Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/03AiMu2lZXniP4EzaktUPLVBANE.roa
File: 03AiMu2lZXniP4EzaktUPLVBANE.roa (raw, json)
Hash identifier: lPl1N9Or23nTJvLELYhx97YjMkBOLUdhH7Wtx8aaNeU=
Subject key identifier: D3:70:22:32:ED:A5:65:79:E2:3F:81:33:6A:4B:54:3C:B5:41:00:D1
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018780A97397EE85EF453F04930096DAC4BF
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/03AiMu2lZXniP4EzaktUPLVBANE.roa
Signing time: Fri 14 Apr 2023 16:46:41 +0000
ROA not before: Fri 14 Apr 2023 16:46:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25098
IP address blocks: 85.133.179.0/24 maxlen: 24
85.133.202.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:80:a9:73:97:ee:85:ef:45:3f:04:93:00:96:da:c4:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Apr 14 16:46:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3702232eda56579e23f81336a4b543cb54100d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e7:e3:b8:dc:79:d7:58:33:de:03:1f:df:c2:
60:4d:f5:e6:d4:3b:ea:f6:92:4d:c6:28:23:cc:77:
75:45:6c:23:a6:e9:e6:17:33:aa:90:69:77:77:c4:
5e:76:34:be:14:b3:9c:5a:43:04:80:bf:38:99:54:
59:a9:11:df:7a:5a:74:b4:73:b5:c4:b2:9c:cf:24:
6d:a8:ff:aa:7e:11:d1:f5:1e:a0:8f:13:2a:b0:df:
7d:e1:fa:ca:d2:57:d1:0b:9f:58:86:8d:63:f0:fc:
f4:5f:d1:e1:50:4d:00:c9:e6:a3:56:56:28:52:54:
eb:34:9a:ae:7d:69:dc:14:db:22:6f:10:e8:ce:32:
52:de:bd:7d:ba:c3:cb:79:90:f7:e9:77:64:84:9e:
19:d1:0c:4f:92:ac:2e:76:0a:08:2d:04:ef:0a:36:
d4:26:e2:a9:af:70:a4:82:55:5e:69:65:71:ca:66:
86:14:14:f9:92:31:34:8a:da:26:0a:5e:63:85:4f:
63:90:36:08:42:55:e3:f0:42:a1:51:a5:db:e4:5d:
b7:87:fb:19:73:fa:eb:1a:4c:b3:59:e8:1d:a2:a9:
20:cd:4f:e7:21:f1:18:61:58:eb:42:32:3b:6d:49:
06:2f:3c:6f:5d:9b:9a:67:52:00:3c:99:52:d0:54:
0f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:70:22:32:ED:A5:65:79:E2:3F:81:33:6A:4B:54:3C:B5:41:00:D1
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/03AiMu2lZXniP4EzaktUPLVBANE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.136.0/23
85.133.156.0/24
85.133.164.0/23
85.133.179.0/24
85.133.202.0/24
85.133.215.0/24
85.133.217.0/24
85.133.225.0/24
Signature Algorithm: sha256WithRSAEncryption
88:02:8d:57:64:68:3e:68:46:1e:7c:ca:f8:1a:d2:5f:4e:08:
19:78:ef:2b:b2:77:2d:7a:e4:a2:ff:71:94:e0:04:8f:f2:81:
2a:25:b6:26:77:0e:b6:54:16:18:14:49:a6:06:75:6a:e9:ce:
77:6c:84:cc:d5:37:47:ff:a5:1e:6f:62:35:13:10:93:98:24:
26:78:ea:b5:ac:d8:d4:a6:d0:d2:23:43:63:01:9a:9e:90:b3:
9b:1c:ed:96:4d:a2:8c:9e:d3:e2:d6:a0:b6:3b:76:74:e3:b2:
49:2c:66:46:f9:e7:64:08:13:73:06:53:f7:cf:cc:cd:20:f7:
3b:57:53:33:b0:d8:c1:08:0a:e5:c6:9d:b1:79:89:1e:b6:9b:
49:f6:6c:7d:d1:00:6a:90:38:02:5c:92:57:c3:08:16:b9:51:
75:50:e9:0e:3e:6d:11:e6:3d:f2:d2:b4:65:be:e7:c3:65:d5:
96:2e:cf:d7:e2:c7:16:e8:75:53:3c:b4:f8:8b:65:03:cc:a7:
9f:cb:c4:f3:75:0c:b8:ac:74:a1:cf:32:ab:0a:6c:c7:ab:c3:
df:4b:3f:4f:2c:a8:ba:8e:ed:10:45:f2:bc:c4:13:03:3d:f1:
79:6c:77:2c:48:3f:e8:9d:42:ad:6c:a5:42:57:64:09:ac:09:
99:fd:fd:67
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYeAqXOX7oXvRT8EkwCW2sS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNDE0MTY0NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzcwMjIzMmVkYTU2NTc5ZTIzZjgxMzM2YTRiNTQzY2I1NDEwMGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiufjuNx511gz3gMf38JgTfXm1Dvq
9pJNxigjzHd1RWwjpunmFzOqkGl3d8RedjS+FLOcWkMEgL84mVRZqRHfelp0tHO1
xLKczyRtqP+qfhHR9R6gjxMqsN994frK0lfRC59Yho1j8Pz0X9HhUE0AyeajVlYo
UlTrNJqufWncFNsibxDozjJS3r19usPLeZD36XdkhJ4Z0QxPkqwudgoILQTvCjbU
JuKpr3CkglVeaWVxymaGFBT5kjE0itomCl5jhU9jkDYIQlXj8EKhUaXb5F23h/sZ
c/rrGkyzWegdoqkgzU/nIfEYYVjrQjI7bUkGLzxvXZuaZ1IAPJlS0FQPMQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNNwIjLtpWV54j+BM2pLVDy1QQDRMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvMDNBaU11MmxaWG5pUDRFemFrdFVQTFZCQU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBVYWIAwQA
VYWcAwQBVYWkAwQAVYWzAwQAVYXKAwQAVYXXAwQAVYXZAwQAVYXhMA0GCSqGSIb3
DQEBCwUAA4IBAQCIAo1XZGg+aEYefMr4GtJfTggZeO8rsncteuSi/3GU4ASP8oEq
JbYmdw62VBYYFEmmBnVq6c53bITM1TdH/6Ueb2I1ExCTmCQmeOq1rNjUptDSI0Nj
AZqekLObHO2WTaKMntPi1qC2O3Z047JJLGZG+edkCBNzBlP3z8zNIPc7V1MzsNjB
CArlxp2xeYketptJ9mx90QBqkDgCXJJXwwgWuVF1UOkOPm0R5j3y0rRlvufDZdWW
Ls/X4scW6HVTPLT4i2UDzKefy8TzdQy4rHShzzKrCmzHq8PfSz9PLKi6ju0QRfK8
xBMDPfF5bHcsSD/onUKtbKVCV2QJrAmZ/f1n
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:15 2023 by rpki-client on console-fra.rpki-client.org