Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/IHOvnjSfGPKu_W7g6MHoVHcMV8I.roa
File: IHOvnjSfGPKu_W7g6MHoVHcMV8I.roa (raw, json)
Hash identifier: 3sRXZdfVdCtbKPEuvhgJueKrOt9wSxnkbXICyyYcO4M=
Subject key identifier: 20:73:AF:9E:34:9F:18:F2:AE:FD:6E:E0:E8:C1:E8:54:77:0C:57:C2
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018FBE5AF386CCB100C80FE44C756D0B8D29
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/IHOvnjSfGPKu_W7g6MHoVHcMV8I.roa
Signing time: Tue 28 May 2024 08:39:42 +0000
ROA not before: Tue 28 May 2024 08:39:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214922
IP address blocks: 85.133.201.0/24 maxlen: 24
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Jun 2024 17:46:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:be:5a:f3:86:cc:b1:00:c8:0f:e4:4c:75:6d:0b:8d:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: May 28 08:39:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2073af9e349f18f2aefd6ee0e8c1e854770c57c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d5:0f:05:ea:8d:16:c1:a6:cb:77:7b:bb:b6:
11:d9:40:d8:7d:6e:d4:90:0a:96:52:0a:f0:e3:c3:
58:c9:a3:6e:d2:de:5a:8f:42:ad:62:65:48:75:86:
23:bd:03:74:12:9e:16:81:9d:5b:c2:10:c9:78:64:
55:62:f0:64:9f:6a:53:b5:0a:d0:0a:09:24:d4:36:
09:3c:cf:43:5e:dc:c2:cf:69:40:16:fd:aa:dd:80:
e2:10:82:37:c1:d4:86:dd:ec:44:74:37:02:68:21:
fa:9b:59:51:fe:c3:a1:cd:ce:bb:57:22:f6:16:4b:
57:91:3c:3d:19:56:85:c2:21:3d:b0:d2:ee:86:8d:
b7:ec:6a:81:cb:c8:8f:1c:aa:f0:41:8f:09:f9:9f:
2d:73:73:af:9b:18:58:2f:58:cd:1c:44:56:7e:46:
ee:5f:ed:46:b2:2a:ff:37:9b:29:c1:52:79:c9:81:
61:c8:ed:f8:ff:dd:11:d8:c5:47:2a:79:23:4e:65:
24:25:9e:ee:2a:fb:9b:f0:f8:e6:6b:e5:5a:02:b0:
73:9c:f9:e2:f9:ff:95:b2:a4:de:6d:f7:2c:9d:1b:
ac:2e:86:29:92:77:17:1b:8d:60:0e:63:35:5c:36:
09:ea:5b:b8:fe:52:10:6e:af:46:a3:e1:89:f5:5a:
f6:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:73:AF:9E:34:9F:18:F2:AE:FD:6E:E0:E8:C1:E8:54:77:0C:57:C2
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/IHOvnjSfGPKu_W7g6MHoVHcMV8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.201.0/24
85.133.203.0-85.133.204.255
Signature Algorithm: sha256WithRSAEncryption
72:c4:fe:90:98:0b:0c:d4:63:14:f8:3c:22:06:f4:dc:18:6a:
04:88:9e:1e:04:16:81:d2:90:f9:51:da:4f:cf:62:37:94:47:
13:c4:38:45:8c:56:8d:09:fd:bc:16:e4:09:a0:b8:bd:c6:12:
fa:a4:c4:96:7c:7b:4c:b9:d8:26:04:cb:ac:99:03:d4:eb:a9:
8d:8e:f4:44:84:4e:78:9d:69:85:50:3e:03:d4:16:8f:cb:60:
bf:6e:d1:a0:f1:60:58:76:f7:da:4b:62:53:34:dd:ee:cb:76:
c2:39:93:52:fc:99:7d:34:6a:a8:f5:6d:e8:2c:4e:fd:bd:69:
77:b2:32:45:7b:39:ef:fd:32:e7:1b:82:df:38:e7:13:94:78:
01:6c:7b:bd:8b:c2:d5:8c:3b:4d:fb:83:62:aa:7a:9d:8a:9a:
48:04:20:ff:49:9e:a7:f7:04:ca:7b:f9:c5:ef:8c:09:53:48:
0b:75:d9:61:78:8e:6e:3d:ae:17:57:a6:d0:da:b8:73:d2:27:
d8:12:d4:fd:d3:bd:f3:e3:1b:93:2a:09:86:cc:67:cd:9b:a8:
0e:a3:fd:67:eb:e8:f3:c6:2a:90:6f:df:1e:cb:2f:9a:eb:6c:
42:6c:e7:cf:ad:88:5c:a2:a8:07:c3:77:2b:3d:5d:89:7f:e0:
4f:02:78:2c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY++WvOGzLEAyA/kTHVtC40pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwNTI4MDgzOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDczYWY5ZTM0OWYxOGYyYWVmZDZlZTBlOGMxZTg1NDc3MGM1N2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNUPBeqNFsGmy3d7u7YR2UDYfW7U
kAqWUgrw48NYyaNu0t5aj0KtYmVIdYYjvQN0Ep4WgZ1bwhDJeGRVYvBkn2pTtQrQ
Cgkk1DYJPM9DXtzCz2lAFv2q3YDiEII3wdSG3exEdDcCaCH6m1lR/sOhzc67VyL2
FktXkTw9GVaFwiE9sNLuho237GqBy8iPHKrwQY8J+Z8tc3OvmxhYL1jNHERWfkbu
X+1Gsir/N5spwVJ5yYFhyO34/90R2MVHKnkjTmUkJZ7uKvub8Pjma+VaArBznPni
+f+VsqTebfcsnRusLoYpkncXG41gDmM1XDYJ6lu4/lIQbq9Go+GJ9Vr2EQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCBzr540nxjyrv1u4OjB6FR3DFfCMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvSUhPdm5qU2ZHUEt1X1c3ZzZNSG9WSGNNVjhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAVYXJMAwD
BABVhcsDBABVhcwwDQYJKoZIhvcNAQELBQADggEBAHLE/pCYCwzUYxT4PCIG9NwY
agSInh4EFoHSkPlR2k/PYjeURxPEOEWMVo0J/bwW5AmguL3GEvqkxJZ8e0y52CYE
y6yZA9TrqY2O9ESETnidaYVQPgPUFo/LYL9u0aDxYFh299pLYlM03e7LdsI5k1L8
mX00aqj1begsTv29aXeyMkV7Oe/9Mucbgt845xOUeAFse72LwtWMO037g2Kqep2K
mkgEIP9Jnqf3BMp7+cXvjAlTSAt12WF4jm49rhdXptDauHPSJ9gS1P3TvfPjG5Mq
CYbMZ82bqA6j/Wfr6PPGKpBv3x7LL5rrbEJs58+tiFyiqAfDdys9XYl/4E8CeCw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:19:12 2024 by rpki-client on console-fra.rpki-client.org