Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/U2FWvg6S7kS9z5EzSShI8tEIAtw.roa
File: U2FWvg6S7kS9z5EzSShI8tEIAtw.roa (raw, json)
Hash identifier: i0dnSz1UVbosGDEsRXiEx9Q7fSKe5Qp9pbV+bXz78aU=
Subject key identifier: 53:61:56:BE:0E:92:EE:44:BD:CF:91:33:49:28:48:F2:D1:08:02:DC
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018A31EF4710C79527F773575548EFBDBEEC
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/U2FWvg6S7kS9z5EzSShI8tEIAtw.roa
Signing time: Sat 26 Aug 2023 13:01:19 +0000
ROA not before: Sat 26 Aug 2023 13:01:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.233.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.241.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.199.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.205.0/24 maxlen: 24
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.202.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 08 Oct 2023 08:33:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:31:ef:47:10:c7:95:27:f7:73:57:55:48:ef:bd:be:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Aug 26 13:01:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=536156be0e92ee44bdcf9133492848f2d10802dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d9:21:6c:cd:34:e7:24:ed:59:5d:e4:bf:19:
89:b0:5b:66:25:a2:89:dd:9a:ca:58:69:48:0b:2b:
2b:17:f6:c3:90:f5:12:de:75:64:d9:f5:3b:d4:00:
37:cc:c6:50:78:ba:86:cd:30:b3:aa:32:10:f9:82:
cf:02:b2:7b:f6:e0:6c:b6:30:43:3c:21:36:be:8b:
b6:e9:e3:2f:1d:f4:9e:ae:99:72:3c:e2:b3:0a:a1:
28:a4:d2:0c:e5:59:10:23:79:c8:c9:47:20:5c:fe:
30:76:0d:9e:09:ac:4e:c7:d9:bc:45:ca:39:f5:60:
34:55:15:d3:bf:30:65:8c:3c:5e:04:a7:20:84:b2:
12:80:24:d5:7c:d9:a1:b3:37:bf:d0:65:6e:fa:59:
85:24:d8:2d:b3:27:4d:8f:1f:a5:9e:b3:8a:12:7d:
77:81:4b:66:d0:e7:03:5d:34:55:fe:0a:9e:b0:b2:
a0:a9:50:09:40:9c:50:47:30:21:ca:3c:a4:f9:0b:
c4:65:cd:da:dc:56:59:25:01:17:7b:fb:2d:b5:28:
b2:10:90:6e:c6:a0:9a:09:6b:c3:a0:cb:d1:c5:a3:
32:70:92:f6:2d:69:d1:14:18:1f:d1:41:02:01:5f:
18:9e:9c:7b:8c:0b:1a:49:b6:69:18:c6:11:51:03:
64:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:61:56:BE:0E:92:EE:44:BD:CF:91:33:49:28:48:F2:D1:08:02:DC
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/U2FWvg6S7kS9z5EzSShI8tEIAtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
13:b9:28:45:d4:ac:f2:ef:bd:d9:94:54:5e:97:e6:73:6e:36:
0f:84:8c:b9:e5:c5:e4:2d:a3:6d:27:00:72:df:e7:4c:5e:e7:
0c:04:8e:89:25:17:00:72:16:d4:45:e1:e0:c2:7b:2a:5e:09:
a8:2b:df:21:1e:ff:82:5a:4c:64:d4:63:7b:36:8e:24:18:d9:
b3:36:0a:92:c0:77:ff:63:b0:3f:84:8a:6e:a5:cc:f9:d1:9d:
a1:f5:e8:a4:b1:59:85:4c:50:da:19:aa:5d:48:d2:92:6e:93:
8b:c0:6c:ea:22:8e:70:27:b2:7c:fe:a8:d2:79:fa:a8:35:30:
68:40:05:92:e9:bb:ee:d1:29:67:ef:02:bc:9b:e5:97:2f:42:
50:ae:47:bd:b2:37:98:22:35:7f:6f:8f:cb:6b:fc:2a:ec:c9:
f9:96:58:cd:70:2a:e4:cb:e3:d4:c9:87:96:7f:e8:72:62:03:
6d:b5:01:3c:e8:f4:c0:42:49:a8:e4:a9:ca:2c:d5:e3:8f:ce:
b7:00:55:ea:4f:a0:c5:a3:93:38:fe:01:14:9d:55:aa:6a:b7:
5c:0e:9c:c5:d6:74:45:b6:02:79:ef:53:a5:03:86:1b:ce:b8:
cd:b3:2b:12:c5:4c:0d:f5:a6:83:f4:6b:fa:6b:c2:ec:a3:94:
fa:33:52:24
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYox70cQx5Un93NXVUjvvb7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwODI2MTMwMTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzYxNTZiZTBlOTJlZTQ0YmRjZjkxMzM0OTI4NDhmMmQxMDgwMmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9khbM005yTtWV3kvxmJsFtmJaKJ
3ZrKWGlICysrF/bDkPUS3nVk2fU71AA3zMZQeLqGzTCzqjIQ+YLPArJ79uBstjBD
PCE2vou26eMvHfSerplyPOKzCqEopNIM5VkQI3nIyUcgXP4wdg2eCaxOx9m8Rco5
9WA0VRXTvzBljDxeBKcghLISgCTVfNmhsze/0GVu+lmFJNgtsydNjx+lnrOKEn13
gUtm0OcDXTRV/gqesLKgqVAJQJxQRzAhyjyk+QvEZc3a3FZZJQEXe/sttSiyEJBu
xqCaCWvDoMvRxaMycJL2LWnRFBgf0UECAV8Ynpx7jAsaSbZpGMYRUQNkawIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFNhVr4Oku5Evc+RM0koSPLRCALcMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvVTJGV3ZnNlM3a1M5ejVFelNTaEk4dEVJQXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQATuShF1Kzy773Z
lFRel+ZzbjYPhIy55cXkLaNtJwBy3+dMXucMBI6JJRcAchbUReHgwnsqXgmoK98h
Hv+CWkxk1GN7No4kGNmzNgqSwHf/Y7A/hIpupcz50Z2h9eiksVmFTFDaGapdSNKS
bpOLwGzqIo5wJ7J8/qjSefqoNTBoQAWS6bvu0Sln7wK8m+WXL0JQrke9sjeYIjV/
b4/La/wq7Mn5lljNcCrky+PUyYeWf+hyYgNttQE86PTAQkmo5KnKLNXjj863AFXq
T6DFo5M4/gEUnVWqardcDpzF1nRFtgJ571OlA4YbzrjNsysSxUwN9aaD9Gv6a8Ls
o5T6M1Ik
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org