Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/HTPrxg23c2f7QdNYPzLVqlMIu48.roa
File: HTPrxg23c2f7QdNYPzLVqlMIu48.roa (raw, json)
Hash identifier: KyFSqoitI8bPAMNcY83fpX1O2dRWw0xa+8IddEpBsAw=
Subject key identifier: 1D:33:EB:C6:0D:B7:73:67:FB:41:D3:58:3F:32:D5:AA:53:08:BB:8F
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0191836FB96BD57CEFE12E2F1751ED3FDA43
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/HTPrxg23c2f7QdNYPzLVqlMIu48.roa
Signing time: Sat 24 Aug 2024 08:10:22 +0000
ROA not before: Sat 24 Aug 2024 08:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34918
IP address blocks: 85.133.197.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 28 Sep 2024 13:33:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:83:6f:b9:6b:d5:7c:ef:e1:2e:2f:17:51:ed:3f:da:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Aug 24 08:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d33ebc60db77367fb41d3583f32d5aa5308bb8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:3f:ac:67:a7:21:cd:52:64:07:e7:85:f1:54:
66:1e:91:49:df:d7:ff:19:61:05:81:23:73:95:88:
b9:33:54:5a:4e:45:a9:c5:35:cd:75:5f:67:39:16:
77:c4:9a:fe:c1:53:d4:09:ca:44:0a:56:3c:b9:2c:
c1:69:b1:9b:30:29:6e:e1:cc:5c:37:0f:08:1c:99:
89:50:bf:63:3c:f3:31:a2:15:2c:d2:de:44:73:95:
2a:6b:69:bb:0e:d4:a6:30:96:25:35:13:0e:86:8d:
2e:29:04:52:9d:9f:08:2e:1f:11:e7:ca:ed:29:f2:
01:35:2e:59:0a:30:f1:36:17:64:0e:bb:4b:b6:b9:
37:f0:ac:67:b2:b8:77:5c:f2:05:b0:8e:b3:98:b2:
73:07:69:3a:af:20:96:49:bc:6a:da:db:69:c6:e0:
8e:03:b2:b1:15:19:c0:2e:19:c7:e5:67:79:30:ee:
fe:b5:02:16:61:95:82:3b:1b:91:19:ae:35:d0:b9:
dd:2e:4a:fc:4e:42:94:c5:30:17:92:2d:72:00:05:
ba:59:e0:e9:8e:36:68:be:2f:6a:ce:44:07:d7:f2:
36:aa:bb:c9:7a:eb:33:25:89:97:df:35:bf:3a:75:
8e:08:7d:51:50:42:31:52:66:1c:13:43:10:68:6b:
12:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:33:EB:C6:0D:B7:73:67:FB:41:D3:58:3F:32:D5:AA:53:08:BB:8F
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/HTPrxg23c2f7QdNYPzLVqlMIu48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.197.0/24
85.133.218.0/24
Signature Algorithm: sha256WithRSAEncryption
af:40:ad:72:b5:a6:80:38:28:e0:63:47:c8:2c:a3:e7:b0:bb:
8e:6d:dd:59:cb:2a:b6:25:b5:74:73:1a:fc:57:dc:6b:72:49:
75:14:5d:58:41:f3:d2:d6:27:b6:0c:d7:0b:d4:27:80:7e:d2:
c2:ce:5f:7c:d0:68:92:d1:6e:df:e2:df:b1:c4:5a:f3:ae:5c:
f1:5a:f9:00:7d:00:52:4a:15:bd:c6:b1:ab:dc:8d:1c:77:0c:
5a:1e:9d:96:a7:ad:a7:20:6d:03:f7:bb:d1:19:5b:a9:51:4c:
64:cd:ac:fe:5a:4b:3e:60:81:95:24:3b:a8:8f:ae:cd:d5:ea:
71:d3:cd:b4:0f:06:ec:e6:11:0e:10:17:96:45:87:3b:8b:b9:
7a:83:07:3e:43:ef:4b:1b:9e:9a:21:62:49:6f:82:7c:c3:c9:
20:6c:ca:76:69:95:9e:c9:70:97:f8:25:6c:a6:22:d8:d0:f2:
89:eb:a2:22:ab:e7:99:12:40:1e:a9:1a:66:9c:9b:e3:7a:53:
97:67:61:fb:e5:f8:65:6d:0c:26:63:ed:e0:40:f2:c9:54:28:
9b:d6:8e:02:10:3f:52:d0:e7:e3:0d:5f:96:8e:6b:b5:16:f1:
37:6e:81:1e:92:b1:59:68:28:cd:0e:14:7f:b0:7a:7b:b8:b1:
89:8d:3f:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGDb7lr1Xzv4S4vF1HtP9pDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwODI0MDgxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDMzZWJjNjBkYjc3MzY3ZmI0MWQzNTgzZjMyZDVhYTUzMDhiYjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5j+sZ6chzVJkB+eF8VRmHpFJ39f/
GWEFgSNzlYi5M1RaTkWpxTXNdV9nORZ3xJr+wVPUCcpEClY8uSzBabGbMClu4cxc
Nw8IHJmJUL9jPPMxohUs0t5Ec5Uqa2m7DtSmMJYlNRMOho0uKQRSnZ8ILh8R58rt
KfIBNS5ZCjDxNhdkDrtLtrk38Kxnsrh3XPIFsI6zmLJzB2k6ryCWSbxq2ttpxuCO
A7KxFRnALhnH5Wd5MO7+tQIWYZWCOxuRGa410LndLkr8TkKUxTAXki1yAAW6WeDp
jjZovi9qzkQH1/I2qrvJeuszJYmX3zW/OnWOCH1RUEIxUmYcE0MQaGsSjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB0z68YNt3Nn+0HTWD8y1apTCLuPMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvSFRQcnhnMjNjMmY3UWROWVB6TFZxbE1JdTQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVYXFAwQA
VYXaMA0GCSqGSIb3DQEBCwUAA4IBAQCvQK1ytaaAOCjgY0fILKPnsLuObd1Zyyq2
JbV0cxr8V9xrckl1FF1YQfPS1ie2DNcL1CeAftLCzl980GiS0W7f4t+xxFrzrlzx
WvkAfQBSShW9xrGr3I0cdwxaHp2Wp62nIG0D97vRGVupUUxkzaz+Wks+YIGVJDuo
j67N1epx0820Dwbs5hEOEBeWRYc7i7l6gwc+Q+9LG56aIWJJb4J8w8kgbMp2aZWe
yXCX+CVspiLY0PKJ66Iiq+eZEkAeqRpmnJvjelOXZ2H75fhlbQwmY+3gQPLJVCib
1o4CED9S0OfjDV+Wjmu1FvE3boEekrFZaCjNDhR/sHp7uLGJjT9x
-----END CERTIFICATE-----
Generated at Sat Sep 28 16:26:41 2024 by rpki-client on console-fra.rpki-client.org