Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/VdJHVPG6wDsdurB5lxsvvZcrQkc.roa
File: VdJHVPG6wDsdurB5lxsvvZcrQkc.roa (raw, json)
Hash identifier: guQ/hrURnrcz74n4wxFDW/7UXCwAYKmdAOcJPSrRApM=
Subject key identifier: 55:D2:47:54:F1:BA:C0:3B:1D:BA:B0:79:97:1B:2F:BD:97:2B:42:47
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018ADFEFF6E8391920EEDF6B5D9DF27C0C82
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/VdJHVPG6wDsdurB5lxsvvZcrQkc.roa
Signing time: Fri 29 Sep 2023 07:55:59 +0000
ROA not before: Fri 29 Sep 2023 07:55:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204104
IP address blocks: 85.133.132.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:df:ef:f6:e8:39:19:20:ee:df:6b:5d:9d:f2:7c:0c:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Sep 29 07:55:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55d24754f1bac03b1dbab079971b2fbd972b4247
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a1:11:ea:fe:39:33:24:ca:8d:a9:e5:a2:d2:
ec:71:77:95:ca:ca:2d:e2:b3:46:1d:5c:c0:73:22:
e2:6e:d7:c5:87:2a:5a:a5:90:d5:0f:fd:d5:cd:6e:
d8:6a:61:7d:f4:ba:7d:ea:80:f0:1a:a9:69:2e:7a:
b2:b6:ba:8a:24:65:a5:5f:e6:c7:8d:0f:56:36:1a:
2b:12:81:cd:a0:04:9c:75:95:e7:9a:8f:c5:ad:ac:
2d:72:e7:cf:81:d5:9f:18:29:f0:8c:7a:c8:fa:b2:
b5:25:26:14:7d:7b:7c:08:3e:49:b8:74:02:67:52:
e0:0b:a7:57:27:3e:30:a7:b5:d2:a4:12:8b:3b:34:
3c:54:56:4c:d1:4c:db:23:fb:53:f3:86:c7:c0:4f:
45:c4:3b:5f:bf:38:b1:43:ad:3d:3b:2c:5c:9b:23:
33:13:86:f3:b3:c0:a0:d1:b8:10:14:e5:22:94:5f:
20:96:08:26:9c:54:5e:19:2f:15:c1:21:7e:e5:96:
bb:66:fd:50:2f:16:b0:83:2b:97:af:7e:7e:f2:c0:
73:44:53:cc:1b:c5:0d:34:09:ce:3b:8b:0e:63:46:
14:0c:ef:79:30:3f:72:2d:be:31:c8:8a:4b:b1:6e:
79:4c:8d:96:2d:83:e5:26:a0:db:37:57:f1:8e:1c:
40:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:D2:47:54:F1:BA:C0:3B:1D:BA:B0:79:97:1B:2F:BD:97:2B:42:47
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/VdJHVPG6wDsdurB5lxsvvZcrQkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.132.0/24
85.133.143.0/24
85.133.166.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:d4:e2:8d:fb:11:71:c6:b2:be:22:b4:13:47:d1:32:e2:42:
08:47:0d:d0:c7:70:8e:f7:75:a5:92:86:6d:5c:8f:70:35:12:
bb:95:0a:a5:4b:f7:9f:7a:ea:5d:5f:fe:2c:24:04:af:ef:22:
d7:57:c3:ba:6c:ee:95:2c:2f:ed:5d:da:6a:5b:38:24:89:19:
13:f9:a5:4c:d0:e4:82:fc:1b:96:0a:14:c4:5f:e5:a4:ef:07:
4b:bb:30:5a:1d:e3:66:c8:03:87:29:31:66:4b:82:4e:d2:7c:
fe:2e:e1:d1:4b:eb:41:80:f0:c5:e4:58:7b:a8:34:bc:7e:6b:
d8:b3:fa:19:20:77:ef:e0:2d:89:62:db:c5:7d:2f:db:c7:ef:
46:82:d1:1a:19:f8:47:40:cf:4b:41:15:ea:14:9d:74:40:b0:
11:6d:72:e7:8f:d8:f8:c8:cb:8b:d1:67:94:50:c0:5a:54:c9:
fd:1c:9e:5d:09:d9:93:a8:81:4c:5a:3f:e0:ed:fc:3c:76:44:
35:3b:ab:40:fe:76:60:66:72:1d:d3:32:fe:c7:b6:28:47:08:
7a:94:9e:8b:39:40:91:6e:49:f7:96:66:40:5e:e3:61:a3:5a:
61:72:f6:49:6b:7c:44:97:e3:f4:2d:1c:d3:03:d0:f3:da:12:
f9:a2:1c:5c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrf7/boORkg7t9rXZ3yfAyCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwOTI5MDc1NTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWQyNDc1NGYxYmFjMDNiMWRiYWIwNzk5NzFiMmZiZDk3MmI0MjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaER6v45MyTKjanlotLscXeVysot
4rNGHVzAcyLibtfFhypapZDVD/3VzW7YamF99Lp96oDwGqlpLnqytrqKJGWlX+bH
jQ9WNhorEoHNoAScdZXnmo/FrawtcufPgdWfGCnwjHrI+rK1JSYUfXt8CD5JuHQC
Z1LgC6dXJz4wp7XSpBKLOzQ8VFZM0UzbI/tT84bHwE9FxDtfvzixQ609OyxcmyMz
E4bzs8Cg0bgQFOUilF8glggmnFReGS8VwSF+5Za7Zv1QLxawgyuXr35+8sBzRFPM
G8UNNAnOO4sOY0YUDO95MD9yLb4xyIpLsW55TI2WLYPlJqDbN1fxjhxAJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFXSR1TxusA7HbqweZcbL72XK0JHMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvVmRKSFZQRzZ3RHNkdXJCNWx4c3Z2WmNyUWtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVYWEAwQA
VYWPAwQAVYWmMA0GCSqGSIb3DQEBCwUAA4IBAQC01OKN+xFxxrK+IrQTR9Ey4kII
Rw3Qx3CO93WlkoZtXI9wNRK7lQqlS/efeupdX/4sJASv7yLXV8O6bO6VLC/tXdpq
WzgkiRkT+aVM0OSC/BuWChTEX+Wk7wdLuzBaHeNmyAOHKTFmS4JO0nz+LuHRS+tB
gPDF5Fh7qDS8fmvYs/oZIHfv4C2JYtvFfS/bx+9GgtEaGfhHQM9LQRXqFJ10QLAR
bXLnj9j4yMuL0WeUUMBaVMn9HJ5dCdmTqIFMWj/g7fw8dkQ1O6tA/nZgZnId0zL+
x7YoRwh6lJ6LOUCRbkn3lmZAXuNho1phcvZJa3xEl+P0LRzTA9Dz2hL5ohxc
-----END CERTIFICATE-----
Generated at Wed Dec 6 11:45:01 2023 by rpki-client on console-fra.rpki-client.org