Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/O9EBj2FYFL_n1IF27FOxiF7-yks.roa
File: O9EBj2FYFL_n1IF27FOxiF7-yks.roa (raw, json)
Hash identifier: JdvObDw0b7t0nrhDQVLpZ+NyfyxrPx1FuFbNEgxtUMI=
Subject key identifier: 3B:D1:01:8F:61:58:14:BF:E7:D4:81:76:EC:53:B1:88:5E:FE:CA:4B
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 019165F41DF4B142EBFA8B04AE151AED81E0
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/O9EBj2FYFL_n1IF27FOxiF7-yks.roa
Signing time: Sun 18 Aug 2024 14:46:22 +0000
ROA not before: Sun 18 Aug 2024 14:46:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 18 Aug 2024 16:25:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:65:f4:1d:f4:b1:42:eb:fa:8b:04:ae:15:1a:ed:81:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Aug 18 14:46:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bd1018f615814bfe7d48176ec53b1885efeca4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:17:f7:a0:0a:69:49:05:2b:50:41:fe:e3:bc:
68:94:25:a8:27:4a:2b:cf:69:38:a8:6b:77:e9:db:
10:70:e2:c9:27:3c:0b:fc:5a:dc:83:ee:e2:54:8d:
8d:2c:10:1b:23:62:f7:00:9e:76:b2:a0:cc:8e:11:
ef:16:63:51:80:0f:27:a2:0d:85:b9:48:75:68:57:
57:04:2b:c3:8c:16:53:e4:3c:b3:a7:4f:0d:e2:fe:
36:f1:6a:10:79:82:c4:1d:e9:7a:55:65:50:77:a9:
d3:67:54:43:c4:e1:71:5c:b5:d3:5b:e9:69:ce:9f:
52:ef:2b:4b:76:b3:49:f3:1e:ff:17:42:81:18:b6:
41:c0:61:76:1a:2b:8b:9c:16:08:1e:02:26:e3:a0:
94:7b:a7:65:1a:c5:f9:5d:ff:bf:32:d1:90:0a:9b:
18:51:98:33:ca:ad:c8:37:7b:42:82:d4:3a:49:e7:
e0:bc:36:8e:12:5a:a3:41:de:1f:75:c1:fe:28:94:
8e:49:e7:a2:76:40:38:85:e3:9d:90:f3:32:23:b3:
13:91:e2:80:88:09:56:d1:3d:ad:8e:6d:60:ad:d4:
1b:2f:bb:3e:06:38:c4:f2:de:e3:e9:e0:23:0e:b1:
79:5f:ed:11:cf:b5:d2:e7:72:9b:e7:9c:90:b4:98:
72:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D1:01:8F:61:58:14:BF:E7:D4:81:76:EC:53:B1:88:5E:FE:CA:4B
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/O9EBj2FYFL_n1IF27FOxiF7-yks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
85:71:fd:55:7f:30:e0:5b:46:3e:25:7d:4c:77:e4:2e:f0:b7:
29:42:ff:b3:53:85:8e:27:11:3f:b9:b4:66:20:42:56:d6:ef:
d2:85:7e:b8:b9:f4:d3:4d:b6:36:c9:63:46:94:3d:e5:b8:fd:
cd:8e:9f:b8:10:0b:13:ad:83:60:19:3f:8b:d8:44:df:54:ca:
16:3d:0a:12:81:3d:f6:bd:6b:8e:25:ba:13:ec:49:3c:bc:a8:
a3:e8:54:fa:9b:c6:46:de:10:70:25:17:ec:dc:0c:46:c9:03:
51:85:05:25:7c:cc:02:ea:ef:e0:d1:82:e4:42:0a:8a:87:78:
aa:b0:13:e2:f0:19:98:91:a4:88:2b:d7:55:2d:4f:76:56:60:
8a:8f:07:c8:8f:0e:7d:32:53:f0:a9:8f:53:21:20:52:45:79:
04:1d:a4:22:7d:3f:95:ad:47:0c:58:7b:05:9d:a8:e5:23:83:
df:c6:f9:25:4c:1c:c4:2e:a3:c1:d2:85:b3:36:f7:f7:de:55:
70:98:64:ce:6f:c8:e5:5a:e0:f9:1a:47:38:0a:47:3e:f7:fb:
57:fd:61:4a:7c:8e:a7:d4:10:ca:69:c6:18:be:20:fb:ca:a9:
e5:21:e9:bf:9a:7b:55:37:08:b8:50:8a:1e:01:3d:a3:6d:ce:
9d:7d:9b:d0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZFl9B30sULr+osErhUa7YHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwODE4MTQ0NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmQxMDE4ZjYxNTgxNGJmZTdkNDgxNzZlYzUzYjE4ODVlZmVjYTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hf3oAppSQUrUEH+47xolCWoJ0or
z2k4qGt36dsQcOLJJzwL/Frcg+7iVI2NLBAbI2L3AJ52sqDMjhHvFmNRgA8nog2F
uUh1aFdXBCvDjBZT5Dyzp08N4v428WoQeYLEHel6VWVQd6nTZ1RDxOFxXLXTW+lp
zp9S7ytLdrNJ8x7/F0KBGLZBwGF2GiuLnBYIHgIm46CUe6dlGsX5Xf+/MtGQCpsY
UZgzyq3IN3tCgtQ6SefgvDaOElqjQd4fdcH+KJSOSeeidkA4heOdkPMyI7MTkeKA
iAlW0T2tjm1grdQbL7s+BjjE8t7j6eAjDrF5X+0Rz7XS53Kb55yQtJhyNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDvRAY9hWBS/59SBduxTsYhe/spLMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvTzlFQmoyRllGTF9uMUlGMjdGT3hpRjcteWtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQCFcf1VfzDgW0Y+JX1Md+Qu
8LcpQv+zU4WOJxE/ubRmIEJW1u/ShX64ufTTTbY2yWNGlD3luP3Njp+4EAsTrYNg
GT+L2ETfVMoWPQoSgT32vWuOJboT7Ek8vKij6FT6m8ZG3hBwJRfs3AxGyQNRhQUl
fMwC6u/g0YLkQgqKh3iqsBPi8BmYkaSIK9dVLU92VmCKjwfIjw59MlPwqY9TISBS
RXkEHaQifT+VrUcMWHsFnajlI4PfxvklTBzELqPB0oWzNvf33lVwmGTOb8jlWuD5
Gkc4Ckc+9/tX/WFKfI6n1BDKacYYviD7yqnlIem/mntVNwi4UIoeAT2jbc6dfZvQ
Generated at Sun Aug 18 18:52:20 2024 by rpki-client on console-ams.rpki-client.org