Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/P1PBkRUS5ODn3zymzJC23lNa4JE.roa
File: P1PBkRUS5ODn3zymzJC23lNa4JE.roa (raw, json)
Hash identifier: j8to7/h4FwU5w900l2uiGljxlvl53y0/W73gQcRmakg=
Subject key identifier: 3F:53:C1:91:15:12:E4:E0:E7:DF:3C:A6:CC:90:B6:DE:53:5A:E0:91
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0192B8806C01697B47FF095C816EA0C7799C
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/P1PBkRUS5ODn3zymzJC23lNa4JE.roa
Signing time: Wed 23 Oct 2024 08:31:16 +0000
ROA not before: Wed 23 Oct 2024 08:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.167.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.168.0/24 maxlen: 24
85.133.169.0/24 maxlen: 24
85.133.170.0/24 maxlen: 24
85.133.171.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.173.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.175.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.176.0/24 maxlen: 24
85.133.177.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.180.0/24 maxlen: 24
85.133.181.0/24 maxlen: 24
85.133.182.0/24 maxlen: 24
85.133.183.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.184.0/24 maxlen: 24
85.133.185.0/24 maxlen: 24
85.133.186.0/24 maxlen: 24
85.133.187.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.188.0/24 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.190.0/24 maxlen: 24
85.133.191.0/24 maxlen: 24
85.133.192.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.214.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.248.0/24 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 23 Oct 2024 16:15:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b8:80:6c:01:69:7b:47:ff:09:5c:81:6e:a0:c7:79:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Oct 23 08:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f53c1911512e4e0e7df3ca6cc90b6de535ae091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:47:90:24:1f:3a:d0:d5:cb:7b:1f:f8:2d:15:
58:9a:4a:c2:de:06:67:f0:1c:9c:88:26:95:48:00:
e2:66:44:83:de:a8:51:ad:ce:b5:c6:77:da:be:73:
09:16:31:41:0d:14:77:04:7d:b2:3d:bc:60:2f:c5:
1c:a0:06:97:28:89:8d:6e:95:99:37:5e:1a:e5:c8:
f7:5d:6a:98:56:fe:81:1a:31:b9:7e:59:e9:68:16:
7e:56:8c:ef:83:fa:39:71:68:ee:d9:f9:67:c0:9e:
59:29:34:00:cd:97:d0:fa:46:0f:6d:c4:a3:7c:90:
ff:ed:a3:21:89:24:93:48:4b:72:21:26:5c:b9:da:
91:48:80:10:18:29:f5:ef:e7:8c:db:32:85:4c:ff:
2b:6b:be:14:51:1a:16:3d:a1:5d:35:6d:ce:25:f1:
72:d9:e7:84:9a:16:a0:95:13:c6:58:aa:49:b7:23:
42:46:f6:c1:aa:e4:d3:a8:f9:13:97:36:cd:e1:09:
ed:41:94:c3:0e:20:9a:e9:4e:9c:96:5e:b0:23:bb:
5c:a0:af:d8:5b:57:5e:12:2c:c6:0c:9e:ed:fb:2e:
af:9e:b7:03:20:ef:23:1d:f6:03:7b:6c:3f:75:25:
4c:7e:77:10:fe:6d:de:d5:da:e0:c7:74:ed:b1:4a:
3c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:53:C1:91:15:12:E4:E0:E7:DF:3C:A6:CC:90:B6:DE:53:5A:E0:91
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/P1PBkRUS5ODn3zymzJC23lNa4JE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
74:65:6a:42:9f:d8:13:63:b0:2d:bd:40:ea:f4:89:11:ae:22:
9c:6f:54:bf:c6:3b:9f:ff:6e:75:a8:7d:3b:7b:0c:43:fb:82:
84:25:c7:96:20:8a:4d:3b:6f:e8:2e:56:9f:f6:6c:e8:51:98:
9b:95:bb:49:0d:3c:54:22:1e:4b:e9:90:a2:7c:a9:51:b0:9a:
bc:8c:ec:46:eb:7e:34:5c:04:60:2d:4c:6d:ee:c3:37:2a:d1:
62:2c:1c:f8:1c:1a:9c:bd:e9:22:13:3e:f9:d6:9d:ec:61:e0:
9d:f2:90:e2:ad:61:4d:b9:f4:55:fb:43:05:c4:20:8c:93:61:
fb:3b:8b:e5:c2:a9:2b:a1:fd:b2:49:94:8c:87:9d:81:13:ce:
ca:c2:ee:29:6e:8c:90:56:22:8c:32:85:a3:36:58:23:f7:bd:
47:fe:9d:d6:3d:b7:c7:ad:5e:1d:dd:76:93:73:7e:5f:c1:7b:
c2:3a:f5:65:3d:f6:e3:db:c4:40:41:5b:ff:f8:89:1f:df:cd:
5f:ac:26:cf:63:c9:76:70:43:5e:1d:79:3d:89:d2:2b:65:a4:
c8:5f:dc:f6:23:3d:c7:e0:48:57:ef:4e:2c:de:8b:7c:ac:5a:
d5:6a:59:cc:4a:9c:4b:5a:40:d6:64:74:db:05:13:80:68:bb:
45:87:29:25
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZK4gGwBaXtH/wlcgW6gx3mcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQxMDIzMDgzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjUzYzE5MTE1MTJlNGUwZTdkZjNjYTZjYzkwYjZkZTUzNWFlMDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUeQJB860NXLex/4LRVYmkrC3gZn
8ByciCaVSADiZkSD3qhRrc61xnfavnMJFjFBDRR3BH2yPbxgL8UcoAaXKImNbpWZ
N14a5cj3XWqYVv6BGjG5flnpaBZ+Vozvg/o5cWju2flnwJ5ZKTQAzZfQ+kYPbcSj
fJD/7aMhiSSTSEtyISZcudqRSIAQGCn17+eM2zKFTP8ra74UURoWPaFdNW3OJfFy
2eeEmhaglRPGWKpJtyNCRvbBquTTqPkTlzbN4QntQZTDDiCa6U6cll6wI7tcoK/Y
W1deEizGDJ7t+y6vnrcDIO8jHfYDe2w/dSVMfncQ/m3e1drgx3TtsUo81wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD9TwZEVEuTg5988psyQtt5TWuCRMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvUDFQQmtSVVM1T0RuM3p5bXpKQzIzbE5hNEpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQB0ZWpCn9gTY7AtvUDq9IkR
riKcb1S/xjuf/251qH07ewxD+4KEJceWIIpNO2/oLlaf9mzoUZiblbtJDTxUIh5L
6ZCifKlRsJq8jOxG6340XARgLUxt7sM3KtFiLBz4HBqcvekiEz751p3sYeCd8pDi
rWFNufRV+0MFxCCMk2H7O4vlwqkrof2ySZSMh52BE87Kwu4pboyQViKMMoWjNlgj
971H/p3WPbfHrV4d3XaTc35fwXvCOvVlPfbj28RAQVv/+Ikf381frCbPY8l2cENe
HXk9idIrZaTIX9z2Iz3H4EhX704s3ot8rFrValnMSpxLWkDWZHTbBROAaLtFhykl
-----END CERTIFICATE-----
Generated at Wed Oct 23 19:04:57 2024 by rpki-client on console-ams.rpki-client.org