Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/FP6T5LaPPyOrUJefbxUxYIG6mxk.roa
File: FP6T5LaPPyOrUJefbxUxYIG6mxk.roa (raw, json)
Hash identifier: ik1kQmVf1s+1iiBwWrOXZU3/pTICcH/RcLse6kZRxWo=
Subject key identifier: 14:FE:93:E4:B6:8F:3F:23:AB:50:97:9F:6F:15:31:60:81:BA:9B:19
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018D9C234C72B99D6D25F204316BAA021A43
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/FP6T5LaPPyOrUJefbxUxYIG6mxk.roa
Signing time: Mon 12 Feb 2024 07:06:15 +0000
ROA not before: Mon 12 Feb 2024 07:06:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 85.133.174.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Apr 2024 14:05:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9c:23:4c:72:b9:9d:6d:25:f2:04:31:6b:aa:02:1a:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Feb 12 07:06:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14fe93e4b68f3f23ab50979f6f15316081ba9b19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:89:e1:ea:cc:12:59:a7:81:dd:bd:dc:52:0c:
cd:ae:aa:76:78:69:6a:e3:39:ea:7a:5d:36:c5:aa:
6f:1a:33:0a:0e:a6:aa:9a:c6:08:c5:b1:27:2b:90:
6c:d9:b9:34:6b:1a:ff:3d:c5:b4:83:f6:e1:c5:f3:
83:2f:b5:b3:0c:c8:d3:dd:00:25:b8:c9:a1:d4:ce:
59:b4:1d:64:01:c7:b9:72:98:39:9d:4c:59:0a:1f:
4c:ef:f7:17:b1:c9:3b:80:cb:c7:65:59:2d:52:b3:
64:5b:5f:98:7e:f7:51:6c:13:d5:6a:15:71:f3:28:
a9:93:86:f8:b7:fd:48:00:07:45:81:06:10:7c:4a:
07:ab:69:14:ea:b8:be:07:62:94:4b:e8:03:e3:93:
43:e5:35:09:30:59:54:dc:8b:f8:12:ef:47:f8:57:
9f:52:93:4a:ee:ed:6b:4c:3e:f4:d0:e7:47:b0:50:
ff:c8:1c:d1:f4:39:fc:1b:43:00:45:d5:d1:63:58:
62:42:0b:ea:b4:4b:e9:4e:bc:25:f8:ea:e6:a8:91:
10:d0:42:7d:fd:cc:35:e2:21:d2:01:26:aa:88:86:
75:44:36:57:bd:c1:83:eb:76:42:d1:60:3d:9d:06:
27:27:3e:9b:40:d0:1d:bd:fa:d6:fb:4c:57:75:3b:
c7:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:FE:93:E4:B6:8F:3F:23:AB:50:97:9F:6F:15:31:60:81:BA:9B:19
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/FP6T5LaPPyOrUJefbxUxYIG6mxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.174.0/24
85.133.208.0/24
85.133.215.0/24
85.133.219.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:71:1e:0e:18:6e:60:fa:f1:f9:a0:2e:cf:91:8a:66:d5:89:
f5:d5:00:14:11:aa:5e:f1:d7:04:e4:8b:04:74:ee:e6:10:3c:
22:a8:92:43:5c:9a:11:2f:61:4f:89:49:1d:c1:7a:98:fe:52:
50:91:1c:4d:fb:18:ad:15:92:f2:7c:ef:51:05:b3:06:27:c9:
9c:b2:c0:18:88:b4:35:9d:9d:e1:c0:94:07:82:ad:99:a5:8b:
70:72:de:39:e4:9d:40:18:8c:84:8f:91:28:4b:0e:28:8e:48:
70:fa:61:26:d4:f2:ce:e6:0f:9b:57:54:2c:76:b1:08:de:24:
ea:ff:38:0f:83:30:f4:df:34:72:b7:38:81:bd:c9:57:37:81:
7f:55:a1:e6:9b:1d:a5:e2:9f:a0:b7:91:ec:a2:5a:cb:3c:23:
49:1e:f6:99:ba:3e:16:f6:6f:53:9b:14:e6:76:b5:d3:73:5e:
09:5e:4f:a3:91:a3:69:b2:3c:f0:62:44:8b:f7:54:9b:67:0d:
df:25:2f:93:d5:41:a6:d8:d4:26:ab:3d:9d:b5:9a:90:35:93:
ed:07:21:8b:d7:96:af:cf:45:01:5b:94:41:4f:49:db:76:09:
58:b7:47:60:62:c8:1c:0c:d2:3b:b9:7f:6a:e7:ee:b3:3b:e7:
7b:41:36:02
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY2cI0xyuZ1tJfIEMWuqAhpDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMjEyMDcwNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGZlOTNlNGI2OGYzZjIzYWI1MDk3OWY2ZjE1MzE2MDgxYmE5YjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4nh6swSWaeB3b3cUgzNrqp2eGlq
4znqel02xapvGjMKDqaqmsYIxbEnK5Bs2bk0axr/PcW0g/bhxfODL7WzDMjT3QAl
uMmh1M5ZtB1kAce5cpg5nUxZCh9M7/cXsck7gMvHZVktUrNkW1+YfvdRbBPVahVx
8yipk4b4t/1IAAdFgQYQfEoHq2kU6ri+B2KUS+gD45ND5TUJMFlU3Iv4Eu9H+Fef
UpNK7u1rTD700OdHsFD/yBzR9Dn8G0MARdXRY1hiQgvqtEvpTrwl+OrmqJEQ0EJ9
/cw14iHSASaqiIZ1RDZXvcGD63ZC0WA9nQYnJz6bQNAdvfrW+0xXdTvHMwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBT+k+S2jz8jq1CXn28VMWCBupsZMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvRlA2VDVMYVBQeU9yVUplZmJ4VXhZSUc2bXhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVYWuAwQA
VYXQAwQAVYXXAwQAVYXbMA0GCSqGSIb3DQEBCwUAA4IBAQBdcR4OGG5g+vH5oC7P
kYpm1Yn11QAUEape8dcE5IsEdO7mEDwiqJJDXJoRL2FPiUkdwXqY/lJQkRxN+xit
FZLyfO9RBbMGJ8mcssAYiLQ1nZ3hwJQHgq2ZpYtwct455J1AGIyEj5EoSw4ojkhw
+mEm1PLO5g+bV1QsdrEI3iTq/zgPgzD03zRytziBvclXN4F/VaHmmx2l4p+gt5Hs
olrLPCNJHvaZuj4W9m9TmxTmdrXTc14JXk+jkaNpsjzwYkSL91SbZw3fJS+T1UGm
2NQmqz2dtZqQNZPtByGL15avz0UBW5RBT0nbdglYt0dgYsgcDNI7uX9q5+6zO+d7
QTYC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:12 2024 by rpki-client on console-fra.rpki-client.org