Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/O551zKXbg5QnJDnz02cYao4inT4.roa
File: O551zKXbg5QnJDnz02cYao4inT4.roa (raw, json)
Hash identifier: bm9UvrUwwFF9cKd785JNnYDllxV35UROma3p06SEv1c=
Subject key identifier: 3B:9E:75:CC:A5:DB:83:94:27:24:39:F3:D3:67:18:6A:8E:22:9D:3E
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0188DDFDBD7589472AE557D615C3D6AB32EF
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/O551zKXbg5QnJDnz02cYao4inT4.roa
Signing time: Wed 21 Jun 2023 12:46:13 +0000
ROA not before: Wed 21 Jun 2023 12:46:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25098
IP address blocks: 85.133.202.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:dd:fd:bd:75:89:47:2a:e5:57:d6:15:c3:d6:ab:32:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jun 21 12:46:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b9e75cca5db8394272439f3d367186a8e229d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e8:9c:29:8a:21:6b:22:10:35:cb:d9:4d:d7:
0e:27:0b:fa:15:ee:de:71:84:8f:2c:06:33:17:90:
85:90:4e:ef:af:e5:4a:5e:01:b7:33:8d:60:f5:30:
dd:0d:a7:37:5c:01:c2:41:63:3f:60:84:64:f4:0f:
a0:b8:3c:cd:c8:4e:ef:30:10:01:f2:d6:98:84:42:
bc:59:93:34:9d:b4:4d:f0:90:ee:bb:81:f9:64:5f:
63:a4:c1:de:97:95:a1:22:89:41:ab:cd:1b:bf:0a:
63:9f:bb:ad:9f:6c:d8:3b:e8:a9:7c:98:50:d8:6c:
64:f4:8a:73:dc:ea:28:d5:8f:5c:a5:a0:5b:a0:11:
3d:b4:0a:2f:e7:2c:22:42:74:9f:27:5d:8e:83:a0:
a1:6b:76:08:b3:22:49:29:cc:df:d9:86:24:78:01:
be:b9:27:be:ab:d7:ac:a5:98:74:02:54:52:4b:99:
4f:a7:f0:64:7b:55:d7:01:3b:7c:9f:47:51:32:3c:
ac:78:16:4b:25:8a:79:d1:a3:01:85:b0:f6:06:43:
0e:28:bd:d2:c7:c4:44:36:08:3c:25:4d:78:c7:a3:
b2:2c:a8:2c:fc:8e:db:04:ad:ef:f7:a6:64:70:8e:
b1:cb:b4:78:3e:ac:b5:26:6b:40:ad:44:48:c1:c0:
dc:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:9E:75:CC:A5:DB:83:94:27:24:39:F3:D3:67:18:6A:8E:22:9D:3E
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/O551zKXbg5QnJDnz02cYao4inT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.136.0/24
85.133.164.0/24
85.133.202.0/24
85.133.225.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:be:85:5b:f4:93:31:05:4b:a3:f8:a9:84:a3:76:24:cb:aa:
c2:5b:e8:21:ce:93:55:1e:5e:21:b2:62:c5:0b:06:96:64:38:
e9:1a:06:59:c9:9e:a3:45:66:74:30:b5:5a:b5:8d:b0:a5:84:
d6:c7:78:d0:e0:1e:b8:5d:92:92:ca:74:3f:0c:1f:f9:d3:21:
ec:65:d6:3e:9f:b6:e9:8a:b4:8a:46:f7:7e:ba:3e:85:fc:32:
45:fd:e4:4b:7f:2e:96:a9:ee:a4:c2:79:44:01:b4:c7:cc:81:
b3:ce:28:61:e7:cb:c0:54:1f:e5:04:b6:2c:c2:40:0a:8f:e2:
65:84:36:a2:47:18:94:0e:ff:55:49:b9:b3:c2:11:fb:76:46:
30:56:50:95:89:87:16:0d:1d:e1:4e:4c:07:76:e7:d5:e4:a5:
40:8e:da:0d:fd:0b:73:93:4c:4d:50:5f:e8:4a:47:b9:9f:b3:
a2:13:76:f4:57:99:b0:7b:5f:a4:30:f4:9e:11:12:08:e6:7d:
3d:83:60:41:97:33:3c:e1:4f:fd:38:75:19:88:ed:ab:bb:00:
0f:46:1f:f2:b7:52:16:76:c0:de:f3:bb:3a:fd:4c:d3:f0:6b:
15:a8:f1:d5:42:16:41:ff:66:c6:6e:a6:9c:9b:bf:9a:61:b3:
c1:7a:9e:b9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYjd/b11iUcq5VfWFcPWqzLvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNjIxMTI0NjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjllNzVjY2E1ZGI4Mzk0MjcyNDM5ZjNkMzY3MTg2YThlMjI5ZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOicKYohayIQNcvZTdcOJwv6Fe7e
cYSPLAYzF5CFkE7vr+VKXgG3M41g9TDdDac3XAHCQWM/YIRk9A+guDzNyE7vMBAB
8taYhEK8WZM0nbRN8JDuu4H5ZF9jpMHel5WhIolBq80bvwpjn7utn2zYO+ipfJhQ
2Gxk9Ipz3Ooo1Y9cpaBboBE9tAov5ywiQnSfJ12Og6Cha3YIsyJJKczf2YYkeAG+
uSe+q9espZh0AlRSS5lPp/Bke1XXATt8n0dRMjyseBZLJYp50aMBhbD2BkMOKL3S
x8RENgg8JU14x6OyLKgs/I7bBK3v96ZkcI6xy7R4Pqy1JmtArURIwcDckwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDuedcyl24OUJyQ589NnGGqOIp0+MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvTzU1MXpLWGJnNVFuSkRuejAyY1lhbzRpblQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVYWIAwQA
VYWkAwQAVYXKAwQAVYXhMA0GCSqGSIb3DQEBCwUAA4IBAQAbvoVb9JMxBUuj+KmE
o3Yky6rCW+ghzpNVHl4hsmLFCwaWZDjpGgZZyZ6jRWZ0MLVatY2wpYTWx3jQ4B64
XZKSynQ/DB/50yHsZdY+n7bpirSKRvd+uj6F/DJF/eRLfy6Wqe6kwnlEAbTHzIGz
zihh58vAVB/lBLYswkAKj+JlhDaiRxiUDv9VSbmzwhH7dkYwVlCViYcWDR3hTkwH
dufV5KVAjtoN/Qtzk0xNUF/oSke5n7OiE3b0V5mwe1+kMPSeERII5n09g2BBlzM8
4U/9OHUZiO2ruwAPRh/yt1IWdsDe87s6/UzT8GsVqPHVQhZB/2bGbqacm7+aYbPB
ep65
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:15 2023 by rpki-client on console-fra.rpki-client.org