Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/DDVtDKv7EAgcj4eW28aqbz7ospY.roa
File: DDVtDKv7EAgcj4eW28aqbz7ospY.roa (raw, json)
Hash identifier: zQCFFfCHalr2v9XiHGrzKsjlYvyyIr7QGD6SR2M3QWM=
Subject key identifier: 0C:35:6D:0C:AB:FB:10:08:1C:8F:87:96:DB:C6:AA:6F:3E:E8:B2:96
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018A3B519FAC4AB6F94E6E9699B05DC5AB93
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/DDVtDKv7EAgcj4eW28aqbz7ospY.roa
Signing time: Mon 28 Aug 2023 08:45:19 +0000
ROA not before: Mon 28 Aug 2023 08:45:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198154
IP address blocks: 85.133.218.0/24 maxlen: 24
85.133.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:51:9f:ac:4a:b6:f9:4e:6e:96:99:b0:5d:c5:ab:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Aug 28 08:45:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c356d0cabfb10081c8f8796dbc6aa6f3ee8b296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:09:56:3f:1e:de:6b:72:43:3a:6d:22:2f:6e:
8c:29:aa:81:3d:9d:69:61:c7:ee:35:a8:84:11:cc:
16:32:85:13:bf:19:5d:a9:6d:31:a3:a1:c3:d6:3d:
1f:3d:e9:9e:5c:ca:c0:5b:fa:a9:6a:b6:28:da:af:
f1:96:b2:e8:15:0c:e9:8e:27:94:c8:87:ea:30:1c:
66:14:82:a0:1d:0c:cb:96:8e:0e:52:c1:f0:dc:62:
eb:cb:ec:ec:13:18:36:c7:b2:cb:ee:fe:29:7c:34:
85:98:af:7b:f2:37:76:1c:ec:bf:f5:e9:00:f7:18:
e4:27:42:cf:26:f3:b8:f9:bc:e0:d1:de:e9:d0:5b:
12:4e:20:d1:53:ee:8f:f2:2e:fa:bc:2e:8c:40:84:
1c:de:34:d9:bc:5c:73:5e:99:a0:70:ed:8d:53:95:
58:fd:b6:e1:56:10:7e:36:67:e0:e5:ca:f8:9b:a4:
8e:ca:ef:a3:42:ab:19:cb:2d:9f:70:1c:83:13:9f:
95:a9:d6:93:93:9d:21:38:34:6a:7a:33:90:6a:f3:
f7:77:a4:fe:52:f8:ed:b7:a8:bf:79:95:20:80:a0:
7e:b7:77:7b:89:2e:88:b1:ca:62:70:4d:51:f0:ec:
cd:cf:ed:df:02:95:f2:00:1e:e8:ab:1d:af:2e:e4:
ea:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:35:6D:0C:AB:FB:10:08:1C:8F:87:96:DB:C6:AA:6F:3E:E8:B2:96
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/DDVtDKv7EAgcj4eW28aqbz7ospY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.218.0/24
85.133.242.0/24
Signature Algorithm: sha256WithRSAEncryption
17:d2:ac:b3:8c:ab:ab:f4:8a:db:84:9c:a6:23:7b:c7:e9:93:
76:fc:56:df:55:24:d7:44:18:27:71:d8:4a:1d:b9:2e:68:fc:
9c:3f:41:68:e9:d4:9f:7d:0a:14:a7:63:2a:91:d3:4a:69:e7:
52:4f:fe:4a:0b:06:80:ab:68:e8:7a:2e:fc:b9:0f:fa:8b:60:
35:ad:4e:84:8d:f2:81:41:a5:ad:5c:bc:46:e4:d3:a5:24:cf:
b4:70:1e:36:95:76:ba:c1:ae:f6:0e:de:30:35:e4:26:8f:d8:
6a:d0:7c:0d:3b:62:09:7d:2d:47:a2:69:2c:50:4a:2d:1b:e1:
08:95:cb:f1:cf:77:7d:bd:a9:ca:3a:c7:a6:d8:5c:43:79:37:
13:ab:65:0d:5f:be:15:ca:0c:5c:15:cf:8b:b1:35:19:b2:c0:
66:73:fa:9b:eb:d7:50:9e:bb:1b:e0:40:f5:6f:2e:43:47:a0:
6d:9c:59:38:62:43:c2:72:e5:d4:65:12:b5:1b:19:46:f6:24:
90:bc:45:c4:ce:65:51:95:3d:cf:ed:ed:a2:4c:06:35:ab:51:
39:dd:d6:cc:1f:d1:8f:9e:26:e2:75:d4:9a:b0:c0:da:16:a9:
8b:0c:c5:43:7d:c8:ea:34:77:97:9d:6b:ab:54:86:16:4a:bf:
38:88:ef:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYo7UZ+sSrb5Tm6WmbBdxauTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwODI4MDg0NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzM1NmQwY2FiZmIxMDA4MWM4Zjg3OTZkYmM2YWE2ZjNlZThiMjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/AlWPx7ea3JDOm0iL26MKaqBPZ1p
YcfuNaiEEcwWMoUTvxldqW0xo6HD1j0fPemeXMrAW/qparYo2q/xlrLoFQzpjieU
yIfqMBxmFIKgHQzLlo4OUsHw3GLry+zsExg2x7LL7v4pfDSFmK978jd2HOy/9ekA
9xjkJ0LPJvO4+bzg0d7p0FsSTiDRU+6P8i76vC6MQIQc3jTZvFxzXpmgcO2NU5VY
/bbhVhB+Nmfg5cr4m6SOyu+jQqsZyy2fcByDE5+VqdaTk50hODRqejOQavP3d6T+
Uvjtt6i/eZUggKB+t3d7iS6IscpicE1R8OzNz+3fApXyAB7oqx2vLuTqEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAw1bQyr+xAIHI+HltvGqm8+6LKWMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvRERWdERLdjdFQWdjajRlVzI4YXFiejdvc3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVYXaAwQA
VYXyMA0GCSqGSIb3DQEBCwUAA4IBAQAX0qyzjKur9IrbhJymI3vH6ZN2/FbfVSTX
RBgncdhKHbkuaPycP0Fo6dSffQoUp2MqkdNKaedST/5KCwaAq2joei78uQ/6i2A1
rU6EjfKBQaWtXLxG5NOlJM+0cB42lXa6wa72Dt4wNeQmj9hq0HwNO2IJfS1Homks
UEotG+EIlcvxz3d9vanKOsem2FxDeTcTq2UNX74VygxcFc+LsTUZssBmc/qb69dQ
nrsb4ED1by5DR6BtnFk4YkPCcuXUZRK1GxlG9iSQvEXEzmVRlT3P7e2iTAY1q1E5
3dbMH9GPnibiddSasMDaFqmLDMVDfcjqNHeXnWurVIYWSr84iO+j
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org