e-4a02-8993-fbc5a1e382c5/1/4LlnjiENIpl-yKJGpLszpflYmG0.roa
Signing time: Fri 07 Jun 2024 07:08:27 +0000
ROA not before: Fri 07 Jun 2024 07:08:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61189
IP address blocks: 85.194.200.0/22 maxlen: 22
85.194.201.0/24 maxlen: 24
185.7.252.0/22 maxlen: 22
185.7.252.0/23 maxlen: 23
185.7.254.0/23 maxlen: 23
2a03:29c0::/32 maxlen: 32
2a03:29c0:1000::/36 maxlen: 36
2a03:29c0:2000::/36 maxlen: 36
2a03:29c0:8000::/33 maxlen: 33
2a03:29c0:a000::/35 maxlen: 35
Validation: Failed, certificate revoked on Tue 18 Jun 2024 07:21:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f1:87:00:f4:31:56:d4:e8:a5:52:89:26:71:a0:16:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aedc8f327a461964c0a87a9c7809401c57c86d41
Validity
Not Before: Jun 7 07:08:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0b9678e210d22997ec8a246a4bb33a5f958986d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:60:74:85:51:57:6a:7f:d2:c0:a6:62:21:98:
d9:69:36:f6:e0:89:9e:3e:60:ca:76:9b:1e:6a:57:
ae:02:b7:d6:6e:ec:d5:16:5d:76:11:27:d6:2d:d3:
0e:d7:f4:43:34:dc:61:ac:46:ac:03:f9:04:fc:2f:
64:9d:d6:04:f5:e4:db:d0:17:93:15:1b:9a:58:4d:
8d:86:1f:e5:61:00:fc:71:52:d8:54:17:af:fe:41:
e4:df:7f:a2:9f:6c:2c:dc:4d:15:f3:af:dd:56:58:
da:c8:27:ec:16:1d:ea:4b:cb:95:5c:02:38:88:cd:
53:6d:9f:34:5f:4e:85:04:e2:d2:eb:ee:d9:13:61:
68:f9:de:ca:60:d4:08:8b:74:d5:ef:bc:2c:7b:c1:
d6:9e:45:4a:ed:44:01:e9:0f:dd:4b:0a:30:b6:6a:
d5:c2:36:5e:0f:59:2b:2a:18:6b:86:cf:58:de:97:
e4:cd:85:f9:cf:29:76:02:77:e6:50:15:7c:f6:db:
82:0e:c6:ee:c1:6f:25:87:26:6e:fa:04:99:c2:bc:
8f:73:b4:5a:ef:cd:7b:66:f5:ff:0b:8d:d2:ba:a4:
43:84:30:97:9a:c1:1f:9b:22:74:a4:c9:f5:8e:57:
b9:e6:92:a8:98:3e:17:5c:b0:0d:d5:d6:9f:61:4f:
df:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:B9:67:8E:21:0D:22:99:7E:C8:A2:46:A4:BB:33:A5:F9:58:98:6D
X509v3 Authority Key Identifier:
keyid:AE:DC:8F:32:7A:46:19:64:C0:A8:7A:9C:78:09:40:1C:57:C8:6D:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtyPMnpGGWTAqHqceAlAHFfIbUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b0dc52-416e-4a02-8993-fbc5a1e382c5/1/4LlnjiENIpl-yKJGpLszpflYmG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b0dc52-416e-4a02-8993-fbc5a1e382c5/1/rtyPMnpGGWTAqHqceAlAHFfIbUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.194.200.0/22
185.7.252.0/22
IPv6:
2a03:29c0::/32
Signature Algorithm: sha256WithRSAEncryption
2b:ed:f2:fa:f5:e0:ec:0a:50:f4:12:47:3e:71:41:d1:89:a6:
ac:47:f2:fd:43:2e:20:b8:d4:d1:ff:3c:f4:1e:61:67:05:d8:
b3:77:36:d7:58:d1:02:10:50:c6:39:dd:49:cb:66:e6:a9:7a:
12:f3:4e:b1:c9:57:16:f7:95:61:4f:71:1a:c5:1f:56:a4:fc:
44:52:a2:cb:c1:e5:be:d2:ef:90:4e:77:7a:c0:77:22:21:09:
fb:ed:3b:02:9e:86:72:51:82:df:bc:05:eb:ae:86:8e:85:c3:
fe:94:65:3a:8b:88:21:c6:b7:0f:d2:d0:c4:e0:88:95:ec:04:
60:82:eb:ba:81:f2:ff:90:39:81:9d:7d:b1:cb:cb:ab:e0:a1:
df:ad:67:48:f0:cb:0a:ac:61:07:13:bc:dc:67:d0:61:21:b9:
ff:2c:4e:f4:b6:c0:f3:b1:e8:87:0c:28:63:fa:77:de:cf:46:
53:52:84:7f:33:16:85:66:09:00:74:90:81:75:0c:09:3a:2e:
42:b3:57:bf:89:e3:86:65:7d:a7:59:ae:08:f0:4f:d4:1f:86:
c0:1b:5e:a2:60:8c:51:b0:30:e8:85:2e:17:e3:64:cf:b5:7c:
98:c1:86:27:60:07:46:2e:52:6c:39:9c:d9:96:3b:d6:81:26:
3d:0b:cd:22
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY/xhwD0MVbU6KVSiSZxoBbpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZGM4ZjMyN2E0NjE5NjRjMGE4N2E5Yzc4MDk0MDFjNTdj
ODZkNDEwHhcNMjQwNjA3MDcwODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGI5Njc4ZTIxMGQyMjk5N2VjOGEyNDZhNGJiMzNhNWY5NTg5ODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmB0hVFXan/SwKZiIZjZaTb24Ime
PmDKdpsealeuArfWbuzVFl12ESfWLdMO1/RDNNxhrEasA/kE/C9kndYE9eTb0BeT
FRuaWE2Nhh/lYQD8cVLYVBev/kHk33+in2ws3E0V86/dVljayCfsFh3qS8uVXAI4
iM1TbZ80X06FBOLS6+7ZE2Fo+d7KYNQIi3TV77wse8HWnkVK7UQB6Q/dSwowtmrV
wjZeD1krKhhrhs9Y3pfkzYX5zyl2AnfmUBV89tuCDsbuwW8lhyZu+gSZwryPc7Ra
7817ZvX/C43SuqRDhDCXmsEfmyJ0pMn1jle55pKomD4XXLAN1dafYU/f4QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOC5Z44hDSKZfsiiRqS7M6X5WJhtMB8GA1UdIwQY
MBaAFK7cjzJ6RhlkwKh6nHgJQBxXyG1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnR5UE1ucEdHV1RBcUhxY2VBbEFIRmZJYlVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iMGRjNTItNDE2ZS00YTAyLTg5OTMt
ZmJjNWExZTM4MmM1LzEvNExsbmppRU5JcGwteUtKR3BMc3pwZmxZbUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iMGRjNTItNDE2ZS00YTAyLTg5OTMtZmJjNWExZTM4MmM1
LzEvcnR5UE1ucEdHV1RBcUhxY2VBbEFIRmZJYlVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCVcLIAwQC
uQf8MA0EAgACMAcDBQAqAynAMA0GCSqGSIb3DQEBCwUAA4IBAQAr7fL69eDsClD0
Ekc+cUHRiaasR/L9Qy4guNTR/zz0HmFnBdizdzbXWNECEFDGOd1Jy2bmqXoS806x
yVcW95VhT3EaxR9WpPxEUqLLweW+0u+QTnd6wHciIQn77TsCnoZyUYLfvAXrroaO
hcP+lGU6i4ghxrcP0tDE4IiV7ARgguu6gfL/kDmBnX2xy8ur4KHfrWdI8MsKrGEH
E7zcZ9BhIbn/LE70tsDzseiHDChj+nfez0ZTUoR/MxaFZgkAdJCBdQwJOi5Cs1e/
ieOGZX2nWa4I8E/UH4bAG16iYIxRsDDohS4X42TPtXyYwYYnYAdGLlJsOZzZljvW
gSY9C80i
-----END CERTIFICATE-----
Generated at Fri May 9 02:48:44 2025 by rpki-client