Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Rg8ns5uQKKBwpciwWBdd1fNvjLQ.roa
File: Rg8ns5uQKKBwpciwWBdd1fNvjLQ.roa (raw, json)
Hash identifier: Lw3p7FlTfhCx9BH48+GEVJnQ/NUPet79NYYIl4wOlE0=
Subject key identifier: 46:0F:27:B3:9B:90:28:A0:70:A5:C8:B0:58:17:5D:D5:F3:6F:8C:B4
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018745D70DA60AB9CFE7C7D52E265BDBF92E
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Rg8ns5uQKKBwpciwWBdd1fNvjLQ.roa
Signing time: Mon 03 Apr 2023 06:38:54 +0000
ROA not before: Mon 03 Apr 2023 06:38:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 85.133.216.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:45:d7:0d:a6:0a:b9:cf:e7:c7:d5:2e:26:5b:db:f9:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Apr 3 06:38:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=460f27b39b9028a070a5c8b058175dd5f36f8cb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:75:f6:3e:78:ef:68:52:50:3b:83:eb:de:e6:
55:6b:3f:3a:25:bc:ef:a8:77:1c:91:e2:27:b0:cd:
c6:db:5d:63:95:3a:b9:6f:df:fe:43:7f:4d:73:5f:
76:a1:34:f3:7d:27:67:be:be:29:42:ea:d8:89:17:
c7:4b:be:5f:24:4c:64:7f:89:dd:5e:34:93:02:d3:
0d:f8:7d:23:fc:63:bc:75:3c:5f:ee:00:7e:69:cd:
e8:65:1e:a4:d3:b0:ec:25:94:25:b1:c3:df:27:f5:
57:3f:f5:47:d1:2d:95:d6:84:03:5b:33:de:88:69:
aa:2b:a2:5c:00:05:72:69:53:ba:b6:2d:33:66:47:
2a:53:82:1e:3a:60:23:e9:4a:9c:13:a5:a9:11:d0:
77:55:45:ef:e8:28:5b:6b:f9:f3:e6:3c:5f:dc:a6:
14:d6:ae:18:15:36:fe:86:04:e9:05:e3:f3:f9:3e:
6f:40:97:b5:b1:0d:44:01:ba:b7:bd:ff:59:d8:7d:
06:2c:fb:25:e9:a5:17:4f:d7:af:f9:4f:a6:3d:ee:
bf:f9:c9:ff:ba:57:ce:b1:5d:15:9e:10:56:f0:3d:
19:ac:04:9d:8b:02:0b:62:d6:c8:6c:3d:aa:7d:ca:
32:5f:59:79:43:f3:a7:88:b7:2d:1c:42:8f:fb:a9:
ee:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:0F:27:B3:9B:90:28:A0:70:A5:C8:B0:58:17:5D:D5:F3:6F:8C:B4
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Rg8ns5uQKKBwpciwWBdd1fNvjLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.146.0/24
85.133.216.0/24
Signature Algorithm: sha256WithRSAEncryption
47:2d:18:dd:4f:dd:9d:03:a3:12:f5:be:09:d6:33:fe:a8:fa:
56:63:af:0d:26:20:05:55:8e:e7:09:b7:2f:e2:7b:08:80:1d:
a3:f2:68:3e:1e:a8:a1:7c:83:2d:f5:5d:a6:3f:4a:f9:89:d4:
5a:51:9d:9b:d9:89:05:23:64:cf:30:f0:14:59:c0:60:52:76:
2e:34:f7:35:20:a5:f6:8a:61:b5:ad:35:3b:6d:83:d2:61:36:
f0:65:98:41:f0:f9:b9:16:59:04:64:ff:41:16:b9:8c:a4:0d:
f8:0f:66:b1:52:79:4e:bc:99:c8:df:e5:e8:8e:4d:c0:aa:67:
cf:3e:bf:2d:2b:28:fb:19:6d:dc:8f:33:1c:d5:85:bd:6b:b8:
1c:23:1a:1a:c7:bb:7d:91:92:c7:48:75:cc:50:75:99:f1:9d:
2d:53:41:15:b0:40:a9:a4:49:0f:f5:f1:da:47:9d:79:15:11:
be:67:7d:fa:a9:b5:c9:30:e4:76:70:45:54:9f:57:a4:bd:5a:
65:fe:55:33:bf:5f:1b:9a:75:6c:6b:51:90:21:08:83:d4:55:
b7:d2:df:ad:b2:84:e3:c2:0e:02:b6:bd:88:82:34:98:17:e2:
84:2b:63:19:30:5f:e2:82:2a:5c:a4:28:bb:46:f8:6d:63:38:
fb:f5:cf:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdF1w2mCrnP58fVLiZb2/kuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNDAzMDYzODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjBmMjdiMzliOTAyOGEwNzBhNWM4YjA1ODE3NWRkNWYzNmY4Y2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnX2PnjvaFJQO4Pr3uZVaz86Jbzv
qHcckeInsM3G211jlTq5b9/+Q39Nc192oTTzfSdnvr4pQurYiRfHS75fJExkf4nd
XjSTAtMN+H0j/GO8dTxf7gB+ac3oZR6k07DsJZQlscPfJ/VXP/VH0S2V1oQDWzPe
iGmqK6JcAAVyaVO6ti0zZkcqU4IeOmAj6UqcE6WpEdB3VUXv6Chba/nz5jxf3KYU
1q4YFTb+hgTpBePz+T5vQJe1sQ1EAbq3vf9Z2H0GLPsl6aUXT9ev+U+mPe6/+cn/
ulfOsV0VnhBW8D0ZrASdiwILYtbIbD2qfcoyX1l5Q/OniLctHEKP+6nuyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEYPJ7ObkCigcKXIsFgXXdXzb4y0MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvUmc4bnM1dVFLS0J3cGNpd1dCZGQxZk52akxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVYWSAwQA
VYXYMA0GCSqGSIb3DQEBCwUAA4IBAQBHLRjdT92dA6MS9b4J1jP+qPpWY68NJiAF
VY7nCbcv4nsIgB2j8mg+HqihfIMt9V2mP0r5idRaUZ2b2YkFI2TPMPAUWcBgUnYu
NPc1IKX2imG1rTU7bYPSYTbwZZhB8Pm5FlkEZP9BFrmMpA34D2axUnlOvJnI3+Xo
jk3AqmfPPr8tKyj7GW3cjzMc1YW9a7gcIxoax7t9kZLHSHXMUHWZ8Z0tU0EVsECp
pEkP9fHaR515FRG+Z336qbXJMOR2cEVUn1ekvVpl/lUzv18bmnVsa1GQIQiD1FW3
0t+tsoTjwg4Ctr2IgjSYF+KEK2MZMF/igipcpCi7RvhtYzj79c+9
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:05 2023 by rpki-client on console-ams.rpki-client.org