Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/LZW7YSkV88kYQ2MVqJb2EjG9lJ4.roa
File: LZW7YSkV88kYQ2MVqJb2EjG9lJ4.roa (raw, json)
Hash identifier: HxPGmORxuoOOUJEAD6m0QPrTEAPgibhJSiQmMkmoRRs=
Subject key identifier: 2D:95:BB:61:29:15:F3:C9:18:43:63:15:A8:96:F6:12:31:BD:94:9E
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01908D8F53245ED382E74070EF034865F5D4
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/LZW7YSkV88kYQ2MVqJb2EjG9lJ4.roa
Signing time: Sun 07 Jul 2024 14:18:18 +0000
ROA not before: Sun 07 Jul 2024 14:18:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.224.0/23 maxlen: 24
85.133.224.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 17 Jul 2024 20:09:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8d:8f:53:24:5e:d3:82:e7:40:70:ef:03:48:65:f5:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jul 7 14:18:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d95bb612915f3c918436315a896f61231bd949e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d8:47:3b:d8:f2:fa:5c:91:3a:84:df:0e:a9:
b8:1b:36:44:34:de:6b:90:95:67:73:fc:cb:0c:7c:
38:a7:f5:55:66:35:6b:23:9a:cf:61:d7:a2:53:3e:
1c:5f:88:fe:1a:21:67:f8:44:54:fa:56:de:54:2e:
4e:dc:88:ce:8c:87:3a:e0:ff:6c:39:b6:66:24:67:
05:af:a2:64:a7:44:ec:f2:01:79:c1:3e:70:63:e4:
14:4d:f8:e6:db:d0:9f:1f:8a:28:0d:31:e4:56:d4:
3d:64:5c:6a:54:c6:d4:78:55:b5:e3:48:2f:0c:e9:
d2:d3:41:31:a6:a2:bf:8e:c7:67:df:06:f8:84:ba:
e5:2d:40:ef:19:e8:88:18:fc:7b:4f:1d:e1:cc:70:
7c:0b:8b:3e:7f:ec:dc:4c:c1:70:d6:4f:d1:bb:00:
cf:d6:be:1a:e8:f9:72:05:00:c3:dd:c8:34:0d:82:
66:9b:f8:ea:42:06:6c:d1:32:a3:b5:1b:dd:54:f1:
dd:5b:a6:6d:68:cc:06:52:a0:76:1c:b7:09:ed:3a:
20:ae:1a:6e:d8:7e:82:ff:83:dc:0a:8b:62:98:64:
22:c1:de:06:2e:d3:fb:a0:ce:30:f2:b3:8e:06:0e:
66:42:46:0a:71:c0:74:d3:fe:4c:23:ca:04:57:fa:
4f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:95:BB:61:29:15:F3:C9:18:43:63:15:A8:96:F6:12:31:BD:94:9E
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/LZW7YSkV88kYQ2MVqJb2EjG9lJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.1.0-185.41.3.255
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
55:67:65:78:97:7a:4d:d5:6d:04:93:f0:63:4d:63:d6:28:c6:
0b:47:1f:9e:11:23:5f:8f:ea:a8:c9:ef:2b:c4:43:2d:32:b0:
b7:4c:48:eb:fd:4b:04:a2:68:3c:f0:05:e3:b7:91:83:8e:42:
01:10:6d:fd:60:33:33:c6:8a:3d:4b:d1:32:c6:2e:c3:ea:e9:
ac:f1:c8:cc:73:8a:c1:3b:db:fa:57:c4:e5:05:d2:38:3c:7f:
e2:55:ab:25:53:36:b5:5f:2a:4a:ac:e2:1c:e8:81:40:ff:b6:
b3:7d:0b:6f:46:70:02:4b:22:9c:46:b7:8f:5f:cd:fa:f1:47:
b1:ed:2c:b1:12:fd:91:e8:68:9c:4f:e4:cd:c8:8f:47:ac:37:
94:70:ed:23:9c:48:e6:d2:82:91:c3:9a:67:bc:04:b1:e8:f6:
1e:30:35:d2:87:6d:9b:19:44:cf:5b:d6:c5:6f:20:7e:1f:bd:
29:0b:40:9f:49:f3:13:2b:70:c4:ad:99:4d:21:05:2c:45:e1:
27:2f:78:61:98:77:58:54:55:95:09:86:50:52:b3:cf:37:e3:
03:51:f6:d0:ae:52:d7:f6:cc:66:25:11:1b:8a:05:5a:f3:84:
5f:43:bf:f2:68:80:b5:3f:ed:6f:da:ee:f3:21:4e:70:34:4f:
0e:15:22:cd
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZCNj1MkXtOC50Bw7wNIZfXUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwNzA3MTQxODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDk1YmI2MTI5MTVmM2M5MTg0MzYzMTVhODk2ZjYxMjMxYmQ5NDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnthHO9jy+lyROoTfDqm4GzZENN5r
kJVnc/zLDHw4p/VVZjVrI5rPYdeiUz4cX4j+GiFn+ERU+lbeVC5O3IjOjIc64P9s
ObZmJGcFr6Jkp0Ts8gF5wT5wY+QUTfjm29CfH4ooDTHkVtQ9ZFxqVMbUeFW140gv
DOnS00ExpqK/jsdn3wb4hLrlLUDvGeiIGPx7Tx3hzHB8C4s+f+zcTMFw1k/RuwDP
1r4a6PlyBQDD3cg0DYJmm/jqQgZs0TKjtRvdVPHdW6ZtaMwGUqB2HLcJ7Togrhpu
2H6C/4PcCotimGQiwd4GLtP7oM4w8rOOBg5mQkYKccB00/5MI8oEV/pPIwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFC2Vu2EpFfPJGENjFaiW9hIxvZSeMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvTFpXN1lTa1Y4OGtZUTJNVnFKYjJFakc5bEo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQHVYWAMAwD
BAC5KQEDBAK5KQAwDQQCAAIwBwMFAyoEh8AwDQYJKoZIhvcNAQELBQADggEBAFVn
ZXiXek3VbQST8GNNY9YoxgtHH54RI1+P6qjJ7yvEQy0ysLdMSOv9SwSiaDzwBeO3
kYOOQgEQbf1gMzPGij1L0TLGLsPq6azxyMxzisE72/pXxOUF0jg8f+JVqyVTNrVf
Kkqs4hzogUD/trN9C29GcAJLIpxGt49fzfrxR7HtLLES/ZHoaJxP5M3Ij0esN5Rw
7SOcSObSgpHDmme8BLHo9h4wNdKHbZsZRM9b1sVvIH4fvSkLQJ9J8xMrcMStmU0h
BSxF4ScveGGYd1hUVZUJhlBSs8834wNR9tCuUtf2zGYlERuKBVrzhF9Dv/JogLU/
7W/a7vMhTnA0Tw4VIs0=
-----END CERTIFICATE-----
Generated at Wed Jul 17 23:29:17 2024 by rpki-client on console-fra.rpki-client.org