Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/OKlHo9PenJDh_fpVckw-La92Kdk.roa
File: OKlHo9PenJDh_fpVckw-La92Kdk.roa (raw, json)
Hash identifier: kh9mTCX+dakgjKe8YNKwoJWInM8pkVFbma+tgpZBWK8=
Subject key identifier: 38:A9:47:A3:D3:DE:9C:90:E1:FD:FA:55:72:4C:3E:2D:AF:76:29:D9
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018DA31559E33A703C057CF26E2F913824E8
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/OKlHo9PenJDh_fpVckw-La92Kdk.roa
Signing time: Tue 13 Feb 2024 15:28:21 +0000
ROA not before: Tue 13 Feb 2024 15:28:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216054
IP address blocks: 85.133.205.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Apr 2024 17:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a3:15:59:e3:3a:70:3c:05:7c:f2:6e:2f:91:38:24:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Feb 13 15:28:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38a947a3d3de9c90e1fdfa55724c3e2daf7629d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e3:27:5b:79:c6:4f:90:9e:19:b0:21:f2:a8:
0c:98:95:67:72:1e:80:27:b1:50:01:80:88:d2:cc:
20:bc:e1:cf:a7:10:b7:72:c1:4c:f1:f3:34:c5:a8:
ba:f9:94:c5:a1:4d:2d:dd:70:21:a4:54:a8:47:4d:
95:39:35:35:f8:f4:0a:88:a9:39:14:20:4c:9f:ac:
72:b0:b3:14:24:bf:52:b0:82:88:14:c5:06:3d:19:
06:46:2b:23:f4:56:14:28:99:b2:9d:ce:ac:5d:32:
b2:c8:f0:1c:8e:1c:f6:a6:3c:60:b0:84:40:b4:16:
15:f7:8f:d8:b5:1e:3f:09:d1:cc:6c:65:76:3f:e5:
03:8c:a4:12:ef:3b:54:cc:6f:0c:02:cb:9a:30:fd:
14:9e:13:35:26:38:85:f8:1a:fd:21:2a:17:bb:b5:
6e:85:99:2d:95:b5:95:42:fb:d1:fd:2d:8a:2d:fb:
b6:17:38:3d:a4:58:29:50:dc:5f:6d:95:a7:70:96:
22:d8:bf:07:a8:e5:66:d1:c1:c6:ab:84:0f:d7:29:
10:81:eb:7b:d6:fd:06:ad:60:2b:90:74:1e:2e:5e:
0e:c7:40:db:d7:4a:d6:ad:c5:b6:18:7e:b5:68:d5:
28:20:f6:15:ed:6a:7f:14:f2:ea:0c:63:c7:b2:ac:
4d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:A9:47:A3:D3:DE:9C:90:E1:FD:FA:55:72:4C:3E:2D:AF:76:29:D9
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/OKlHo9PenJDh_fpVckw-La92Kdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.205.0/24
85.133.217.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:38:19:2a:af:e9:ef:c1:4d:ca:a4:47:7d:90:0a:23:fc:e2:
9a:2a:d2:7a:d7:4d:c6:1d:9f:9b:bf:ef:10:14:0b:db:48:15:
34:88:13:57:d8:8f:c1:b7:cd:86:c2:50:6b:0a:de:cf:61:ae:
42:21:1e:c8:34:4b:d4:c9:bd:ea:78:08:96:10:8b:73:bf:a4:
99:b7:c8:47:3b:59:31:b5:ed:fc:8a:e3:3a:2b:ce:ea:18:25:
82:1c:e6:83:74:47:76:21:bc:65:25:7a:91:04:e4:36:71:96:
60:0d:5f:c6:d5:12:77:34:f5:40:07:3b:64:bb:b0:a3:5a:74:
b2:54:ab:35:f7:ad:d1:93:ef:e8:6b:72:83:c7:15:46:99:fd:
b0:28:48:44:fc:b6:a3:8a:dc:35:73:ce:23:c4:aa:a2:05:b7:
fa:b3:2c:31:47:ba:a1:1e:1f:18:5d:2d:ba:96:51:05:15:32:
87:89:97:e2:d4:26:fd:b5:c0:81:47:13:1a:b6:2d:63:a5:2e:
0e:c8:64:7f:ec:71:a4:a9:38:85:b5:3e:84:53:ca:c9:46:b2:
05:ab:b1:89:5a:05:c4:a9:ef:f7:5d:b3:c8:e3:ee:4d:0a:4f:
2f:d9:2d:b0:fa:4d:30:c0:3b:cd:65:b1:45:61:40:7d:79:cd:
26:b9:7a:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2jFVnjOnA8BXzybi+ROCToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMjEzMTUyODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGE5NDdhM2QzZGU5YzkwZTFmZGZhNTU3MjRjM2UyZGFmNzYyOWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOMnW3nGT5CeGbAh8qgMmJVnch6A
J7FQAYCI0swgvOHPpxC3csFM8fM0xai6+ZTFoU0t3XAhpFSoR02VOTU1+PQKiKk5
FCBMn6xysLMUJL9SsIKIFMUGPRkGRisj9FYUKJmync6sXTKyyPAcjhz2pjxgsIRA
tBYV94/YtR4/CdHMbGV2P+UDjKQS7ztUzG8MAsuaMP0UnhM1JjiF+Br9ISoXu7Vu
hZktlbWVQvvR/S2KLfu2Fzg9pFgpUNxfbZWncJYi2L8HqOVm0cHGq4QP1ykQget7
1v0GrWArkHQeLl4Ox0Db10rWrcW2GH61aNUoIPYV7Wp/FPLqDGPHsqxNpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDipR6PT3pyQ4f36VXJMPi2vdinZMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvT0tsSG85UGVuSkRoX2ZwVmNrdy1MYTkyS2RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVYXNAwQA
VYXZMA0GCSqGSIb3DQEBCwUAA4IBAQCpOBkqr+nvwU3KpEd9kAoj/OKaKtJ6103G
HZ+bv+8QFAvbSBU0iBNX2I/Bt82GwlBrCt7PYa5CIR7INEvUyb3qeAiWEItzv6SZ
t8hHO1kxte38iuM6K87qGCWCHOaDdEd2IbxlJXqRBOQ2cZZgDV/G1RJ3NPVABztk
u7CjWnSyVKs1963Rk+/oa3KDxxVGmf2wKEhE/Lajitw1c84jxKqiBbf6sywxR7qh
Hh8YXS26llEFFTKHiZfi1Cb9tcCBRxMati1jpS4OyGR/7HGkqTiFtT6EU8rJRrIF
q7GJWgXEqe/3XbPI4+5NCk8v2S2w+k0wwDvNZbFFYUB9ec0muXq1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org