Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/V2CctsK_u0ocp6C1AUARoaC4fRs.roa
File: V2CctsK_u0ocp6C1AUARoaC4fRs.roa (raw, json)
Hash identifier: yU1r70vIYCHbFdxHwxZeEO6/ZMQhAgPr3/AA6lUz64o=
Subject key identifier: 57:60:9C:B6:C2:BF:BB:4A:1C:A7:A0:B5:01:40:11:A1:A0:B8:7D:1B
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0194027795CE991A4CFDEBFE4CA3F4368C1E
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/V2CctsK_u0ocp6C1AUARoaC4fRs.roa
Signing time: Thu 26 Dec 2024 10:16:19 +0000
ROA not before: Thu 26 Dec 2024 10:16:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198154
IP address blocks: 85.133.221.0/24 maxlen: 24
85.133.224.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:02:77:95:ce:99:1a:4c:fd:eb:fe:4c:a3:f4:36:8c:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Dec 26 10:16:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57609cb6c2bfbb4a1ca7a0b5014011a1a0b87d1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c6:e2:93:9a:04:77:12:02:3d:02:25:f7:8f:
ce:35:12:51:a5:85:40:b6:e3:bb:3d:3b:02:ab:78:
3d:f2:f0:d0:36:2f:5c:7c:9a:1d:a4:3d:60:9f:3e:
21:b0:2d:2f:e8:08:57:2d:4e:44:a1:eb:f8:27:d4:
b9:26:3e:ea:29:70:ab:ed:84:f9:03:48:d9:d1:d0:
e8:b7:13:ec:73:ac:aa:55:49:43:0a:83:1d:2a:d1:
eb:70:cc:ff:3e:1b:ca:be:af:56:49:65:c1:b4:2d:
03:dc:94:c1:eb:97:b1:f2:ba:59:1f:47:ca:03:45:
fe:5d:c2:ac:8f:94:61:4f:a6:a4:db:68:d3:ef:d3:
2f:19:d4:90:59:e9:9f:4d:66:48:b1:ca:9d:10:e0:
72:8a:23:ab:bc:35:56:10:57:1c:d9:f9:45:8f:77:
44:58:db:74:58:6e:42:83:79:22:9a:87:e8:d4:d0:
bf:e7:61:1a:05:83:43:85:84:d3:33:cc:5e:d9:e3:
8b:e6:6b:34:a3:95:22:f2:20:4b:2a:e3:72:5e:88:
42:3a:54:a3:fd:15:65:33:d9:7a:11:62:52:47:d0:
4a:72:a6:4e:be:32:fb:28:8c:d6:49:4b:7d:7f:ec:
a6:c0:34:27:46:f5:59:04:c3:a3:e2:75:39:79:9a:
1f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:60:9C:B6:C2:BF:BB:4A:1C:A7:A0:B5:01:40:11:A1:A0:B8:7D:1B
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/V2CctsK_u0ocp6C1AUARoaC4fRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.221.0/24
85.133.224.0/24
85.133.250.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:e6:74:1c:04:80:40:66:cb:86:52:9d:af:c6:8b:f3:62:fb:
09:e9:b2:02:e9:ba:2c:84:b6:e7:4b:fb:4a:b1:15:d5:d2:b1:
5d:f3:34:f9:c1:7c:c3:43:24:30:44:36:1c:e0:76:2e:e8:ae:
ed:ed:cf:10:da:f4:b6:71:fd:46:7f:f4:23:92:6f:d8:64:44:
2e:2d:8c:6f:35:ff:0a:63:53:fc:5e:ef:3f:55:c8:82:1f:90:
7d:55:97:8a:b3:da:e8:b5:ca:0c:77:67:75:98:87:a2:31:68:
7a:fc:41:dd:a8:b0:ea:5e:90:fb:9e:08:e7:52:2d:5e:2e:60:
5b:9f:f7:29:1a:d8:21:fd:8f:4f:dc:8f:1e:a2:46:3c:ef:ab:
b5:89:4c:34:a1:28:ef:16:1d:32:b6:49:cc:61:06:8c:64:8e:
02:cf:c0:25:2a:2e:a0:2f:10:b7:b5:8b:75:43:ef:d5:98:c1:
7b:a3:9b:74:31:db:2e:ab:f4:a4:b6:e5:e6:03:60:8e:d9:6a:
66:7c:7e:66:9a:68:62:a3:f5:35:a4:2b:10:6e:45:e8:b7:05:
81:6c:64:56:7d:05:dd:c8:46:d9:29:1e:00:74:21:45:15:a6:
68:d6:d5:64:69:10:d0:d3:5d:3f:44:6a:1a:27:d6:fe:93:d5:
3a:03:b0:cc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQCd5XOmRpM/ev+TKP0NoweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQxMjI2MTAxNjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzYwOWNiNmMyYmZiYjRhMWNhN2EwYjUwMTQwMTFhMWEwYjg3ZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusbik5oEdxICPQIl94/ONRJRpYVA
tuO7PTsCq3g98vDQNi9cfJodpD1gnz4hsC0v6AhXLU5Eoev4J9S5Jj7qKXCr7YT5
A0jZ0dDotxPsc6yqVUlDCoMdKtHrcMz/PhvKvq9WSWXBtC0D3JTB65ex8rpZH0fK
A0X+XcKsj5RhT6ak22jT79MvGdSQWemfTWZIscqdEOByiiOrvDVWEFcc2flFj3dE
WNt0WG5Cg3kimofo1NC/52EaBYNDhYTTM8xe2eOL5ms0o5Ui8iBLKuNyXohCOlSj
/RVlM9l6EWJSR9BKcqZOvjL7KIzWSUt9f+ymwDQnRvVZBMOj4nU5eZofDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFdgnLbCv7tKHKegtQFAEaGguH0bMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvVjJDY3RzS191MG9jcDZDMUFVQVJvYUM0ZlJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVYXdAwQA
VYXgAwQAVYX6MA0GCSqGSIb3DQEBCwUAA4IBAQBu5nQcBIBAZsuGUp2vxovzYvsJ
6bIC6boshLbnS/tKsRXV0rFd8zT5wXzDQyQwRDYc4HYu6K7t7c8Q2vS2cf1Gf/Qj
km/YZEQuLYxvNf8KY1P8Xu8/VciCH5B9VZeKs9rotcoMd2d1mIeiMWh6/EHdqLDq
XpD7ngjnUi1eLmBbn/cpGtgh/Y9P3I8eokY876u1iUw0oSjvFh0ytknMYQaMZI4C
z8AlKi6gLxC3tYt1Q+/VmMF7o5t0Mdsuq/SktuXmA2CO2WpmfH5mmmhio/U1pCsQ
bkXotwWBbGRWfQXdyEbZKR4AdCFFFaZo1tVkaRDQ010/RGoaJ9b+k9U6A7DM
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:42:26 2025 by rpki-client