Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/3xGfmvfeZ1L5k1JERzEHVvo-ruk.roa
File: 3xGfmvfeZ1L5k1JERzEHVvo-ruk.roa (raw, json)
Hash identifier: UQfHnTt4oEib/FmYl7qTWe2apcFipAaKRyQMxlq3vr0=
Subject key identifier: DF:11:9F:9A:F7:DE:67:52:F9:93:52:44:47:31:07:56:FA:3E:AE:E9
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0192766DFA7FAD2BC5BD302FD9345B786C9E
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/3xGfmvfeZ1L5k1JERzEHVvo-ruk.roa
Signing time: Thu 10 Oct 2024 12:36:11 +0000
ROA not before: Thu 10 Oct 2024 12:36:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 15 Oct 2024 11:58:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:76:6d:fa:7f:ad:2b:c5:bd:30:2f:d9:34:5b:78:6c:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Oct 10 12:36:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df119f9af7de6752f993524447310756fa3eaee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:cb:06:1c:90:c0:3e:3b:e5:7a:2d:d6:38:06:
09:c8:03:15:bc:ab:ac:c0:62:72:ee:e0:95:c7:c9:
97:4f:52:5d:ec:48:8a:e6:d5:94:4b:8a:bb:33:d4:
fc:8f:38:af:80:05:23:55:83:6f:5f:01:86:1c:cb:
64:12:ef:17:ae:ad:d4:5b:fc:9d:97:af:a3:99:e6:
ff:e2:c2:17:eb:9d:5d:4f:9b:4f:ef:6c:5f:e7:dc:
b0:3b:0a:a7:1f:a2:41:5b:74:52:3e:6e:aa:65:75:
4b:cb:03:55:4f:e1:01:e4:98:53:47:c1:67:d9:37:
76:34:ee:62:58:a9:17:5e:60:07:94:03:f9:49:1a:
fa:b4:b8:3a:5c:3d:7f:0c:7a:53:67:48:2f:63:8a:
a0:96:c1:0a:8f:a7:d1:17:aa:0d:4e:9e:5a:d3:45:
b2:7a:e5:58:03:40:f8:6f:e0:9c:81:8c:94:43:44:
b6:1f:1d:bd:e0:9c:d6:c2:b8:2e:76:ca:de:f8:63:
79:ca:d4:aa:6f:35:c7:29:54:4a:7d:86:32:ca:4e:
88:6a:1a:66:9a:5c:79:a8:e9:58:63:9a:7d:b5:ea:
e7:02:fc:78:48:9f:62:9c:27:4b:40:ed:5e:c3:9f:
44:be:8a:44:10:5e:7d:0f:81:1a:df:07:1e:47:f7:
11:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:11:9F:9A:F7:DE:67:52:F9:93:52:44:47:31:07:56:FA:3E:AE:E9
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/3xGfmvfeZ1L5k1JERzEHVvo-ruk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
2f:50:4f:82:2b:64:03:a6:bf:1e:62:91:e3:97:0f:4e:96:0f:
89:13:eb:52:87:b9:6e:36:4d:37:00:6d:98:74:53:19:1c:22:
48:9c:0f:fa:f1:dc:d3:66:11:63:37:4b:c2:6c:a3:0d:22:1c:
16:2b:64:7f:99:f4:6a:de:aa:20:67:7e:fc:25:c5:aa:0a:0b:
6b:e2:9a:98:18:3e:b5:2d:f9:de:42:11:69:89:c7:41:39:28:
7b:8b:a0:cb:89:14:5f:68:73:75:9d:25:62:08:e2:35:36:95:
15:06:0b:e2:3c:96:00:f1:36:01:29:3f:f4:f0:8d:6b:7d:29:
a1:a7:25:98:02:a9:7f:a9:93:b8:2c:92:15:4e:4b:33:7a:0f:
e4:1c:d6:ac:84:52:32:e3:19:ab:ac:41:f9:2d:f5:cc:59:ce:
af:93:f5:9a:73:0b:d0:fd:f1:9b:36:40:7f:43:65:87:d2:5e:
50:b3:f4:ea:2f:54:99:02:52:9c:63:83:fc:4c:de:dc:c9:2e:
a3:ab:92:06:e6:df:34:d5:c8:d3:05:33:39:49:c6:3b:5d:7c:
27:26:88:44:a3:e4:a0:5a:13:f0:fa:8a:ca:0a:40:70:14:58:
98:51:a8:8d:bd:44:2e:71:39:d6:85:f3:d6:c9:83:24:eb:91:
dc:98:98:a5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZJ2bfp/rSvFvTAv2TRbeGyeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQxMDEwMTIzNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjExOWY5YWY3ZGU2NzUyZjk5MzUyNDQ0NzMxMDc1NmZhM2VhZWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmssGHJDAPjvlei3WOAYJyAMVvKus
wGJy7uCVx8mXT1Jd7EiK5tWUS4q7M9T8jzivgAUjVYNvXwGGHMtkEu8Xrq3UW/yd
l6+jmeb/4sIX651dT5tP72xf59ywOwqnH6JBW3RSPm6qZXVLywNVT+EB5JhTR8Fn
2Td2NO5iWKkXXmAHlAP5SRr6tLg6XD1/DHpTZ0gvY4qglsEKj6fRF6oNTp5a00Wy
euVYA0D4b+CcgYyUQ0S2Hx294JzWwrgudsre+GN5ytSqbzXHKVRKfYYyyk6Iahpm
mlx5qOlYY5p9ternAvx4SJ9inCdLQO1ew59EvopEEF59D4Ea3wceR/cRaQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN8Rn5r33mdS+ZNSREcxB1b6Pq7pMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvM3hHZm12ZmVaMUw1azFKRVJ6RUhWdm8tcnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQAvUE+CK2QDpr8eYpHjlw9O
lg+JE+tSh7luNk03AG2YdFMZHCJInA/68dzTZhFjN0vCbKMNIhwWK2R/mfRq3qog
Z378JcWqCgtr4pqYGD61LfneQhFpicdBOSh7i6DLiRRfaHN1nSViCOI1NpUVBgvi
PJYA8TYBKT/08I1rfSmhpyWYAql/qZO4LJIVTkszeg/kHNashFIy4xmrrEH5LfXM
Wc6vk/WacwvQ/fGbNkB/Q2WH0l5Qs/TqL1SZAlKcY4P8TN7cyS6jq5IG5t801cjT
BTM5ScY7XXwnJohEo+SgWhPw+orKCkBwFFiYUaiNvUQucTnWhfPWyYMk65HcmJil
-----END CERTIFICATE-----
Generated at Tue Oct 15 14:29:00 2024 by rpki-client on console-fra.rpki-client.org