Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/8HOQpRLvd3IK_BN-ZFmzQW79C58.roa
File: 8HOQpRLvd3IK_BN-ZFmzQW79C58.roa (raw, json)
Hash identifier: TNNG1S32GEovVTAVUqwBny3IGTdR+5TJydcjjS0OXQ8=
Subject key identifier: F0:73:90:A5:12:EF:77:72:0A:FC:13:7E:64:59:B3:41:6E:FD:0B:9F
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018B9007DC281FA9D3EC9D31074A6D752F9E
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/8HOQpRLvd3IK_BN-ZFmzQW79C58.roa
Signing time: Thu 02 Nov 2023 12:35:16 +0000
ROA not before: Thu 02 Nov 2023 12:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 85.133.179.0/24 maxlen: 24
85.133.203.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:90:07:dc:28:1f:a9:d3:ec:9d:31:07:4a:6d:75:2f:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Nov 2 12:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f07390a512ef77720afc137e6459b3416efd0b9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a7:ec:f9:93:2d:ff:da:51:e1:88:3f:35:11:
4d:0a:af:be:e2:b8:de:11:10:24:22:73:d0:f9:f1:
df:5d:10:b6:f1:aa:d8:d5:cb:65:95:e2:e8:79:8f:
4f:c7:92:84:3f:fd:79:53:30:da:75:ba:0c:6b:a0:
8a:65:b3:96:e6:3c:96:da:a6:56:d8:62:8c:a2:15:
87:a4:c2:cb:45:31:5d:62:4e:c9:e3:21:6a:93:8f:
c7:b9:ca:a6:a9:22:46:06:63:5c:f2:68:c7:3c:7f:
f1:8c:98:07:01:9d:aa:49:00:f6:51:a4:23:49:c4:
80:a0:43:6c:82:ad:0b:d1:c8:1f:fd:b2:24:3b:8b:
7f:cc:3c:63:ce:7b:bb:bb:e3:1a:65:7c:64:05:b8:
18:fe:c6:cf:2c:42:ac:b2:9b:11:53:11:89:b7:eb:
19:d6:b9:2b:1c:5b:22:eb:bb:f9:5a:4f:e0:05:00:
6f:14:3c:f1:84:70:1b:b7:fc:d5:ce:7f:d9:6a:f4:
94:55:12:2f:6c:75:1f:0f:02:b3:b6:73:0d:4b:b3:
6f:ca:7f:e8:ce:1d:bb:f2:c1:68:1c:a9:4d:1d:ca:
58:ac:ae:83:91:fe:6f:bf:19:54:c7:6c:5d:4a:f5:
93:23:0a:8e:b4:d4:66:49:0b:8c:d3:36:5c:8a:04:
f0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:73:90:A5:12:EF:77:72:0A:FC:13:7E:64:59:B3:41:6E:FD:0B:9F
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/8HOQpRLvd3IK_BN-ZFmzQW79C58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.146.0/24
85.133.156.0/24
85.133.162.0/23
85.133.179.0/24
85.133.200.0/23
85.133.203.0-85.133.204.255
85.133.208.0/24
85.133.215.0/24
Signature Algorithm: sha256WithRSAEncryption
19:f9:f5:a8:7a:31:4d:27:b0:a6:21:b3:54:c4:89:36:19:10:
e9:a1:e3:55:9c:32:c4:06:72:9e:d0:fb:20:a1:27:56:e8:e7:
34:d2:42:65:af:27:16:cc:e3:b4:7d:52:1e:99:a6:39:98:46:
1f:f4:40:f4:00:f4:81:10:e7:b2:4d:92:7d:a8:a6:65:b6:88:
60:32:5a:45:56:6f:bb:d7:17:c3:4e:ca:32:0d:b2:d9:5e:65:
7b:43:94:90:2d:e3:b9:45:b6:02:e2:52:ef:db:9b:9a:6e:82:
b4:48:40:75:cd:d3:bf:33:94:2c:9d:59:f3:fe:9b:19:96:5f:
f3:b3:45:91:0b:42:33:97:86:4e:d8:08:f8:ce:47:a1:a6:88:
48:64:46:96:a9:c8:1f:b0:57:62:5b:f6:4a:a7:9a:fa:da:ac:
f6:ad:1b:50:8e:b2:37:58:03:59:46:a9:91:d2:2f:d1:e8:10:
de:37:df:15:a0:a0:da:8f:ba:dc:d6:ac:6a:24:6f:30:e0:d3:
d4:e4:c7:f3:22:8b:71:13:2e:45:49:35:f6:4c:12:e4:6d:80:
25:86:65:b6:88:71:5e:ae:da:3f:be:e4:82:69:f7:a7:97:0e:
25:33:4e:a5:7d:18:d8:af:73:40:26:7e:c2:06:16:ec:1d:df:
ef:ad:99:66
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYuQB9woH6nT7J0xB0ptdS+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMxMTAyMTIzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDczOTBhNTEyZWY3NzcyMGFmYzEzN2U2NDU5YjM0MTZlZmQwYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlafs+ZMt/9pR4Yg/NRFNCq++4rje
ERAkInPQ+fHfXRC28arY1ctlleLoeY9Px5KEP/15UzDadboMa6CKZbOW5jyW2qZW
2GKMohWHpMLLRTFdYk7J4yFqk4/HucqmqSJGBmNc8mjHPH/xjJgHAZ2qSQD2UaQj
ScSAoENsgq0L0cgf/bIkO4t/zDxjznu7u+MaZXxkBbgY/sbPLEKsspsRUxGJt+sZ
1rkrHFsi67v5Wk/gBQBvFDzxhHAbt/zVzn/ZavSUVRIvbHUfDwKztnMNS7Nvyn/o
zh278sFoHKlNHcpYrK6Dkf5vvxlUx2xdSvWTIwqOtNRmSQuM0zZcigTwDQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFPBzkKUS73dyCvwTfmRZs0Fu/QufMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvOEhPUXBSTHZkM0lLX0JOLVpGbXpRVzc5QzU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAVYWSAwQA
VYWcAwQBVYWiAwQAVYWzAwQBVYXIMAwDBABVhcsDBABVhcwDBABVhdADBABVhdcw
DQYJKoZIhvcNAQELBQADggEBABn59ah6MU0nsKYhs1TEiTYZEOmh41WcMsQGcp7Q
+yChJ1bo5zTSQmWvJxbM47R9Uh6ZpjmYRh/0QPQA9IEQ57JNkn2opmW2iGAyWkVW
b7vXF8NOyjINstleZXtDlJAt47lFtgLiUu/bm5pugrRIQHXN078zlCydWfP+mxmW
X/OzRZELQjOXhk7YCPjOR6GmiEhkRpapyB+wV2Jb9kqnmvrarPatG1COsjdYA1lG
qZHSL9HoEN433xWgoNqPutzWrGokbzDg09Tkx/Mii3ETLkVJNfZMEuRtgCWGZbaI
cV6u2j++5IJp96eXDiUzTqV9GNivc0AmfsIGFuwd3++tmWY=
-----END CERTIFICATE-----
Generated at Sat Nov 4 09:10:05 2023 by rpki-client on console-fra.rpki-client.org