Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/0YjoIw9ryuNmTNKtqMTGoLsxMM8.roa
File: 0YjoIw9ryuNmTNKtqMTGoLsxMM8.roa (raw, json)
Hash identifier: hbnHLrzA8BXRxfG0AfvbjSSb6C+3x4nmWxc+2QVIlik=
Subject key identifier: D1:88:E8:23:0F:6B:CA:E3:66:4C:D2:AD:A8:C4:C6:A0:BB:31:30:CF
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0192B33486975B7F9D00A0FB0FA2D34D726B
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/0YjoIw9ryuNmTNKtqMTGoLsxMM8.roa
Signing time: Tue 22 Oct 2024 07:50:16 +0000
ROA not before: Tue 22 Oct 2024 07:50:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.167.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.168.0/24 maxlen: 24
85.133.170.0/24 maxlen: 24
85.133.171.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.175.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.176.0/24 maxlen: 24
85.133.177.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.180.0/24 maxlen: 24
85.133.181.0/24 maxlen: 24
85.133.182.0/24 maxlen: 24
85.133.183.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.184.0/24 maxlen: 24
85.133.185.0/24 maxlen: 24
85.133.186.0/24 maxlen: 24
85.133.187.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.188.0/24 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.190.0/24 maxlen: 24
85.133.191.0/24 maxlen: 24
85.133.192.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.248.0/24 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 22 Oct 2024 09:34:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:34:86:97:5b:7f:9d:00:a0:fb:0f:a2:d3:4d:72:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Oct 22 07:50:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d188e8230f6bcae3664cd2ada8c4c6a0bb3130cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:64:f4:9b:30:46:25:68:c5:18:e3:63:a8:24:
54:f9:b8:bf:bd:3b:ad:84:c9:03:75:e9:b8:bc:d8:
e3:ae:ad:04:d8:cc:ca:77:75:ce:f0:62:96:a7:33:
22:b7:ae:dd:41:56:bd:2c:a8:76:c0:91:68:90:01:
95:55:8b:0a:52:7f:1d:f0:0c:c5:1c:0f:44:da:c1:
23:39:55:5a:07:13:1c:81:65:a3:48:5d:71:b9:2b:
81:c0:77:dc:3a:78:33:cb:68:a3:aa:35:0e:ca:e9:
9e:6e:36:01:77:f1:bf:97:bf:18:fa:9d:59:2d:13:
2d:aa:82:4f:0b:56:fc:bf:aa:60:d1:f6:14:d8:8a:
7b:76:cf:fc:2c:0e:22:9f:94:7c:fc:a7:af:c9:2c:
a1:81:5b:5b:27:0b:7e:11:11:b5:45:22:11:12:47:
5d:8b:90:fe:90:36:4c:d8:06:52:d6:ca:07:5a:b0:
2b:69:c2:4e:14:aa:ce:fd:65:94:4f:39:38:7a:d6:
8f:1d:a0:01:f1:ad:19:78:a8:ab:2b:29:f4:7c:86:
ce:d9:b7:51:ac:e7:34:2d:b6:b7:3d:d2:19:a0:0f:
5b:9d:78:3e:77:64:7d:bb:e1:06:ea:93:0a:4e:59:
e0:6b:d9:4d:ed:dd:80:ae:18:90:71:a8:e3:70:1d:
b4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:88:E8:23:0F:6B:CA:E3:66:4C:D2:AD:A8:C4:C6:A0:BB:31:30:CF
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/0YjoIw9ryuNmTNKtqMTGoLsxMM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
29:9e:27:df:2e:02:e8:18:b0:c9:af:8f:de:77:27:ef:74:5a:
2f:eb:41:66:d4:b6:ad:40:3e:17:f2:01:7a:a4:d1:46:82:e1:
04:14:01:cc:a6:b8:6f:ce:4e:5f:9c:6f:aa:4f:5f:be:19:b8:
e5:1d:71:aa:39:dd:64:51:e0:ae:23:9b:02:91:71:10:20:c8:
7e:0a:df:c1:27:5d:15:65:07:22:f2:fe:ea:04:49:ba:69:87:
0f:b9:ac:fd:44:5e:c5:ba:d0:d8:a4:13:9b:53:fe:c1:44:6f:
93:32:82:fe:09:51:e6:36:24:46:5d:3d:c2:07:62:b9:ea:bc:
5b:71:76:aa:c6:a1:63:c1:95:e6:81:d1:f1:9d:1e:db:67:c0:
c2:69:88:f2:bc:f8:7c:f5:d7:e9:30:79:54:40:3d:b7:7b:47:
f5:0a:67:88:5f:34:7a:78:5f:c8:a0:90:b6:49:a5:3f:34:33:
af:d5:df:7b:a7:95:35:59:dc:95:d6:1e:01:c8:47:8e:f4:da:
b9:ff:97:04:87:db:90:cb:b1:bf:d2:b2:98:89:32:82:9e:23:
55:1a:55:33:43:b9:bb:38:9f:10:34:26:35:09:e8:9d:e6:a9:
8d:43:3f:eb:4d:4d:a3:47:b8:83:7f:5e:fb:24:bc:fa:05:80:
d7:14:b4:70
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZKzNIaXW3+dAKD7D6LTTXJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQxMDIyMDc1MDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTg4ZTgyMzBmNmJjYWUzNjY0Y2QyYWRhOGM0YzZhMGJiMzEzMGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6WT0mzBGJWjFGONjqCRU+bi/vTut
hMkDdem4vNjjrq0E2MzKd3XO8GKWpzMit67dQVa9LKh2wJFokAGVVYsKUn8d8AzF
HA9E2sEjOVVaBxMcgWWjSF1xuSuBwHfcOngzy2ijqjUOyumebjYBd/G/l78Y+p1Z
LRMtqoJPC1b8v6pg0fYU2Ip7ds/8LA4in5R8/KevySyhgVtbJwt+ERG1RSIREkdd
i5D+kDZM2AZS1soHWrAracJOFKrO/WWUTzk4etaPHaAB8a0ZeKirKyn0fIbO2bdR
rOc0Lba3PdIZoA9bnXg+d2R9u+EG6pMKTlnga9lN7d2ArhiQcajjcB20MwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNGI6CMPa8rjZkzSrajExqC7MTDPMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvMFlqb0l3OXJ5dU5tVE5LdHFNVEdvTHN4TU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQApniffLgLoGLDJr4/edyfv
dFov60Fm1LatQD4X8gF6pNFGguEEFAHMprhvzk5fnG+qT1++GbjlHXGqOd1kUeCu
I5sCkXEQIMh+Ct/BJ10VZQci8v7qBEm6aYcPuaz9RF7FutDYpBObU/7BRG+TMoL+
CVHmNiRGXT3CB2K56rxbcXaqxqFjwZXmgdHxnR7bZ8DCaYjyvPh89dfpMHlUQD23
e0f1CmeIXzR6eF/IoJC2SaU/NDOv1d97p5U1WdyV1h4ByEeO9Nq5/5cEh9uQy7G/
0rKYiTKCniNVGlUzQ7m7OJ8QNCY1Ceid5qmNQz/rTU2jR7iDf177JLz6BYDXFLRw
-----END CERTIFICATE-----
Generated at Tue Oct 22 13:48:37 2024 by rpki-client on console-ams.rpki-client.org