Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/MKLGAAMvK58huBiKpngl0feOy1s.roa
File: MKLGAAMvK58huBiKpngl0feOy1s.roa (raw, json)
Hash identifier: rkCKaiCwXIlbF8HX4R6MjbaaCWpmKDU6Swr484H+nVw=
Subject key identifier: 30:A2:C6:00:03:2F:2B:9F:21:B8:18:8A:A6:78:25:D1:F7:8E:CB:5B
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0189D44ACA40AE1364A3EAE06C69A91803FE
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/MKLGAAMvK58huBiKpngl0feOy1s.roa
Signing time: Tue 08 Aug 2023 08:36:58 +0000
ROA not before: Tue 08 Aug 2023 08:36:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.209.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.226.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d4:4a:ca:40:ae:13:64:a3:ea:e0:6c:69:a9:18:03:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Aug 8 08:36:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30a2c600032f2b9f21b8188aa67825d1f78ecb5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:06:e0:a1:65:7b:89:26:7c:3f:f1:9c:8c:90:
3b:a1:d1:3f:ca:25:de:a1:21:14:0c:4f:84:d6:db:
e4:14:4f:78:40:aa:b6:60:63:43:14:32:a6:ba:a8:
da:fb:31:99:25:37:72:a7:7a:b1:d0:aa:8f:c1:1e:
a8:7b:1b:53:35:fb:42:d7:33:df:cd:79:e5:6d:21:
17:77:68:ed:c6:8a:39:be:ef:21:d3:20:77:98:c7:
a0:78:96:b5:ab:f8:83:ed:78:e4:c7:42:dd:e1:f0:
cd:97:e3:51:69:05:08:0e:90:a4:5f:ef:5d:13:bc:
98:0b:8c:d9:ae:ab:a6:f6:6a:e6:f7:d7:59:f3:e3:
44:19:4d:43:1c:5a:81:bc:32:89:61:c2:14:bf:14:
2b:0e:0d:05:19:72:71:70:66:68:70:3e:ee:da:b7:
31:b4:0e:b2:5f:24:82:47:4a:c6:8d:66:b5:5b:00:
1a:4b:1b:2e:10:27:79:be:78:2c:ab:03:00:5f:99:
12:0e:0e:26:86:c9:aa:11:4f:05:60:83:31:63:83:
13:cf:7b:cf:52:74:f4:72:a5:06:ea:79:7c:88:20:
ce:fc:f7:ca:ec:7b:c8:eb:48:ac:df:ea:15:d8:08:
c2:e5:5b:4c:aa:ea:61:7f:9d:be:94:88:cc:88:9c:
5f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:A2:C6:00:03:2F:2B:9F:21:B8:18:8A:A6:78:25:D1:F7:8E:CB:5B
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/MKLGAAMvK58huBiKpngl0feOy1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
24:61:32:d2:19:37:dd:c9:c5:93:6a:49:8b:94:be:97:e3:5b:
df:92:27:a7:a2:00:b4:8e:7e:d4:59:b6:c2:cd:c1:e7:bd:d2:
42:3c:a0:26:fa:48:89:4d:63:54:f8:2e:89:cf:3b:c1:10:2c:
fb:1e:37:1f:1c:fd:af:23:7b:8a:20:d3:fe:1a:b2:5d:b6:71:
ac:4c:5b:f2:24:11:49:62:b3:e1:f3:3f:ce:a0:e4:e5:60:c4:
86:ee:2f:b0:4b:85:e4:fc:2c:9d:98:ea:e2:aa:4c:c0:16:70:
21:9d:ba:b7:25:34:fa:b1:1b:2d:31:d2:4f:c1:3e:f6:23:f1:
e0:13:b1:a1:9d:46:86:66:ff:66:6a:67:fa:72:ab:c8:40:1e:
ec:0b:76:e2:f1:12:a3:81:b6:5c:c3:8c:d7:24:f6:12:4f:11:
d8:22:3a:72:f1:02:b7:f4:a0:2b:ec:e2:c1:ae:40:75:32:82:
96:c4:45:cb:6c:35:f4:ea:88:85:89:96:cb:8c:1b:3e:3d:88:
10:68:43:a9:84:f8:a8:29:24:62:52:f5:1f:e5:d9:64:ac:4c:
a7:ed:a8:17:84:6f:62:f2:bd:85:d7:bb:52:9c:c1:c0:c0:ca:
40:b4:9a:7d:a3:4a:d7:7c:4c:f3:f8:6b:83:44:97:7f:7e:11:
37:10:11:2b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYnUSspArhNko+rgbGmpGAP+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwODA4MDgzNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGEyYzYwMDAzMmYyYjlmMjFiODE4OGFhNjc4MjVkMWY3OGVjYjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQbgoWV7iSZ8P/GcjJA7odE/yiXe
oSEUDE+E1tvkFE94QKq2YGNDFDKmuqja+zGZJTdyp3qx0KqPwR6oextTNftC1zPf
zXnlbSEXd2jtxoo5vu8h0yB3mMegeJa1q/iD7Xjkx0Ld4fDNl+NRaQUIDpCkX+9d
E7yYC4zZrqum9mrm99dZ8+NEGU1DHFqBvDKJYcIUvxQrDg0FGXJxcGZocD7u2rcx
tA6yXySCR0rGjWa1WwAaSxsuECd5vngsqwMAX5kSDg4mhsmqEU8FYIMxY4MTz3vP
UnT0cqUG6nl8iCDO/PfK7HvI60is3+oV2AjC5VtMquphf52+lIjMiJxf3wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDCixgADLyufIbgYiqZ4JdH3jstbMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvTUtMR0FBTXZLNThodUJpS3BuZ2wwZmVPeTFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQAkYTLSGTfdycWT
akmLlL6X41vfkienogC0jn7UWbbCzcHnvdJCPKAm+kiJTWNU+C6JzzvBECz7Hjcf
HP2vI3uKINP+GrJdtnGsTFvyJBFJYrPh8z/OoOTlYMSG7i+wS4Xk/CydmOriqkzA
FnAhnbq3JTT6sRstMdJPwT72I/HgE7GhnUaGZv9mamf6cqvIQB7sC3bi8RKjgbZc
w4zXJPYSTxHYIjpy8QK39KAr7OLBrkB1MoKWxEXLbDX06oiFiZbLjBs+PYgQaEOp
hPioKSRiUvUf5dlkrEyn7agXhG9i8r2F17tSnMHAwMpAtJp9o0rXfEzz+GuDRJd/
fhE3EBEr
-----END CERTIFICATE-----
Generated at Tue Aug 8 12:25:38 2023 by rpki-client on console-fra.rpki-client.org