Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/9uVaXO-Fc5PNSC1d21Xhv4kv_PA.roa
File: 9uVaXO-Fc5PNSC1d21Xhv4kv_PA.roa (raw, json)
Hash identifier: Px6+xFwx6pOJWAIlO5ah40jOrjk1puhtljBBjgLYmG0=
Subject key identifier: F6:E5:5A:5C:EF:85:73:93:CD:48:2D:5D:DB:55:E1:BF:89:2F:FC:F0
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0185727106949D86D71555CED199B5D80457
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/9uVaXO-Fc5PNSC1d21Xhv4kv_PA.roa
Signing time: Mon 02 Jan 2023 12:24:47 +0000
ROA not before: Mon 02 Jan 2023 12:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 85.133.215.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 21 Jan 2023 07:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:06:94:9d:86:d7:15:55:ce:d1:99:b5:d8:04:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 2 12:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6e55a5cef857393cd482d5ddb55e1bf892ffcf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:aa:53:8c:ed:7c:60:57:61:9f:c3:1a:89:4a:
f3:82:5d:ab:db:c7:e7:c1:c7:91:d1:24:d9:d4:46:
a6:d8:52:3f:0d:d9:82:d9:73:7f:05:7d:97:e7:89:
72:48:58:17:80:5a:70:77:91:de:1e:33:f4:1b:f8:
fb:c0:20:2f:63:bf:73:34:49:00:af:db:e8:3f:4c:
ec:67:b4:34:ad:b2:87:50:4a:bf:c0:dd:c4:09:7c:
4b:9e:76:2c:9f:77:32:d3:c7:78:aa:ec:c9:89:30:
52:ac:7c:71:00:10:bd:04:ca:06:63:ff:2e:14:75:
96:a4:39:9a:d0:94:d6:6c:7a:35:ea:51:ef:d2:8e:
81:1f:ee:e2:fd:03:13:37:df:39:92:31:1d:25:4a:
99:dd:5b:2b:23:4c:c7:4d:35:fc:8c:72:c4:dd:d1:
44:66:4b:03:03:c7:82:94:ed:49:11:85:16:84:8e:
f9:29:67:e8:e8:01:9f:e6:c6:66:dd:de:a6:9b:9f:
dd:2a:e2:0a:cf:4b:01:f9:74:f2:06:a8:eb:8f:91:
f5:3e:19:4c:2d:73:1a:68:7b:6f:7d:5b:e0:77:b3:
ea:14:38:42:25:68:fa:bf:d0:91:4f:a6:85:96:2c:
a3:b9:de:cc:34:ae:b7:73:2a:aa:81:98:a3:a9:7f:
09:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:E5:5A:5C:EF:85:73:93:CD:48:2D:5D:DB:55:E1:BF:89:2F:FC:F0
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/9uVaXO-Fc5PNSC1d21Xhv4kv_PA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.146.0/24
85.133.215.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:e8:6f:54:92:4b:dc:3d:13:5b:5d:d4:67:83:6e:be:7d:4c:
74:4a:98:23:38:86:09:a4:7e:cc:d8:5a:41:70:09:a4:73:f0:
f7:c6:cd:bb:ae:c7:0d:ec:f2:a5:8d:3a:90:b6:98:6f:f3:a8:
d8:3e:55:41:d5:10:b1:44:84:ee:04:2f:22:75:f9:9a:15:cc:
b2:59:b1:5a:c1:dd:2d:b2:43:57:19:c5:d7:22:37:50:69:b1:
0b:cd:b2:a5:de:cc:a8:df:fc:31:4c:b3:ee:3b:27:7d:1d:1a:
fa:07:e8:01:1f:14:85:2c:23:26:5d:c8:0c:ea:d3:58:b6:c3:
8e:d2:a5:3d:8e:82:7a:76:af:21:dc:6b:da:db:3e:cf:3f:eb:
3c:d7:1c:b0:4d:5b:5d:91:c4:61:c6:a3:7a:75:01:1a:42:c3:
88:87:94:a4:2e:92:87:99:c3:93:d2:d6:50:db:1a:43:69:31:
c7:30:f2:ee:37:ab:33:ad:5d:78:49:06:4e:85:62:f5:ba:19:
a4:62:13:20:d4:17:88:97:78:b3:b6:b1:0f:c1:5d:37:ee:f3:
c6:71:24:14:a9:8c:71:28:dc:73:f2:cd:d0:29:85:a1:28:44:
7e:05:65:da:64:8f:34:3d:72:f3:84:b1:04:8e:af:75:db:38:
26:93:aa:99
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVycQaUnYbXFVXO0Zm12ARXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwMTAyMTIyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmU1NWE1Y2VmODU3MzkzY2Q0ODJkNWRkYjU1ZTFiZjg5MmZmY2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKpTjO18YFdhn8MaiUrzgl2r28fn
wceR0STZ1Eam2FI/DdmC2XN/BX2X54lySFgXgFpwd5HeHjP0G/j7wCAvY79zNEkA
r9voP0zsZ7Q0rbKHUEq/wN3ECXxLnnYsn3cy08d4quzJiTBSrHxxABC9BMoGY/8u
FHWWpDma0JTWbHo16lHv0o6BH+7i/QMTN985kjEdJUqZ3VsrI0zHTTX8jHLE3dFE
ZksDA8eClO1JEYUWhI75KWfo6AGf5sZm3d6mm5/dKuIKz0sB+XTyBqjrj5H1PhlM
LXMaaHtvfVvgd7PqFDhCJWj6v9CRT6aFliyjud7MNK63cyqqgZijqX8JLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPblWlzvhXOTzUgtXdtV4b+JL/zwMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvOXVWYVhPLUZjNVBOU0MxZDIxWGh2NGt2X1BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVYWSAwQA
VYXXMA0GCSqGSIb3DQEBCwUAA4IBAQB66G9UkkvcPRNbXdRng26+fUx0SpgjOIYJ
pH7M2FpBcAmkc/D3xs27rscN7PKljTqQtphv86jYPlVB1RCxRITuBC8idfmaFcyy
WbFawd0tskNXGcXXIjdQabELzbKl3syo3/wxTLPuOyd9HRr6B+gBHxSFLCMmXcgM
6tNYtsOO0qU9joJ6dq8h3Gva2z7PP+s81xywTVtdkcRhxqN6dQEaQsOIh5SkLpKH
mcOT0tZQ2xpDaTHHMPLuN6szrV14SQZOhWL1uhmkYhMg1BeIl3iztrEPwV037vPG
cSQUqYxxKNxz8s3QKYWhKER+BWXaZI80PXLzhLEEjq912zgmk6qZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:12 2024 by rpki-client on console-fra.rpki-client.org