Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/SsKDol7h95215Ia7hFtrjdF_OWw.roa
File: SsKDol7h95215Ia7hFtrjdF_OWw.roa (raw, json)
Hash identifier: txRVGpjXXii3TE9YPc+SXByWJDHcbS/k0fv3h/Ln5L8=
Subject key identifier: 4A:C2:83:A2:5E:E1:F7:9D:B5:E4:86:BB:84:5B:6B:8D:D1:7F:39:6C
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018988405CA4876D7116F03374714175199C
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/SsKDol7h95215Ia7hFtrjdF_OWw.roa
Signing time: Mon 24 Jul 2023 14:14:26 +0000
ROA not before: Mon 24 Jul 2023 14:14:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.237.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
85.133.248.0/22 maxlen: 22
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.209.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.216.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.226.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 25 Jul 2023 08:27:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:88:40:5c:a4:87:6d:71:16:f0:33:74:71:41:75:19:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jul 24 14:14:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ac283a25ee1f79db5e486bb845b6b8dd17f396c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:43:54:30:63:ca:1d:f7:bf:0f:f1:9f:7e:d3:
38:e3:b7:62:46:3c:52:7e:52:f3:91:84:51:23:58:
5c:d3:66:c3:e4:f2:33:e5:46:27:ff:55:1a:33:17:
ed:49:6c:34:1b:ef:25:57:c8:4f:b6:4d:a0:03:44:
8a:ca:66:c1:37:36:62:18:27:7b:df:8f:0c:77:d5:
28:92:0c:41:6e:96:0b:ee:46:2a:29:62:07:2a:b4:
69:e0:a6:8c:d6:6c:c3:4e:b7:ee:91:46:b7:7b:c1:
23:e2:63:7e:cc:1b:76:b5:68:27:38:5c:22:89:06:
c3:71:a5:cb:e0:a4:ac:3d:d9:62:c5:2b:2b:84:90:
e8:ea:7c:8b:c7:03:2b:62:03:9a:ec:9e:22:22:83:
8e:92:f3:3c:41:7d:ff:b2:d7:f6:c3:94:ee:4d:f2:
2d:c2:a6:f1:05:07:f8:b0:3d:59:1e:55:d1:87:6f:
6b:9c:0b:b7:fb:06:36:39:d3:94:0c:29:ac:02:46:
4d:88:0b:f7:79:a1:b2:0b:95:c6:92:15:50:4f:55:
f7:0c:1d:65:6a:ec:7d:9b:bf:9d:14:1d:47:f2:25:
be:70:78:08:49:8a:09:3a:f2:e8:08:6c:74:89:d5:
42:51:5d:33:e6:43:f6:46:aa:31:6b:d7:a7:5d:4f:
32:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:C2:83:A2:5E:E1:F7:9D:B5:E4:86:BB:84:5B:6B:8D:D1:7F:39:6C
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/SsKDol7h95215Ia7hFtrjdF_OWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
78:3e:4f:25:0b:c5:5d:f0:c5:08:d0:80:08:01:27:c2:b0:80:
6a:21:72:84:9e:26:bc:e3:be:81:b1:6f:69:b7:62:c4:01:ba:
f6:92:08:71:42:1e:ec:39:58:ee:09:66:72:57:04:28:52:92:
07:79:55:1d:b9:c8:52:16:4d:5a:00:14:1a:30:d0:e9:f6:91:
02:39:aa:ac:49:c2:4e:56:6f:1f:74:63:38:8c:bb:e0:5f:b1:
6e:2c:4b:e7:ba:e1:52:2b:98:34:7b:36:61:c7:b8:5e:73:4d:
84:d8:b4:40:da:f7:38:12:df:be:6e:a6:dd:56:c0:3a:23:1b:
63:e3:23:9e:26:0b:9c:4e:7c:a1:b3:be:de:04:2b:46:cc:a0:
93:36:cd:9c:57:36:1d:2e:82:9c:96:21:dc:d9:ae:93:d6:1e:
44:3c:1b:d1:b8:fe:d1:d1:8b:d5:2f:e6:16:5e:9e:6d:80:7d:
7b:1e:70:72:63:ab:41:50:9d:f2:ad:e0:43:c2:73:a7:54:80:
12:30:3d:b4:37:9e:61:b5:5e:c7:05:f1:f2:7f:22:25:e2:77:
6c:64:01:e9:50:d0:04:71:ce:6e:c4:55:33:0e:d8:d5:56:ee:
ee:7f:9a:70:58:59:3d:fe:dd:15:0a:c8:42:a1:01:e8:3f:bf:
87:5f:ac:a1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYmIQFykh21xFvAzdHFBdRmcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNzI0MTQxNDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWMyODNhMjVlZTFmNzlkYjVlNDg2YmI4NDViNmI4ZGQxN2YzOTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5kNUMGPKHfe/D/GfftM447diRjxS
flLzkYRRI1hc02bD5PIz5UYn/1UaMxftSWw0G+8lV8hPtk2gA0SKymbBNzZiGCd7
348Md9UokgxBbpYL7kYqKWIHKrRp4KaM1mzDTrfukUa3e8Ej4mN+zBt2tWgnOFwi
iQbDcaXL4KSsPdlixSsrhJDo6nyLxwMrYgOa7J4iIoOOkvM8QX3/stf2w5TuTfIt
wqbxBQf4sD1ZHlXRh29rnAu3+wY2OdOUDCmsAkZNiAv3eaGyC5XGkhVQT1X3DB1l
aux9m7+dFB1H8iW+cHgISYoJOvLoCGx0idVCUV0z5kP2Rqoxa9enXU8yWwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFErCg6Je4fedteSGu4Rba43RfzlsMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvU3NLRG9sN2g5NTIxNUlhN2hGdHJqZEZfT1d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQB4Pk8lC8Vd8MUI
0IAIASfCsIBqIXKEnia8476BsW9pt2LEAbr2kghxQh7sOVjuCWZyVwQoUpIHeVUd
uchSFk1aABQaMNDp9pECOaqsScJOVm8fdGM4jLvgX7FuLEvnuuFSK5g0ezZhx7he
c02E2LRA2vc4Et++bqbdVsA6Ixtj4yOeJgucTnyhs77eBCtGzKCTNs2cVzYdLoKc
liHc2a6T1h5EPBvRuP7R0YvVL+YWXp5tgH17HnByY6tBUJ3yreBDwnOnVIASMD20
N55htV7HBfHyfyIl4ndsZAHpUNAEcc5uxFUzDtjVVu7uf5pwWFk9/t0VCshCoQHo
P7+HX6yh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org