Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/G71tOhUpuCoYrDpXrlpPfuUDv04.roa
File: G71tOhUpuCoYrDpXrlpPfuUDv04.roa (raw, json)
Hash identifier: PSNf2lbcbLdAHyGhJnKVB0MDim/+ZUbsfb+YAvQkeLI=
Subject key identifier: 1B:BD:6D:3A:15:29:B8:2A:18:AC:3A:57:AE:5A:4F:7E:E5:03:BF:4E
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0196478FD4EB3D2BB6DD5F5F2506E9A27525
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/G71tOhUpuCoYrDpXrlpPfuUDv04.roa
Signing time: Fri 18 Apr 2025 06:22:10 +0000
ROA not before: Fri 18 Apr 2025 06:22:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
85.115.210.0/23 maxlen: 24
85.115.210.0/24 maxlen: 24
85.115.211.0/24 maxlen: 24
213.145.66.0/24 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.68.0/24 maxlen: 24
213.145.70.0/23 maxlen: 24
213.145.71.0/24 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.82.0/23 maxlen: 24
213.145.82.0/24 maxlen: 24
213.145.83.0/24 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.88.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Apr 2025 06:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:47:8f:d4:eb:3d:2b:b6:dd:5f:5f:25:06:e9:a2:75:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Apr 18 06:22:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bbd6d3a1529b82a18ac3a57ae5a4f7ee503bf4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f5:10:b2:ef:df:b2:0f:46:92:01:6a:65:c3:
3d:8f:a5:2e:8a:67:84:df:de:53:6a:25:65:44:e8:
12:3e:92:c6:9f:c8:a6:a2:b5:94:27:cb:04:ea:79:
95:6a:8f:6f:f3:45:33:f1:92:d8:6c:dd:92:97:c6:
a8:2f:55:62:c8:62:9d:d9:e7:fd:b1:53:3c:05:8a:
48:15:31:8a:67:58:85:88:64:2f:78:2d:d3:3b:42:
60:ae:37:9a:3a:10:16:0e:f9:db:38:de:a6:09:c0:
30:58:36:f9:ec:6d:39:08:34:6b:dc:d2:0c:8c:6f:
3f:0b:82:57:95:8f:60:6a:62:90:a2:90:f6:77:2c:
dc:36:5d:26:77:92:58:58:6a:3a:79:b3:72:e1:1b:
07:45:a6:ab:cd:b7:04:7c:10:eb:20:08:7d:6b:fd:
8c:06:7e:86:a4:9c:ab:4c:59:75:3a:58:4b:48:af:
f4:9b:60:a2:dc:eb:d4:2f:0b:a8:ee:d9:26:70:3a:
dd:26:c3:be:78:8f:e6:38:03:84:67:de:d2:30:2c:
42:e0:27:5f:d2:99:23:37:4c:81:34:d9:19:f9:73:
54:f3:44:79:88:cc:1c:9c:74:ee:15:93:90:53:1a:
e6:c8:a3:df:69:83:20:6e:bf:28:d7:a8:a3:49:3d:
8d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:BD:6D:3A:15:29:B8:2A:18:AC:3A:57:AE:5A:4F:7E:E5:03:BF:4E
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/G71tOhUpuCoYrDpXrlpPfuUDv04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/22
213.145.66.0/24
213.145.68.0-213.145.79.255
213.145.82.0-213.145.89.255
Signature Algorithm: sha256WithRSAEncryption
58:30:8a:29:aa:5b:45:21:3c:4f:0b:e3:05:07:35:1e:fb:a2:
91:1d:6d:4b:16:98:2c:94:a2:c2:7c:06:d1:64:6e:c3:65:2b:
cc:98:0f:bf:ff:10:c3:37:1e:c5:1a:ff:5e:bf:66:9d:9c:c2:
c9:a1:a1:24:53:5b:80:1d:84:37:b6:39:59:0f:e6:c6:4c:05:
f9:cf:07:9c:7a:4e:7e:0c:e3:4d:69:32:b6:96:83:4b:8c:b5:
7b:36:3b:fd:02:3a:53:ad:7d:87:74:d7:21:3b:33:e9:b8:82:
18:7d:5d:3b:69:82:d0:b7:8e:94:8e:b0:6b:1f:0a:94:99:02:
c4:0b:da:6a:0a:b8:cd:cd:2f:a9:83:55:65:eb:03:f4:03:98:
d6:45:b8:5b:33:d5:15:57:30:ab:6a:5d:f3:dd:34:41:bd:94:
f8:e7:52:90:c8:e8:c9:62:8a:74:81:dd:c0:e0:1e:93:7c:fc:
12:f6:8f:20:4d:28:80:70:ee:f9:62:e8:cd:e5:04:fa:3c:cd:
f3:0e:b9:bf:92:14:ff:4d:32:84:59:eb:ed:f1:37:85:be:cf:
6d:fe:c9:2a:68:cc:80:a6:e9:5a:93:16:a8:b9:42:78:fc:52:
63:be:66:df:22:55:63:be:c1:9e:41:44:8c:76:f1:6a:af:f0:
c1:eb:7a:c4
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZZHj9TrPSu23V9fJQbponUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUwNDE4MDYyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmJkNmQzYTE1MjliODJhMThhYzNhNTdhZTVhNGY3ZWU1MDNiZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfUQsu/fsg9GkgFqZcM9j6UuimeE
395TaiVlROgSPpLGn8imorWUJ8sE6nmVao9v80Uz8ZLYbN2Sl8aoL1ViyGKd2ef9
sVM8BYpIFTGKZ1iFiGQveC3TO0JgrjeaOhAWDvnbON6mCcAwWDb57G05CDRr3NIM
jG8/C4JXlY9gamKQopD2dyzcNl0md5JYWGo6ebNy4RsHRaarzbcEfBDrIAh9a/2M
Bn6GpJyrTFl1OlhLSK/0m2Ci3OvULwuo7tkmcDrdJsO+eI/mOAOEZ97SMCxC4Cdf
0pkjN0yBNNkZ+XNU80R5iMwcnHTuFZOQUxrmyKPfaYMgbr8o16ijST2NZwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFBu9bToVKbgqGKw6V65aT37lA79OMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvRzcxdE9oVXB1Q29ZckRwWHJscFBmdVVEdjA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCVXPQAwQA
1ZFCMAwDBALVkUQDBATVkUAwDAMEAdWRUgMEAdWRWDANBgkqhkiG9w0BAQsFAAOC
AQEAWDCKKapbRSE8TwvjBQc1HvuikR1tSxaYLJSiwnwG0WRuw2UrzJgPv/8Qwzce
xRr/Xr9mnZzCyaGhJFNbgB2EN7Y5WQ/mxkwF+c8HnHpOfgzjTWkytpaDS4y1ezY7
/QI6U619h3TXITsz6biCGH1dO2mC0LeOlI6wax8KlJkCxAvaagq4zc0vqYNVZesD
9AOY1kW4WzPVFVcwq2pd8900Qb2U+OdSkMjoyWKKdIHdwOAek3z8EvaPIE0ogHDu
+WLozeUE+jzN8w65v5IU/00yhFnr7fE3hb7Pbf7JKmjMgKbpWpMWqLlCePxSY75m
3yJVY77BnkFEjHbxaq/wwet6xA==
-----END CERTIFICATE-----
Generated at Mon May 5 23:00:20 2025 by rpki-client