Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/6ixk0FxHrRlFAWx5oXvaRITZrjU.roa
File: 6ixk0FxHrRlFAWx5oXvaRITZrjU.roa (raw, json)
Hash identifier: cvUdhZozu1yE5wZhYiOtHcTNgq0LtZIL5O7NGUOZxCc=
Subject key identifier: EA:2C:64:D0:5C:47:AD:19:45:01:6C:79:A1:7B:DA:44:84:D9:AE:35
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 019045AD78353D08194C395CB2805D6A6DAA
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/6ixk0FxHrRlFAWx5oXvaRITZrjU.roa
Signing time: Sun 23 Jun 2024 15:18:34 +0000
ROA not before: Sun 23 Jun 2024 15:18:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.224.0/23 maxlen: 24
85.133.224.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 07 Jul 2024 14:18:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:45:ad:78:35:3d:08:19:4c:39:5c:b2:80:5d:6a:6d:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jun 23 15:18:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea2c64d05c47ad1945016c79a17bda4484d9ae35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:dc:20:37:37:7c:56:e7:35:dd:c1:29:56:8d:
b3:ad:40:c7:67:08:11:5f:b3:94:dd:d0:50:1d:f3:
83:9a:c5:0d:e7:d9:97:ce:d4:3d:3f:ef:cd:43:32:
88:13:01:ba:4d:a6:23:61:37:77:1a:cb:4b:be:ac:
57:a4:e2:10:e4:17:e2:a3:fa:88:ba:6a:a9:96:5a:
50:03:c7:4f:42:71:a2:0f:f3:4b:31:bc:58:76:48:
28:28:52:a2:da:8a:f4:a4:23:34:e9:5f:59:fe:84:
d0:f0:d8:76:9c:12:26:23:40:95:ff:32:d0:65:4f:
a1:23:ac:ec:9c:9e:ba:02:11:e9:e5:f1:c2:79:2d:
54:32:5a:9c:28:1e:b5:cf:c4:aa:21:ec:46:a6:c8:
ae:8c:57:e8:ac:67:63:47:88:08:11:59:fc:f7:3b:
6d:40:28:c4:e8:bd:61:2a:9f:d4:dd:6a:14:b3:9c:
56:3b:3a:d5:04:9d:fe:02:43:a4:19:89:86:b6:aa:
29:5f:9d:2c:59:e1:d0:6a:f0:6c:7d:58:7d:15:3c:
e1:e3:45:ff:1a:32:77:99:6f:2c:60:01:28:7d:d7:
64:00:08:7d:35:fa:ab:a2:f3:25:a2:24:7f:8f:1b:
a3:e3:de:a9:83:fd:5e:02:d0:3c:52:32:fc:8f:24:
b8:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:2C:64:D0:5C:47:AD:19:45:01:6C:79:A1:7B:DA:44:84:D9:AE:35
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/6ixk0FxHrRlFAWx5oXvaRITZrjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.1.0-185.41.3.255
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
2f:91:a1:9c:ad:01:d3:8f:75:46:cd:ed:02:6a:07:db:3a:49:
62:bf:b9:f6:56:cb:f7:02:63:6d:2b:dc:3a:cc:d7:1a:56:07:
9f:1f:5a:73:55:40:6b:a7:2f:49:c7:54:d8:d0:73:83:dd:26:
63:b1:c1:19:05:ca:55:3f:13:eb:a5:36:e2:3c:8c:f5:93:a8:
7a:a5:9f:5d:5d:9f:1b:61:f9:02:c3:be:14:83:a9:35:ab:66:
30:cf:be:64:89:d8:20:e3:bf:3c:de:91:75:1e:93:cf:2c:49:
b2:b8:99:e0:97:0c:dd:54:1d:1e:2e:cc:09:17:46:f1:51:ac:
02:6f:00:85:f8:59:5c:be:2b:ac:cf:92:9a:ba:ca:01:3a:b3:
b2:b7:e2:d6:0c:04:08:85:e4:5c:06:11:73:64:ec:ad:a5:0f:
fe:b3:01:13:97:04:f0:c5:d8:81:7c:41:ea:3d:f6:34:26:40:
55:85:e2:21:0b:69:47:5d:e8:17:3a:14:06:c9:df:26:63:11:
db:84:41:45:0c:b5:21:d8:50:e4:ab:d1:23:cd:6a:7a:d2:bf:
2b:83:f5:e3:5d:eb:7b:64:20:31:80:2b:05:77:34:58:2d:04:
c1:35:5e:ad:f6:eb:61:68:ee:93:fb:c5:02:8b:3f:10:f2:59:
79:48:be:4b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZBFrXg1PQgZTDlcsoBdam2qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwNjIzMTUxODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTJjNjRkMDVjNDdhZDE5NDUwMTZjNzlhMTdiZGE0NDg0ZDlhZTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNwgNzd8Vuc13cEpVo2zrUDHZwgR
X7OU3dBQHfODmsUN59mXztQ9P+/NQzKIEwG6TaYjYTd3GstLvqxXpOIQ5Bfio/qI
umqpllpQA8dPQnGiD/NLMbxYdkgoKFKi2or0pCM06V9Z/oTQ8Nh2nBImI0CV/zLQ
ZU+hI6zsnJ66AhHp5fHCeS1UMlqcKB61z8SqIexGpsiujFforGdjR4gIEVn89ztt
QCjE6L1hKp/U3WoUs5xWOzrVBJ3+AkOkGYmGtqopX50sWeHQavBsfVh9FTzh40X/
GjJ3mW8sYAEofddkAAh9NfqrovMloiR/jxuj496pg/1eAtA8UjL8jyS4YwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOosZNBcR60ZRQFseaF72kSE2a41MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvNml4azBGeEhyUmxGQVd4NW9YdmFSSVRacmpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQHVYWAMAwD
BAC5KQEDBAK5KQAwDQQCAAIwBwMFAyoEh8AwDQYJKoZIhvcNAQELBQADggEBAC+R
oZytAdOPdUbN7QJqB9s6SWK/ufZWy/cCY20r3DrM1xpWB58fWnNVQGunL0nHVNjQ
c4PdJmOxwRkFylU/E+ulNuI8jPWTqHqln11dnxth+QLDvhSDqTWrZjDPvmSJ2CDj
vzzekXUek88sSbK4meCXDN1UHR4uzAkXRvFRrAJvAIX4WVy+K6zPkpq6ygE6s7K3
4tYMBAiF5FwGEXNk7K2lD/6zAROXBPDF2IF8Qeo99jQmQFWF4iELaUdd6Bc6FAbJ
3yZjEduEQUUMtSHYUOSr0SPNanrSvyuD9eNd63tkIDGAKwV3NFgtBME1Xq3262Fo
7pP7xQKLPxDyWXlIvks=
-----END CERTIFICATE-----
Generated at Sun Jul 7 16:24:18 2024 by rpki-client on console-fra.rpki-client.org