Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Iew2DNVxba_aJ0k_054WFazCsMo.roa
File: Iew2DNVxba_aJ0k_054WFazCsMo.roa (raw, json)
Hash identifier: xySV8qsPiWGh/opp2ORNg1GpcnLNGT7weUxEZHdGH/g=
Subject key identifier: 21:EC:36:0C:D5:71:6D:AF:DA:27:49:3F:D3:9E:16:15:AC:C2:B0:CA
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0190C25081D490285F6C44FE74471BCFB96F
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Iew2DNVxba_aJ0k_054WFazCsMo.roa
Signing time: Wed 17 Jul 2024 20:09:34 +0000
ROA not before: Wed 17 Jul 2024 20:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.224.0/23 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 24 Jul 2024 06:39:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c2:50:81:d4:90:28:5f:6c:44:fe:74:47:1b:cf:b9:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jul 17 20:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21ec360cd5716dafda27493fd39e1615acc2b0ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cb:be:4d:93:73:04:0c:5e:c0:eb:82:49:fe:
ba:84:d2:89:f1:a8:35:69:f8:87:ee:92:84:db:ad:
18:00:65:eb:ca:b8:eb:15:10:d2:fa:d9:e5:e8:1c:
44:2a:2f:be:40:c5:93:60:4c:3e:52:66:ad:a4:52:
84:9d:b4:1b:73:9f:30:62:9b:e8:c8:3c:62:95:69:
14:00:3d:d6:a7:c9:52:cc:bc:9b:8c:d6:60:aa:59:
19:1d:a5:b5:1d:c9:3b:a6:f6:5f:57:47:c8:a4:6f:
e3:67:c3:32:f5:89:f3:36:fa:fc:7f:cc:c0:f0:2e:
9f:34:f4:bb:f9:0a:0f:ab:9b:f0:4e:6a:7c:65:bf:
eb:24:f8:34:5a:21:5e:3e:4e:71:f6:c4:d8:14:b3:
94:c4:d2:4f:6d:9f:e8:70:1c:32:07:38:ed:e9:9b:
09:9f:1c:e5:ae:f3:cf:30:e2:6b:a4:2b:89:fb:92:
b7:e9:b9:09:8b:29:b5:95:90:ee:eb:b5:6b:2f:92:
16:19:90:b2:d6:9a:9e:50:cd:e3:8e:24:c6:fb:5f:
13:ce:da:1a:a9:1f:7a:cb:a1:78:45:1e:46:4d:7c:
00:6a:aa:05:76:f7:7c:e0:6b:e7:02:5c:63:89:10:
b4:2f:83:7e:c2:26:b9:01:2e:17:30:5b:ce:e5:31:
c0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:EC:36:0C:D5:71:6D:AF:DA:27:49:3F:D3:9E:16:15:AC:C2:B0:CA
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Iew2DNVxba_aJ0k_054WFazCsMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.1.0-185.41.3.255
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
9c:f4:67:9a:6c:a1:91:5b:5a:44:5e:38:01:92:db:f0:6e:03:
59:7f:80:f8:4e:9d:d8:5c:d6:2c:89:2b:97:ed:ce:44:53:7c:
9a:16:16:3b:e3:91:9b:96:85:70:d3:d3:b8:2e:d4:4a:d4:4d:
15:c8:c3:51:22:b3:08:c8:da:43:71:94:a5:2b:d9:a0:81:2b:
73:ba:7e:35:a8:10:73:47:90:46:27:89:86:c3:9f:94:39:98:
08:3f:37:82:1d:e4:64:b3:9e:26:25:c6:38:1b:ae:33:ad:30:
40:ca:31:f5:8e:71:9b:44:8c:4d:aa:a2:64:75:55:bf:ef:b4:
35:4a:ae:ca:26:18:e8:d9:e7:0c:aa:f3:ba:1f:a2:4d:c0:46:
ba:a6:39:94:1b:25:49:58:5c:58:c6:14:2f:a6:17:8f:bd:d5:
55:48:43:8f:5b:b8:2e:d1:c3:e6:f5:da:58:cb:5c:2a:f7:23:
e7:e9:06:97:f9:fa:ba:07:dd:91:e3:38:71:ee:e5:92:d5:2d:
45:5c:e6:1a:b6:77:50:67:09:18:62:f7:b4:e6:8f:30:ee:2c:
0e:8a:79:b5:e3:fa:29:cb:c1:ca:f2:a7:33:be:76:44:d7:33:
63:b6:03:c9:bc:0d:10:55:03:e7:1f:6d:3a:95:30:5a:88:0c:
a8:d0:74:8a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZDCUIHUkChfbET+dEcbz7lvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwNzE3MjAwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWVjMzYwY2Q1NzE2ZGFmZGEyNzQ5M2ZkMzllMTYxNWFjYzJiMGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcu+TZNzBAxewOuCSf66hNKJ8ag1
afiH7pKE260YAGXryrjrFRDS+tnl6BxEKi++QMWTYEw+UmatpFKEnbQbc58wYpvo
yDxilWkUAD3Wp8lSzLybjNZgqlkZHaW1Hck7pvZfV0fIpG/jZ8My9YnzNvr8f8zA
8C6fNPS7+QoPq5vwTmp8Zb/rJPg0WiFePk5x9sTYFLOUxNJPbZ/ocBwyBzjt6ZsJ
nxzlrvPPMOJrpCuJ+5K36bkJiym1lZDu67VrL5IWGZCy1pqeUM3jjiTG+18Tztoa
qR96y6F4RR5GTXwAaqoFdvd84GvnAlxjiRC0L4N+wia5AS4XMFvO5THABQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFCHsNgzVcW2v2idJP9OeFhWswrDKMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvSWV3MkROVnhiYV9hSjBrXzA1NFdGYXpDc01vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQHVYWAMAwD
BAC5KQEDBAK5KQAwDQQCAAIwBwMFAyoEh8AwDQYJKoZIhvcNAQELBQADggEBAJz0
Z5psoZFbWkReOAGS2/BuA1l/gPhOndhc1iyJK5ftzkRTfJoWFjvjkZuWhXDT07gu
1ErUTRXIw1EiswjI2kNxlKUr2aCBK3O6fjWoEHNHkEYniYbDn5Q5mAg/N4Id5GSz
niYlxjgbrjOtMEDKMfWOcZtEjE2qomR1Vb/vtDVKrsomGOjZ5wyq87ofok3ARrqm
OZQbJUlYXFjGFC+mF4+91VVIQ49buC7Rw+b12ljLXCr3I+fpBpf5+roH3ZHjOHHu
5ZLVLUVc5hq2d1BnCRhi97TmjzDuLA6KebXj+inLwcrypzO+dkTXM2O2A8m8DRBV
A+cfbTqVMFqIDKjQdIo=
-----END CERTIFICATE-----
Generated at Wed Jul 24 07:59:45 2024 by rpki-client on console-fra.rpki-client.org