Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/2Ss8Du6VRJJZ65V5gyAHFYDQlts.roa
File: 2Ss8Du6VRJJZ65V5gyAHFYDQlts.roa (raw, json)
Hash identifier: hRdcl41istBGouZvio5L6KDU04CuLjIZIH1fxwzNb30=
Subject key identifier: D9:2B:3C:0E:EE:95:44:92:59:EB:95:79:83:20:07:15:80:D0:96:DB
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018DEEDAE24D35F869A4FE4ACEA4FC6577B7
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/2Ss8Du6VRJJZ65V5gyAHFYDQlts.roa
Signing time: Wed 28 Feb 2024 08:35:38 +0000
ROA not before: Wed 28 Feb 2024 08:35:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 85.133.200.0/22 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Mar 2024 06:33:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ee:da:e2:4d:35:f8:69:a4:fe:4a:ce:a4:fc:65:77:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Feb 28 08:35:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d92b3c0eee95449259eb95798320071580d096db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:bb:5c:c7:81:5a:8c:b5:75:4b:4c:ad:7d:0e:
30:0d:7e:3f:3a:33:00:83:d4:87:43:59:9e:f0:ae:
88:8c:ab:d6:4a:db:f6:eb:0e:ee:4a:9a:23:f4:8f:
f1:89:52:a0:51:42:21:52:8d:fe:60:04:93:5f:4a:
05:e2:e1:59:43:10:d7:58:b8:4c:4f:4c:45:e3:49:
8d:a5:79:79:b7:5e:15:28:41:93:70:4f:7a:18:be:
80:f2:cb:64:37:8c:73:ee:04:28:8b:87:7f:29:1f:
20:0e:bf:c5:a6:b4:25:2c:7e:6d:e6:1f:2a:26:a6:
62:a5:6d:a5:0b:09:47:19:00:a9:01:95:79:40:5b:
4d:90:ce:11:15:d5:3b:a3:d5:1b:c0:ec:71:06:b0:
ba:38:ce:4b:e0:6b:a6:6c:d3:f3:61:1d:26:82:c4:
a2:e9:a3:2c:01:d7:7f:bd:51:0e:6e:14:ca:b1:be:
5c:bd:99:06:e7:68:94:28:3b:b3:e5:0e:21:5d:89:
d5:33:3a:db:1c:7d:1a:64:d4:6e:b8:28:b5:c6:eb:
70:b5:2f:44:f5:4b:e9:e0:6f:16:4e:d4:e7:39:cc:
a9:00:59:cb:21:85:5e:92:55:f0:ff:09:69:db:db:
08:30:4b:84:ce:e0:8b:ff:38:5d:d7:f4:d5:e6:88:
92:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:2B:3C:0E:EE:95:44:92:59:EB:95:79:83:20:07:15:80:D0:96:DB
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/2Ss8Du6VRJJZ65V5gyAHFYDQlts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.200.0-85.133.204.255
85.133.218.0/24
85.133.227.0-85.133.228.255
Signature Algorithm: sha256WithRSAEncryption
4d:20:b7:24:a7:db:c1:c0:7e:30:c5:33:e0:c8:c2:50:b7:5c:
35:cc:06:c0:dd:6a:da:03:4d:a5:6a:b6:ed:8a:16:40:d9:2d:
84:71:8d:d9:6d:fc:72:a2:c9:ce:63:08:fe:82:61:5a:fd:c5:
e6:d5:d3:19:c0:b8:9e:ae:0f:a0:b6:15:5e:f4:af:90:cb:d8:
b3:62:38:90:4c:6f:58:c8:92:95:99:72:e1:18:64:c3:b2:63:
56:cd:27:a8:40:38:e6:ba:81:47:3a:5e:9a:de:a3:a1:cc:3c:
b7:e2:dd:ed:4f:dc:41:31:09:3c:13:d8:ca:ac:d0:1d:24:9d:
f9:35:a1:04:db:aa:fe:95:bb:56:0c:3a:e9:d8:87:a0:89:3b:
f8:e0:f8:2a:43:87:2e:f3:80:9a:0f:14:c4:4a:c6:f3:38:9d:
0a:52:1f:7c:a7:4a:09:f9:3e:1b:8e:2d:08:26:54:1d:f3:b4:
89:90:89:48:74:79:9c:9c:7e:88:84:ae:60:02:2a:f2:39:93:
9a:88:a0:fd:3a:19:7f:1e:20:44:fe:87:f1:7e:20:d7:32:10:
9d:fd:d1:59:c9:49:a1:67:6a:96:1d:c5:50:cf:94:49:b8:48:
f2:d3:22:2f:c9:23:ab:c5:45:52:f9:aa:df:96:7e:59:10:5c:
d6:03:17:0e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY3u2uJNNfhppP5KzqT8ZXe3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMjI4MDgzNTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTJiM2MwZWVlOTU0NDkyNTllYjk1Nzk4MzIwMDcxNTgwZDA5NmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7tcx4FajLV1S0ytfQ4wDX4/OjMA
g9SHQ1me8K6IjKvWStv26w7uSpoj9I/xiVKgUUIhUo3+YASTX0oF4uFZQxDXWLhM
T0xF40mNpXl5t14VKEGTcE96GL6A8stkN4xz7gQoi4d/KR8gDr/FprQlLH5t5h8q
JqZipW2lCwlHGQCpAZV5QFtNkM4RFdU7o9UbwOxxBrC6OM5L4GumbNPzYR0mgsSi
6aMsAdd/vVEObhTKsb5cvZkG52iUKDuz5Q4hXYnVMzrbHH0aZNRuuCi1xutwtS9E
9Uvp4G8WTtTnOcypAFnLIYVeklXw/wlp29sIMEuEzuCL/zhd1/TV5oiSkQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNkrPA7ulUSSWeuVeYMgBxWA0JbbMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvMlNzOER1NlZSSkpaNjVWNWd5QUhGWURRbHRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBANVhcgD
BABVhcwDBABVhdowDAMEAFWF4wMEAFWF5DANBgkqhkiG9w0BAQsFAAOCAQEATSC3
JKfbwcB+MMUz4MjCULdcNcwGwN1q2gNNpWq27YoWQNkthHGN2W38cqLJzmMI/oJh
Wv3F5tXTGcC4nq4PoLYVXvSvkMvYs2I4kExvWMiSlZly4Rhkw7JjVs0nqEA45rqB
Rzpemt6jocw8t+Ld7U/cQTEJPBPYyqzQHSSd+TWhBNuq/pW7Vgw66diHoIk7+OD4
KkOHLvOAmg8UxErG8zidClIffKdKCfk+G44tCCZUHfO0iZCJSHR5nJx+iISuYAIq
8jmTmoig/ToZfx4gRP6H8X4g1zIQnf3RWclJoWdqlh3FUM+USbhI8tMiL8kjq8VF
Uvmq35Z+WRBc1gMXDg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:12 2024 by rpki-client on console-fra.rpki-client.org