Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/A9--tfUjDzppKgYyaZ879Ryjctc.roa
File: A9--tfUjDzppKgYyaZ879Ryjctc.roa (raw, json)
Hash identifier: yrCIsyHNimRQvgKZCd5e4HGFScWGhhUxvUnRpCfMQes=
Subject key identifier: 03:DF:BE:B5:F5:23:0F:3A:69:2A:06:32:69:9F:3B:F5:1C:A3:72:D7
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0189DB138D51990B1BB4570A704DFEEBEB14
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/A9--tfUjDzppKgYyaZ879Ryjctc.roa
Signing time: Wed 09 Aug 2023 16:13:58 +0000
ROA not before: Wed 09 Aug 2023 16:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198154
IP address blocks: 85.133.218.0/24 maxlen: 24
85.133.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 13 Aug 2023 08:24:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:db:13:8d:51:99:0b:1b:b4:57:0a:70:4d:fe:eb:eb:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Aug 9 16:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03dfbeb5f5230f3a692a0632699f3bf51ca372d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:2f:69:68:ff:ea:b4:4d:4f:45:5f:c7:6f:a3:
23:6d:96:4d:d9:99:17:3f:d9:77:44:04:25:ba:59:
e5:42:43:c5:93:83:6b:fc:b8:2f:0d:ce:a6:f3:12:
10:3e:65:cb:74:4c:e3:d9:bf:d8:05:5e:4c:0d:0f:
df:a1:f4:fb:f6:08:3a:5b:28:a9:d2:53:13:29:df:
37:d6:e2:6b:fa:b5:47:07:76:5b:56:73:7b:3d:da:
ca:a6:28:d4:68:d7:9f:1a:5f:08:d3:d0:48:62:f1:
1b:dd:36:ca:06:2a:25:83:29:52:11:c4:dd:41:4e:
3d:f1:28:2c:5e:64:19:2f:b9:84:0f:48:0a:d3:c9:
77:1a:d0:ef:36:84:b6:da:ab:7d:ef:4a:d1:a2:8f:
c5:38:54:d5:5b:78:6f:90:1e:06:16:69:86:23:34:
79:a8:1a:3f:2d:1f:0c:e7:b4:a9:08:63:45:6f:24:
b0:e1:7a:7a:10:61:d2:03:6c:e7:d6:c4:a1:73:ac:
92:b8:41:88:5d:02:8b:f2:49:b8:a4:79:58:9f:14:
ef:ad:bf:3b:86:a5:c3:ae:93:35:d1:19:c4:b1:34:
18:1c:5e:2e:84:75:f3:1a:57:bc:97:c3:0c:bb:f6:
69:4c:f3:de:1a:40:40:5e:1a:25:00:32:54:1c:26:
b2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:DF:BE:B5:F5:23:0F:3A:69:2A:06:32:69:9F:3B:F5:1C:A3:72:D7
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/A9--tfUjDzppKgYyaZ879Ryjctc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.218.0/24
85.133.242.0/24
Signature Algorithm: sha256WithRSAEncryption
71:b0:09:cc:0a:b4:e3:fb:67:19:47:f6:41:ca:67:43:25:08:
db:6b:98:38:07:18:0f:82:b7:80:f9:4e:af:43:88:4c:8b:96:
cd:81:92:6b:2c:6e:49:5a:9b:58:c0:03:5e:69:de:f6:90:d7:
f4:dd:15:76:33:32:bf:20:5f:74:24:4c:8b:34:d8:47:75:ca:
4a:e7:d3:36:38:9c:bf:fa:e6:43:41:d4:1d:94:8c:f0:1e:ce:
38:a5:a3:ff:0b:79:3a:cc:ea:df:60:56:93:c1:b0:40:f2:5c:
f2:84:f3:70:9e:8e:58:45:b6:03:73:61:92:ce:57:20:36:c1:
cf:28:d4:57:de:98:ed:db:59:b9:e8:78:57:a4:0a:27:66:11:
28:7d:04:ae:38:72:cf:44:e2:8a:ff:5c:30:da:95:8c:c1:43:
ff:8f:3a:45:04:8e:a6:02:68:77:01:57:05:53:72:f3:a1:e2:
85:bb:7c:40:a3:f8:13:14:db:34:e3:42:94:ea:9e:ae:c2:9c:
04:fb:d8:cb:cc:99:b8:4d:5f:4c:87:1e:dd:52:d9:dd:7c:04:
a4:e1:ae:7e:a8:0b:05:a1:97:5b:28:d2:b3:c1:ab:cf:69:5e:
33:70:53:2e:85:5a:65:37:c1:c3:47:80:96:0e:e5:26:72:5e:
fe:06:ad:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnbE41RmQsbtFcKcE3+6+sUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwODA5MTYxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2RmYmViNWY1MjMwZjNhNjkyYTA2MzI2OTlmM2JmNTFjYTM3MmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgi9paP/qtE1PRV/Hb6MjbZZN2ZkX
P9l3RAQlulnlQkPFk4Nr/LgvDc6m8xIQPmXLdEzj2b/YBV5MDQ/fofT79gg6Wyip
0lMTKd831uJr+rVHB3ZbVnN7PdrKpijUaNefGl8I09BIYvEb3TbKBiolgylSEcTd
QU498SgsXmQZL7mED0gK08l3GtDvNoS22qt970rRoo/FOFTVW3hvkB4GFmmGIzR5
qBo/LR8M57SpCGNFbySw4Xp6EGHSA2zn1sShc6ySuEGIXQKL8km4pHlYnxTvrb87
hqXDrpM10RnEsTQYHF4uhHXzGle8l8MMu/ZpTPPeGkBAXholADJUHCayvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAPfvrX1Iw86aSoGMmmfO/Uco3LXMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvQTktLXRmVWpEenBwS2dZeWFaODc5UnlqY3RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVYXaAwQA
VYXyMA0GCSqGSIb3DQEBCwUAA4IBAQBxsAnMCrTj+2cZR/ZBymdDJQjba5g4BxgP
greA+U6vQ4hMi5bNgZJrLG5JWptYwANead72kNf03RV2MzK/IF90JEyLNNhHdcpK
59M2OJy/+uZDQdQdlIzwHs44paP/C3k6zOrfYFaTwbBA8lzyhPNwno5YRbYDc2GS
zlcgNsHPKNRX3pjt21m56HhXpAonZhEofQSuOHLPROKK/1ww2pWMwUP/jzpFBI6m
Amh3AVcFU3LzoeKFu3xAo/gTFNs040KU6p6uwpwE+9jLzJm4TV9Mhx7dUtndfASk
4a5+qAsFoZdbKNKzwavPaV4zcFMuhVplN8HDR4CWDuUmcl7+Bq0p
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:12 2024 by rpki-client on console-fra.rpki-client.org