Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/PvuBbcrFIqHduYDB5ewG_LkFQTM.roa
File: PvuBbcrFIqHduYDB5ewG_LkFQTM.roa (raw, json)
Hash identifier: oBxG2b7L5gnts3UnDmSs/mpaN4GprBW/gtktcWG2EPE=
Subject key identifier: 3E:FB:81:6D:CA:C5:22:A1:DD:B9:80:C1:E5:EC:06:FC:B9:05:41:33
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0191FA35B2B11F9926D08F686AB7D3547F3B
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/PvuBbcrFIqHduYDB5ewG_LkFQTM.roa
Signing time: Mon 16 Sep 2024 09:41:48 +0000
ROA not before: Mon 16 Sep 2024 09:41:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 17 Sep 2024 12:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:fa:35:b2:b1:1f:99:26:d0:8f:68:6a:b7:d3:54:7f:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Sep 16 09:41:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3efb816dcac522a1ddb980c1e5ec06fcb9054133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:38:f3:24:dd:2c:b8:4a:4b:ca:e6:f4:26:31:
c3:0d:d9:53:6e:11:42:97:ad:7d:b7:99:1f:df:11:
31:8b:88:41:43:af:36:03:f7:e1:fb:45:05:35:24:
06:63:4c:2c:c4:bd:63:0b:9a:f1:22:bf:d0:2d:ef:
36:f6:a2:36:60:51:ca:e2:38:49:58:6a:2f:69:b8:
25:c3:c2:20:2b:85:3b:9b:f8:93:a5:cc:73:4b:75:
ae:8f:03:d1:0e:08:42:26:d5:33:a9:73:3b:ff:1f:
43:87:54:1b:f0:0c:e3:63:04:6b:f2:5e:94:10:4b:
1c:55:29:e3:51:44:d7:35:75:31:f0:bb:88:7d:3f:
bc:21:4f:6d:d1:64:d2:88:30:09:8c:89:2f:a6:07:
ac:bb:6d:dc:e7:bc:ba:7f:f6:56:39:bd:33:ce:2e:
84:02:06:ea:57:81:08:67:fa:a4:8e:45:13:48:31:
5d:a7:4d:c7:af:74:e1:eb:a1:1e:cd:a0:ee:dc:1c:
45:72:3f:94:76:d7:03:3e:42:7a:62:48:0b:7f:84:
84:81:48:8a:bd:bc:41:40:86:ee:ec:7c:29:8f:0f:
25:08:bf:74:83:91:1b:99:9e:c3:49:7b:46:56:24:
ba:c4:f2:f3:0e:5d:17:40:8f:e1:84:69:c1:6a:dc:
1b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:FB:81:6D:CA:C5:22:A1:DD:B9:80:C1:E5:EC:06:FC:B9:05:41:33
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/PvuBbcrFIqHduYDB5ewG_LkFQTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
7e:bc:97:10:9c:dc:ba:3a:63:d6:bb:fa:64:bc:8d:ec:05:e6:
63:ee:9b:49:63:2d:a8:e3:f2:80:5e:72:18:25:9a:5f:8f:35:
bb:7a:17:f9:fd:cb:f8:a5:bb:72:74:5e:19:d4:b7:07:ec:00:
30:ee:6c:8b:89:e6:01:54:37:4b:44:3b:36:d4:bd:63:61:0b:
38:76:d7:69:f9:46:ed:1d:05:6a:fd:d2:32:55:6d:fa:33:d4:
3d:84:f3:06:2b:76:9a:28:98:7c:8e:38:e1:24:6b:cd:d3:09:
6b:eb:34:00:22:f9:81:19:28:f4:29:6c:f6:1a:0b:69:b4:33:
9a:f8:78:44:5a:3c:15:1b:e2:76:ee:e5:d5:ae:31:0a:1a:47:
6e:21:89:11:15:7c:56:81:69:f6:88:f5:05:72:95:b5:80:4d:
d7:eb:4d:09:15:b3:93:cc:1f:50:a6:6c:5c:56:36:e6:ba:f3:
d9:83:d4:6a:3e:ec:c2:59:a2:78:63:08:56:80:5c:7b:bc:a6:
49:6d:f2:dd:9e:36:30:0f:9d:ba:7e:87:07:4e:47:e8:6f:7a:
f3:46:d0:fe:3c:be:56:45:d6:a4:80:85:22:25:32:bf:f7:a4:
72:4e:74:c5:46:c2:f2:9a:f3:da:ae:67:ef:b1:8e:72:02:4f:
1a:e9:3e:b2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZH6NbKxH5km0I9oarfTVH87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwOTE2MDk0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWZiODE2ZGNhYzUyMmExZGRiOTgwYzFlNWVjMDZmY2I5MDU0MTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zjzJN0suEpLyub0JjHDDdlTbhFC
l619t5kf3xExi4hBQ682A/fh+0UFNSQGY0wsxL1jC5rxIr/QLe829qI2YFHK4jhJ
WGovabglw8IgK4U7m/iTpcxzS3WujwPRDghCJtUzqXM7/x9Dh1Qb8AzjYwRr8l6U
EEscVSnjUUTXNXUx8LuIfT+8IU9t0WTSiDAJjIkvpgesu23c57y6f/ZWOb0zzi6E
AgbqV4EIZ/qkjkUTSDFdp03Hr3Th66EezaDu3BxFcj+UdtcDPkJ6YkgLf4SEgUiK
vbxBQIbu7Hwpjw8lCL90g5EbmZ7DSXtGViS6xPLzDl0XQI/hhGnBatwbywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD77gW3KxSKh3bmAweXsBvy5BUEzMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvUHZ1QmJjckZJcUhkdVlEQjVld0dfTGtGUVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQB+vJcQnNy6OmPWu/pkvI3s
BeZj7ptJYy2o4/KAXnIYJZpfjzW7ehf5/cv4pbtydF4Z1LcH7AAw7myLieYBVDdL
RDs21L1jYQs4dtdp+UbtHQVq/dIyVW36M9Q9hPMGK3aaKJh8jjjhJGvN0wlr6zQA
IvmBGSj0KWz2GgtptDOa+HhEWjwVG+J27uXVrjEKGkduIYkRFXxWgWn2iPUFcpW1
gE3X600JFbOTzB9QpmxcVjbmuvPZg9RqPuzCWaJ4YwhWgFx7vKZJbfLdnjYwD526
focHTkfob3rzRtD+PL5WRdakgIUiJTK/96RyTnTFRsLymvParmfvsY5yAk8a6T6y
-----END CERTIFICATE-----
Generated at Tue Sep 17 18:26:53 2024 by rpki-client on console-ams.rpki-client.org