Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/DCJnH54dnjXVjU57AH51Y4omxkI.roa
File: DCJnH54dnjXVjU57AH51Y4omxkI.roa (raw, json)
Hash identifier: 7Pe2w+YoZphr4OgeCvtVXLvC40Am+hfmdVXkYGDcndE=
Subject key identifier: 0C:22:67:1F:9E:1D:9E:35:D5:8D:4E:7B:00:7E:75:63:8A:26:C6:42
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 019238D669C49C340FC6FC8DBDEBF23F600C
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/DCJnH54dnjXVjU57AH51Y4omxkI.roa
Signing time: Sat 28 Sep 2024 13:33:48 +0000
ROA not before: Sat 28 Sep 2024 13:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34918
IP address blocks: 85.133.197.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Oct 2024 12:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:38:d6:69:c4:9c:34:0f:c6:fc:8d:bd:eb:f2:3f:60:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Sep 28 13:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c22671f9e1d9e35d58d4e7b007e75638a26c642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c1:12:38:d9:c6:c6:ae:88:dc:99:10:d2:08:
29:9a:5f:a7:c1:88:f9:0d:67:58:ec:25:a7:3d:18:
e5:f0:f7:af:9f:bd:fe:f6:c7:37:09:8e:e4:c9:b4:
df:13:f4:13:b8:66:69:ab:6a:fc:c8:ba:c0:b8:eb:
cf:ce:53:d9:e2:bf:73:9f:d6:b7:35:a0:87:a4:5f:
da:67:d8:23:7d:d5:2f:ba:ad:75:cd:01:14:e8:fe:
8d:98:8d:05:49:4d:3a:ad:e3:b5:b0:bc:2b:f8:55:
23:33:18:0a:dc:9b:a1:b1:ce:8f:6f:e3:1c:5c:83:
15:b2:d0:6f:d9:ca:f8:53:4f:14:32:d7:c3:b1:86:
59:7b:a4:01:18:63:df:00:81:4c:41:1b:b0:01:0a:
d2:96:03:2e:71:ad:38:fa:91:45:20:b3:0d:58:99:
d3:9a:1a:b7:3a:8a:42:9f:b3:0e:2c:33:18:92:61:
85:5d:94:21:0b:99:0f:52:39:96:b0:09:6d:91:12:
50:2d:62:64:d3:d1:7f:05:7d:0e:13:13:b3:8d:28:
e5:76:3b:f1:eb:e1:75:ec:37:ac:e6:ff:1c:0d:ba:
f4:bf:1c:f9:d3:f4:7e:48:d4:c3:0e:f9:da:1a:3d:
6f:3b:f2:f4:65:e3:e3:a2:a1:34:6a:73:1a:13:cc:
f6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:22:67:1F:9E:1D:9E:35:D5:8D:4E:7B:00:7E:75:63:8A:26:C6:42
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/DCJnH54dnjXVjU57AH51Y4omxkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.197.0/24
85.133.218.0/24
85.133.222.0/24
Signature Algorithm: sha256WithRSAEncryption
81:1c:92:f5:b1:16:88:db:3d:2f:02:fb:21:4e:b0:bf:89:77:
55:be:82:a3:15:b0:56:db:38:7c:8e:fa:76:94:b4:ac:0d:98:
7f:f4:d7:24:b5:83:66:c5:61:5d:94:6f:49:08:6f:5e:3d:7e:
0a:ec:17:a9:3c:09:25:fa:86:fd:07:95:74:a8:5f:6d:e3:ff:
0b:01:c5:dd:10:5b:29:74:be:61:e7:0d:46:a9:73:4a:f9:b0:
86:58:a5:60:f3:c8:1e:ac:49:87:97:0d:36:28:f5:05:54:ba:
fb:10:f7:5f:37:01:4d:87:ba:aa:ee:a2:94:29:55:c9:3d:20:
4f:da:2e:14:90:96:5d:06:a8:65:98:8b:73:27:18:4d:98:cc:
80:cb:3b:f1:40:c1:df:6c:c2:d5:ba:21:70:ce:1d:b4:a0:29:
7f:c5:ac:73:1b:46:59:64:e9:41:7b:6b:fb:8a:47:9f:c0:12:
ce:88:03:4c:08:64:cf:c4:e6:0e:11:f4:0c:61:f5:da:85:f9:
d2:1c:ea:61:9a:1f:42:22:4c:df:96:bc:46:aa:b3:c1:bd:26:
4d:15:34:85:51:7a:8c:66:bb:2f:5e:2f:b1:a3:c3:bb:a0:92:
83:29:28:81:22:a2:3f:2f:ee:5c:bc:41:7a:56:80:c4:24:91:
6a:06:21:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZI41mnEnDQPxvyNvevyP2AMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwOTI4MTMzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzIyNjcxZjllMWQ5ZTM1ZDU4ZDRlN2IwMDdlNzU2MzhhMjZjNjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cESONnGxq6I3JkQ0ggpml+nwYj5
DWdY7CWnPRjl8Pevn73+9sc3CY7kybTfE/QTuGZpq2r8yLrAuOvPzlPZ4r9zn9a3
NaCHpF/aZ9gjfdUvuq11zQEU6P6NmI0FSU06reO1sLwr+FUjMxgK3Juhsc6Pb+Mc
XIMVstBv2cr4U08UMtfDsYZZe6QBGGPfAIFMQRuwAQrSlgMuca04+pFFILMNWJnT
mhq3OopCn7MOLDMYkmGFXZQhC5kPUjmWsAltkRJQLWJk09F/BX0OExOzjSjldjvx
6+F17Des5v8cDbr0vxz50/R+SNTDDvnaGj1vO/L0ZePjoqE0anMaE8z2jQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAwiZx+eHZ411Y1OewB+dWOKJsZCMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvRENKbkg1NGRualhWalU1N0FINTFZNG9teGtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVYXFAwQA
VYXaAwQAVYXeMA0GCSqGSIb3DQEBCwUAA4IBAQCBHJL1sRaI2z0vAvshTrC/iXdV
voKjFbBW2zh8jvp2lLSsDZh/9NcktYNmxWFdlG9JCG9ePX4K7BepPAkl+ob9B5V0
qF9t4/8LAcXdEFspdL5h5w1GqXNK+bCGWKVg88gerEmHlw02KPUFVLr7EPdfNwFN
h7qq7qKUKVXJPSBP2i4UkJZdBqhlmItzJxhNmMyAyzvxQMHfbMLVuiFwzh20oCl/
xaxzG0ZZZOlBe2v7ikefwBLOiANMCGTPxOYOEfQMYfXahfnSHOphmh9CIkzflrxG
qrPBvSZNFTSFUXqMZrsvXi+xo8O7oJKDKSiBIqI/L+5cvEF6VoDEJJFqBiE+
-----END CERTIFICATE-----
Generated at Tue Oct 1 13:52:16 2024 by rpki-client on console-fra.rpki-client.org