Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/7-j8-gT5zXCAFm7DPaYla_PZ54U.roa
File: 7-j8-gT5zXCAFm7DPaYla_PZ54U.roa (raw, json)
Hash identifier: +OH/KDCx5Fxn5h85eIYEEzFohRwU98da1Tb6g1TrJr0=
Subject key identifier: EF:E8:FC:FA:04:F9:CD:70:80:16:6E:C3:3D:A6:25:6B:F3:D9:E7:85
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018C9BCBDF32681E5B4D2192AFECD76AECF0
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/7-j8-gT5zXCAFm7DPaYla_PZ54U.roa
Signing time: Sun 24 Dec 2023 12:27:58 +0000
ROA not before: Sun 24 Dec 2023 12:27:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.202.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.224.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9b:cb:df:32:68:1e:5b:4d:21:92:af:ec:d7:6a:ec:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Dec 24 12:27:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=efe8fcfa04f9cd7080166ec33da6256bf3d9e785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:02:d0:2b:e3:56:14:16:85:e0:ef:69:7c:8d:
c5:29:e5:74:b4:d8:f0:ee:1f:85:b6:47:dd:32:d5:
bc:1f:ac:f0:ba:cc:30:11:ac:0d:80:dc:a2:8d:d7:
8e:d2:71:c0:69:3a:af:9b:53:c0:37:42:7c:13:88:
1b:7e:35:e1:e8:49:79:f2:9f:db:86:5b:48:2e:8f:
bf:d5:db:03:f1:14:fd:82:f1:87:8c:4d:80:0c:c3:
1e:8a:45:f3:1c:1a:2a:24:99:b7:3e:88:61:d9:c9:
70:60:a6:84:8a:e4:e3:1d:82:46:ae:d6:38:36:75:
29:26:3e:fb:b3:cf:e5:8a:e0:3d:6f:a2:92:7e:1a:
46:a9:76:c2:2b:0e:f3:14:e5:1a:85:f7:96:31:9e:
a6:51:fb:c0:b4:29:4c:ff:7e:27:dc:2b:6c:52:19:
9b:63:57:bd:c4:78:1b:d0:37:10:5a:32:9b:96:5c:
90:4d:e2:12:7b:96:44:7f:ca:65:a0:46:aa:97:3f:
a7:54:df:58:8d:b9:3a:35:08:5a:c3:ed:9f:43:60:
80:6e:d0:48:e9:17:7b:9b:5d:3f:6c:09:ab:4b:bd:
9b:dd:8a:a6:ae:ae:ef:1b:1e:f1:18:6b:b5:ce:bf:
50:a2:65:57:a0:e6:01:cc:a4:bd:a6:ea:a2:b9:dd:
c6:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:E8:FC:FA:04:F9:CD:70:80:16:6E:C3:3D:A6:25:6B:F3:D9:E7:85
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/7-j8-gT5zXCAFm7DPaYla_PZ54U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
0e:b1:aa:a0:c2:f9:ba:e5:6f:e8:e7:52:fa:b8:06:92:84:21:
8e:86:2b:1d:6c:ba:b3:7e:1b:ad:12:07:c1:cc:10:ef:02:08:
46:85:fe:17:ad:d7:ec:71:14:34:ad:7b:ca:52:a9:87:52:05:
14:73:48:56:e8:01:76:1a:bc:f5:47:c6:a6:a9:2b:98:91:7a:
cb:dc:7c:32:f0:54:8c:36:79:00:51:88:98:91:f9:b3:20:14:
07:07:cc:49:ca:84:ae:d1:08:57:c9:31:5b:d3:7f:3b:5f:61:
2f:7b:58:16:05:cc:02:05:3f:ad:85:9f:6f:a4:b9:5b:cd:af:
fd:88:fc:cb:10:5e:39:89:6e:47:32:ba:49:59:ef:0e:52:cb:
8c:23:a6:d1:b2:9f:cd:e3:c0:f3:f9:ee:8a:f2:35:26:96:7a:
80:62:03:50:4f:bb:a8:a4:c8:9f:44:6a:63:85:7a:ee:0c:1d:
38:d0:ab:7d:fe:85:9a:31:80:92:f2:38:e6:ad:71:73:87:af:
4b:7a:2d:0f:02:cf:f6:68:d3:48:2c:a1:7f:9e:64:5f:b0:f1:
f7:08:01:48:09:0c:c8:14:2a:61:b4:47:be:ac:5f:ae:0f:a4:
e7:94:5d:dc:f0:0b:67:b5:77:62:0b:80:0f:98:9a:75:4b:3d:
18:7f:da:76
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYyby98yaB5bTSGSr+zXauzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMxMjI0MTIyNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmU4ZmNmYTA0ZjljZDcwODAxNjZlYzMzZGE2MjU2YmYzZDllNzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwLQK+NWFBaF4O9pfI3FKeV0tNjw
7h+FtkfdMtW8H6zwuswwEawNgNyijdeO0nHAaTqvm1PAN0J8E4gbfjXh6El58p/b
hltILo+/1dsD8RT9gvGHjE2ADMMeikXzHBoqJJm3Pohh2clwYKaEiuTjHYJGrtY4
NnUpJj77s8/liuA9b6KSfhpGqXbCKw7zFOUahfeWMZ6mUfvAtClM/34n3CtsUhmb
Y1e9xHgb0DcQWjKbllyQTeISe5ZEf8ploEaqlz+nVN9Yjbk6NQhaw+2fQ2CAbtBI
6Rd7m10/bAmrS72b3Yqmrq7vGx7xGGu1zr9QomVXoOYBzKS9puqiud3GEwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFO/o/PoE+c1wgBZuwz2mJWvz2eeFMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvNy1qOC1nVDV6WENBRm03RFBhWWxhX1BaNTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQAOsaqgwvm65W/o
51L6uAaShCGOhisdbLqzfhutEgfBzBDvAghGhf4XrdfscRQ0rXvKUqmHUgUUc0hW
6AF2Grz1R8amqSuYkXrL3Hwy8FSMNnkAUYiYkfmzIBQHB8xJyoSu0QhXyTFb0387
X2Eve1gWBcwCBT+thZ9vpLlbza/9iPzLEF45iW5HMrpJWe8OUsuMI6bRsp/N48Dz
+e6K8jUmlnqAYgNQT7uopMifRGpjhXruDB040Kt9/oWaMYCS8jjmrXFzh69Lei0P
As/2aNNILKF/nmRfsPH3CAFICQzIFCphtEe+rF+uD6TnlF3c8AtntXdiC4APmJp1
Sz0Yf9p2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org