Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/DiWR5EguA2pM3OBAuK0oiRbxWD8.roa
File: DiWR5EguA2pM3OBAuK0oiRbxWD8.roa (raw, json)
Hash identifier: 3OtNurEYAG4s/rQ5O12wxHZLRm3jlRMFhmtlsgQyTsA=
Subject key identifier: 0E:25:91:E4:48:2E:03:6A:4C:DC:E0:40:B8:AD:28:89:16:F1:58:3F
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018EE59DC99F203988599AE86421CADC22B6
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/DiWR5EguA2pM3OBAuK0oiRbxWD8.roa
Signing time: Tue 16 Apr 2024 06:35:06 +0000
ROA not before: Tue 16 Apr 2024 06:35:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.206.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.224.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.240.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 22 Apr 2024 14:05:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e5:9d:c9:9f:20:39:88:59:9a:e8:64:21:ca:dc:22:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Apr 16 06:35:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e2591e4482e036a4cdce040b8ad288916f1583f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9c:34:45:41:e9:17:75:27:77:80:6b:56:b2:
4c:a7:1d:a9:a8:5b:0d:20:f0:21:2a:ba:b9:3f:21:
01:48:11:a7:40:6b:91:59:0a:4b:c9:d1:09:81:43:
6a:af:c4:4b:40:4a:1a:6b:c3:08:83:53:8d:0b:4d:
b2:9d:a3:72:71:c7:bb:dd:bf:ce:0d:3d:15:ae:a6:
57:80:09:e2:86:8b:47:21:a6:59:a7:6d:d4:00:ff:
15:8e:c5:fd:8b:ab:71:23:64:6d:b6:fe:0c:38:c7:
d4:17:42:7c:a9:2d:10:f0:24:d8:3b:f7:06:eb:37:
d4:73:23:19:77:d0:fa:51:63:62:56:3c:27:d1:05:
9d:3b:79:79:48:48:78:8d:8e:f3:fd:d2:af:69:f0:
8d:69:c7:6e:35:07:56:8e:f4:36:47:78:e2:40:2b:
ef:f5:88:78:bf:34:a4:56:73:08:f3:b6:e7:c5:51:
74:24:fc:7f:fd:4e:e5:2f:79:8d:1c:74:5e:cf:21:
a7:d3:d0:77:e1:c0:7a:41:54:6b:24:7a:8e:05:6b:
43:7d:96:6a:c7:67:16:ac:0b:3e:18:b2:b1:10:44:
21:26:77:46:38:65:0c:02:f0:44:3c:18:a7:ca:9f:
d9:4f:47:bb:18:06:28:1a:0a:78:8f:44:10:7b:da:
f7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:25:91:E4:48:2E:03:6A:4C:DC:E0:40:B8:AD:28:89:16:F1:58:3F
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/DiWR5EguA2pM3OBAuK0oiRbxWD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.1.0-185.41.3.255
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
a3:eb:bb:9b:9e:cb:36:b4:ee:9d:e1:5c:3f:f2:cc:fe:c0:53:
88:92:5d:5c:d5:9e:c7:29:9a:2a:01:ee:28:83:17:0d:6d:12:
89:c2:93:e6:0b:26:04:86:a5:74:39:56:f4:2a:9b:2e:77:42:
d9:67:9d:45:ff:a9:21:6c:fe:3e:07:96:db:b9:8d:f2:41:91:
11:09:5e:dd:3b:e4:d0:5c:93:fd:0b:f5:5c:96:5b:50:4f:28:
ec:2a:f8:2d:5b:38:e1:9a:56:38:b6:9d:eb:0e:1e:7b:ae:c8:
17:8d:2e:6d:34:bf:ac:7a:b8:24:e8:d3:b4:99:03:4e:e7:ca:
14:13:7d:45:3d:c5:5c:96:f7:ed:59:7b:5c:3d:ee:3b:b9:6e:
77:62:70:8e:6c:1e:10:e6:0d:af:ed:bb:fe:46:d9:d5:0e:16:
66:bc:45:6a:7e:13:0c:9e:16:6a:3f:ba:2b:70:51:72:29:e8:
c1:92:29:19:a4:32:83:6a:84:ae:eb:bf:65:63:63:b4:69:35:
48:09:79:e5:c3:9f:5d:1d:93:2a:0f:35:6b:76:30:43:10:d5:
a0:ef:95:a8:83:6c:5a:67:81:ae:16:b7:41:29:11:78:e5:03:
44:7b:5c:71:65:79:20:c1:7f:31:35:6e:47:d9:3b:14:79:49:
3d:b2:a9:f4
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY7lncmfIDmIWZroZCHK3CK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwNDE2MDYzNTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTI1OTFlNDQ4MmUwMzZhNGNkY2UwNDBiOGFkMjg4OTE2ZjE1ODNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJw0RUHpF3Und4BrVrJMpx2pqFsN
IPAhKrq5PyEBSBGnQGuRWQpLydEJgUNqr8RLQEoaa8MIg1ONC02ynaNycce73b/O
DT0VrqZXgAnihotHIaZZp23UAP8VjsX9i6txI2Rttv4MOMfUF0J8qS0Q8CTYO/cG
6zfUcyMZd9D6UWNiVjwn0QWdO3l5SEh4jY7z/dKvafCNacduNQdWjvQ2R3jiQCvv
9Yh4vzSkVnMI87bnxVF0JPx//U7lL3mNHHRezyGn09B34cB6QVRrJHqOBWtDfZZq
x2cWrAs+GLKxEEQhJndGOGUMAvBEPBinyp/ZT0e7GAYoGgp4j0QQe9r3zQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFA4lkeRILgNqTNzgQLitKIkW8Vg/MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvRGlXUjVFZ3VBMnBNM09CQXVLMG9pUmJ4V0Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQHVYWAMAwD
BAC5KQEDBAK5KQAwDQQCAAIwBwMFAyoEh8AwDQYJKoZIhvcNAQELBQADggEBAKPr
u5ueyza07p3hXD/yzP7AU4iSXVzVnscpmioB7iiDFw1tEonCk+YLJgSGpXQ5VvQq
my53QtlnnUX/qSFs/j4Hltu5jfJBkREJXt075NBck/0L9VyWW1BPKOwq+C1bOOGa
Vji2nesOHnuuyBeNLm00v6x6uCTo07SZA07nyhQTfUU9xVyW9+1Ze1w97ju5bndi
cI5sHhDmDa/tu/5G2dUOFma8RWp+EwyeFmo/uitwUXIp6MGSKRmkMoNqhK7rv2Vj
Y7RpNUgJeeXDn10dkyoPNWt2MEMQ1aDvlaiDbFpnga4Wt0EpEXjlA0R7XHFleSDB
fzE1bkfZOxR5ST2yqfQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org