Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/8AWz-Y4hzgTU71_U5--Vgt0-6ks.roa
File: 8AWz-Y4hzgTU71_U5--Vgt0-6ks.roa (raw, json)
Hash identifier: t9/vGASe4IhMMrp6tNdBIqP0cEQggnsDJTrdou39wkM=
Subject key identifier: F0:05:B3:F9:8E:21:CE:04:D4:EF:5F:D4:E7:EF:95:82:DD:3E:EA:4B
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018780A97433F2863F10571D71D84A1C4577
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/8AWz-Y4hzgTU71_U5--Vgt0-6ks.roa
Signing time: Fri 14 Apr 2023 16:46:41 +0000
ROA not before: Fri 14 Apr 2023 16:46:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.228.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.233.0/24 maxlen: 24
85.133.228.0/22 maxlen: 22
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.236.0/22 maxlen: 22
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.237.0/24 maxlen: 24
85.133.234.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.242.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.241.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/22 maxlen: 22
85.133.249.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.194.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.208.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.209.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.226.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.132.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.136.0/22 maxlen: 22
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.156.0/22 maxlen: 22
85.133.154.0/24 maxlen: 24
85.133.160.0/22 maxlen: 22
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/22 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.168.0/22 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 20 Apr 2023 08:57:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:80:a9:74:33:f2:86:3f:10:57:1d:71:d8:4a:1c:45:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Apr 14 16:46:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f005b3f98e21ce04d4ef5fd4e7ef9582dd3eea4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:93:76:9e:0f:32:f9:0f:76:89:b2:b6:8d:36:
fc:32:a5:bf:30:71:a8:13:2a:1c:7f:66:5c:7a:be:
50:bc:97:9a:15:94:dc:c5:2b:1d:4d:5a:e8:bb:8a:
ae:6f:a2:1b:c4:a1:93:5f:eb:0e:e1:1a:80:ba:37:
21:ef:a1:44:23:c0:70:1f:59:7f:30:51:a2:d9:f1:
f3:ad:81:cf:ee:2e:44:6d:81:4a:54:1b:f9:bd:15:
97:e3:45:56:21:88:f6:a3:38:b5:3e:cc:aa:ec:d7:
e2:13:5f:9b:8f:32:e8:6e:be:6f:b2:bc:a8:b6:b4:
6f:b8:37:d1:80:ce:81:5e:fc:df:00:e9:f0:6a:de:
34:94:a7:87:6f:73:b8:b5:3a:aa:d4:d2:ea:a9:7a:
3f:e5:61:fa:6f:f4:9f:60:d2:b9:70:4d:76:e9:a4:
1c:24:57:df:97:c4:43:9b:6d:ef:80:14:30:d9:7a:
f0:f0:78:f1:63:a8:47:06:03:84:92:66:67:23:b8:
1c:ad:23:20:0e:ca:35:8c:88:0a:d5:92:c0:78:f4:
33:53:70:02:2d:e0:28:ef:8b:09:18:93:15:df:51:
4e:1d:cf:43:20:05:46:3a:f8:a7:84:09:47:a5:40:
c5:7c:21:08:ce:0a:b3:e6:be:25:f0:95:18:af:b2:
7a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:05:B3:F9:8E:21:CE:04:D4:EF:5F:D4:E7:EF:95:82:DD:3E:EA:4B
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/8AWz-Y4hzgTU71_U5--Vgt0-6ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
09:ce:44:6e:f5:83:98:37:01:4f:99:e8:24:9c:9e:2c:78:f6:
fc:25:64:dd:b9:04:a3:92:45:1c:13:2a:6b:77:1d:ef:0e:bd:
31:f6:f0:8c:32:12:15:57:30:95:19:3c:8d:2e:26:e3:78:c2:
4a:47:83:d2:6a:0f:03:df:f5:33:1f:fb:a2:74:66:1f:45:21:
6c:48:f0:3c:11:94:43:cf:64:5e:04:1b:db:18:85:0e:9d:a5:
24:0d:65:c0:91:6c:22:0a:cb:18:09:a4:68:3f:fe:65:3d:c2:
26:6b:d4:d3:10:75:a2:6c:78:bd:d5:9d:90:9d:5c:e6:de:f3:
d2:bc:00:96:f6:49:95:ef:75:93:84:4d:d3:2d:1b:33:00:39:
e7:15:84:a5:0c:1d:fb:08:87:a8:12:41:20:96:95:0b:4d:15:
09:bb:90:9e:48:0e:46:80:ef:08:e4:af:16:00:b9:8e:8f:2d:
e7:a5:8b:66:69:45:9b:51:f0:84:6d:f7:b7:1c:7d:06:4d:c7:
90:9c:eb:86:bf:55:1e:10:f0:4c:dc:26:d5:09:d0:c8:0e:1d:
38:fb:3f:78:27:1e:12:31:ea:76:0d:fe:52:f8:6a:3d:65:91:
6a:52:1e:69:c0:e4:d0:82:d6:a8:30:77:af:c0:87:56:5d:20:
bd:fa:71:f1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYeAqXQz8oY/EFcdcdhKHEV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNDE0MTY0NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDA1YjNmOThlMjFjZTA0ZDRlZjVmZDRlN2VmOTU4MmRkM2VlYTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJN2ng8y+Q92ibK2jTb8MqW/MHGo
Eyocf2Zcer5QvJeaFZTcxSsdTVrou4qub6IbxKGTX+sO4RqAujch76FEI8BwH1l/
MFGi2fHzrYHP7i5EbYFKVBv5vRWX40VWIYj2ozi1Psyq7NfiE1+bjzLobr5vsryo
trRvuDfRgM6BXvzfAOnwat40lKeHb3O4tTqq1NLqqXo/5WH6b/SfYNK5cE126aQc
JFffl8RDm23vgBQw2Xrw8HjxY6hHBgOEkmZnI7gcrSMgDso1jIgK1ZLAePQzU3AC
LeAo74sJGJMV31FOHc9DIAVGOvinhAlHpUDFfCEIzgqz5r4l8JUYr7J6MwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPAFs/mOIc4E1O9f1OfvlYLdPupLMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvOEFXei1ZNGh6Z1RVNzFfVTUtLVZndDAtNmtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQAJzkRu9YOYNwFPmegknJ4s
ePb8JWTduQSjkkUcEyprdx3vDr0x9vCMMhIVVzCVGTyNLibjeMJKR4PSag8D3/Uz
H/uidGYfRSFsSPA8EZRDz2ReBBvbGIUOnaUkDWXAkWwiCssYCaRoP/5lPcIma9TT
EHWibHi91Z2QnVzm3vPSvACW9kmV73WThE3TLRszADnnFYSlDB37CIeoEkEglpUL
TRUJu5CeSA5GgO8I5K8WALmOjy3npYtmaUWbUfCEbfe3HH0GTceQnOuGv1UeEPBM
3CbVCdDIDh04+z94Jx4SMep2Df5S+Go9ZZFqUh5pwOTQgtaoMHevwIdWXSC9+nHx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org