Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/CfG92GMD9yf90a8ReV-tFT4ttgA.roa
File: CfG92GMD9yf90a8ReV-tFT4ttgA.roa (raw, json)
Hash identifier: B9n/xRS/SJ9xHd7SiWeCdiwXQYmzBBq6/1YMn76h4Lc=
Subject key identifier: 09:F1:BD:D8:63:03:F7:27:FD:D1:AF:11:79:5F:AD:15:3E:2D:B6:00
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018CC93626836D60496F0B20410A60C77D71
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/CfG92GMD9yf90a8ReV-tFT4ttgA.roa
Signing time: Tue 02 Jan 2024 08:06:58 +0000
ROA not before: Tue 02 Jan 2024 08:06:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.202.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.209.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.224.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:36:26:83:6d:60:49:6f:0b:20:41:0a:60:c7:7d:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 2 08:06:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09f1bdd86303f727fdd1af11795fad153e2db600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:26:5e:7c:49:3f:63:d0:5c:7f:91:55:ca:9b:
43:b2:4e:78:7f:e8:93:e3:95:e6:aa:99:49:01:a1:
e3:61:89:7b:2a:2f:0f:47:98:c1:0b:f3:70:4b:e2:
55:5a:8b:4c:af:c0:81:63:2a:83:bc:0f:df:15:9f:
ce:c1:55:40:e9:ae:90:19:f2:44:0e:fd:b8:97:12:
c4:0e:fe:d2:6a:6f:40:40:d3:60:f8:50:d8:38:6b:
98:76:7d:0c:fb:78:f6:5d:59:8c:73:59:db:ab:ee:
be:48:25:2b:33:eb:cc:9a:c3:b1:23:28:3b:6b:84:
27:94:be:3b:55:a2:91:31:bb:48:a6:73:66:07:a6:
db:25:e7:ee:64:1d:6d:11:ed:6b:ac:5d:b1:23:81:
6c:12:63:df:27:5d:c6:7b:e5:94:0d:36:57:5f:34:
a0:8c:26:81:de:15:06:bc:67:c2:d4:79:59:ce:12:
ba:c8:eb:e4:ab:68:cc:f8:28:6d:00:28:2b:41:78:
4e:61:6c:db:49:4f:37:9c:ba:94:c1:c9:29:6b:3f:
c9:29:33:cb:5a:fe:32:08:fa:22:92:9d:cb:9f:ae:
a2:4a:13:f3:85:47:41:31:e5:1b:a7:b6:9b:04:ba:
85:9b:6a:09:c0:4f:72:8c:66:1d:a9:d9:3b:f6:0f:
88:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:F1:BD:D8:63:03:F7:27:FD:D1:AF:11:79:5F:AD:15:3E:2D:B6:00
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/CfG92GMD9yf90a8ReV-tFT4ttgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
47:a9:92:e6:b0:5f:01:92:bb:bc:38:2c:05:fc:83:11:3e:35:
32:d3:55:4b:8a:be:1e:a5:c5:82:61:f2:a7:d7:d7:35:fb:c9:
bc:9a:51:a4:39:b8:5b:e0:6b:eb:ba:23:54:b2:bb:95:a3:5c:
e1:dd:40:11:81:c6:52:6b:c5:36:54:4a:da:bd:03:5d:d1:5d:
96:b5:69:12:d8:f8:e6:b4:96:2c:70:09:9e:87:49:d8:22:7a:
93:c1:44:cd:f3:82:7d:b0:0e:b3:51:f5:42:8f:73:df:de:3a:
23:aa:c8:98:9b:d3:70:da:f8:3e:38:0c:65:41:47:7b:9b:1c:
81:48:d5:64:58:84:9e:53:8e:5a:fe:cb:86:82:f3:50:c0:63:
e5:9f:47:49:4d:8c:79:23:c3:7d:10:15:38:34:cf:43:bd:95:
c3:13:ab:e5:b5:0c:df:e5:d3:90:2f:bc:10:7b:38:97:67:d3:
5d:c4:6f:1d:9e:e6:46:d8:83:1a:42:39:b3:1c:3e:4d:88:eb:
5e:8f:fa:80:51:a3:75:b2:cb:e4:7c:65:32:42:cd:0b:97:7b:
eb:bd:62:83:8a:ac:79:3a:0b:45:ce:42:32:2f:a0:4b:73:a9:
af:4e:2a:0c:3d:17:1f:11:63:dd:a8:6e:fb:b7:cb:43:dd:50:
5c:40:6e:fe
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJNiaDbWBJbwsgQQpgx31xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMTAyMDgwNjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWYxYmRkODYzMDNmNzI3ZmRkMWFmMTE3OTVmYWQxNTNlMmRiNjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSZefEk/Y9Bcf5FVyptDsk54f+iT
45XmqplJAaHjYYl7Ki8PR5jBC/NwS+JVWotMr8CBYyqDvA/fFZ/OwVVA6a6QGfJE
Dv24lxLEDv7Sam9AQNNg+FDYOGuYdn0M+3j2XVmMc1nbq+6+SCUrM+vMmsOxIyg7
a4QnlL47VaKRMbtIpnNmB6bbJefuZB1tEe1rrF2xI4FsEmPfJ13Ge+WUDTZXXzSg
jCaB3hUGvGfC1HlZzhK6yOvkq2jM+ChtACgrQXhOYWzbSU83nLqUwckpaz/JKTPL
Wv4yCPoikp3Ln66iShPzhUdBMeUbp7abBLqFm2oJwE9yjGYdqdk79g+IfQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAnxvdhjA/cn/dGvEXlfrRU+LbYAMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvQ2ZHOTJHTUQ5eWY5MGE4UmVWLXRGVDR0dGdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQBHqZLmsF8Bkru8
OCwF/IMRPjUy01VLir4epcWCYfKn19c1+8m8mlGkObhb4GvruiNUsruVo1zh3UAR
gcZSa8U2VEravQNd0V2WtWkS2PjmtJYscAmeh0nYInqTwUTN84J9sA6zUfVCj3Pf
3jojqsiYm9Nw2vg+OAxlQUd7mxyBSNVkWISeU45a/suGgvNQwGPln0dJTYx5I8N9
EBU4NM9DvZXDE6vltQzf5dOQL7wQeziXZ9NdxG8dnuZG2IMaQjmzHD5NiOtej/qA
UaN1ssvkfGUyQs0Ll3vrvWKDiqx5OgtFzkIyL6BLc6mvTioMPRcfEWPdqG77t8tD
3VBcQG7+
-----END CERTIFICATE-----
Generated at Sat Jan 6 17:49:10 2024 by rpki-client on console-ams.rpki-client.org