Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/ShVd7hRf0ETuOk_Rv4Vcmn8AVR8.roa
File: ShVd7hRf0ETuOk_Rv4Vcmn8AVR8.roa (raw, json)
Hash identifier: oU5CpGLDfwj83N8d564bcWs7njO3I/M2CapHopcK1yI=
Subject key identifier: 4A:15:5D:EE:14:5F:D0:44:EE:3A:4F:D1:BF:85:5C:9A:7F:00:55:1F
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018572710951E28A5D4C05E037265B923A02
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/ShVd7hRf0ETuOk_Rv4Vcmn8AVR8.roa
Signing time: Mon 02 Jan 2023 12:24:48 +0000
ROA not before: Mon 02 Jan 2023 12:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 85.133.225.0/24 maxlen: 24
85.133.236.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Mar 2023 10:17:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:09:51:e2:8a:5d:4c:05:e0:37:26:5b:92:3a:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 2 12:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a155dee145fd044ee3a4fd1bf855c9a7f00551f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:19:02:58:c1:32:2d:e9:34:68:4e:f8:e5:29:
59:56:89:b9:82:7b:71:2d:f4:4c:24:20:01:0e:79:
7b:32:61:f2:13:82:5d:86:93:6f:3b:e1:45:ea:29:
58:d2:37:a0:5a:eb:5a:31:ba:a1:ad:f9:b8:58:c4:
ca:8b:63:ce:31:79:4d:2e:0a:2e:8c:a6:eb:0d:75:
fd:ea:1b:a1:41:91:0f:93:d3:69:a9:ce:1f:7b:11:
08:65:91:8b:7e:8c:01:12:91:65:bf:16:c2:45:71:
76:59:e0:79:ef:ba:ba:5b:d3:50:a7:3d:cf:e1:b9:
41:51:3b:3c:c6:77:4e:4b:32:f7:7d:cd:bb:7a:56:
e7:d8:a8:d9:dc:de:97:18:29:0f:47:15:b0:71:b2:
e9:52:63:7e:ae:6e:01:02:43:f5:c8:40:48:20:22:
8e:c4:bf:90:a5:01:68:ac:ff:16:1e:97:71:e6:cf:
43:43:54:46:5d:fc:f5:90:5b:cc:1c:bc:21:46:52:
44:b8:d4:8b:8e:5f:b4:2b:f1:5b:82:aa:0c:7b:6b:
66:38:16:6b:8c:f2:59:bc:40:f3:11:1c:83:1a:d0:
02:4b:76:ae:79:36:00:4d:20:f1:de:fd:11:d2:d2:
b0:76:5e:6d:f0:b1:c0:9f:55:60:4d:31:43:91:a2:
2a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:15:5D:EE:14:5F:D0:44:EE:3A:4F:D1:BF:85:5C:9A:7F:00:55:1F
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/ShVd7hRf0ETuOk_Rv4Vcmn8AVR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.164.0/24
85.133.225.0/24
85.133.236.0/24
Signature Algorithm: sha256WithRSAEncryption
79:d2:8b:b1:95:b9:3a:d1:83:ff:05:7e:29:ef:8d:76:2b:67:
e5:ed:6a:76:e9:21:83:1f:41:00:04:c3:c4:f1:48:fa:d1:2d:
5e:e7:66:c6:8c:4f:e6:f7:45:f8:7e:05:c9:87:65:91:4d:17:
0c:b2:17:2d:a7:91:d6:13:dc:b9:4a:01:95:2d:f0:c8:5f:da:
19:c6:7d:a7:e9:ea:cf:4b:1a:88:12:51:d0:7d:4c:a1:31:cc:
25:d9:c8:03:0c:fd:ac:c8:0e:f3:7e:ff:71:77:73:11:a8:c4:
77:8a:af:8a:ef:53:79:40:65:26:24:e9:22:48:86:23:bf:0b:
f6:36:43:47:4b:06:2a:5c:2c:b7:93:ba:26:f7:b4:36:56:66:
31:d0:8b:35:ec:a7:82:fe:8c:e8:86:40:e4:45:e5:65:6d:63:
96:21:5f:f4:c9:72:71:82:39:d3:5a:59:7f:45:fe:db:27:0d:
ee:16:5a:26:4a:12:49:12:86:0d:4b:55:c0:5c:65:dd:00:74:
f7:c7:07:2d:fb:23:d0:a7:d9:27:7f:7c:83:2d:aa:8b:9d:26:
be:bc:0d:99:f4:c9:d6:30:9b:4c:81:c9:82:a8:38:20:db:6c:
ed:ef:e8:3e:76:f0:86:96:aa:d8:53:08:76:e0:62:49:78:51:
1f:65:db:a4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVycQlR4opdTAXgNyZbkjoCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwMTAyMTIyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTE1NWRlZTE0NWZkMDQ0ZWUzYTRmZDFiZjg1NWM5YTdmMDA1NTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRkCWMEyLek0aE745SlZVom5gntx
LfRMJCABDnl7MmHyE4JdhpNvO+FF6ilY0jegWutaMbqhrfm4WMTKi2POMXlNLgou
jKbrDXX96huhQZEPk9Npqc4fexEIZZGLfowBEpFlvxbCRXF2WeB577q6W9NQpz3P
4blBUTs8xndOSzL3fc27elbn2KjZ3N6XGCkPRxWwcbLpUmN+rm4BAkP1yEBIICKO
xL+QpQForP8WHpdx5s9DQ1RGXfz1kFvMHLwhRlJEuNSLjl+0K/FbgqoMe2tmOBZr
jPJZvEDzERyDGtACS3aueTYATSDx3v0R0tKwdl5t8LHAn1VgTTFDkaIqJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEoVXe4UX9BE7jpP0b+FXJp/AFUfMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvU2hWZDdoUmYwRVR1T2tfUnY0VmNtbjhBVlI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVYWkAwQA
VYXhAwQAVYXsMA0GCSqGSIb3DQEBCwUAA4IBAQB50ouxlbk60YP/BX4p7412K2fl
7Wp26SGDH0EABMPE8Uj60S1e52bGjE/m90X4fgXJh2WRTRcMshctp5HWE9y5SgGV
LfDIX9oZxn2n6erPSxqIElHQfUyhMcwl2cgDDP2syA7zfv9xd3MRqMR3iq+K71N5
QGUmJOkiSIYjvwv2NkNHSwYqXCy3k7om97Q2VmYx0Is17KeC/ozohkDkReVlbWOW
IV/0yXJxgjnTWll/Rf7bJw3uFlomShJJEoYNS1XAXGXdAHT3xwct+yPQp9knf3yD
LaqLnSa+vA2Z9MnWMJtMgcmCqDgg22zt7+g+dvCGlqrYUwh24GJJeFEfZduk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org