Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/5GzaOZVvdQV3NK63k6rsqF0t-DQ.roa
File: 5GzaOZVvdQV3NK63k6rsqF0t-DQ.roa (raw, json)
Hash identifier: 7Vl74qL03WrYiFOFbhvVKhSrCXl4p5n23hA92CumBZs=
Subject key identifier: E4:6C:DA:39:95:6F:75:05:77:34:AE:B7:93:AA:EC:A8:5D:2D:F8:34
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018EC28F437E0088EDDB9B1651213482164C
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/5GzaOZVvdQV3NK63k6rsqF0t-DQ.roa
Signing time: Tue 09 Apr 2024 11:12:32 +0000
ROA not before: Tue 09 Apr 2024 11:12:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48147
IP address blocks: 85.133.137.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.178.0/23 maxlen: 24
85.133.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 May 2024 08:39:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:8f:43:7e:00:88:ed:db:9b:16:51:21:34:82:16:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Apr 9 11:12:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e46cda39956f75057734aeb793aaeca85d2df834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:fa:f8:d9:b3:4c:2b:31:2a:eb:d2:6f:73:77:
6b:22:87:34:61:1e:40:d9:d0:9a:24:4e:b0:32:1e:
87:bf:52:74:b8:2d:ea:bc:de:c7:fc:ce:f9:a1:a7:
a7:35:02:da:56:65:c4:11:2b:b3:52:d2:de:92:90:
0a:09:46:19:1b:ae:36:3a:bd:d8:69:ec:db:1c:a1:
55:15:44:3b:4f:7e:c2:27:e7:00:36:24:ad:a1:6a:
21:72:21:0e:17:0f:b0:98:46:ca:9f:73:18:4d:46:
8c:8f:be:51:65:d1:04:c7:40:b7:91:81:3a:15:19:
f0:00:1a:5c:c5:01:62:f8:88:7a:bd:f0:f3:d1:58:
ca:a5:bf:83:c9:6e:85:ea:76:22:ea:59:d0:72:0c:
f2:37:08:97:99:24:a7:5e:0c:20:a2:f1:9c:2b:57:
f7:0a:b0:c7:51:67:cb:41:a3:2b:b1:56:0a:0d:a5:
79:60:74:3a:4b:a4:62:bb:b1:db:aa:23:df:01:f7:
b0:ae:f6:fd:08:9a:4c:15:92:e4:e4:73:0d:59:e3:
48:64:63:99:46:18:d9:cb:33:d1:88:ea:be:f8:e6:
7a:0d:ea:c4:44:cc:ff:59:eb:02:19:de:af:84:a6:
d7:79:50:64:d9:73:b1:2c:8f:32:db:6b:e9:4b:e9:
cc:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:6C:DA:39:95:6F:75:05:77:34:AE:B7:93:AA:EC:A8:5D:2D:F8:34
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/5GzaOZVvdQV3NK63k6rsqF0t-DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.137.0/24
85.133.153.0/24
85.133.178.0/23
85.133.241.0/24
Signature Algorithm: sha256WithRSAEncryption
23:24:76:3a:a6:5f:43:9a:eb:d1:6d:7e:78:de:36:ff:e8:0c:
1d:a3:02:88:38:61:5c:50:d7:df:db:df:31:ee:3f:76:1f:3c:
99:2d:8f:ce:7c:3a:a1:f5:9e:08:92:1d:df:b6:ba:9d:a2:86:
59:60:b6:4c:53:3f:78:2b:83:37:eb:5a:9a:ff:c4:a3:7d:0f:
56:10:f9:40:de:08:54:f7:84:eb:bb:0d:5d:bc:5f:cb:ec:ec:
e5:54:ec:d2:b5:07:90:ce:e1:ff:e7:72:07:2f:01:73:1c:fc:
2b:8b:fa:84:6c:74:c3:73:f4:aa:a2:49:f3:18:28:3b:d4:b4:
bd:ca:54:e4:90:f2:25:14:38:f4:6b:6e:a2:2b:8d:a9:30:c0:
5f:68:3e:19:95:95:79:f4:2d:84:25:24:65:a7:dd:d1:d2:80:
8b:70:de:65:37:b4:03:3b:d2:e6:9c:18:e0:95:1a:42:38:de:
af:ab:4a:dd:d9:ab:9c:de:5b:7f:99:2d:5b:e5:d2:4c:76:82:
a4:21:f8:99:55:ad:62:ac:72:d9:d6:44:21:c6:d0:3c:f1:9d:
00:4e:48:e6:0b:57:2a:bc:cb:c4:99:94:c8:14:6b:e7:b7:2b:
b4:20:14:bf:d9:c1:09:f5:ff:f2:9b:a5:ed:28:c6:d7:7e:ea:
fb:9d:c8:84
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY7Cj0N+AIjt25sWUSE0ghZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwNDA5MTExMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDZjZGEzOTk1NmY3NTA1NzczNGFlYjc5M2FhZWNhODVkMmRmODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPr42bNMKzEq69Jvc3drIoc0YR5A
2dCaJE6wMh6Hv1J0uC3qvN7H/M75oaenNQLaVmXEESuzUtLekpAKCUYZG642Or3Y
aezbHKFVFUQ7T37CJ+cANiStoWohciEOFw+wmEbKn3MYTUaMj75RZdEEx0C3kYE6
FRnwABpcxQFi+Ih6vfDz0VjKpb+DyW6F6nYi6lnQcgzyNwiXmSSnXgwgovGcK1f3
CrDHUWfLQaMrsVYKDaV5YHQ6S6Riu7HbqiPfAfewrvb9CJpMFZLk5HMNWeNIZGOZ
RhjZyzPRiOq++OZ6DerERMz/WesCGd6vhKbXeVBk2XOxLI8y22vpS+nMKwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFORs2jmVb3UFdzSut5Oq7KhdLfg0MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvNUd6YU9aVnZkUVYzTks2M2s2cnNxRjB0LURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVYWJAwQA
VYWZAwQBVYWyAwQAVYXxMA0GCSqGSIb3DQEBCwUAA4IBAQAjJHY6pl9DmuvRbX54
3jb/6AwdowKIOGFcUNff298x7j92HzyZLY/OfDqh9Z4Ikh3ftrqdooZZYLZMUz94
K4M361qa/8SjfQ9WEPlA3ghU94Truw1dvF/L7OzlVOzStQeQzuH/53IHLwFzHPwr
i/qEbHTDc/SqoknzGCg71LS9ylTkkPIlFDj0a26iK42pMMBfaD4ZlZV59C2EJSRl
p93R0oCLcN5lN7QDO9LmnBjglRpCON6vq0rd2auc3lt/mS1b5dJMdoKkIfiZVa1i
rHLZ1kQhxtA88Z0ATkjmC1cqvMvEmZTIFGvntyu0IBS/2cEJ9f/ym6XtKMbXfur7
nciE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org