Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Rwb3iwqHMlDmJGLAIiwOW8CSzYk.roa
File: Rwb3iwqHMlDmJGLAIiwOW8CSzYk.roa (raw, json)
Hash identifier: HN/8FwYUISvFL0R+dM5OEaAekNWa6V1AVZoppXdjop8=
Subject key identifier: 47:06:F7:8B:0A:87:32:50:E6:24:62:C0:22:2C:0E:5B:C0:92:CD:89
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018CDF3568019803D2A0952F9C9CA7B53D39
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Rwb3iwqHMlDmJGLAIiwOW8CSzYk.roa
Signing time: Sat 06 Jan 2024 14:37:48 +0000
ROA not before: Sat 06 Jan 2024 14:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.204.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.202.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.209.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.224.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 08 Jan 2024 08:49:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:df:35:68:01:98:03:d2:a0:95:2f:9c:9c:a7:b5:3d:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 6 14:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4706f78b0a873250e62462c0222c0e5bc092cd89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b0:d5:ab:fe:8d:92:c4:cd:aa:72:8b:7a:a7:
1c:10:50:53:29:8e:a6:84:aa:bc:c7:4a:f1:b4:a4:
af:c4:06:11:ac:4e:52:d7:13:5c:12:15:f1:a6:e4:
b2:ec:bb:1a:c2:96:75:2b:5d:15:35:bb:b7:74:7f:
c2:27:30:c8:d7:e9:99:fa:f5:17:fa:5b:5f:46:3d:
91:68:4d:3c:22:7c:0c:79:7d:51:5c:21:b2:73:f4:
64:7b:06:20:3f:bc:8f:e5:54:f1:b2:4f:a9:a5:36:
a0:b3:73:32:32:30:42:55:a0:4d:32:84:0b:3b:47:
4e:0c:ba:a0:35:54:da:e9:f2:ca:1c:1c:24:7a:d8:
1c:00:c2:98:0d:76:4c:44:20:b2:9d:06:dc:8f:05:
1c:29:41:62:8c:b2:81:0f:69:12:32:bb:12:2d:dd:
33:c6:a1:da:b5:c9:fe:0f:5f:a3:b9:08:f2:84:6e:
af:0d:73:ba:0a:47:aa:d3:48:91:7a:3f:09:27:05:
d1:77:a6:ab:7c:50:b0:5d:df:ac:e9:e2:cb:76:7b:
b6:ea:ce:95:36:43:b5:a2:ce:e0:8e:62:fb:03:59:
bc:d9:42:63:3d:b9:66:cb:ac:3b:e7:62:ef:1c:3a:
2f:00:5e:53:0e:2c:cf:c0:07:dd:ce:e1:fd:42:74:
6c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:06:F7:8B:0A:87:32:50:E6:24:62:C0:22:2C:0E:5B:C0:92:CD:89
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Rwb3iwqHMlDmJGLAIiwOW8CSzYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
93:5c:b9:c5:97:6e:bc:ca:f0:0a:5f:e6:cc:b7:8b:10:72:88:
29:e2:1b:ab:94:6f:18:0b:5c:5f:06:b2:b7:a9:a8:6c:50:53:
d0:37:50:89:34:fa:c4:64:b8:0f:f4:1e:c7:5d:78:e5:ef:7d:
34:c0:8a:ee:55:aa:83:86:c7:bf:33:7b:8a:f4:71:3c:8b:e1:
93:7b:c4:e1:cd:d2:52:a5:58:52:6a:5c:08:af:8b:c7:cb:19:
fe:d4:71:6a:d6:ce:7f:23:f4:02:ab:86:4e:6f:2c:cc:3b:62:
a3:10:ab:a5:a6:3e:1e:78:19:be:09:d4:5a:7a:dd:a0:bb:f4:
4e:d8:f0:03:5c:93:86:e2:58:d9:5f:02:70:85:d5:40:17:b4:
5b:31:df:ff:9a:96:9a:b8:8f:9a:3c:a5:f1:48:3b:2d:93:8d:
1f:43:5a:2c:2c:69:c0:f0:b5:87:af:53:c3:fb:49:38:48:96:
59:a8:1f:fd:36:79:15:96:41:e8:33:6c:16:72:d7:6f:bc:8e:
34:d5:76:e0:cf:63:50:cc:c8:2d:f5:49:81:56:69:2d:15:a0:
fe:d6:b8:6f:fe:c8:bc:76:2b:97:18:9a:fd:b4:29:45:ff:2c:
14:21:cc:d4:6b:55:ab:6d:75:22:37:d9:a4:3d:9e:5a:20:20:
fb:c0:a4:82
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzfNWgBmAPSoJUvnJyntT05MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMTA2MTQzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzA2Zjc4YjBhODczMjUwZTYyNDYyYzAyMjJjMGU1YmMwOTJjZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbDVq/6NksTNqnKLeqccEFBTKY6m
hKq8x0rxtKSvxAYRrE5S1xNcEhXxpuSy7LsawpZ1K10VNbu3dH/CJzDI1+mZ+vUX
+ltfRj2RaE08InwMeX1RXCGyc/RkewYgP7yP5VTxsk+ppTags3MyMjBCVaBNMoQL
O0dODLqgNVTa6fLKHBwketgcAMKYDXZMRCCynQbcjwUcKUFijLKBD2kSMrsSLd0z
xqHatcn+D1+juQjyhG6vDXO6Ckeq00iRej8JJwXRd6arfFCwXd+s6eLLdnu26s6V
NkO1os7gjmL7A1m82UJjPblmy6w752LvHDovAF5TDizPwAfdzuH9QnRsrwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEcG94sKhzJQ5iRiwCIsDlvAks2JMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvUndiM2l3cUhNbERtSkdMQUlpd09XOENTellrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQCTXLnFl268yvAK
X+bMt4sQcogp4hurlG8YC1xfBrK3qahsUFPQN1CJNPrEZLgP9B7HXXjl7300wIru
VaqDhse/M3uK9HE8i+GTe8ThzdJSpVhSalwIr4vHyxn+1HFq1s5/I/QCq4ZObyzM
O2KjEKulpj4eeBm+CdRaet2gu/RO2PADXJOG4ljZXwJwhdVAF7RbMd//mpaauI+a
PKXxSDstk40fQ1osLGnA8LWHr1PD+0k4SJZZqB/9NnkVlkHoM2wWctdvvI401Xbg
z2NQzMgt9UmBVmktFaD+1rhv/si8diuXGJr9tClF/ywUIczUa1WrbXUiN9mkPZ5a
ICD7wKSC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org