Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/4lecr6xBqntnm1F7WbDy39n-DMY.roa
File: 4lecr6xBqntnm1F7WbDy39n-DMY.roa (raw, json)
Hash identifier: V1De59AKdgbLu0SlymwYOWuW1k3EpC+qsE4JH4X2RNc=
Subject key identifier: E2:57:9C:AF:AC:41:AA:7B:67:9B:51:7B:59:B0:F2:DF:D9:FE:0C:C6
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0191B6DFBFC77C7DD4AEF58060D7212B8387
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/4lecr6xBqntnm1F7WbDy39n-DMY.roa
Signing time: Tue 03 Sep 2024 07:53:22 +0000
ROA not before: Tue 03 Sep 2024 07:53:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 16 Sep 2024 08:11:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b6:df:bf:c7:7c:7d:d4:ae:f5:80:60:d7:21:2b:83:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Sep 3 07:53:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2579cafac41aa7b679b517b59b0f2dfd9fe0cc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5e:6e:6e:ac:e1:4a:0c:9a:e4:c3:8f:37:7f:
59:95:23:7c:3d:2f:3e:e8:7d:02:30:61:f1:91:6d:
94:83:0f:e1:ab:2c:2f:94:1a:82:7b:b9:c4:8a:97:
39:04:df:b3:c5:06:d9:eb:8e:1c:40:0c:77:45:bc:
47:4a:65:cf:e9:e8:b8:0c:83:b3:de:e4:64:58:c7:
16:9c:f0:3f:36:58:12:df:65:8b:42:7a:23:de:04:
e1:4a:a8:c8:c6:04:b7:0f:bc:70:89:82:86:64:84:
b7:c0:06:87:81:a9:bc:bb:a7:71:9e:63:0c:3a:fe:
e0:98:c6:65:99:0d:b6:c8:fc:8e:5f:2e:e3:c0:ef:
d4:94:91:cc:b7:c5:fc:75:63:ca:49:ad:27:21:b9:
85:b5:3a:9b:d4:b9:78:67:a6:49:5d:27:9f:47:d8:
e2:e6:f4:c8:96:1c:7e:18:02:12:64:a9:42:92:66:
43:72:c3:79:f1:84:4a:ae:8e:d0:0c:c5:cf:8e:87:
94:b1:73:6b:5c:96:f1:f4:22:c5:bb:7c:ad:dc:06:
0a:a1:4d:4f:ca:3c:99:99:12:7d:9f:20:39:d5:74:
c7:7f:89:46:d9:48:6c:07:f0:3c:7e:e0:63:4c:84:
f7:a5:f5:74:a6:c6:c4:fa:45:03:54:f0:24:14:f7:
d9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:57:9C:AF:AC:41:AA:7B:67:9B:51:7B:59:B0:F2:DF:D9:FE:0C:C6
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/4lecr6xBqntnm1F7WbDy39n-DMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
26:20:6c:49:30:dc:ab:cc:84:78:80:cb:24:c2:f1:61:4c:69:
ee:ec:0b:c1:2d:09:a6:d8:c7:c6:57:55:21:67:e7:39:36:6d:
98:57:2a:5d:6e:f6:ac:07:c0:ad:7a:aa:b4:a5:2a:5a:d2:61:
69:69:09:53:f7:b6:e6:6a:88:1c:c2:b8:e5:e6:c5:b9:99:34:
3f:47:f5:a4:1d:3b:0d:f7:81:e3:26:8d:4b:1e:63:75:96:3a:
3a:76:4b:68:5c:d8:85:55:db:f0:c3:e0:48:e3:4f:33:d9:7d:
13:82:9d:7d:3d:64:f1:c5:00:60:44:03:0a:cb:78:8a:f5:d4:
a7:9d:eb:ef:c1:25:84:7b:1c:ab:e1:aa:67:e3:a7:37:b2:65:
b5:bc:91:57:db:24:e5:6d:b9:56:fa:5f:bb:10:57:47:27:9e:
23:64:69:87:ae:33:e8:93:2f:20:96:4d:af:a7:5a:cc:c4:88:
cf:c3:7d:50:ad:dd:28:53:96:7d:22:a1:58:d5:22:61:76:2f:
e2:3b:e5:4d:2f:eb:db:8c:e5:f3:33:17:4a:f7:ed:1d:5c:dc:
a6:f3:e0:d3:23:74:dd:f1:ff:04:21:6b:6e:b6:ae:36:70:e5:
24:3c:40:00:c9:dd:e5:2b:30:8c:a7:38:cb:d0:54:f7:02:91:
8e:90:7e:ae
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZG237/HfH3UrvWAYNchK4OHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwOTAzMDc1MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjU3OWNhZmFjNDFhYTdiNjc5YjUxN2I1OWIwZjJkZmQ5ZmUwY2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnl5ubqzhSgya5MOPN39ZlSN8PS8+
6H0CMGHxkW2Ugw/hqywvlBqCe7nEipc5BN+zxQbZ644cQAx3RbxHSmXP6ei4DIOz
3uRkWMcWnPA/NlgS32WLQnoj3gThSqjIxgS3D7xwiYKGZIS3wAaHgam8u6dxnmMM
Ov7gmMZlmQ22yPyOXy7jwO/UlJHMt8X8dWPKSa0nIbmFtTqb1Ll4Z6ZJXSefR9ji
5vTIlhx+GAISZKlCkmZDcsN58YRKro7QDMXPjoeUsXNrXJbx9CLFu3yt3AYKoU1P
yjyZmRJ9nyA51XTHf4lG2UhsB/A8fuBjTIT3pfV0psbE+kUDVPAkFPfZiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOJXnK+sQap7Z5tRe1mw8t/Z/gzGMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvNGxlY3I2eEJxbnRubTFGN1diRHkzOW4tRE1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQAmIGxJMNyrzIR4gMskwvFh
TGnu7AvBLQmm2MfGV1UhZ+c5Nm2YVypdbvasB8Cteqq0pSpa0mFpaQlT97bmaogc
wrjl5sW5mTQ/R/WkHTsN94HjJo1LHmN1ljo6dktoXNiFVdvww+BI408z2X0Tgp19
PWTxxQBgRAMKy3iK9dSnnevvwSWEexyr4apn46c3smW1vJFX2yTlbblW+l+7EFdH
J54jZGmHrjPoky8glk2vp1rMxIjPw31Qrd0oU5Z9IqFY1SJhdi/iO+VNL+vbjOXz
MxdK9+0dXNym8+DTI3Td8f8EIWtutq42cOUkPEAAyd3lKzCMpzjL0FT3ApGOkH6u
-----END CERTIFICATE-----
Generated at Mon Sep 16 10:47:33 2024 by rpki-client on console-fra.rpki-client.org