Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/IAw6qUfE-S6SomIb6UyrYSCvGTc.roa
File: IAw6qUfE-S6SomIb6UyrYSCvGTc.roa (raw, json)
Hash identifier: GMmtGIXFwzofaA8I6zQxe23s2Im0sLiEh7RJpnNkeqw=
Subject key identifier: 20:0C:3A:A9:47:C4:F9:2E:92:A2:62:1B:E9:4C:AB:61:20:AF:19:37
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0191664EBFCF788005AAE3D4CE023A95FB58
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/IAw6qUfE-S6SomIb6UyrYSCvGTc.roa
Signing time: Sun 18 Aug 2024 16:25:22 +0000
ROA not before: Sun 18 Aug 2024 16:25:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 24 Aug 2024 08:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:66:4e:bf:cf:78:80:05:aa:e3:d4:ce:02:3a:95:fb:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Aug 18 16:25:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=200c3aa947c4f92e92a2621be94cab6120af1937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e4:0d:ca:53:45:ff:f0:b5:2b:de:9d:0e:1f:
67:4a:b5:c5:cb:44:fa:e6:70:f7:ad:e7:53:9a:85:
17:d0:5f:c0:c0:9a:ce:ff:18:37:31:6a:63:76:49:
14:75:09:5f:4f:6e:f9:75:02:f2:7c:96:c7:14:40:
a1:10:d8:b8:59:d4:14:bb:6d:46:96:f2:fb:ad:0d:
f2:b1:79:e5:80:af:b0:ff:32:cf:78:40:ca:89:39:
b7:9c:b4:88:99:70:00:d8:3e:b7:36:fd:d3:ca:c5:
d4:3f:44:66:8b:d1:ed:b2:cc:da:71:e8:d0:f9:17:
5e:9a:8a:a4:c0:a8:e7:ce:35:09:c9:95:b6:d7:76:
01:b0:9d:0b:0a:95:78:7f:4b:1d:49:83:f7:c5:31:
29:ca:c9:fd:cb:d7:7c:99:6b:ab:39:bc:ba:b7:b7:
d1:b0:82:96:9f:37:e8:e0:a6:3a:0c:53:7f:95:81:
8b:a4:b3:41:ed:04:13:cd:e0:94:48:fa:23:3a:8a:
a2:ba:1a:01:bd:9c:d8:0f:4d:a9:37:62:77:0a:8a:
34:4f:6b:79:96:80:ad:9f:f4:69:10:95:03:82:f5:
48:41:ae:14:e2:74:0c:28:07:9e:fb:5b:2c:96:23:
51:74:ce:10:84:52:f2:b1:77:af:3c:cf:67:32:9f:
28:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:0C:3A:A9:47:C4:F9:2E:92:A2:62:1B:E9:4C:AB:61:20:AF:19:37
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/IAw6qUfE-S6SomIb6UyrYSCvGTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
28:60:b0:41:b3:0d:a2:40:3f:6d:fd:52:d3:41:fd:58:79:1f:
ac:e3:22:1c:5f:95:4a:97:da:90:d0:50:32:ad:eb:11:e3:51:
62:1a:c1:17:ee:16:50:6d:f5:f9:d7:9c:0f:25:16:d5:72:0e:
b5:27:86:f0:62:eb:01:b7:22:7c:31:12:63:da:ba:07:1e:52:
20:4b:97:49:bf:06:7e:d3:cf:df:90:af:b3:d3:85:34:3e:04:
14:47:bf:3a:77:74:7d:2e:b4:5b:c7:0b:bf:05:72:25:38:4f:
8c:95:13:39:81:d7:76:bd:6c:3c:6b:26:ac:08:54:8b:ea:34:
d4:89:8b:8e:0d:11:c4:97:ff:f4:bc:fc:f2:64:6b:91:10:61:
46:fd:f8:54:3e:0c:76:6d:26:a2:d3:b8:9b:21:c5:be:ce:dd:
4e:9b:5e:a7:bf:51:00:5b:2b:9a:32:66:df:b6:1a:9c:1b:4e:
b7:68:62:86:c5:d3:2e:16:3d:f4:e2:8c:b0:45:a1:1e:2e:ec:
8e:46:1d:87:c0:65:14:e8:26:b9:d1:30:b0:7c:fd:c6:ec:da:
c1:5f:49:34:71:0b:b6:fe:87:b6:6c:24:1e:86:d6:b8:3e:97:
88:05:47:e7:aa:fc:9f:27:3a:0e:68:6b:64:d4:33:b5:45:34:
0b:31:85:6b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZFmTr/PeIAFquPUzgI6lftYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwODE4MTYyNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDBjM2FhOTQ3YzRmOTJlOTJhMjYyMWJlOTRjYWI2MTIwYWYxOTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+QNylNF//C1K96dDh9nSrXFy0T6
5nD3redTmoUX0F/AwJrO/xg3MWpjdkkUdQlfT275dQLyfJbHFEChENi4WdQUu21G
lvL7rQ3ysXnlgK+w/zLPeEDKiTm3nLSImXAA2D63Nv3TysXUP0Rmi9HtsszacejQ
+RdemoqkwKjnzjUJyZW213YBsJ0LCpV4f0sdSYP3xTEpysn9y9d8mWurOby6t7fR
sIKWnzfo4KY6DFN/lYGLpLNB7QQTzeCUSPojOoqiuhoBvZzYD02pN2J3Coo0T2t5
loCtn/RpEJUDgvVIQa4U4nQMKAee+1ssliNRdM4QhFLysXevPM9nMp8o8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCAMOqlHxPkukqJiG+lMq2Egrxk3MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvSUF3NnFVZkUtUzZTb21JYjZVeXJZU0N2R1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQAoYLBBsw2iQD9t/VLTQf1Y
eR+s4yIcX5VKl9qQ0FAyresR41FiGsEX7hZQbfX515wPJRbVcg61J4bwYusBtyJ8
MRJj2roHHlIgS5dJvwZ+08/fkK+z04U0PgQUR786d3R9LrRbxwu/BXIlOE+MlRM5
gdd2vWw8ayasCFSL6jTUiYuODRHEl//0vPzyZGuREGFG/fhUPgx2bSai07ibIcW+
zt1Om16nv1EAWyuaMmbfthqcG063aGKGxdMuFj304oywRaEeLuyORh2HwGUU6Ca5
0TCwfP3G7NrBX0k0cQu2/oe2bCQehta4PpeIBUfnqvyfJzoOaGtk1DO1RTQLMYVr
-----END CERTIFICATE-----
Generated at Sat Aug 24 10:34:37 2024 by rpki-client on console-ams.rpki-client.org