Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Uw7G1_OjwmGt8afueQJ_9mOsC04.roa
File: Uw7G1_OjwmGt8afueQJ_9mOsC04.roa (raw, json)
Hash identifier: lFCXwtaMc8DvpBqNF5n+ck9amYvZAAv5KsbZ2YYhCZM=
Subject key identifier: 53:0E:C6:D7:F3:A3:C2:61:AD:F1:A7:EE:79:02:7F:F6:63:AC:0B:4E
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0194215A14219D7CA4D3B9BC5F6DCF609F29
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Uw7G1_OjwmGt8afueQJ_9mOsC04.roa
Signing time: Wed 01 Jan 2025 10:12:19 +0000
ROA not before: Wed 01 Jan 2025 10:12:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214922
IP address blocks: 85.133.201.0/24 maxlen: 24
85.133.202.0/24 maxlen: 24
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:5a:14:21:9d:7c:a4:d3:b9:bc:5f:6d:cf:60:9f:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 1 10:12:19 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=530ec6d7f3a3c261adf1a7ee79027ff663ac0b4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:01:a3:c2:be:f8:7d:70:76:9d:4f:b5:7d:5d:
e2:41:6d:b8:a3:37:5b:94:d5:0b:54:24:61:90:9a:
98:40:43:b4:a6:e0:0a:e8:75:0a:cc:b1:40:2e:d5:
42:05:d2:a9:04:d1:68:b0:97:f3:f0:2e:6e:86:19:
1a:e8:d9:26:bf:75:4e:a9:4c:1b:07:27:64:d9:35:
a0:fe:f8:95:98:39:b1:fb:a4:73:80:31:b1:59:f3:
9b:97:8b:5c:50:2f:8a:63:25:75:6c:6e:38:b9:21:
57:96:f3:d2:7a:50:1e:6c:b2:5c:3c:25:40:8e:76:
04:2d:3b:e6:2b:52:a0:d9:27:d0:73:24:a8:8a:1e:
0c:28:46:ba:ac:ad:48:0c:e4:44:88:eb:eb:4f:d4:
23:9b:26:60:86:ab:9d:a1:bf:ef:1b:c4:62:a6:ec:
f2:31:3c:ee:88:a3:16:35:00:2d:a5:4f:b6:d4:89:
6e:a2:3a:e1:a1:0f:cc:f8:0b:05:70:0f:5a:54:5c:
97:7c:ba:9f:7f:c1:11:b8:4d:05:34:b8:bb:00:06:
ce:6d:4d:1f:b2:88:e6:91:e5:6a:e5:e7:ed:42:cf:
72:21:df:8b:45:6c:fb:ab:ae:2e:f3:09:7b:e5:63:
46:ca:fe:43:e3:3b:de:9b:10:42:28:7b:5c:97:0d:
28:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:0E:C6:D7:F3:A3:C2:61:AD:F1:A7:EE:79:02:7F:F6:63:AC:0B:4E
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Uw7G1_OjwmGt8afueQJ_9mOsC04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.201.0-85.133.204.255
85.133.238.0/24
Signature Algorithm: sha256WithRSAEncryption
16:46:29:24:85:1d:46:94:5d:ec:91:1e:85:f7:80:c3:8a:8d:
87:2c:e6:bb:c0:4d:a1:ed:94:58:28:8c:5b:7b:af:f9:fb:de:
ba:35:98:55:9a:ee:1a:fe:ea:95:61:4f:00:ab:d4:14:e6:25:
e8:83:f1:d8:98:3a:ab:3b:43:8e:d8:0f:e7:98:9e:eb:1f:0c:
46:71:14:71:01:9a:6d:f5:5e:67:1c:ff:59:a9:24:77:1f:f2:
c7:5a:57:4b:1e:ba:e8:31:41:f6:dd:f6:f1:2c:a7:56:13:f8:
11:47:1c:1e:bb:65:1b:b9:70:91:ab:77:a4:a9:d1:83:f8:da:
6d:5f:c3:79:4d:a0:ee:54:12:74:28:be:cf:d0:43:ac:b0:5b:
cb:7e:61:e4:b4:18:f5:a3:10:ee:d3:19:03:8b:0c:29:96:c2:
fc:81:a8:f0:fe:ca:03:95:ad:4c:51:05:c5:ee:bd:a9:a4:b5:
bc:27:4b:c6:53:6d:31:f8:3d:b0:8d:84:c4:b1:8a:6d:bb:01:
a7:c2:9d:66:56:2d:10:9e:fb:8d:46:8c:be:dc:ad:ad:ad:d0:
7d:eb:d3:6c:40:59:74:34:8d:80:33:f9:5c:6e:1b:50:0f:2c:
32:39:7a:b5:25:82:72:6a:a7:62:3a:80:2b:8b:fa:82:82:ce:
75:83:d0:80
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQhWhQhnXyk07m8X23PYJ8pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwMTAxMTAxMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzBlYzZkN2YzYTNjMjYxYWRmMWE3ZWU3OTAyN2ZmNjYzYWMwYjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4AGjwr74fXB2nU+1fV3iQW24ozdb
lNULVCRhkJqYQEO0puAK6HUKzLFALtVCBdKpBNFosJfz8C5uhhka6Nkmv3VOqUwb
Bydk2TWg/viVmDmx+6RzgDGxWfObl4tcUC+KYyV1bG44uSFXlvPSelAebLJcPCVA
jnYELTvmK1Kg2SfQcySoih4MKEa6rK1IDOREiOvrT9QjmyZghqudob/vG8Ripuzy
MTzuiKMWNQAtpU+21IluojrhoQ/M+AsFcA9aVFyXfLqff8ERuE0FNLi7AAbObU0f
sojmkeVq5eftQs9yId+LRWz7q64u8wl75WNGyv5D4zvemxBCKHtclw0o6wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFMOxtfzo8JhrfGn7nkCf/ZjrAtOMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvVXc3RzFfT2p3bUd0OGFmdWVRSl85bU9zQzA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABVhckD
BABVhcwDBABVhe4wDQYJKoZIhvcNAQELBQADggEBABZGKSSFHUaUXeyRHoX3gMOK
jYcs5rvATaHtlFgojFt7r/n73ro1mFWa7hr+6pVhTwCr1BTmJeiD8diYOqs7Q47Y
D+eYnusfDEZxFHEBmm31Xmcc/1mpJHcf8sdaV0seuugxQfbd9vEsp1YT+BFHHB67
ZRu5cJGrd6Sp0YP42m1fw3lNoO5UEnQovs/QQ6ywW8t+YeS0GPWjEO7TGQOLDCmW
wvyBqPD+ygOVrUxRBcXuvamktbwnS8ZTbTH4PbCNhMSxim27AafCnWZWLRCe+41G
jL7cra2t0H3r02xAWXQ0jYAz+VxuG1APLDI5erUlgnJqp2I6gCuL+oKCznWD0IA=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:15:34 2025 by rpki-client