Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/CXewqk7t8HM5Efc4kXdiu5bRljo.roa
File: CXewqk7t8HM5Efc4kXdiu5bRljo.roa (raw, json)
Hash identifier: 3M3ZD0k75LOkyXQpRSPuMiOgz7GNykz7nuj9/GexS1k=
Subject key identifier: 09:77:B0:AA:4E:ED:F0:73:39:11:F7:38:91:77:62:BB:96:D1:96:3A
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018779A52F2EB136D39B13D68CCF740065AF
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/CXewqk7t8HM5Efc4kXdiu5bRljo.roa
Signing time: Thu 13 Apr 2023 08:04:41 +0000
ROA not before: Thu 13 Apr 2023 08:04:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.228.0/22 maxlen: 22
85.133.228.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.236.0/22 maxlen: 22
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/22 maxlen: 22
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.194.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.208.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.209.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.226.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.132.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.136.0/22 maxlen: 22
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.156.0/22 maxlen: 22
85.133.154.0/24 maxlen: 24
85.133.160.0/22 maxlen: 22
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/22 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 13 Apr 2023 08:19:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:79:a5:2f:2e:b1:36:d3:9b:13:d6:8c:cf:74:00:65:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Apr 13 08:04:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0977b0aa4eedf0733911f738917762bb96d1963a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:97:dc:99:1e:9e:d3:23:cd:6a:6f:43:f9:c1:
e3:6b:e2:bc:45:7e:4e:7b:9f:fe:d3:52:90:95:98:
c1:1e:3a:c3:12:4e:59:06:73:df:2c:a4:69:ae:68:
8e:72:f4:b0:cd:ab:e9:16:ef:07:73:3f:a0:51:c2:
51:ea:fa:07:a8:ec:d7:fd:99:7e:9d:7c:67:9b:46:
53:49:a9:52:c7:12:7c:8c:9c:a0:d9:ea:bc:c5:66:
e7:2b:54:78:6d:67:81:62:64:4a:1f:7b:ec:02:72:
96:39:29:fc:b7:97:39:64:d8:bc:be:68:98:5c:ab:
d2:8b:e5:f2:c1:22:6a:7c:e1:82:0a:ab:d2:49:7c:
0a:5b:94:71:17:73:5a:2a:f9:4c:e2:1e:dc:14:10:
66:21:0e:95:23:4a:5e:3a:9e:c7:4f:31:d0:b6:75:
43:23:fa:8f:2d:63:74:50:e2:43:28:36:e8:87:19:
23:1f:33:93:1b:3f:2f:ca:f0:0f:f3:f7:cd:6c:de:
79:52:9e:50:14:3b:92:94:a8:6d:32:a4:8f:da:e6:
e4:18:e2:6e:46:ff:95:65:3a:e7:d9:00:b9:a8:4b:
4c:78:11:9c:83:a0:46:8d:fe:bf:0c:41:86:e0:97:
8b:8a:e8:5b:87:b8:02:3f:88:71:a3:26:e2:0c:97:
09:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:77:B0:AA:4E:ED:F0:73:39:11:F7:38:91:77:62:BB:96:D1:96:3A
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/CXewqk7t8HM5Efc4kXdiu5bRljo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
9e:b9:99:6f:f3:e3:3c:77:47:66:02:79:8b:5f:51:44:13:34:
c5:e7:5c:f8:c0:55:45:cd:82:4a:06:8a:4d:26:4e:b8:e8:aa:
49:60:62:ce:f8:29:48:67:8a:ae:f3:6d:bf:aa:2d:cf:9f:6e:
eb:7e:21:b0:55:1f:ca:72:29:f4:64:2d:3d:8b:d0:08:64:72:
dd:d1:4c:26:a2:d1:2d:10:04:99:bd:36:4d:c5:9c:cc:c2:3b:
6c:f3:b6:bd:65:ba:0e:23:3c:36:ae:1c:f3:40:10:a0:fe:70:
5c:f6:c2:77:a7:0a:1c:d2:71:03:6b:07:92:ca:d3:70:01:c6:
c3:59:91:ad:ad:d4:f1:5b:da:0c:ac:4a:af:98:3f:3c:18:17:
3b:4f:20:23:f8:10:25:53:ee:33:2f:f4:0d:8a:9c:e7:24:73:
4d:ef:c6:c3:c3:10:32:10:0b:d8:2a:07:42:1c:33:69:1b:51:
c9:0b:15:bf:60:f3:de:60:f0:29:7d:24:8e:54:ab:19:2e:94:
16:4b:6d:78:9a:4b:98:1c:bf:c4:9b:3e:78:47:04:9f:ad:82:
ac:b5:ac:d6:28:53:a1:65:55:c1:f8:ca:7a:8a:45:58:46:70:
01:40:e0:96:c6:e6:ab:7a:1f:61:f2:86:85:19:69:c1:7d:c1:
bb:89:90:84
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYd5pS8usTbTmxPWjM90AGWvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNDEzMDgwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTc3YjBhYTRlZWRmMDczMzkxMWY3Mzg5MTc3NjJiYjk2ZDE5NjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pfcmR6e0yPNam9D+cHja+K8RX5O
e5/+01KQlZjBHjrDEk5ZBnPfLKRprmiOcvSwzavpFu8Hcz+gUcJR6voHqOzX/Zl+
nXxnm0ZTSalSxxJ8jJyg2eq8xWbnK1R4bWeBYmRKH3vsAnKWOSn8t5c5ZNi8vmiY
XKvSi+XywSJqfOGCCqvSSXwKW5RxF3NaKvlM4h7cFBBmIQ6VI0peOp7HTzHQtnVD
I/qPLWN0UOJDKDbohxkjHzOTGz8vyvAP8/fNbN55Up5QFDuSlKhtMqSP2ubkGOJu
Rv+VZTrn2QC5qEtMeBGcg6BGjf6/DEGG4JeLiuhbh7gCP4hxoybiDJcJUwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAl3sKpO7fBzORH3OJF3YruW0ZY6MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvQ1hld3FrN3Q4SE01RWZjNGtYZGl1NWJSbGpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQCeuZlv8+M8d0dmAnmLX1FE
EzTF51z4wFVFzYJKBopNJk646KpJYGLO+ClIZ4qu822/qi3Pn27rfiGwVR/Kcin0
ZC09i9AIZHLd0UwmotEtEASZvTZNxZzMwjts87a9ZboOIzw2rhzzQBCg/nBc9sJ3
pwoc0nEDaweSytNwAcbDWZGtrdTxW9oMrEqvmD88GBc7TyAj+BAlU+4zL/QNipzn
JHNN78bDwxAyEAvYKgdCHDNpG1HJCxW/YPPeYPApfSSOVKsZLpQWS214mkuYHL/E
mz54RwSfrYKstazWKFOhZVXB+Mp6ikVYRnABQOCWxuareh9h8oaFGWnBfcG7iZCE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:12 2024 by rpki-client on console-fra.rpki-client.org