Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/3EB5KnYuj3hFJUyoXgWM32OI218.roa
File: 3EB5KnYuj3hFJUyoXgWM32OI218.roa (raw, json)
Hash identifier: qkYeHf3rJ9TO0gIxB0s9irnPIIdYLwiy+/pCX8CunL8=
Subject key identifier: DC:40:79:2A:76:2E:8F:78:45:25:4C:A8:5E:05:8C:DF:63:88:DB:5F
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0192A9A8FD29A202102CB181BB88DAF7BC5D
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/3EB5KnYuj3hFJUyoXgWM32OI218.roa
Signing time: Sun 20 Oct 2024 11:21:17 +0000
ROA not before: Sun 20 Oct 2024 11:21:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204104
IP address blocks: 85.133.151.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.193.0/24 maxlen: 24
85.133.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 12:38:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a9:a8:fd:29:a2:02:10:2c:b1:81:bb:88:da:f7:bc:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Oct 20 11:21:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc40792a762e8f7845254ca85e058cdf6388db5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8a:34:b8:7a:58:de:8f:7f:b8:c0:a7:42:d9:
95:f3:4b:7a:b8:1a:82:0b:c8:36:18:f7:48:9b:a9:
8a:0a:50:d1:a1:88:31:69:09:46:64:6d:fe:bf:1d:
67:5f:e9:c2:0a:9e:75:17:0f:9f:fc:c7:16:74:69:
61:06:be:af:4f:0b:75:1c:0d:c6:cc:ef:a4:4d:65:
67:55:41:22:55:8f:fb:d5:7e:1b:3d:8d:c7:b3:e4:
17:32:9e:45:aa:1e:eb:37:4d:03:21:1e:70:c3:98:
c2:2e:82:75:23:89:2b:ca:ff:01:84:1d:9a:34:5e:
63:c8:d1:80:fc:75:d8:84:e9:ea:48:bd:05:c8:c8:
7a:a2:3d:cd:fe:45:d8:22:71:4f:6f:64:d6:3f:33:
96:d6:78:e9:24:26:55:84:f1:03:09:b6:3e:5f:e2:
58:26:aa:d7:30:a9:8a:45:7c:70:9a:92:3d:9f:85:
12:e5:1a:fa:3f:bd:c7:41:90:b7:5c:79:16:25:1e:
df:ef:e9:b8:65:0e:88:c4:eb:0b:81:99:d4:9b:5f:
30:b9:66:ed:e3:ef:14:8c:99:c8:50:fb:f1:bc:12:
55:29:4f:b4:7b:8d:04:c8:d4:90:4a:0c:b5:d1:92:
9f:72:6a:2d:69:64:39:97:ef:10:47:b8:07:0a:3a:
33:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:40:79:2A:76:2E:8F:78:45:25:4C:A8:5E:05:8C:DF:63:88:DB:5F
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/3EB5KnYuj3hFJUyoXgWM32OI218.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.151.0/24
85.133.166.0/24
85.133.193.0-85.133.194.255
Signature Algorithm: sha256WithRSAEncryption
6c:f1:3b:06:40:60:5d:2d:5a:22:63:0f:a1:65:ed:a6:6f:2f:
78:9f:05:29:c9:a1:8d:63:18:5c:d4:44:fc:cc:14:5d:5b:c0:
9b:71:3a:2c:1a:2d:7a:b3:0b:b5:89:56:ef:88:c0:31:c6:7b:
78:e2:31:56:72:e7:21:93:fc:42:5f:7c:27:b4:6a:ea:42:04:
6a:59:46:3a:49:d7:6e:62:71:78:04:fb:0a:a3:57:ea:32:41:
ea:84:d4:f0:bb:96:7c:41:a3:4f:f8:ba:bd:e0:17:82:06:21:
0f:45:2c:a1:2d:e3:b2:d0:2f:f0:08:36:01:8e:07:98:af:05:
6f:85:83:37:14:ca:4f:79:9f:e7:4d:a7:f8:03:87:54:bf:c1:
6d:2d:6c:7c:8f:53:f8:0a:b1:59:d3:ba:93:a2:13:d0:5c:d7:
03:96:16:5d:50:f6:07:b6:60:eb:32:f0:70:78:57:46:d7:dc:
45:15:e2:bf:4f:e0:2c:e0:27:54:3e:8b:38:f6:be:83:54:57:
ff:34:b7:bb:96:63:1b:5f:56:f0:65:37:f2:98:05:4e:30:cc:
26:69:57:a5:9f:93:99:e3:04:cd:a1:f2:11:ed:bf:52:a8:9e:
25:96:54:71:6d:de:d6:df:ba:2c:dd:12:fd:89:14:d2:4f:c7:
82:0e:df:26
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZKpqP0pogIQLLGBu4ja97xdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQxMDIwMTEyMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzQwNzkyYTc2MmU4Zjc4NDUyNTRjYTg1ZTA1OGNkZjYzODhkYjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4o0uHpY3o9/uMCnQtmV80t6uBqC
C8g2GPdIm6mKClDRoYgxaQlGZG3+vx1nX+nCCp51Fw+f/McWdGlhBr6vTwt1HA3G
zO+kTWVnVUEiVY/71X4bPY3Hs+QXMp5Fqh7rN00DIR5ww5jCLoJ1I4kryv8BhB2a
NF5jyNGA/HXYhOnqSL0FyMh6oj3N/kXYInFPb2TWPzOW1njpJCZVhPEDCbY+X+JY
JqrXMKmKRXxwmpI9n4US5Rr6P73HQZC3XHkWJR7f7+m4ZQ6IxOsLgZnUm18wuWbt
4+8UjJnIUPvxvBJVKU+0e40EyNSQSgy10ZKfcmotaWQ5l+8QR7gHCjozoQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNxAeSp2Lo94RSVMqF4FjN9jiNtfMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvM0VCNUtuWXVqM2hGSlV5b1hnV00zMk9JMjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAVYWXAwQA
VYWmMAwDBABVhcEDBABVhcIwDQYJKoZIhvcNAQELBQADggEBAGzxOwZAYF0tWiJj
D6Fl7aZvL3ifBSnJoY1jGFzURPzMFF1bwJtxOiwaLXqzC7WJVu+IwDHGe3jiMVZy
5yGT/EJffCe0aupCBGpZRjpJ125icXgE+wqjV+oyQeqE1PC7lnxBo0/4ur3gF4IG
IQ9FLKEt47LQL/AINgGOB5ivBW+FgzcUyk95n+dNp/gDh1S/wW0tbHyPU/gKsVnT
upOiE9Bc1wOWFl1Q9ge2YOsy8HB4V0bX3EUV4r9P4CzgJ1Q+izj2voNUV/80t7uW
YxtfVvBlN/KYBU4wzCZpV6Wfk5njBM2h8hHtv1KoniWWVHFt3tbfuizdEv2JFNJP
x4IO3yY=
-----END CERTIFICATE-----
Generated at Mon Oct 21 16:36:34 2024 by rpki-client on console-ams.rpki-client.org