Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/2nkA9xy7Dun0wPrXolBqZ_wMQgU.roa
File: 2nkA9xy7Dun0wPrXolBqZ_wMQgU.roa (raw, json)
Hash identifier: dlUAygSFmQDLr0dC/ht1QMKpuWXx9WAQ2+eEIDSQC9A=
Subject key identifier: DA:79:00:F7:1C:BB:0E:E9:F4:C0:FA:D7:A2:50:6A:67:FC:0C:42:05
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0186DF9FF491FC5AE1475D61236E50B443FC
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/2nkA9xy7Dun0wPrXolBqZ_wMQgU.roa
Signing time: Tue 14 Mar 2023 10:17:27 +0000
ROA not before: Tue 14 Mar 2023 10:17:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25098
IP address blocks: 85.133.202.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 Mar 2023 18:35:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:df:9f:f4:91:fc:5a:e1:47:5d:61:23:6e:50:b4:43:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Mar 14 10:17:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da7900f71cbb0ee9f4c0fad7a2506a67fc0c4205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7b:80:4b:b5:08:bc:b8:57:95:1c:2a:92:5d:
cb:c6:9b:fe:8b:ea:8b:2c:35:5f:1d:b6:3e:42:e0:
75:c7:59:c5:92:56:f7:1f:d9:6a:26:f6:8f:89:be:
18:dd:78:59:b6:d6:c0:b0:4b:70:75:cb:10:6a:b6:
de:ad:06:41:21:51:f4:aa:87:69:92:e1:00:06:c5:
20:44:be:8f:95:c9:de:eb:59:66:81:f2:93:c3:82:
89:f3:a4:95:fb:3c:93:c6:15:5b:d8:8d:42:59:bb:
4e:86:bd:69:38:15:a5:a5:e9:79:4c:55:d0:f4:9f:
87:8e:d8:29:24:fc:59:c9:30:56:d8:ff:a6:a3:ea:
20:9c:4d:69:98:17:84:49:eb:ea:7c:fa:b0:32:86:
c9:9b:ed:8f:41:4b:39:ca:bd:e7:6f:f0:35:70:99:
79:38:9a:ca:1e:61:80:d4:4a:e2:83:56:4c:53:b1:
17:19:a6:d4:ff:01:7f:4b:92:7e:45:34:c0:6e:14:
d9:7d:bf:7c:88:2f:4c:e1:d9:98:7e:ee:fc:08:3d:
80:c4:80:b5:1f:5e:c0:29:37:e2:8a:a8:57:47:55:
46:7f:99:bd:2e:05:e6:eb:7f:79:dd:65:39:b8:20:
d9:f5:8b:ca:3f:74:89:e5:80:c1:0d:d0:03:02:19:
02:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:79:00:F7:1C:BB:0E:E9:F4:C0:FA:D7:A2:50:6A:67:FC:0C:42:05
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/2nkA9xy7Dun0wPrXolBqZ_wMQgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.136.0/24
85.133.164.0/24
85.133.202.0/24
85.133.225.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:83:e5:c2:55:8f:c1:5e:a7:a0:4e:e4:86:ab:1a:07:8a:bd:
67:25:f2:ee:ad:f3:62:29:4d:45:fb:65:10:e5:3a:18:6a:93:
ca:85:94:9c:6a:64:03:af:1b:0d:9e:e7:6e:98:96:bc:97:2c:
29:ad:96:ff:bd:34:75:0f:d1:66:40:b7:fc:9f:2d:71:d4:44:
31:1c:5c:f9:3c:a0:37:7c:c5:51:f2:31:16:09:36:3a:7b:5e:
db:54:e3:b2:90:d8:91:56:28:e2:76:65:7d:ca:41:be:75:ad:
33:48:21:47:2b:a3:c6:42:f4:f7:71:60:ba:2a:c0:77:41:c6:
2b:53:8b:6a:0a:0a:9c:1f:2a:90:b2:d5:71:99:98:21:e9:aa:
03:e6:cc:ce:ea:c5:fc:18:ee:1d:b5:bd:b0:57:d5:5f:4b:eb:
d3:48:ca:90:48:ed:59:8a:a0:e9:c9:e5:03:74:20:21:0d:72:
c1:39:20:ad:ce:06:9e:8c:02:ef:12:71:9b:39:0e:5e:91:de:
e8:34:bd:19:e7:f0:03:a4:5d:8c:f8:c6:c6:0f:d6:9a:2e:48:
ec:6a:d8:e1:a5:96:cd:e7:34:0a:45:28:a3:85:db:f7:83:82:
b6:5a:7f:cd:b8:b1:d4:6b:c7:1f:fe:af:27:1b:80:7d:0e:c0:
76:6f:e1:34
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYbfn/SR/FrhR11hI25QtEP8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwMzE0MTAxNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTc5MDBmNzFjYmIwZWU5ZjRjMGZhZDdhMjUwNmE2N2ZjMGM0MjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHuAS7UIvLhXlRwqkl3Lxpv+i+qL
LDVfHbY+QuB1x1nFklb3H9lqJvaPib4Y3XhZttbAsEtwdcsQarberQZBIVH0qodp
kuEABsUgRL6Plcne61lmgfKTw4KJ86SV+zyTxhVb2I1CWbtOhr1pOBWlpel5TFXQ
9J+HjtgpJPxZyTBW2P+mo+ognE1pmBeESevqfPqwMobJm+2PQUs5yr3nb/A1cJl5
OJrKHmGA1Erig1ZMU7EXGabU/wF/S5J+RTTAbhTZfb98iC9M4dmYfu78CD2AxIC1
H17AKTfiiqhXR1VGf5m9LgXm63953WU5uCDZ9YvKP3SJ5YDBDdADAhkCAQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNp5APccuw7p9MD616JQamf8DEIFMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvMm5rQTl4eTdEdW4wd1ByWG9sQnFaX3dNUWdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVYWIAwQA
VYWkAwQAVYXKAwQAVYXhMA0GCSqGSIb3DQEBCwUAA4IBAQC4g+XCVY/BXqegTuSG
qxoHir1nJfLurfNiKU1F+2UQ5ToYapPKhZScamQDrxsNnudumJa8lywprZb/vTR1
D9FmQLf8ny1x1EQxHFz5PKA3fMVR8jEWCTY6e17bVOOykNiRVijidmV9ykG+da0z
SCFHK6PGQvT3cWC6KsB3QcYrU4tqCgqcHyqQstVxmZgh6aoD5szO6sX8GO4dtb2w
V9VfS+vTSMqQSO1ZiqDpyeUDdCAhDXLBOSCtzgaejALvEnGbOQ5ekd7oNL0Z5/AD
pF2M+MbGD9aaLkjsatjhpZbN5zQKRSijhdv3g4K2Wn/NuLHUa8cf/q8nG4B9DsB2
b+E0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org