Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/TYEt4jl5_YsYfV1zsWeKTZJ--vE.roa
File: TYEt4jl5_YsYfV1zsWeKTZJ--vE.roa (raw, json)
Hash identifier: a6DavKUoGl+jDNYu0AN84cuWyFXIUPnxQbqLKA981RM=
Subject key identifier: 4D:81:2D:E2:39:79:FD:8B:18:7D:5D:73:B1:67:8A:4D:92:7E:FA:F1
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018CF2FEE70A4FFFA2E60BA243DA9DC5EFDD
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/TYEt4jl5_YsYfV1zsWeKTZJ--vE.roa
Signing time: Wed 10 Jan 2024 10:50:40 +0000
ROA not before: Wed 10 Jan 2024 10:50:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.242.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.204.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.202.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.224.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 23 Jan 2024 08:17:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f2:fe:e7:0a:4f:ff:a2:e6:0b:a2:43:da:9d:c5:ef:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 10 10:50:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d812de23979fd8b187d5d73b1678a4d927efaf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7c:fa:7b:b2:43:8d:71:f2:92:6c:97:9f:f3:
50:be:09:42:a3:33:00:d9:14:fb:30:ba:9d:bd:d2:
07:62:7e:43:ca:12:8d:c4:62:8d:f6:eb:94:de:ca:
50:3e:1d:01:c1:a4:f2:35:a0:ce:d5:c3:77:82:08:
3d:76:79:29:8e:b3:64:50:9a:f6:bb:56:e3:fe:af:
b8:df:53:c2:64:f2:c0:84:be:ee:75:e6:40:2c:25:
40:d1:ed:54:88:e9:ce:99:d5:1c:3f:5c:51:b3:e7:
63:7c:0d:d3:e2:49:f1:c1:02:bb:52:82:c8:65:dc:
ed:e1:fc:18:a5:d3:98:d4:1c:5c:5b:02:a1:a5:c6:
7d:fa:d6:5a:90:9a:8f:bd:ac:d0:b0:fe:89:ca:f8:
ae:f1:57:8d:31:e8:c7:b7:14:cb:b5:cb:04:39:9d:
6d:08:b8:31:0f:c8:bd:0f:49:01:f3:fd:4d:aa:eb:
07:44:63:9e:99:f1:e2:06:4d:d1:04:0d:79:fe:2b:
21:cd:15:c6:8e:00:6a:90:cc:19:67:8a:75:bf:be:
0e:b4:f8:fe:2d:b4:f2:bf:bc:33:7a:b2:fb:f3:18:
ab:11:17:4e:10:e6:39:7a:4c:1b:9c:a3:07:9f:60:
3d:7f:c4:1c:83:7e:a7:77:4d:c6:8a:e5:37:e0:2d:
bf:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:81:2D:E2:39:79:FD:8B:18:7D:5D:73:B1:67:8A:4D:92:7E:FA:F1
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/TYEt4jl5_YsYfV1zsWeKTZJ--vE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
31:82:5d:b1:f0:2c:58:03:96:d3:c2:25:b2:b1:30:2d:39:0d:
d1:b2:0d:4e:4a:bd:45:7a:ad:43:41:3d:78:66:09:4f:7c:58:
27:13:c8:d8:48:67:5f:25:a1:af:5c:55:4e:ab:a4:f5:b2:7c:
4b:c2:52:22:81:6d:21:44:4e:cc:04:09:1e:31:0d:27:f1:4c:
75:a2:fe:42:49:ac:a7:22:26:dc:61:82:96:a3:69:d5:cf:09:
33:17:1e:04:96:ea:4d:2c:06:cf:02:68:5d:2f:cd:16:22:86:
dd:51:3a:16:d5:a7:9d:db:19:3c:61:ee:70:1d:37:17:95:32:
22:53:7a:76:04:58:93:55:df:88:72:5a:ef:70:28:d0:54:c4:
5a:1c:a4:1b:39:e0:63:93:6e:f1:3e:85:04:40:9a:34:3f:bd:
cc:61:8e:0f:02:4d:15:0d:7a:90:aa:14:18:5c:03:6e:12:e7:
65:5f:a4:98:7e:19:af:1d:12:bd:c2:07:cd:d9:2c:e3:e5:66:
36:42:05:f9:75:9b:ab:b4:b1:c9:70:4c:32:f4:b0:09:38:a7:
77:54:1e:95:96:a1:1f:87:60:ea:58:0e:83:d2:5a:02:d1:82:
ef:2b:4d:99:60:15:8c:1a:0f:57:00:74:7c:73:cd:32:07:3f:
7c:4d:b7:66
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzy/ucKT/+i5guiQ9qdxe/dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMTEwMTA1MDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDgxMmRlMjM5NzlmZDhiMTg3ZDVkNzNiMTY3OGE0ZDkyN2VmYWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnz6e7JDjXHykmyXn/NQvglCozMA
2RT7MLqdvdIHYn5DyhKNxGKN9uuU3spQPh0BwaTyNaDO1cN3ggg9dnkpjrNkUJr2
u1bj/q+431PCZPLAhL7udeZALCVA0e1UiOnOmdUcP1xRs+djfA3T4knxwQK7UoLI
Zdzt4fwYpdOY1BxcWwKhpcZ9+tZakJqPvazQsP6Jyviu8VeNMejHtxTLtcsEOZ1t
CLgxD8i9D0kB8/1NqusHRGOemfHiBk3RBA15/ishzRXGjgBqkMwZZ4p1v74OtPj+
LbTyv7wzerL78xirERdOEOY5ekwbnKMHn2A9f8Qcg36nd03GiuU34C2/mwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE2BLeI5ef2LGH1dc7Fnik2SfvrxMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvVFlFdDRqbDVfWXNZZlYxenNXZUtUWkotLXZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQAxgl2x8CxYA5bT
wiWysTAtOQ3Rsg1OSr1Feq1DQT14ZglPfFgnE8jYSGdfJaGvXFVOq6T1snxLwlIi
gW0hRE7MBAkeMQ0n8Ux1ov5CSaynIibcYYKWo2nVzwkzFx4ElupNLAbPAmhdL80W
IobdUToW1aed2xk8Ye5wHTcXlTIiU3p2BFiTVd+IclrvcCjQVMRaHKQbOeBjk27x
PoUEQJo0P73MYY4PAk0VDXqQqhQYXANuEudlX6SYfhmvHRK9wgfN2Szj5WY2QgX5
dZurtLHJcEwy9LAJOKd3VB6VlqEfh2DqWA6D0loC0YLvK02ZYBWMGg9XAHR8c80y
Bz98Tbdm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org