Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Gxz3fIN1E96nITwdIAkIN1yZemI.roa
File: Gxz3fIN1E96nITwdIAkIN1yZemI.roa (raw, json)
Hash identifier: Kr01cF57mMSspI2AZ0sLOS6hZ3Ymv/OzljMddNyE+jM=
Subject key identifier: 1B:1C:F7:7C:83:75:13:DE:A7:21:3C:1D:20:09:08:37:5C:99:7A:62
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018BCD215C1C442DE7982DB10CAC047A8F69
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Gxz3fIN1E96nITwdIAkIN1yZemI.roa
Signing time: Tue 14 Nov 2023 09:19:57 +0000
ROA not before: Tue 14 Nov 2023 09:19:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211056
IP address blocks: 85.133.216.0/24 maxlen: 24
85.133.233.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.237.0/24 maxlen: 24
85.133.236.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cd:21:5c:1c:44:2d:e7:98:2d:b1:0c:ac:04:7a:8f:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Nov 14 09:19:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b1cf77c837513dea7213c1d200908375c997a62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:05:73:33:ee:c3:7b:6d:5a:02:7e:46:30:67:
47:bd:f2:3d:04:12:1d:c6:88:61:ee:bd:b4:d7:eb:
be:ef:9e:ab:f0:36:93:a7:2b:6c:09:b2:18:00:9e:
cc:ea:23:d1:6b:17:16:8b:59:d4:e7:f5:5f:6c:1b:
31:ad:d0:e9:d3:7e:69:86:94:b6:a4:77:b6:80:b8:
b4:7f:8d:fe:65:a2:e1:a9:73:87:e1:69:31:5c:bc:
dd:0b:c6:ed:5d:d3:93:20:96:62:46:d9:41:03:77:
f5:e3:6b:0a:bf:a5:98:29:f1:ca:ed:9a:3b:1d:3f:
d2:f1:73:ee:85:c8:76:f7:bd:d9:e9:2e:9d:8d:e3:
eb:ef:ca:68:75:d1:aa:63:24:e8:61:f6:f1:1e:90:
7d:f4:88:9f:40:49:99:43:5f:9a:b5:08:52:e0:6d:
d8:fa:6b:1a:d0:43:aa:59:b9:ea:e7:c1:0e:0b:06:
a9:c7:3f:eb:3f:56:dc:b9:75:eb:a6:b2:7d:87:29:
43:4c:d9:63:2c:85:aa:6c:67:65:64:f3:54:be:0a:
04:34:d1:b0:4d:47:d8:fc:9f:72:4d:c2:a1:d3:b2:
d7:60:8d:08:a3:94:72:ab:c7:27:15:5d:0b:c2:b0:
00:ff:14:50:57:d0:e6:0f:4e:d6:1c:2c:f7:b5:16:
83:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:1C:F7:7C:83:75:13:DE:A7:21:3C:1D:20:09:08:37:5C:99:7A:62
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Gxz3fIN1E96nITwdIAkIN1yZemI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.216.0/24
85.133.233.0/24
85.133.236.0-85.133.238.255
85.133.253.0/24
Signature Algorithm: sha256WithRSAEncryption
42:ca:b4:75:e6:b1:ba:a4:08:ec:87:79:bb:5c:68:8b:3c:cf:
d2:bb:7e:21:e5:1d:92:2f:52:00:75:5c:39:9b:e4:56:b1:b7:
fe:9a:56:45:07:58:08:ce:ec:44:74:2a:25:e8:9e:67:f9:56:
cf:99:95:1a:0d:8b:1b:bf:d7:ad:35:f5:b9:11:21:1d:98:42:
31:08:35:25:57:2c:eb:e8:03:a3:18:95:17:d3:96:ab:0d:f0:
ff:69:1a:7c:30:73:ef:c8:10:ae:2f:d6:a2:51:fd:7d:37:df:
ea:8b:6b:4c:a8:46:63:ac:69:07:a7:06:8f:c9:e1:56:f8:fa:
f4:4f:0b:2b:ea:b9:8e:77:d3:d9:3c:1a:da:d6:05:7f:1b:b7:
cb:6b:32:23:c3:82:c9:99:44:5e:cf:3f:bc:16:89:de:c5:37:
bc:99:12:de:5a:80:6a:52:4a:8a:12:d8:86:ea:b9:b3:f3:f8:
65:48:7b:6f:36:bb:b3:63:4a:5c:e8:a7:32:ac:ef:1b:86:f3:
cf:d5:66:20:b3:f4:9a:ae:4d:cb:d6:95:c8:22:fd:b0:90:6d:
a1:26:68:2d:8e:a6:56:ba:4b:34:8f:66:84:86:b0:37:6c:a7:
c3:0d:39:c3:b1:b9:1b:a2:71:86:2d:c7:64:91:a1:ac:b4:7f:
f3:16:5e:9b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYvNIVwcRC3nmC2xDKwEeo9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMxMTE0MDkxOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjFjZjc3YzgzNzUxM2RlYTcyMTNjMWQyMDA5MDgzNzVjOTk3YTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQVzM+7De21aAn5GMGdHvfI9BBId
xohh7r201+u+756r8DaTpytsCbIYAJ7M6iPRaxcWi1nU5/VfbBsxrdDp035phpS2
pHe2gLi0f43+ZaLhqXOH4WkxXLzdC8btXdOTIJZiRtlBA3f142sKv6WYKfHK7Zo7
HT/S8XPuhch2973Z6S6djePr78poddGqYyToYfbxHpB99IifQEmZQ1+atQhS4G3Y
+msa0EOqWbnq58EOCwapxz/rP1bcuXXrprJ9hylDTNljLIWqbGdlZPNUvgoENNGw
TUfY/J9yTcKh07LXYI0Io5Ryq8cnFV0LwrAA/xRQV9DmD07WHCz3tRaDLwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBsc93yDdRPepyE8HSAJCDdcmXpiMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvR3h6M2ZJTjFFOTZuSVR3ZElBa0lOMXlaZW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVYXYAwQA
VYXpMAwDBAJVhewDBABVhe4DBABVhf0wDQYJKoZIhvcNAQELBQADggEBAELKtHXm
sbqkCOyHebtcaIs8z9K7fiHlHZIvUgB1XDmb5Faxt/6aVkUHWAjO7ER0KiXonmf5
Vs+ZlRoNixu/16019bkRIR2YQjEINSVXLOvoA6MYlRfTlqsN8P9pGnwwc+/IEK4v
1qJR/X033+qLa0yoRmOsaQenBo/J4Vb4+vRPCyvquY5309k8GtrWBX8bt8trMiPD
gsmZRF7PP7wWid7FN7yZEt5agGpSSooS2IbqubPz+GVIe282u7NjSlzopzKs7xuG
88/VZiCz9JquTcvWlcgi/bCQbaEmaC2Opla6SzSPZoSGsDdsp8MNOcOxuRuicYYt
x2SRoay0f/MWXps=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org