Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/OIY_8c00U7rNkVffL46_FGHfZ7I.roa
File: OIY_8c00U7rNkVffL46_FGHfZ7I.roa (raw, json)
Hash identifier: M22eslTmUy3WOwYkBhY48hik5lr2EREhcuatNviWO14=
Subject key identifier: 38:86:3F:F1:CD:34:53:BA:CD:91:57:DF:2F:8E:BF:14:61:DF:67:B2
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018D3B018512682002EE8E8E712DAB181AB3
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/OIY_8c00U7rNkVffL46_FGHfZ7I.roa
Signing time: Wed 24 Jan 2024 10:26:11 +0000
ROA not before: Wed 24 Jan 2024 10:26:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.202.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.206.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.224.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.240.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 28 Jan 2024 18:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3b:01:85:12:68:20:02:ee:8e:8e:71:2d:ab:18:1a:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 24 10:26:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38863ff1cd3453bacd9157df2f8ebf1461df67b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0c:15:68:ee:56:26:0f:11:01:31:7a:d1:af:
a5:d7:75:c5:ea:ba:41:33:d8:e4:e9:b2:be:a5:45:
60:7c:b7:b0:7f:81:c5:8a:cd:97:fb:eb:69:3c:86:
c6:71:74:18:59:0b:03:15:3f:b8:5c:01:74:30:f8:
a3:b1:f6:ed:1e:41:11:d3:a8:7f:e8:a9:a4:e5:a8:
32:a1:f4:49:0c:8d:0a:be:95:19:91:c2:44:ee:a2:
f7:b9:58:3b:d4:58:01:d6:2a:8b:68:64:d4:42:40:
a8:91:81:6f:74:40:be:dd:b4:c5:72:f5:0d:1e:07:
b0:75:44:ab:5c:f4:8e:b5:6f:32:ee:5a:66:7b:cd:
a0:2a:0c:20:3c:c2:5e:53:b6:e8:11:4b:e8:3c:30:
e5:14:46:c6:d5:2f:76:3b:88:3d:4d:76:af:c5:c5:
0d:ae:5d:82:bb:82:ff:d8:cc:53:8a:85:d5:26:09:
c3:ba:f9:48:be:cf:c3:a7:16:8f:b8:ff:08:aa:4a:
a1:83:ff:5a:e4:59:56:71:b3:47:bd:12:24:fd:82:
3d:46:1f:01:11:7f:3d:90:13:63:70:88:5d:08:e7:
09:73:da:00:9d:7c:c3:37:0b:93:11:87:c5:ca:53:
b6:8d:3f:c7:2e:c4:58:99:66:c5:cf:41:13:8e:b6:
13:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:86:3F:F1:CD:34:53:BA:CD:91:57:DF:2F:8E:BF:14:61:DF:67:B2
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/OIY_8c00U7rNkVffL46_FGHfZ7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
9e:f5:9d:2a:b9:55:74:73:10:e8:90:46:7e:11:0b:af:05:cf:
b2:cd:e9:70:8b:b7:56:37:2f:ca:ca:66:76:6c:83:8b:a8:ec:
ca:46:72:4e:54:2f:83:e8:9e:29:58:3f:ab:87:70:46:19:04:
4e:6d:ad:79:55:b7:b7:cf:20:4e:18:79:ed:3b:56:01:4b:ea:
2e:db:2f:c9:d7:cd:ef:d0:95:88:a4:6f:b0:10:45:84:b1:53:
dd:d1:20:5a:aa:ac:32:98:a9:ee:88:02:6b:37:2a:82:39:cd:
79:a1:9f:2b:c8:e2:fa:88:3f:d4:89:72:d9:8f:12:15:97:90:
91:fd:0f:1d:9b:1a:81:4d:70:bd:f1:6d:89:0d:e2:0c:bc:03:
f2:ca:8c:7f:27:67:80:8c:bd:55:02:d0:9d:ee:40:21:8b:2f:
a3:17:06:2a:13:63:9f:a6:58:14:92:83:bf:f9:21:e8:d0:28:
ac:7a:89:12:85:46:b1:67:60:64:fd:e6:c3:b2:20:0b:22:37:
df:0c:e5:35:34:19:f5:cb:5c:99:f8:ec:9b:56:a2:ea:28:dc:
2e:fb:ed:bc:be:d9:8e:dc:fb:6a:d3:e6:f0:7a:78:52:1f:0d:
8d:90:b6:df:9a:75:4e:b1:d4:cd:10:c4:dc:27:94:7e:09:07:
7a:0a:7b:83
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY07AYUSaCAC7o6OcS2rGBqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMTI0MTAyNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODg2M2ZmMWNkMzQ1M2JhY2Q5MTU3ZGYyZjhlYmYxNDYxZGY2N2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwwVaO5WJg8RATF60a+l13XF6rpB
M9jk6bK+pUVgfLewf4HFis2X++tpPIbGcXQYWQsDFT+4XAF0MPijsfbtHkER06h/
6Kmk5agyofRJDI0KvpUZkcJE7qL3uVg71FgB1iqLaGTUQkCokYFvdEC+3bTFcvUN
HgewdUSrXPSOtW8y7lpme82gKgwgPMJeU7boEUvoPDDlFEbG1S92O4g9TXavxcUN
rl2Cu4L/2MxTioXVJgnDuvlIvs/DpxaPuP8Iqkqhg/9a5FlWcbNHvRIk/YI9Rh8B
EX89kBNjcIhdCOcJc9oAnXzDNwuTEYfFylO2jT/HLsRYmWbFz0ETjrYTLQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDiGP/HNNFO6zZFX3y+OvxRh32eyMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvT0lZXzhjMDBVN3JOa1ZmZkw0Nl9GR0hmWjdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQCe9Z0quVV0cxDo
kEZ+EQuvBc+yzelwi7dWNy/KymZ2bIOLqOzKRnJOVC+D6J4pWD+rh3BGGQROba15
Vbe3zyBOGHntO1YBS+ou2y/J183v0JWIpG+wEEWEsVPd0SBaqqwymKnuiAJrNyqC
Oc15oZ8ryOL6iD/UiXLZjxIVl5CR/Q8dmxqBTXC98W2JDeIMvAPyyox/J2eAjL1V
AtCd7kAhiy+jFwYqE2OfplgUkoO/+SHo0CiseokShUaxZ2Bk/ebDsiALIjffDOU1
NBn1y1yZ+OybVqLqKNwu++28vtmO3Ptq0+bwenhSHw2NkLbfmnVOsdTNEMTcJ5R+
CQd6CnuD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org