Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/BTtdhzMDftoMWp6WNruGw3tghG8.roa
File: BTtdhzMDftoMWp6WNruGw3tghG8.roa (raw, json)
Hash identifier: 45Sa5wsPwvT7Qsuow3ynld301KAYhSKUrZzdq94Sc4Q=
Subject key identifier: 05:3B:5D:87:33:03:7E:DA:0C:5A:9E:96:36:BB:86:C3:7B:60:84:6F
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018C00BA0B164A91255121351AB5F2C895A5
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/BTtdhzMDftoMWp6WNruGw3tghG8.roa
Signing time: Fri 24 Nov 2023 09:47:21 +0000
ROA not before: Fri 24 Nov 2023 09:47:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201194
IP address blocks: 85.133.199.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Dec 2023 14:35:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:00:ba:0b:16:4a:91:25:51:21:35:1a:b5:f2:c8:95:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Nov 24 09:47:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=053b5d8733037eda0c5a9e9636bb86c37b60846f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9b:c9:8a:90:31:99:69:67:f1:79:84:8f:4d:
9e:74:0c:ae:7d:de:fc:a7:e3:47:28:7a:fb:d5:2b:
a4:fd:a2:15:7e:76:a6:77:c0:55:29:10:b8:10:93:
19:2d:57:9b:a8:2a:79:fa:30:44:f3:71:ae:2e:b5:
d2:eb:02:ce:41:27:e2:22:c9:29:34:5c:6c:1d:79:
19:30:52:16:cf:c0:a9:f1:58:ee:e9:5b:ba:b6:26:
81:76:66:43:0d:2a:f4:4f:4e:33:b5:1a:6c:18:da:
5d:6d:1a:87:12:0b:40:c1:a1:13:07:80:c6:f2:04:
e5:08:93:d1:92:e9:45:d7:5a:90:f6:35:ff:33:70:
92:65:f4:03:53:8d:ff:66:74:e2:62:25:ed:82:92:
9b:13:e1:40:78:b2:52:01:b3:7c:2c:fe:83:32:49:
72:7e:ac:72:fe:c4:8e:64:cb:09:4c:01:c2:65:1b:
ae:29:9a:b0:cc:54:45:71:e0:62:e3:67:6f:15:54:
45:39:4d:08:c7:d2:91:4e:54:e6:8f:a9:d5:30:3f:
d1:a4:87:70:90:b3:c0:ce:5e:50:19:2e:da:38:0f:
c5:1b:99:72:c4:18:6e:f5:91:51:55:65:ee:b0:b4:
cd:9f:01:c0:8a:ae:f8:75:b8:fe:3e:9c:86:15:1a:
31:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:3B:5D:87:33:03:7E:DA:0C:5A:9E:96:36:BB:86:C3:7B:60:84:6F
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/BTtdhzMDftoMWp6WNruGw3tghG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.199.0/24
85.133.203.0-85.133.205.255
85.133.250.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:72:04:6a:2c:4d:7a:e1:53:6d:25:8a:9c:35:5c:58:e2:0d:
4c:44:6b:1c:27:c5:99:0e:dc:7c:fe:37:7a:f2:86:ce:f0:e0:
5d:7b:41:08:52:6c:cf:a3:ea:47:df:eb:f3:55:4a:ec:4d:fa:
92:8c:b9:4f:6f:d9:96:17:0f:12:26:bc:14:dc:2e:65:4d:05:
c3:1e:73:5c:d3:ed:17:fd:86:1a:05:e7:0b:eb:b3:53:d7:d6:
f1:78:ab:de:f8:c1:a9:2a:cb:17:04:e2:4e:f8:ce:84:fc:31:
ca:c6:ff:4a:7f:20:88:5b:d4:96:d8:80:b4:8f:9f:0c:5b:a1:
72:43:24:5e:8a:78:61:df:7c:f1:5b:00:4c:2c:42:42:a9:36:
9e:13:df:c4:ae:e0:c6:5b:b7:23:ab:0d:4a:74:30:67:bf:37:
b8:e5:74:84:8f:5e:f8:b4:a9:59:8b:17:c8:3c:45:ac:25:29:
78:c4:f9:45:31:96:64:9a:37:09:16:df:20:13:22:f3:23:77:
38:d0:86:26:93:aa:eb:30:00:a4:d4:31:19:f9:52:97:f4:d1:
78:b2:12:91:25:ee:52:95:d3:e2:c4:f1:b9:68:a6:38:04:2c:
a9:f2:46:3f:87:c9:eb:20:0e:19:34:46:3b:7b:f3:e9:dd:1f:
7d:1f:f6:ab
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYwAugsWSpElUSE1GrXyyJWlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMxMTI0MDk0NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTNiNWQ4NzMzMDM3ZWRhMGM1YTllOTYzNmJiODZjMzdiNjA4NDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpvJipAxmWln8XmEj02edAyufd78
p+NHKHr71Suk/aIVfnamd8BVKRC4EJMZLVebqCp5+jBE83GuLrXS6wLOQSfiIskp
NFxsHXkZMFIWz8Cp8Vju6Vu6tiaBdmZDDSr0T04ztRpsGNpdbRqHEgtAwaETB4DG
8gTlCJPRkulF11qQ9jX/M3CSZfQDU43/ZnTiYiXtgpKbE+FAeLJSAbN8LP6DMkly
fqxy/sSOZMsJTAHCZRuuKZqwzFRFceBi42dvFVRFOU0Ix9KRTlTmj6nVMD/RpIdw
kLPAzl5QGS7aOA/FG5lyxBhu9ZFRVWXusLTNnwHAiq74dbj+PpyGFRox4QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAU7XYczA37aDFqelja7hsN7YIRvMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvQlR0ZGh6TURmdG9NV3A2V05ydUd3M3RnaEc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAVYXHMAwD
BABVhcsDBAFVhcwDBABVhfowDQYJKoZIhvcNAQELBQADggEBAF1yBGosTXrhU20l
ipw1XFjiDUxEaxwnxZkO3Hz+N3ryhs7w4F17QQhSbM+j6kff6/NVSuxN+pKMuU9v
2ZYXDxImvBTcLmVNBcMec1zT7Rf9hhoF5wvrs1PX1vF4q974wakqyxcE4k74zoT8
McrG/0p/IIhb1JbYgLSPnwxboXJDJF6KeGHffPFbAEwsQkKpNp4T38Su4MZbtyOr
DUp0MGe/N7jldISPXvi0qVmLF8g8RawlKXjE+UUxlmSaNwkW3yATIvMjdzjQhiaT
quswAKTUMRn5Upf00XiyEpEl7lKV0+LE8blopjgELKnyRj+HyesgDhk0Rjt78+nd
H30f9qs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:12 2024 by rpki-client on console-fra.rpki-client.org