Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Sg7CGSdsgUKQOkiNG25Vr_fthVw.roa
File: Sg7CGSdsgUKQOkiNG25Vr_fthVw.roa (raw, json)
Hash identifier: 0MGQTUbcnJ34BEsVjnWukcv5MNUtyCiiQDLrJ4GW5Cw=
Subject key identifier: 4A:0E:C2:19:27:6C:81:42:90:3A:48:8D:1B:6E:55:AF:F7:ED:85:5C
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 019119710C1092B1C834A1C0379D7D7A5F31
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Sg7CGSdsgUKQOkiNG25Vr_fthVw.roa
Signing time: Sat 03 Aug 2024 18:12:04 +0000
ROA not before: Sat 03 Aug 2024 18:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 12 Aug 2024 06:35:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:19:71:0c:10:92:b1:c8:34:a1:c0:37:9d:7d:7a:5f:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Aug 3 18:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a0ec219276c8142903a488d1b6e55aff7ed855c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c5:a3:db:50:6e:2b:f0:55:a6:26:b1:0c:54:
3c:28:fc:a1:a4:d2:1e:fd:60:e3:27:1d:28:1a:12:
2e:11:36:7a:1d:27:85:22:9d:d8:72:cb:ea:77:4e:
ab:d1:b0:c7:91:24:2c:76:9a:a4:4f:46:52:55:7b:
f5:55:9a:9c:7f:8e:51:2f:ff:1e:7b:8f:a0:cb:56:
3b:97:4f:98:e1:de:de:18:a1:ad:62:07:e5:5e:66:
f9:8b:b6:a3:02:74:c1:4a:4f:f5:6e:b0:7f:32:c9:
c2:59:58:6c:a2:80:08:98:d6:29:d3:1f:d7:ac:2a:
3e:76:eb:05:51:b2:11:b1:f2:4f:e7:20:c6:ed:4e:
6b:8c:16:5a:1a:86:78:f5:b2:d1:d5:2e:33:f0:35:
36:65:3b:e0:04:73:2b:2f:7f:c6:7d:80:19:f9:66:
1d:49:d6:aa:3f:ca:4a:20:c6:0f:76:9b:9b:fa:42:
23:ff:da:96:ab:3f:ed:c5:bf:d2:65:5a:18:84:ef:
55:d4:56:f7:b4:0a:4e:e6:d4:a2:f9:df:1d:3a:8c:
f7:71:3b:e5:9d:75:ec:35:82:9e:e4:be:23:a0:9d:
a0:f6:d4:59:c2:b1:76:6a:6c:49:34:e3:6d:f8:4b:
3c:1e:69:dd:4a:ca:70:6e:06:0c:8e:83:31:cb:c6:
6d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:0E:C2:19:27:6C:81:42:90:3A:48:8D:1B:6E:55:AF:F7:ED:85:5C
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Sg7CGSdsgUKQOkiNG25Vr_fthVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.1.0-185.41.3.255
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
10:1c:13:10:70:71:c9:77:2a:cf:96:a7:d9:62:cb:ed:ad:3c:
41:8f:1c:48:16:99:ee:35:7b:21:f1:23:69:fd:7a:6f:80:9f:
7b:42:1c:64:23:a5:ea:a8:4e:1c:ba:ef:9f:85:44:67:23:83:
6a:09:cc:47:d3:e6:52:df:bc:58:dc:60:42:d0:d1:43:52:59:
07:74:36:e9:ce:0a:d0:1b:18:f9:c1:13:e3:26:3a:24:81:35:
9a:82:9d:05:ee:d7:03:10:32:ff:99:80:bb:1c:26:d0:1f:84:
fe:16:e8:91:cf:5c:73:43:56:31:92:55:46:ef:04:d9:30:48:
98:c8:83:24:fb:8e:d5:d7:eb:a8:30:ea:dc:db:0c:fe:f8:02:
4c:85:a4:ce:ea:d9:5e:5e:a9:d2:10:9a:eb:4e:06:14:11:21:
dd:fd:91:44:b7:94:6f:5f:13:d7:00:d2:e1:90:25:f3:fa:09:
ab:6f:06:bb:80:af:84:dd:01:d7:f3:8d:ae:24:68:cd:65:d6:
00:54:5d:f0:d7:3b:79:db:ec:c1:a8:ee:8e:4c:22:98:e4:58:
d1:dd:95:e8:27:da:22:a1:a2:4c:38:cb:cb:5a:fa:90:02:e6:
24:0b:a6:1a:5d:8f:58:de:6b:d7:90:94:42:de:d1:43:64:46:
c6:c4:0a:f2
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZEZcQwQkrHINKHAN519el8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwODAzMTgxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTBlYzIxOTI3NmM4MTQyOTAzYTQ4OGQxYjZlNTVhZmY3ZWQ4NTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcWj21BuK/BVpiaxDFQ8KPyhpNIe
/WDjJx0oGhIuETZ6HSeFIp3Ycsvqd06r0bDHkSQsdpqkT0ZSVXv1VZqcf45RL/8e
e4+gy1Y7l0+Y4d7eGKGtYgflXmb5i7ajAnTBSk/1brB/MsnCWVhsooAImNYp0x/X
rCo+dusFUbIRsfJP5yDG7U5rjBZaGoZ49bLR1S4z8DU2ZTvgBHMrL3/GfYAZ+WYd
SdaqP8pKIMYPdpub+kIj/9qWqz/txb/SZVoYhO9V1Fb3tApO5tSi+d8dOoz3cTvl
nXXsNYKe5L4joJ2g9tRZwrF2amxJNONt+Es8HmndSspwbgYMjoMxy8Zt0QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEoOwhknbIFCkDpIjRtuVa/37YVcMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvU2c3Q0dTZHNnVUtRT2tpTkcyNVZyX2Z0aFZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQHVYWAMAwD
BAC5KQEDBAK5KQAwDQQCAAIwBwMFAyoEh8AwDQYJKoZIhvcNAQELBQADggEBABAc
ExBwccl3Ks+Wp9liy+2tPEGPHEgWme41eyHxI2n9em+An3tCHGQjpeqoThy675+F
RGcjg2oJzEfT5lLfvFjcYELQ0UNSWQd0NunOCtAbGPnBE+MmOiSBNZqCnQXu1wMQ
Mv+ZgLscJtAfhP4W6JHPXHNDVjGSVUbvBNkwSJjIgyT7jtXX66gw6tzbDP74AkyF
pM7q2V5eqdIQmutOBhQRId39kUS3lG9fE9cA0uGQJfP6CatvBruAr4TdAdfzja4k
aM1l1gBUXfDXO3nb7MGo7o5MIpjkWNHdlegn2iKhokw4y8ta+pAC5iQLphpdj1je
a9eQlELe0UNkRsbECvI=
-----END CERTIFICATE-----
Generated at Mon Aug 12 10:21:01 2024 by rpki-client on console-fra.rpki-client.org