Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/JhYUIhZtIlSihc36zzGw0LfOtTc.roa
File: JhYUIhZtIlSihc36zzGw0LfOtTc.roa (raw, json)
Hash identifier: k8Xz3WJaZ3WCNXCsXigGb9LTHBNBCfDn0IsQ8p4gXmM=
Subject key identifier: 26:16:14:22:16:6D:22:54:A2:85:CD:FA:CF:31:B0:D0:B7:CE:B5:37
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018FBE5AF304569ACE93D7934BF93F7CBC8C
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/JhYUIhZtIlSihc36zzGw0LfOtTc.roa
Signing time: Tue 28 May 2024 08:39:42 +0000
ROA not before: Tue 28 May 2024 08:39:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48147
IP address blocks: 85.133.137.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.178.0/23 maxlen: 24
85.133.202.0/24 maxlen: 24
85.133.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Jun 2024 17:46:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:be:5a:f3:04:56:9a:ce:93:d7:93:4b:f9:3f:7c:bc:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: May 28 08:39:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26161422166d2254a285cdfacf31b0d0b7ceb537
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f3:79:5e:37:b1:c0:d7:7d:0b:71:37:12:ee:
73:d0:85:3c:ce:fa:4f:d2:25:ee:0c:ef:55:c8:d7:
bd:90:89:2e:86:98:2f:e4:50:1f:36:81:26:5a:24:
85:ea:a4:b3:43:c5:86:c3:6f:da:a1:2b:04:41:56:
da:ec:91:65:a6:fd:31:ea:4b:c3:81:4e:af:11:6c:
29:3b:7c:f3:15:cb:02:ee:31:1f:47:e6:62:9b:c2:
c4:6a:3a:72:d4:d7:70:6a:88:8a:09:45:83:a0:3d:
9e:b7:db:1d:e1:0d:28:9e:d9:10:f9:50:d3:2f:12:
bd:55:fb:f7:0c:d0:81:6d:46:56:68:99:bb:98:b8:
4f:28:9d:c5:43:73:a4:82:9b:8d:20:97:b1:8e:07:
4a:ee:34:d4:74:47:9a:68:28:b6:48:e9:fd:4f:d4:
64:54:85:a6:2d:7f:99:5c:c3:dd:55:e4:d3:e1:2b:
9f:f2:c9:6f:39:c9:88:02:0d:42:f8:8a:47:f2:18:
9b:be:3e:39:98:ed:4a:73:1c:24:b9:b6:5c:65:9a:
7c:c9:2b:82:84:ad:be:87:cd:4e:20:da:9f:ad:b6:
d7:90:5e:de:f3:7a:3d:b1:32:14:4d:51:66:54:69:
3e:79:b9:fe:ae:87:86:e6:04:a8:88:29:e4:ef:ae:
4f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:16:14:22:16:6D:22:54:A2:85:CD:FA:CF:31:B0:D0:B7:CE:B5:37
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/JhYUIhZtIlSihc36zzGw0LfOtTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.137.0/24
85.133.153.0/24
85.133.178.0/23
85.133.202.0/24
85.133.241.0/24
Signature Algorithm: sha256WithRSAEncryption
34:a8:b2:1a:a2:19:56:9c:ed:5c:3a:02:fb:94:a5:63:f3:b3:
89:d4:b7:24:98:db:13:49:72:0d:fe:e7:ec:bc:7e:7a:8c:c1:
7a:e2:47:45:7e:0a:16:e7:29:d5:48:cd:84:4b:1a:f7:fc:33:
e0:87:e6:c8:f2:f0:51:cf:a4:86:22:9f:f3:6b:1d:cc:8e:be:
d0:84:3c:ec:5a:e7:fc:3d:a8:56:95:b2:60:df:59:9f:92:4c:
e5:c8:51:3b:3e:f5:be:7b:24:00:b9:42:40:b2:6b:36:75:8a:
2a:d8:75:8f:3b:5e:0d:b1:19:00:b7:7f:04:86:31:11:85:f6:
ff:a8:d9:6c:d9:14:e1:82:bd:65:6c:d1:8b:0c:d5:e3:cd:aa:
ae:8d:f8:2d:fb:1d:f1:0b:1d:c2:3b:b9:4c:4f:f1:4c:d4:79:
06:b3:83:e3:d8:86:96:44:1f:04:c9:39:1e:48:d7:39:47:10:
cd:84:17:40:c5:fa:c3:0f:f2:b3:50:31:be:fa:8d:85:f4:0f:
4f:91:c5:e0:69:19:84:72:59:e0:d7:60:d7:4d:18:25:cc:8e:
62:6a:76:7f:48:35:18:ed:99:f0:95:5b:b4:72:bc:59:16:42:
f0:25:c8:c5:41:d8:02:1e:1b:2b:99:1f:1b:d1:08:29:82:e9:
65:29:ff:46
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY++WvMEVprOk9eTS/k/fLyMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwNTI4MDgzOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjE2MTQyMjE2NmQyMjU0YTI4NWNkZmFjZjMxYjBkMGI3Y2ViNTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfN5XjexwNd9C3E3Eu5z0IU8zvpP
0iXuDO9VyNe9kIkuhpgv5FAfNoEmWiSF6qSzQ8WGw2/aoSsEQVba7JFlpv0x6kvD
gU6vEWwpO3zzFcsC7jEfR+Zim8LEajpy1NdwaoiKCUWDoD2et9sd4Q0ontkQ+VDT
LxK9Vfv3DNCBbUZWaJm7mLhPKJ3FQ3OkgpuNIJexjgdK7jTUdEeaaCi2SOn9T9Rk
VIWmLX+ZXMPdVeTT4Suf8slvOcmIAg1C+IpH8hibvj45mO1KcxwkubZcZZp8ySuC
hK2+h81OINqfrbbXkF7e83o9sTIUTVFmVGk+ebn+roeG5gSoiCnk765PFwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCYWFCIWbSJUooXN+s8xsNC3zrU3MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvSmhZVUloWnRJbFNpaGMzNnp6R3cwTGZPdFRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVYWJAwQA
VYWZAwQBVYWyAwQAVYXKAwQAVYXxMA0GCSqGSIb3DQEBCwUAA4IBAQA0qLIaohlW
nO1cOgL7lKVj87OJ1LckmNsTSXIN/ufsvH56jMF64kdFfgoW5ynVSM2ESxr3/DPg
h+bI8vBRz6SGIp/zax3Mjr7QhDzsWuf8PahWlbJg31mfkkzlyFE7PvW+eyQAuUJA
sms2dYoq2HWPO14NsRkAt38EhjERhfb/qNls2RThgr1lbNGLDNXjzaqujfgt+x3x
Cx3CO7lMT/FM1HkGs4Pj2IaWRB8EyTkeSNc5RxDNhBdAxfrDD/KzUDG++o2F9A9P
kcXgaRmEclng12DXTRglzI5ianZ/SDUY7ZnwlVu0crxZFkLwJcjFQdgCHhsrmR8b
0QgpgullKf9G
-----END CERTIFICATE-----
Generated at Thu Jun 6 23:20:48 2024 by rpki-client on console-ams.rpki-client.org