Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/JkeoBb9tCl-9WXx8A-JOk6_N9W4.roa
File: JkeoBb9tCl-9WXx8A-JOk6_N9W4.roa (raw, json)
Hash identifier: LybXb+3noBfPr2Ok4h4+UOuTUknaFsvz0Q6a5CbF/zg=
Subject key identifier: 26:47:A8:05:BF:6D:0A:5F:BD:59:7C:7C:03:E2:4E:93:AF:CD:F5:6E
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018D750AC466169B671DAD2341CE9E27CF2E
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/JkeoBb9tCl-9WXx8A-JOk6_N9W4.roa
Signing time: Sun 04 Feb 2024 16:54:16 +0000
ROA not before: Sun 04 Feb 2024 16:54:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209638
IP address blocks: 85.133.199.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 28 Sep 2024 13:33:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:75:0a:c4:66:16:9b:67:1d:ad:23:41:ce:9e:27:cf:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Feb 4 16:54:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2647a805bf6d0a5fbd597c7c03e24e93afcdf56e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:45:f6:ce:d2:10:00:c3:e0:28:ec:55:f8:15:
64:1d:4f:b1:d9:23:27:c2:0d:03:29:21:d8:66:d8:
38:86:1a:5f:ea:35:2c:a1:9e:1f:ed:41:61:8d:19:
d5:3c:10:2d:c7:f7:b1:80:ea:3e:4a:3f:58:5e:39:
d6:3b:d9:da:16:83:84:2c:7e:19:b2:48:51:47:69:
84:93:06:94:b5:6e:34:f3:af:79:7a:63:c0:0d:12:
34:39:c5:7e:17:7b:eb:3e:79:fa:b5:d9:dc:18:fe:
e2:fc:f3:72:ee:6e:d9:3e:d3:b1:71:5e:59:34:e9:
27:7c:16:79:cc:a3:27:1b:4b:3a:3d:bc:88:9d:41:
bb:47:21:57:b5:0e:cf:3f:d7:88:6b:5e:e6:2a:f4:
35:03:88:77:cc:0c:ab:ec:55:bc:25:d6:04:29:53:
80:ee:d1:3a:59:d4:0f:6b:3c:74:2f:bc:60:1f:73:
d9:3a:cc:17:98:ef:a0:b2:42:79:40:18:31:69:dc:
7f:28:69:f0:1d:00:29:39:c5:95:6d:14:c9:8c:1c:
ce:2c:45:43:03:b6:58:ca:cd:64:d2:4f:35:75:e2:
59:2a:86:32:8d:cf:62:8d:27:0c:ce:24:2e:a1:cd:
37:33:df:7c:04:2d:a3:d1:bc:ef:df:d7:97:a8:87:
95:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:47:A8:05:BF:6D:0A:5F:BD:59:7C:7C:03:E2:4E:93:AF:CD:F5:6E
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/JkeoBb9tCl-9WXx8A-JOk6_N9W4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.199.0/24
85.133.221.0-85.133.222.255
Signature Algorithm: sha256WithRSAEncryption
23:8d:ad:e2:e7:5f:f8:cd:fa:f4:91:e5:1a:34:76:d0:18:46:
24:ac:a5:33:15:8d:f5:6e:bb:89:d9:91:99:92:ac:9f:62:1a:
69:e9:cd:19:a6:d5:65:87:b6:b0:d1:49:31:20:9e:94:ae:43:
fc:6a:d1:07:e6:0d:04:3a:93:b2:9b:1c:cb:4a:a9:50:c3:1f:
d4:a1:a3:fd:d3:5c:2f:4c:4c:63:3f:9e:6d:e4:6c:8b:22:11:
db:ce:b9:b1:ef:a3:b9:c6:0e:d5:b2:19:ed:f9:28:24:21:6e:
1f:1b:ef:66:53:17:e3:31:48:39:bc:c2:1d:e7:95:10:ba:92:
0b:a3:70:37:f7:2a:cf:52:c8:93:92:b7:c3:06:9e:c4:ea:fc:
ec:44:3b:7e:a9:5a:5d:24:7a:c8:fd:f3:8f:e4:b2:e7:c3:92:
52:e6:e8:f6:b3:32:1b:a1:4f:10:2a:17:d5:09:93:41:1e:49:
25:28:b8:d3:2f:b0:93:fb:ea:8a:8e:19:59:00:fe:56:7b:f0:
e2:ee:37:5e:6d:f9:34:23:bd:e7:d2:7e:5d:eb:13:cd:87:ca:
77:ab:50:6d:f4:9d:af:9b:83:79:1d:41:74:53:25:7a:d2:e7:
af:90:0e:0e:90:e2:6f:2d:66:3c:ce:c9:c9:9d:fb:35:ca:ab:
ef:39:b7:49
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY11CsRmFptnHa0jQc6eJ88uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMjA0MTY1NDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjQ3YTgwNWJmNmQwYTVmYmQ1OTdjN2MwM2UyNGU5M2FmY2RmNTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukX2ztIQAMPgKOxV+BVkHU+x2SMn
wg0DKSHYZtg4hhpf6jUsoZ4f7UFhjRnVPBAtx/exgOo+Sj9YXjnWO9naFoOELH4Z
skhRR2mEkwaUtW408695emPADRI0OcV+F3vrPnn6tdncGP7i/PNy7m7ZPtOxcV5Z
NOknfBZ5zKMnG0s6PbyInUG7RyFXtQ7PP9eIa17mKvQ1A4h3zAyr7FW8JdYEKVOA
7tE6WdQPazx0L7xgH3PZOswXmO+gskJ5QBgxadx/KGnwHQApOcWVbRTJjBzOLEVD
A7ZYys1k0k81deJZKoYyjc9ijScMziQuoc03M998BC2j0bzv39eXqIeVgQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCZHqAW/bQpfvVl8fAPiTpOvzfVuMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvSmtlb0JiOXRDbC05V1h4OEEtSk9rNl9OOVc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAVYXHMAwD
BABVhd0DBABVhd4wDQYJKoZIhvcNAQELBQADggEBACONreLnX/jN+vSR5Ro0dtAY
RiSspTMVjfVuu4nZkZmSrJ9iGmnpzRmm1WWHtrDRSTEgnpSuQ/xq0QfmDQQ6k7Kb
HMtKqVDDH9Sho/3TXC9MTGM/nm3kbIsiEdvOubHvo7nGDtWyGe35KCQhbh8b72ZT
F+MxSDm8wh3nlRC6kgujcDf3Ks9SyJOSt8MGnsTq/OxEO36pWl0kesj984/ksufD
klLm6PazMhuhTxAqF9UJk0EeSSUouNMvsJP76oqOGVkA/lZ78OLuN15t+TQjvefS
fl3rE82HynerUG30na+bg3kdQXRTJXrS56+QDg6Q4m8tZjzOycmd+zXKq+85t0k=
-----END CERTIFICATE-----
Generated at Sat Sep 28 17:45:14 2024 by rpki-client on console-ams.rpki-client.org