Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/MYLZymtcsX_XLfIivXVDiYhra7w.roa
File: MYLZymtcsX_XLfIivXVDiYhra7w.roa (raw, json)
Hash identifier: QRhliyBBvs917Ikpkrc7rvCkRF5XsSFvXEU5L56v1VU=
Subject key identifier: 31:82:D9:CA:6B:5C:B1:7F:D7:2D:F2:22:BD:75:43:89:88:6B:6B:BC
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018C87C97D9B8B296363AA3C5E1BBA1B9E18
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/MYLZymtcsX_XLfIivXVDiYhra7w.roa
Signing time: Wed 20 Dec 2023 15:12:58 +0000
ROA not before: Wed 20 Dec 2023 15:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201194
IP address blocks: 85.133.199.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:87:c9:7d:9b:8b:29:63:63:aa:3c:5e:1b:ba:1b:9e:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Dec 20 15:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3182d9ca6b5cb17fd72df222bd754389886b6bbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:de:d7:a2:db:e8:c9:60:45:76:20:77:05:98:
56:14:1b:21:2b:57:b1:60:33:63:ec:ab:89:f2:98:
d4:87:3b:04:6c:54:55:0b:91:00:01:1b:fb:2f:0f:
f4:93:33:c0:1b:77:2c:b9:bc:0c:0d:2c:d3:4d:97:
18:47:53:4c:20:ce:68:9c:b4:c1:9d:d8:fc:ee:3d:
6a:80:ab:d6:40:0a:ef:ac:67:64:d4:c0:c0:f9:7c:
65:47:ed:6c:ed:aa:96:a5:47:24:93:59:c4:37:30:
e7:0e:f6:fe:23:98:e5:d3:61:d8:9d:4e:47:35:e7:
a6:bc:da:0f:70:a6:6e:53:59:4c:2e:e6:87:97:14:
92:1e:27:2c:e5:76:f7:3f:a7:38:2b:bc:ea:db:3b:
91:37:f4:72:e0:fe:2a:13:70:eb:d5:83:02:ac:b9:
ca:12:04:51:f5:62:ff:d5:03:50:63:ab:8c:ff:b8:
dc:48:f8:ed:b4:96:f8:cf:3f:07:b7:b5:87:bf:b4:
fe:33:f8:cd:ff:72:23:23:57:5c:d7:ec:5a:e5:37:
70:eb:0d:0b:88:59:34:17:1b:c5:bd:5b:b5:ba:3e:
71:d2:2d:86:97:fe:08:6f:92:e1:d7:2a:f3:9b:09:
db:c6:bc:5a:ac:7b:75:90:e9:60:36:69:b6:18:28:
74:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:82:D9:CA:6B:5C:B1:7F:D7:2D:F2:22:BD:75:43:89:88:6B:6B:BC
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/MYLZymtcsX_XLfIivXVDiYhra7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.199.0/24
85.133.203.0-85.133.205.255
85.133.250.0/24
Signature Algorithm: sha256WithRSAEncryption
16:f9:dd:03:94:e5:5e:91:28:67:9f:dc:ce:0f:fc:8b:58:cc:
5a:a0:a2:30:65:ef:a2:3c:e2:f8:cd:9e:ef:46:43:3e:cc:77:
59:0e:29:08:c4:20:74:3d:9b:69:50:8d:16:bd:89:22:b3:3f:
1e:d2:25:e2:76:f0:f7:c9:6a:12:f2:53:1c:67:a9:7d:de:d3:
a5:1c:8e:0a:60:9c:1b:ae:06:3f:aa:31:ee:bb:76:be:6b:1c:
97:46:21:3a:a8:5f:2c:b0:2a:80:39:d1:3a:9c:55:40:bf:a0:
6c:e0:b1:b5:6d:8f:3c:a7:10:6f:af:18:e8:54:bd:b5:27:62:
f0:7c:4c:28:cd:57:41:ca:74:50:3a:29:76:02:de:75:5c:8c:
dd:07:b1:2c:d2:34:38:9a:fa:b3:79:27:6c:65:03:8b:8a:20:
e8:7e:80:94:a5:4c:98:38:0a:7f:72:df:27:66:e4:ce:95:b5:
22:49:70:00:29:92:55:97:ec:20:db:ea:03:0c:40:2f:0a:b6:
2e:3f:b5:49:be:6e:96:ec:40:99:03:5a:62:42:41:ac:5a:2a:
a3:61:32:7c:4c:59:02:c7:f5:90:d6:fc:4b:6b:6a:a2:66:23:
7c:97:18:f7:d9:88:a9:b5:7c:07:81:20:76:89:af:14:89:a1:
cf:ea:42:46
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYyHyX2biyljY6o8Xhu6G54YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMxMjIwMTUxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTgyZDljYTZiNWNiMTdmZDcyZGYyMjJiZDc1NDM4OTg4NmI2YmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApt7XotvoyWBFdiB3BZhWFBshK1ex
YDNj7KuJ8pjUhzsEbFRVC5EAARv7Lw/0kzPAG3csubwMDSzTTZcYR1NMIM5onLTB
ndj87j1qgKvWQArvrGdk1MDA+XxlR+1s7aqWpUckk1nENzDnDvb+I5jl02HYnU5H
NeemvNoPcKZuU1lMLuaHlxSSHics5Xb3P6c4K7zq2zuRN/Ry4P4qE3Dr1YMCrLnK
EgRR9WL/1QNQY6uM/7jcSPjttJb4zz8Ht7WHv7T+M/jN/3IjI1dc1+xa5Tdw6w0L
iFk0FxvFvVu1uj5x0i2Gl/4Ib5Lh1yrzmwnbxrxarHt1kOlgNmm2GCh09QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDGC2cprXLF/1y3yIr11Q4mIa2u8MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvTVlMWnltdGNzWF9YTGZJaXZYVkRpWWhyYTd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAVYXHMAwD
BABVhcsDBAFVhcwDBABVhfowDQYJKoZIhvcNAQELBQADggEBABb53QOU5V6RKGef
3M4P/ItYzFqgojBl76I84vjNnu9GQz7Md1kOKQjEIHQ9m2lQjRa9iSKzPx7SJeJ2
8PfJahLyUxxnqX3e06UcjgpgnBuuBj+qMe67dr5rHJdGITqoXyywKoA50TqcVUC/
oGzgsbVtjzynEG+vGOhUvbUnYvB8TCjNV0HKdFA6KXYC3nVcjN0HsSzSNDia+rN5
J2xlA4uKIOh+gJSlTJg4Cn9y3ydm5M6VtSJJcAApklWX7CDb6gMMQC8Kti4/tUm+
bpbsQJkDWmJCQaxaKqNhMnxMWQLH9ZDW/EtraqJmI3yXGPfZiKm1fAeBIHaJrxSJ
oc/qQkY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org