Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/SfPVmQaVFcXitA3DLHKcWyEocek.roa
File: SfPVmQaVFcXitA3DLHKcWyEocek.roa (raw, json)
Hash identifier: c/uPaATjHvI1vVntZS0IFiW1SbS9Wv4zmeDymBoqivk=
Subject key identifier: 49:F3:D5:99:06:95:15:C5:E2:B4:0D:C3:2C:72:9C:5B:21:28:71:E9
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0190FD16BF31867061E4590538E47EA8EE67
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/SfPVmQaVFcXitA3DLHKcWyEocek.roa
Signing time: Mon 29 Jul 2024 06:04:04 +0000
ROA not before: Mon 29 Jul 2024 06:04:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.224.0/23 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 31 Jul 2024 07:41:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fd:16:bf:31:86:70:61:e4:59:05:38:e4:7e:a8:ee:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jul 29 06:04:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49f3d599069515c5e2b40dc32c729c5b212871e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3a:c1:e9:cf:23:b3:01:a5:5e:13:62:d5:6f:
cf:bb:5e:ac:3c:f2:80:6a:ce:64:1f:58:1c:7a:18:
0c:d6:eb:6c:92:c6:8c:1c:e1:37:ce:0a:51:a9:87:
30:1b:34:1b:9c:b2:6a:ea:b5:b1:87:21:73:0b:77:
47:2b:07:51:47:e1:8c:dc:5f:29:fc:c4:ba:aa:85:
aa:53:fa:47:bb:0e:14:49:30:87:c9:6c:8d:e6:7f:
ef:b8:1d:80:f5:29:03:71:ab:1e:6c:c8:40:aa:6a:
5f:06:93:b6:6d:9f:2c:6f:46:93:53:92:33:63:72:
05:c7:cc:8a:2b:0e:82:cc:8e:6d:4b:a7:32:af:f9:
bb:e3:88:56:c0:32:ba:f4:2a:cc:92:a8:1f:17:a0:
48:2c:d8:2f:50:7b:8f:f9:9d:9a:79:7c:52:34:f9:
f6:2b:32:6b:f0:6c:c3:3b:b1:7a:7e:fb:e1:4c:ad:
bc:97:a0:af:25:64:02:bf:70:4d:4a:94:2a:d4:e9:
29:b6:62:07:9b:25:fd:60:f6:56:08:83:f6:4f:2e:
24:51:5e:c7:ce:97:08:81:af:6b:0e:83:d6:4c:cc:
dd:90:2b:af:21:bc:cb:c5:1b:14:7d:31:4b:c6:0e:
8e:2a:a9:f4:bf:90:5f:ec:2a:2b:ac:f0:c5:60:d7:
20:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:F3:D5:99:06:95:15:C5:E2:B4:0D:C3:2C:72:9C:5B:21:28:71:E9
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/SfPVmQaVFcXitA3DLHKcWyEocek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.1.0-185.41.3.255
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
ab:e0:75:ac:95:e0:7d:be:18:7a:b4:0c:14:19:53:c3:5b:75:
14:af:cd:ef:05:39:44:c3:fa:64:b3:72:fa:07:27:2c:21:84:
f0:e2:19:8f:1e:3c:98:3a:05:5c:75:ef:25:8c:23:42:f9:aa:
3c:aa:7c:b1:20:39:c6:53:15:17:33:a6:5f:f2:50:ad:e3:c7:
9b:ab:8e:30:99:c7:dd:87:d5:80:6b:2e:81:87:a6:75:0c:d3:
3d:c7:6c:c4:11:0e:0b:83:69:e1:c8:77:59:29:54:55:bc:62:
b4:06:2c:72:bd:75:cb:4d:0c:2a:d3:81:3a:23:36:ef:14:bb:
b7:55:c0:22:4c:d8:14:88:f9:e6:8c:b8:9c:da:fc:1d:3c:32:
b7:ff:c7:a2:d6:e9:6f:bc:24:19:69:db:c6:62:59:dd:6d:1b:
7f:a8:59:19:69:0a:fc:1e:07:e3:b3:c8:ad:a7:2f:80:98:22:
a9:18:03:ef:f3:61:22:90:12:59:d7:16:ee:39:63:73:64:73:
16:4e:6d:7e:01:b6:c9:7a:84:82:ca:be:b6:df:ae:3f:0a:b3:
2c:4f:08:97:b6:ea:d0:1e:94:49:fb:bf:93:3e:37:76:0c:bd:
bb:57:ef:79:df:8a:7e:51:8c:54:ec:55:e2:34:79:70:ab:61:
66:58:3f:0a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZD9Fr8xhnBh5FkFOOR+qO5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwNzI5MDYwNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWYzZDU5OTA2OTUxNWM1ZTJiNDBkYzMyYzcyOWM1YjIxMjg3MWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzrB6c8jswGlXhNi1W/Pu16sPPKA
as5kH1gcehgM1utsksaMHOE3zgpRqYcwGzQbnLJq6rWxhyFzC3dHKwdRR+GM3F8p
/MS6qoWqU/pHuw4USTCHyWyN5n/vuB2A9SkDcasebMhAqmpfBpO2bZ8sb0aTU5Iz
Y3IFx8yKKw6CzI5tS6cyr/m744hWwDK69CrMkqgfF6BILNgvUHuP+Z2aeXxSNPn2
KzJr8GzDO7F6fvvhTK28l6CvJWQCv3BNSpQq1OkptmIHmyX9YPZWCIP2Ty4kUV7H
zpcIga9rDoPWTMzdkCuvIbzLxRsUfTFLxg6OKqn0v5Bf7CorrPDFYNcg7QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEnz1ZkGlRXF4rQNwyxynFshKHHpMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvU2ZQVm1RYVZGY1hpdEEzRExIS2NXeUVvY2VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQHVYWAMAwD
BAC5KQEDBAK5KQAwDQQCAAIwBwMFAyoEh8AwDQYJKoZIhvcNAQELBQADggEBAKvg
dayV4H2+GHq0DBQZU8NbdRSvze8FOUTD+mSzcvoHJywhhPDiGY8ePJg6BVx17yWM
I0L5qjyqfLEgOcZTFRczpl/yUK3jx5urjjCZx92H1YBrLoGHpnUM0z3HbMQRDguD
aeHId1kpVFW8YrQGLHK9dctNDCrTgTojNu8Uu7dVwCJM2BSI+eaMuJza/B08Mrf/
x6LW6W+8JBlp28ZiWd1tG3+oWRlpCvweB+OzyK2nL4CYIqkYA+/zYSKQElnXFu45
Y3NkcxZObX4Btsl6hILKvrbfrj8KsyxPCJe26tAelEn7v5M+N3YMvbtX73nfin5R
jFTsVeI0eXCrYWZYPwo=
-----END CERTIFICATE-----
Generated at Wed Jul 31 10:33:50 2024 by rpki-client on console-fra.rpki-client.org