Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/HZVt5M5CgUTxYNdTySoLuzNuze4.roa
File: HZVt5M5CgUTxYNdTySoLuzNuze4.roa (raw, json)
Hash identifier: vHMlqeW4pENK57fLYgwh9jnlNhpP1ioE4tBRbRSKGSE=
Subject key identifier: 1D:95:6D:E4:CE:42:81:44:F1:60:D7:53:C9:2A:0B:BB:33:6E:CD:EE
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018BFCD5F21AA6DEEDF345EF57742282AAEC
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/HZVt5M5CgUTxYNdTySoLuzNuze4.roa
Signing time: Thu 23 Nov 2023 15:39:21 +0000
ROA not before: Thu 23 Nov 2023 15:39:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.202.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 04 Dec 2023 13:57:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fc:d5:f2:1a:a6:de:ed:f3:45:ef:57:74:22:82:aa:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Nov 23 15:39:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d956de4ce428144f160d753c92a0bbb336ecdee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5c:b3:c8:36:e7:88:6e:fc:6d:6f:3c:14:b7:
ef:0c:e2:f5:0f:32:3b:ce:c4:48:96:fc:2d:af:10:
c0:7c:cf:f8:26:11:c8:58:72:85:38:39:e4:10:31:
d5:b8:d4:91:9f:da:3b:d3:f5:bc:93:8f:b0:30:be:
00:fe:5b:ba:35:0d:f3:80:16:99:af:42:78:3f:e7:
0e:30:70:ca:f4:6d:34:9a:64:b8:c9:ed:da:85:17:
b0:55:16:7d:10:fe:c8:26:13:e3:d6:8d:57:e7:57:
e3:e4:24:52:32:e2:16:62:7e:b6:95:8b:11:5d:9d:
b1:d8:6b:8a:1d:88:34:4e:13:33:da:0b:a9:57:98:
a2:09:25:19:13:95:35:1a:72:cb:f4:69:8a:b1:2e:
43:b5:81:d2:87:81:0f:86:20:c1:23:76:60:f1:19:
22:ae:79:d7:bc:aa:e3:d4:40:28:68:1f:4a:21:8a:
9e:8b:37:75:0e:f2:53:07:09:01:4f:30:02:28:0c:
d2:ac:8f:f5:72:c4:b5:7f:47:f3:56:0f:77:4e:b5:
63:1a:06:04:49:f2:1a:57:35:6c:58:4d:e9:3d:0b:
45:bb:a0:26:91:e1:19:29:8b:c0:46:93:ef:0d:09:
50:36:5f:88:b1:09:05:f2:67:2d:ba:82:f9:98:64:
b9:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:95:6D:E4:CE:42:81:44:F1:60:D7:53:C9:2A:0B:BB:33:6E:CD:EE
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/HZVt5M5CgUTxYNdTySoLuzNuze4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
59:22:e9:6c:d2:08:87:ed:1f:57:4d:a9:fc:d0:f4:9b:cb:f9:
8c:5b:4d:91:8e:fe:a1:23:e8:d4:2c:75:f7:ca:3b:10:94:0d:
78:f3:f6:e3:e1:4d:08:0a:80:7e:bc:27:24:32:83:3d:30:fc:
da:6c:30:e1:35:3b:7f:10:8d:13:a5:3e:0b:8d:24:43:dc:76:
f5:a1:26:44:26:4a:e8:86:2c:62:0a:aa:d5:6a:6f:89:08:3f:
de:5c:ac:4e:de:99:90:73:8f:a0:78:82:0e:27:cc:2e:f6:00:
d6:09:67:1c:04:d1:29:46:3b:9d:cd:1d:2c:ab:37:50:72:db:
8c:8e:d9:1d:d4:d6:9a:2e:a9:ba:f6:5d:ac:f3:09:ce:69:f1:
bd:7c:0d:4d:05:6a:9d:3b:01:d3:7f:f9:2c:dc:be:2b:2c:29:
c0:56:e5:ee:21:08:34:3c:11:e6:26:ea:c5:ff:12:e7:31:b2:
3e:c6:1e:8f:b6:d9:85:0a:52:02:4c:ec:69:19:ef:64:11:c8:
f8:7f:ca:4b:97:01:c5:56:40:0c:96:ad:2d:01:d4:97:57:d3:
fc:7e:7a:d6:d8:2d:ec:3f:e3:54:63:96:10:54:22:3b:42:af:
02:44:df:ec:fe:a3:af:e9:b6:1e:3d:47:ed:4d:f6:97:60:88:
86:0b:93:e1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYv81fIapt7t80XvV3QigqrsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMxMTIzMTUzOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDk1NmRlNGNlNDI4MTQ0ZjE2MGQ3NTNjOTJhMGJiYjMzNmVjZGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVyzyDbniG78bW88FLfvDOL1DzI7
zsRIlvwtrxDAfM/4JhHIWHKFODnkEDHVuNSRn9o70/W8k4+wML4A/lu6NQ3zgBaZ
r0J4P+cOMHDK9G00mmS4ye3ahRewVRZ9EP7IJhPj1o1X51fj5CRSMuIWYn62lYsR
XZ2x2GuKHYg0ThMz2gupV5iiCSUZE5U1GnLL9GmKsS5DtYHSh4EPhiDBI3Zg8Rki
rnnXvKrj1EAoaB9KIYqeizd1DvJTBwkBTzACKAzSrI/1csS1f0fzVg93TrVjGgYE
SfIaVzVsWE3pPQtFu6AmkeEZKYvARpPvDQlQNl+IsQkF8mctuoL5mGS5JQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB2VbeTOQoFE8WDXU8kqC7szbs3uMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvSFpWdDVNNUNnVVR4WU5kVHlTb0x1ek51emU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQBZIuls0giH7R9X
Tan80PSby/mMW02Rjv6hI+jULHX3yjsQlA148/bj4U0ICoB+vCckMoM9MPzabDDh
NTt/EI0TpT4LjSRD3Hb1oSZEJkrohixiCqrVam+JCD/eXKxO3pmQc4+geIIOJ8wu
9gDWCWccBNEpRjudzR0sqzdQctuMjtkd1NaaLqm69l2s8wnOafG9fA1NBWqdOwHT
f/ks3L4rLCnAVuXuIQg0PBHmJurF/xLnMbI+xh6PttmFClICTOxpGe9kEcj4f8pL
lwHFVkAMlq0tAdSXV9P8fnrW2C3sP+NUY5YQVCI7Qq8CRN/s/qOv6bYePUftTfaX
YIiGC5Ph
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:12 2024 by rpki-client on console-fra.rpki-client.org