Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/M3D_8hgLnseNPORKE0qQD1u4Ejs.roa
File: M3D_8hgLnseNPORKE0qQD1u4Ejs.roa (raw, json)
Hash identifier: 4NwZ/qsmtxUnZt7bgbdFcONu1NlQ17uhfQLSW2EMTQA=
Subject key identifier: 33:70:FF:F2:18:0B:9E:C7:8D:3C:E4:4A:13:4A:90:0F:5B:B8:12:3B
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018CC936260306D65A953966FCB9BD522AA8
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/M3D_8hgLnseNPORKE0qQD1u4Ejs.roa
Signing time: Tue 02 Jan 2024 08:06:58 +0000
ROA not before: Tue 02 Jan 2024 08:06:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 85.133.201.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 08:49:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:36:26:03:06:d6:5a:95:39:66:fc:b9:bd:52:2a:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 2 08:06:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3370fff2180b9ec78d3ce44a134a900f5bb8123b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:27:98:f1:b8:3b:b3:8c:a8:7f:60:04:2a:5b:
c0:79:fe:da:f3:cc:19:fc:9a:d5:88:b3:0e:4b:5b:
76:21:7f:47:01:e6:a2:66:a2:f6:d8:f1:fd:ac:b2:
3b:a1:01:cb:a9:25:45:54:db:0c:ff:37:d4:8e:b5:
1a:9f:2f:64:8a:e3:42:06:aa:31:da:c5:c3:8a:bc:
93:37:d4:78:50:2d:22:e1:57:9a:7b:a9:76:67:79:
55:bf:4e:23:d8:9c:79:4e:1d:eb:c4:a4:a1:8e:d4:
67:b7:c8:7c:8e:20:2c:64:68:8d:33:bf:88:77:a1:
78:7d:6e:13:99:5d:49:db:00:eb:05:d0:6e:cd:e0:
dc:42:c1:f7:e9:89:fd:62:2f:60:0b:9d:27:c7:e8:
57:ae:ab:0b:85:f4:89:91:96:9e:b4:48:cd:b8:72:
1b:5d:8a:79:86:de:0f:3a:92:3c:2a:73:5d:62:27:
d1:d8:94:d2:57:ae:8e:e5:1f:04:41:04:82:49:98:
c1:b4:88:0f:3d:ba:04:8f:12:97:13:a0:ec:3e:17:
9c:72:1e:05:7b:4d:0f:ef:d3:04:25:95:45:3e:66:
c3:d4:68:ff:97:cb:65:1d:f9:15:51:23:9c:ed:46:
cf:6c:77:8a:96:46:5f:c2:a1:2f:83:89:0d:7f:8b:
07:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:70:FF:F2:18:0B:9E:C7:8D:3C:E4:4A:13:4A:90:0F:5B:B8:12:3B
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/M3D_8hgLnseNPORKE0qQD1u4Ejs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.201.0/24
85.133.208.0/24
85.133.219.0/24
85.133.242.0/24
Signature Algorithm: sha256WithRSAEncryption
97:0d:85:5f:c8:a8:9a:9d:a7:b0:b4:89:45:9e:78:d3:da:c1:
16:51:0d:36:20:2b:2a:b9:bd:7d:6b:21:d3:f5:1d:ac:25:d5:
17:e5:b5:10:af:8b:bc:9a:21:b4:b1:0b:3a:50:5c:7e:79:b3:
32:1e:50:80:68:d1:86:c8:4e:1f:da:7a:be:db:4f:97:5f:73:
8a:5d:12:73:fb:fe:5c:8f:5f:ac:00:74:6e:bb:13:be:68:2f:
cf:ab:93:ed:ee:c7:b9:3c:4d:da:a1:26:26:25:e2:05:97:dc:
f2:51:c1:87:ca:35:86:42:bb:3a:70:e6:f1:62:58:e7:82:e5:
a7:8f:93:4f:0f:43:33:0b:0a:41:31:95:0d:15:c0:fa:ea:63:
58:a7:b8:53:fd:c7:13:2a:db:40:3e:9b:11:03:88:1f:1b:8a:
65:03:a7:6b:07:c8:07:00:02:65:fd:29:47:f8:ce:b4:fe:ac:
56:c5:8e:00:77:43:05:4f:c1:68:78:a0:7e:ac:8b:d8:e2:10:
8a:b8:6e:93:9b:a1:bf:0e:a8:28:5f:44:e8:74:0b:c1:8f:70:
fd:e0:8a:b6:fb:d3:5d:33:43:98:2f:11:c8:36:0b:0f:59:53:
1f:12:f4:3f:6b:a7:4c:1b:ea:69:35:30:7f:fd:8d:b8:38:86:
e8:be:03:5b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJNiYDBtZalTlm/Lm9UiqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMTAyMDgwNjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzcwZmZmMjE4MGI5ZWM3OGQzY2U0NGExMzRhOTAwZjViYjgxMjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSeY8bg7s4yof2AEKlvAef7a88wZ
/JrViLMOS1t2IX9HAeaiZqL22PH9rLI7oQHLqSVFVNsM/zfUjrUany9kiuNCBqox
2sXDiryTN9R4UC0i4Veae6l2Z3lVv04j2Jx5Th3rxKShjtRnt8h8jiAsZGiNM7+I
d6F4fW4TmV1J2wDrBdBuzeDcQsH36Yn9Yi9gC50nx+hXrqsLhfSJkZaetEjNuHIb
XYp5ht4POpI8KnNdYifR2JTSV66O5R8EQQSCSZjBtIgPPboEjxKXE6DsPhecch4F
e00P79MEJZVFPmbD1Gj/l8tlHfkVUSOc7UbPbHeKlkZfwqEvg4kNf4sHWQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDNw//IYC57HjTzkShNKkA9buBI7MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvTTNEXzhoZ0xuc2VOUE9SS0UwcVFEMXU0RWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVYXJAwQA
VYXQAwQAVYXbAwQAVYXyMA0GCSqGSIb3DQEBCwUAA4IBAQCXDYVfyKianaewtIlF
nnjT2sEWUQ02ICsqub19ayHT9R2sJdUX5bUQr4u8miG0sQs6UFx+ebMyHlCAaNGG
yE4f2nq+20+XX3OKXRJz+/5cj1+sAHRuuxO+aC/Pq5Pt7se5PE3aoSYmJeIFl9zy
UcGHyjWGQrs6cObxYljnguWnj5NPD0MzCwpBMZUNFcD66mNYp7hT/ccTKttAPpsR
A4gfG4plA6drB8gHAAJl/SlH+M60/qxWxY4Ad0MFT8FoeKB+rIvY4hCKuG6Tm6G/
DqgoX0TodAvBj3D94Iq2+9NdM0OYLxHINgsPWVMfEvQ/a6dMG+ppNTB//Y24OIbo
vgNb
-----END CERTIFICATE-----
Generated at Mon Jan 8 12:09:11 2024 by rpki-client on console-ams.rpki-client.org