Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/3hnx6xVqRkK9H0ZyARf57pzNPDE.roa
File: 3hnx6xVqRkK9H0ZyARf57pzNPDE.roa (raw, json)
Hash identifier: ZPg1qMB02GwXvT0/GEquoJ+KE1aU2XrBgp+pGOW1Cbo=
Subject key identifier: DE:19:F1:EB:15:6A:46:42:BD:1F:46:72:01:17:F9:EE:9C:CD:3C:31
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01881B8B891F0C1FAF1C766DE321F15EB9C2
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/3hnx6xVqRkK9H0ZyARf57pzNPDE.roa
Signing time: Sun 14 May 2023 18:35:09 +0000
ROA not before: Sun 14 May 2023 18:35:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.236.0/22 maxlen: 22
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/22 maxlen: 22
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.209.0/24 maxlen: 24
85.133.216.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.226.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.136.0/22 maxlen: 22
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.156.0/22 maxlen: 22
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 16 May 2023 10:08:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1b:8b:89:1f:0c:1f:af:1c:76:6d:e3:21:f1:5e:b9:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: May 14 18:35:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de19f1eb156a4642bd1f46720117f9ee9ccd3c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:36:e0:41:ed:06:4d:62:b2:35:2c:d8:11:df:
40:99:97:7d:e7:83:85:fd:37:1d:b3:4d:f6:1d:02:
0b:6f:06:f1:da:68:91:12:2e:79:c9:07:fe:f3:32:
b2:01:56:b5:ad:3b:e3:eb:ca:d1:30:41:45:76:b8:
f9:fb:99:e2:17:00:f1:70:89:a0:eb:df:42:dc:84:
dc:11:c2:69:42:db:44:7b:e6:a6:67:2d:25:a6:f7:
37:d4:4d:b6:9c:ee:44:de:2a:db:e9:a9:de:f7:d7:
fc:e3:86:04:9e:cb:ee:ec:3f:25:b9:ae:a1:fe:0f:
f4:55:56:4a:59:24:70:5a:e5:f1:16:d3:d0:d3:3e:
ff:7c:3f:c3:5b:41:63:c7:49:65:67:17:9d:13:f6:
57:28:e8:dd:16:47:02:5f:a7:58:a5:03:57:1b:42:
b0:1a:7b:6b:ef:b3:8d:7f:56:91:6a:c8:77:7d:cb:
f8:c2:71:f4:28:10:42:1a:28:66:38:e0:0e:cb:c5:
48:f8:0c:21:25:07:dc:6f:be:ff:15:d7:5c:82:77:
99:81:76:2f:f2:a3:78:a8:56:f0:e6:e2:93:ab:54:
e2:8c:b8:9c:d1:93:19:a5:47:65:02:b0:fc:40:e3:
13:bc:a0:ce:5e:b6:4d:07:44:28:31:5e:55:15:9e:
7c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:19:F1:EB:15:6A:46:42:BD:1F:46:72:01:17:F9:EE:9C:CD:3C:31
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/3hnx6xVqRkK9H0ZyARf57pzNPDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
8f:cc:19:a2:d7:a2:09:2e:be:47:6b:a7:65:0a:94:e8:6c:20:
4a:46:5f:a8:b7:3c:2e:0d:2c:b1:d1:2a:ce:dd:b3:3c:c0:f9:
7a:0c:f9:f5:98:51:64:e3:28:04:f0:ac:87:3e:e2:9d:4a:d6:
b5:6c:78:8e:35:ce:73:2e:8c:9b:33:4c:67:3c:e9:fd:8e:82:
33:28:d5:c9:4f:82:ef:a7:5e:c3:25:c9:30:ac:a5:04:8f:26:
ad:ca:93:b3:42:4b:27:51:83:2e:ee:ba:4d:24:57:b9:9f:b7:
0f:79:3c:af:9f:6e:69:eb:22:49:12:f5:cc:f2:a2:61:32:d2:
6f:24:d0:9f:f8:ad:97:11:c8:a4:85:f6:50:44:fe:b2:39:d0:
14:46:ce:83:75:7b:ae:1e:da:fc:d6:20:61:1b:17:c2:9c:c0:
58:ca:58:a7:68:e2:e9:cf:36:f9:72:0f:74:9a:98:12:11:34:
10:c2:e2:9e:d3:88:8a:33:12:d5:0b:4d:e5:c3:e3:1a:e4:32:
13:fe:cf:0b:a7:2b:b8:35:fd:d7:34:a6:07:a3:27:17:8b:b6:
a4:f0:60:70:4c:95:73:0a:71:17:4a:41:61:e0:8d:db:5d:51:
0d:5c:b6:e7:d8:31:ed:63:58:97:e3:bd:96:84:79:30:1f:ae:
ac:c9:2e:19
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYgbi4kfDB+vHHZt4yHxXrnCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNTE0MTgzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTE5ZjFlYjE1NmE0NjQyYmQxZjQ2NzIwMTE3ZjllZTljY2QzYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTbgQe0GTWKyNSzYEd9AmZd954OF
/Tcds032HQILbwbx2miREi55yQf+8zKyAVa1rTvj68rRMEFFdrj5+5niFwDxcImg
699C3ITcEcJpQttEe+amZy0lpvc31E22nO5E3irb6ane99f844YEnsvu7D8lua6h
/g/0VVZKWSRwWuXxFtPQ0z7/fD/DW0Fjx0llZxedE/ZXKOjdFkcCX6dYpQNXG0Kw
Gntr77ONf1aRash3fcv4wnH0KBBCGihmOOAOy8VI+AwhJQfcb77/FddcgneZgXYv
8qN4qFbw5uKTq1TijLic0ZMZpUdlArD8QOMTvKDOXrZNB0QoMV5VFZ58bwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN4Z8esVakZCvR9GcgEX+e6czTwxMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvM2hueDZ4VnFSa0s5SDBaeUFSZjU3cHpOUERFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQCPzBmi16IJLr5Ha6dlCpTo
bCBKRl+otzwuDSyx0SrO3bM8wPl6DPn1mFFk4ygE8KyHPuKdSta1bHiONc5zLoyb
M0xnPOn9joIzKNXJT4Lvp17DJckwrKUEjyatypOzQksnUYMu7rpNJFe5n7cPeTyv
n25p6yJJEvXM8qJhMtJvJNCf+K2XEcikhfZQRP6yOdAURs6DdXuuHtr81iBhGxfC
nMBYylinaOLpzzb5cg90mpgSETQQwuKe04iKMxLVC03lw+Ma5DIT/s8Lpyu4Nf3X
NKYHoycXi7ak8GBwTJVzCnEXSkFh4I3bXVENXLbn2DHtY1iX472WhHkwH66syS4Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org