Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/D97x8iIyiRncsj_NH0YBy-o8BP0.roa
File: D97x8iIyiRncsj_NH0YBy-o8BP0.roa (raw, json)
Hash identifier: XSr3Fbn5cigt5uqiO+8vAdSTSzU1k+nlM+9QCyiMKpw=
Subject key identifier: 0F:DE:F1:F2:22:32:89:19:DC:B2:3F:CD:1F:46:01:CB:EA:3C:04:FD
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018F8C7C4238E2913976B7D6991E7C673AB6
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/D97x8iIyiRncsj_NH0YBy-o8BP0.roa
Signing time: Sat 18 May 2024 16:15:04 +0000
ROA not before: Sat 18 May 2024 16:15:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.206.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.224.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.240.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 20 May 2024 10:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8c:7c:42:38:e2:91:39:76:b7:d6:99:1e:7c:67:3a:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: May 18 16:15:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fdef1f222328919dcb23fcd1f4601cbea3c04fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8d:01:ad:f7:4e:0d:33:41:12:2f:28:37:b6:
82:33:f0:25:99:fa:b4:56:ec:db:50:22:6f:b7:ad:
d0:e0:84:20:61:d6:93:fe:0b:81:7f:f4:0f:fc:ff:
da:bf:c7:28:52:97:6b:f9:7a:01:de:64:8a:d8:6d:
4c:22:d3:cc:7f:3a:ff:7d:65:99:4a:c7:1f:97:b3:
0d:57:d4:2c:08:e6:5a:08:64:f6:2f:e2:37:22:5d:
e7:fc:c7:4a:b0:36:5e:16:e3:e6:67:11:87:1b:ee:
31:63:65:97:75:7a:5c:d6:b2:3c:55:9b:6f:bc:4c:
0f:79:f6:d3:f0:59:3b:8e:85:d1:12:46:46:0b:c2:
ba:3e:77:09:4b:55:73:6c:6f:82:3a:16:a9:b0:43:
e3:22:64:d4:a0:63:3d:4e:ab:b2:0e:93:5a:b6:54:
cc:be:59:e0:9e:fb:73:a2:c6:22:fc:3b:54:17:84:
ca:73:16:16:14:3c:f8:2b:9e:3c:1d:ca:b5:09:19:
dc:cc:4b:57:d6:0d:81:79:59:f9:91:e2:08:09:a5:
ca:82:8e:2e:d5:d1:dc:c3:6c:fb:88:62:e5:3f:26:
75:fe:61:14:14:07:df:c9:a3:76:1b:af:40:78:6d:
a7:39:49:ff:2e:9a:93:5f:ba:d5:ea:27:29:bd:7a:
a9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:DE:F1:F2:22:32:89:19:DC:B2:3F:CD:1F:46:01:CB:EA:3C:04:FD
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/D97x8iIyiRncsj_NH0YBy-o8BP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.1.0-185.41.3.255
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
38:2c:fd:25:2c:1d:4f:d1:57:f5:f7:8e:60:94:75:e1:3b:a2:
f4:5f:79:0d:cf:a1:c4:6c:b9:1f:60:54:0a:ce:d6:37:b2:ec:
11:6b:c3:ea:fe:fa:3e:7f:0a:b2:7b:25:96:69:3f:7e:fe:73:
7e:22:7f:7d:d9:70:a4:61:56:76:6d:5a:38:bf:93:9a:bd:0f:
93:ea:58:ee:a9:6a:4a:4d:e7:b8:23:c8:8d:3d:ae:7d:28:ed:
f0:28:08:cb:f7:27:94:7e:fa:1d:8f:b4:69:d5:e5:6b:e1:84:
7b:fc:fe:2f:81:9b:bf:56:22:fc:c6:8d:ae:74:c0:c4:53:92:
e0:0a:d2:9c:03:5d:b3:83:98:17:2c:20:79:90:c3:67:f3:bf:
b6:69:87:39:15:71:fa:68:2a:04:38:f1:cd:9c:a8:6c:1b:f9:
e8:89:b2:ff:26:62:21:ee:46:98:dd:bf:a5:a6:4e:56:6f:26:
eb:59:f6:08:1f:9c:4b:3e:42:f4:54:23:74:c0:36:b4:93:69:
60:21:37:5c:50:3c:78:ce:af:95:55:5e:61:b8:f7:8e:3b:56:
9f:b9:62:d6:1e:c0:79:e6:f0:87:2b:7d:7e:8c:8c:fa:80:1b:
c6:87:3f:6f:6e:8b:af:d7:f4:e5:64:9d:57:90:9d:ba:78:fe:
2b:23:f1:8b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY+MfEI44pE5drfWmR58Zzq2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwNTE4MTYxNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmRlZjFmMjIyMzI4OTE5ZGNiMjNmY2QxZjQ2MDFjYmVhM2MwNGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq40BrfdODTNBEi8oN7aCM/Almfq0
VuzbUCJvt63Q4IQgYdaT/guBf/QP/P/av8coUpdr+XoB3mSK2G1MItPMfzr/fWWZ
Sscfl7MNV9QsCOZaCGT2L+I3Il3n/MdKsDZeFuPmZxGHG+4xY2WXdXpc1rI8VZtv
vEwPefbT8Fk7joXREkZGC8K6PncJS1VzbG+COhapsEPjImTUoGM9TquyDpNatlTM
vlngnvtzosYi/DtUF4TKcxYWFDz4K548Hcq1CRnczEtX1g2BeVn5keIICaXKgo4u
1dHcw2z7iGLlPyZ1/mEUFAffyaN2G69AeG2nOUn/LpqTX7rV6icpvXqp1QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFA/e8fIiMokZ3LI/zR9GAcvqPAT9MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvRDk3eDhpSXlpUm5jc2pfTkgwWUJ5LW84QlAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQHVYWAMAwD
BAC5KQEDBAK5KQAwDQQCAAIwBwMFAyoEh8AwDQYJKoZIhvcNAQELBQADggEBADgs
/SUsHU/RV/X3jmCUdeE7ovRfeQ3PocRsuR9gVArO1jey7BFrw+r++j5/CrJ7JZZp
P37+c34if33ZcKRhVnZtWji/k5q9D5PqWO6pakpN57gjyI09rn0o7fAoCMv3J5R+
+h2PtGnV5WvhhHv8/i+Bm79WIvzGja50wMRTkuAK0pwDXbODmBcsIHmQw2fzv7Zp
hzkVcfpoKgQ48c2cqGwb+eiJsv8mYiHuRpjdv6WmTlZvJutZ9ggfnEs+QvRUI3TA
NrSTaWAhN1xQPHjOr5VVXmG49447Vp+5YtYewHnm8IcrfX6MjPqAG8aHP29ui6/X
9OVknVeQnbp4/isj8Ys=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org