Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/JO9p4KRnylY1SVnrpeJXB_My3Q8.roa
File: JO9p4KRnylY1SVnrpeJXB_My3Q8.roa (raw, json)
Hash identifier: XFKtWgO8zj2gSfm9gh2frNRcLMEIxi1b7TXhc6MeJPM=
Subject key identifier: 24:EF:69:E0:A4:67:CA:56:35:49:59:EB:A5:E2:57:07:F3:32:DD:0F
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018DA76BE26ED3D7AFA046E34176C11FABD0
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/JO9p4KRnylY1SVnrpeJXB_My3Q8.roa
Signing time: Wed 14 Feb 2024 11:41:21 +0000
ROA not before: Wed 14 Feb 2024 11:41:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.206.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.224.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.240.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 18 Feb 2024 07:34:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:6b:e2:6e:d3:d7:af:a0:46:e3:41:76:c1:1f:ab:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Feb 14 11:41:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24ef69e0a467ca56354959eba5e25707f332dd0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f8:fb:e3:4e:30:6b:29:3b:30:cf:d0:0d:4d:
51:ad:78:aa:8c:bc:dd:3c:63:b3:1d:c7:66:06:da:
f7:7d:e5:c8:67:94:54:9a:28:1e:cc:53:81:19:2e:
81:a4:af:f8:8d:3f:e9:da:a5:6c:6a:4b:d8:2f:ef:
9b:f4:f6:72:0d:7d:4a:0f:76:46:48:6d:f9:29:28:
fa:9a:2c:fe:09:66:28:7a:cb:fa:fe:b1:b3:79:d7:
3c:e9:00:d4:5e:ee:80:ed:c1:c5:c4:7b:43:f7:c4:
d7:14:b6:95:00:0e:e9:a1:34:3d:80:7b:78:28:8e:
b2:61:ff:f8:f0:e9:e5:1e:29:ad:25:cd:47:72:67:
83:34:05:c2:86:16:28:16:b4:2a:fd:a4:27:cd:bb:
36:ea:06:8d:fc:b3:e0:e3:bd:98:b9:c2:52:91:31:
06:d9:26:6e:a0:18:4d:e9:ab:4a:e4:8e:aa:85:dc:
3e:e2:7b:be:15:74:a6:1f:c3:cf:ce:91:90:e8:3c:
ef:05:7e:62:09:27:4b:bb:c9:ee:25:e3:f7:ec:2a:
1a:e6:5f:e2:3c:90:20:42:55:7a:ad:41:eb:d6:0d:
33:9d:17:9e:ef:b5:74:ae:96:5d:f8:9e:36:f1:c3:
77:4d:e0:cd:99:5a:ac:45:ab:9e:68:15:97:04:62:
36:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:EF:69:E0:A4:67:CA:56:35:49:59:EB:A5:E2:57:07:F3:32:DD:0F
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/JO9p4KRnylY1SVnrpeJXB_My3Q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
0d:f8:5d:c6:60:18:1c:7c:eb:bd:72:5d:a1:41:de:39:f7:21:
90:f5:0d:ad:b4:a9:d7:60:22:5a:ef:2b:3e:62:35:e9:7b:bf:
bb:8b:5c:07:67:54:de:da:7f:d5:74:6a:de:c0:fe:f7:e8:bb:
69:af:ee:47:4e:09:08:38:29:36:0d:92:3d:e6:29:a0:a6:2b:
5d:a7:8b:07:ae:ea:8a:62:27:bd:1b:be:a8:98:56:1e:64:0c:
e2:d1:b7:b2:53:59:e2:c4:a0:6a:e9:8f:af:87:2b:e2:1f:bd:
60:4e:61:d1:36:40:6a:ca:cb:5c:4d:1b:26:ad:58:f8:42:81:
8b:7a:2f:7f:7e:32:74:9a:00:fd:0a:5f:af:9d:0a:2f:de:22:
b5:ec:95:b7:b4:58:b7:9b:6a:06:ed:20:e0:44:7b:a9:7a:30:
2f:e6:d0:e4:26:02:98:99:91:8e:f0:bf:02:0b:dc:4a:49:c6:
6f:d5:07:67:a3:7a:87:e6:c8:bb:19:88:34:be:d6:a1:0f:72:
f0:9d:da:55:f0:98:2f:ab:c9:eb:78:ac:5c:8b:33:f1:eb:5a:
ee:0b:c3:6f:ac:cb:8f:2f:33:bd:a2:86:1c:80:4f:41:6f:53:
e2:b3:0a:c1:67:c4:c7:64:fd:a1:6e:d8:55:14:41:eb:ee:cb:
72:60:40:28
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY2na+Ju09evoEbjQXbBH6vQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMjE0MTE0MTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGVmNjllMGE0NjdjYTU2MzU0OTU5ZWJhNWUyNTcwN2YzMzJkZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfj7404wayk7MM/QDU1RrXiqjLzd
PGOzHcdmBtr3feXIZ5RUmigezFOBGS6BpK/4jT/p2qVsakvYL++b9PZyDX1KD3ZG
SG35KSj6miz+CWYoesv6/rGzedc86QDUXu6A7cHFxHtD98TXFLaVAA7poTQ9gHt4
KI6yYf/48OnlHimtJc1HcmeDNAXChhYoFrQq/aQnzbs26gaN/LPg472YucJSkTEG
2SZuoBhN6atK5I6qhdw+4nu+FXSmH8PPzpGQ6DzvBX5iCSdLu8nuJeP37Coa5l/i
PJAgQlV6rUHr1g0znRee77V0rpZd+J428cN3TeDNmVqsRaueaBWXBGI26wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCTvaeCkZ8pWNUlZ66XiVwfzMt0PMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvSk85cDRLUm55bFkxU1ZucnBlSlhCX015M1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQAN+F3GYBgcfOu9
cl2hQd459yGQ9Q2ttKnXYCJa7ys+YjXpe7+7i1wHZ1Te2n/VdGrewP736Ltpr+5H
TgkIOCk2DZI95imgpitdp4sHruqKYie9G76omFYeZAzi0beyU1nixKBq6Y+vhyvi
H71gTmHRNkBqystcTRsmrVj4QoGLei9/fjJ0mgD9Cl+vnQov3iK17JW3tFi3m2oG
7SDgRHupejAv5tDkJgKYmZGO8L8CC9xKScZv1Qdno3qH5si7GYg0vtahD3LwndpV
8Jgvq8nreKxcizPx61ruC8NvrMuPLzO9ooYcgE9Bb1PiswrBZ8THZP2hbthVFEHr
7styYEAo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:12 2024 by rpki-client on console-fra.rpki-client.org