Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/AL5k6ng0bfowZrKDx2JeUr68Uk0.roa
File: AL5k6ng0bfowZrKDx2JeUr68Uk0.roa (raw, json)
Hash identifier: QhpDUS+ZYHQD2dq0A64Xo6kGPQEOyJWZUHjGtfKDJbM=
Subject key identifier: 00:BE:64:EA:78:34:6D:FA:30:66:B2:83:C7:62:5E:52:BE:BC:52:4D
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0190E376FF06E7AA312DDACE2B2B0ABBC32E
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/AL5k6ng0bfowZrKDx2JeUr68Uk0.roa
Signing time: Wed 24 Jul 2024 06:39:04 +0000
ROA not before: Wed 24 Jul 2024 06:39:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204104
IP address blocks: 85.133.151.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Oct 2024 11:21:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e3:76:ff:06:e7:aa:31:2d:da:ce:2b:2b:0a:bb:c3:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jul 24 06:39:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00be64ea78346dfa3066b283c7625e52bebc524d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b0:df:65:fa:d5:95:71:2f:a6:31:50:47:08:
1a:0b:75:d9:a4:b4:c0:b3:62:2f:5d:df:9f:92:d5:
66:1d:d1:e2:19:3f:72:03:65:d3:97:dd:e6:f4:3d:
b5:bb:ad:be:79:f6:02:72:ac:bf:c0:8e:b5:31:bd:
4f:f6:c5:f5:ba:c7:9d:a9:9e:df:e9:35:99:75:2d:
32:d1:7e:38:6b:8b:6a:7d:1f:c1:3b:58:56:dc:9f:
4d:81:03:02:19:a9:d1:54:85:fb:e1:c1:ab:e8:63:
be:20:1c:80:cb:0f:ae:48:cc:aa:b2:c2:3d:a0:9d:
18:cf:b1:b1:0c:f4:4d:bb:2e:dc:5c:8b:29:c9:7e:
4e:1c:1e:7c:5a:5e:d8:ba:97:12:92:c5:ce:05:0b:
6e:e5:c6:c9:37:8e:51:43:dc:c1:10:01:05:41:ed:
04:7b:5c:a5:e2:59:4c:9c:66:f0:a2:eb:a4:e8:ad:
9f:b1:ef:0b:98:b3:e7:e0:ca:d2:62:72:f2:a0:b3:
a0:a2:41:64:79:22:05:e6:27:cf:4e:e5:de:a0:f8:
05:73:21:5b:dd:21:d2:cd:50:9f:79:30:60:b1:c6:
b6:8f:96:e2:76:be:ef:72:ee:00:a5:99:97:ab:a0:
4f:b2:bd:e5:2c:32:ca:1b:ec:fc:a0:f0:78:48:b9:
0f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:BE:64:EA:78:34:6D:FA:30:66:B2:83:C7:62:5E:52:BE:BC:52:4D
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/AL5k6ng0bfowZrKDx2JeUr68Uk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.151.0/24
85.133.166.0/24
85.133.194.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:0d:bf:d7:d2:84:e6:0c:08:00:23:58:c6:2a:28:86:f4:c7:
a2:e2:bd:b7:74:2b:a0:91:b1:63:28:cd:33:52:f4:26:a9:f6:
da:eb:87:68:d0:3e:48:8f:0d:17:c3:a1:9f:88:95:58:82:0b:
71:0e:4e:af:b2:46:68:57:6e:f4:99:08:ab:71:3e:99:bd:c8:
be:6e:9a:e5:0a:72:93:73:62:44:69:01:17:e1:63:07:92:e8:
7d:76:27:70:ff:d3:fb:a5:56:c3:39:47:ca:b4:69:61:67:1d:
0e:46:89:18:a5:ae:81:32:4f:ab:44:46:a7:85:2a:4a:bc:f4:
76:b8:f6:63:93:b2:c6:4b:52:93:fe:9b:b2:08:e5:d6:e1:ce:
13:fc:ce:3a:a8:aa:13:b8:6e:2d:dc:87:a7:47:dd:e7:be:0d:
31:04:c7:ac:4f:f5:01:66:75:af:27:5b:da:76:ff:45:cf:cd:
9b:b4:29:d2:a7:11:ed:58:10:e3:85:f0:fe:d8:8e:9b:26:42:
f9:cf:6e:c6:2f:57:2c:6f:3a:bf:08:d1:71:88:19:d6:51:4d:
42:20:1a:95:91:36:05:ad:f6:2a:7a:2f:3d:b4:89:b9:33:47:
ea:e9:f7:1d:b1:ee:8c:5e:e9:15:ba:de:0e:2f:c6:dc:2c:f5:
e8:18:c1:64
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZDjdv8G56oxLdrOKysKu8MuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwNzI0MDYzOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGJlNjRlYTc4MzQ2ZGZhMzA2NmIyODNjNzYyNWU1MmJlYmM1MjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrDfZfrVlXEvpjFQRwgaC3XZpLTA
s2IvXd+fktVmHdHiGT9yA2XTl93m9D21u62+efYCcqy/wI61Mb1P9sX1usedqZ7f
6TWZdS0y0X44a4tqfR/BO1hW3J9NgQMCGanRVIX74cGr6GO+IByAyw+uSMyqssI9
oJ0Yz7GxDPRNuy7cXIspyX5OHB58Wl7YupcSksXOBQtu5cbJN45RQ9zBEAEFQe0E
e1yl4llMnGbwouuk6K2fse8LmLPn4MrSYnLyoLOgokFkeSIF5ifPTuXeoPgFcyFb
3SHSzVCfeTBgsca2j5bidr7vcu4ApZmXq6BPsr3lLDLKG+z8oPB4SLkPMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAC+ZOp4NG36MGayg8diXlK+vFJNMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvQUw1azZuZzBiZm93WnJLRHgySmVVcjY4VWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVYWXAwQA
VYWmAwQAVYXCMA0GCSqGSIb3DQEBCwUAA4IBAQCqDb/X0oTmDAgAI1jGKiiG9Mei
4r23dCugkbFjKM0zUvQmqfba64do0D5Ijw0Xw6GfiJVYggtxDk6vskZoV270mQir
cT6Zvci+bprlCnKTc2JEaQEX4WMHkuh9didw/9P7pVbDOUfKtGlhZx0ORokYpa6B
Mk+rREanhSpKvPR2uPZjk7LGS1KT/puyCOXW4c4T/M46qKoTuG4t3IenR93nvg0x
BMesT/UBZnWvJ1vadv9Fz82btCnSpxHtWBDjhfD+2I6bJkL5z27GL1csbzq/CNFx
iBnWUU1CIBqVkTYFrfYqei89tIm5M0fq6fcdse6MXukVut4OL8bcLPXoGMFk
-----END CERTIFICATE-----
Generated at Sun Oct 20 13:06:23 2024 by rpki-client on console-fra.rpki-client.org