Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/VsKq3MKt5Y1PeFm-eB3Zc6S_0SM.roa
File: VsKq3MKt5Y1PeFm-eB3Zc6S_0SM.roa (raw, json)
Hash identifier: mq7nPOfFRQXGifs5V6pmBRTAmTA/NWx71RaxZhQDBfY=
Subject key identifier: 56:C2:AA:DC:C2:AD:E5:8D:4F:78:59:BE:78:1D:D9:73:A4:BF:D1:23
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018906741372A228F36CB99AC2174A76EA73
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/VsKq3MKt5Y1PeFm-eB3Zc6S_0SM.roa
Signing time: Thu 29 Jun 2023 09:20:17 +0000
ROA not before: Thu 29 Jun 2023 09:20:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 11938
IP address blocks: 85.133.178.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.241.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
85.133.151.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Jul 2023 12:14:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:06:74:13:72:a2:28:f3:6c:b9:9a:c2:17:4a:76:ea:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jun 29 09:20:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56c2aadcc2ade58d4f7859be781dd973a4bfd123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:91:c4:66:14:cb:ef:4a:08:d5:83:97:6a:06:
d9:84:97:8e:f3:79:df:96:3c:43:65:06:80:d3:6c:
d4:38:74:83:a4:07:a1:b3:ad:61:56:fc:93:7f:77:
54:9c:2b:f8:34:9b:85:51:4d:98:88:66:3a:3b:af:
a5:10:c1:f2:a7:05:30:89:b3:79:81:21:66:41:02:
39:18:91:e8:d1:fc:a1:55:a3:70:f9:10:e1:fc:42:
b9:52:20:37:72:ee:6e:e6:8f:6c:44:1a:e6:f1:6a:
31:fa:85:67:92:9f:63:b9:e1:17:69:bf:a2:76:c1:
ff:e3:d2:0c:8b:35:2a:2d:0e:2d:2e:9b:05:e4:d3:
c5:6a:94:c8:b1:0d:cb:45:e0:13:52:58:41:bf:92:
47:cd:50:66:e8:90:aa:72:ba:61:56:a0:78:75:7f:
1f:d1:f6:b5:20:4c:2f:53:6c:75:e4:96:1d:f6:c1:
a0:2e:b3:eb:f4:74:2c:96:f5:8a:f6:41:c9:11:5d:
d5:3a:67:2e:1e:f4:29:d1:4b:36:01:41:d3:ab:80:
66:af:60:48:6c:d9:2b:af:c8:fe:d0:f7:e5:d0:1f:
f1:6f:2e:77:6c:d9:98:ca:26:2e:f9:65:42:8d:cf:
8e:97:bc:a1:83:fe:31:de:4b:47:9b:34:98:1e:04:
fb:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:C2:AA:DC:C2:AD:E5:8D:4F:78:59:BE:78:1D:D9:73:A4:BF:D1:23
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/VsKq3MKt5Y1PeFm-eB3Zc6S_0SM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.151.0/24
85.133.153.0/24
85.133.178.0/24
85.133.228.0/24
85.133.241.0/24
85.133.250.0/24
Signature Algorithm: sha256WithRSAEncryption
53:3f:64:e3:29:33:7b:78:a5:7f:bd:e8:81:5b:16:25:9a:84:
cd:50:b7:6d:ab:f0:3e:21:ce:a6:1a:10:da:d4:0b:3b:95:19:
64:99:be:47:00:a6:52:39:7b:ad:f6:74:0b:c6:e4:0d:e6:36:
cd:63:20:e9:5b:35:2a:9a:8b:12:61:c0:fb:a4:d8:1d:16:71:
04:3f:d1:39:c8:95:f8:a3:be:48:05:90:98:11:7c:c7:7b:16:
85:1a:a0:3f:7d:26:0d:ae:a0:5c:e2:99:5d:f4:b4:a0:7f:9a:
e3:a8:4d:51:b3:32:8b:2d:f8:0b:6f:cc:c8:eb:66:c4:89:be:
a6:c6:b0:02:58:6c:85:16:d3:1d:e0:b2:41:b1:84:cf:50:dc:
8c:6a:b3:f7:c9:28:a0:e4:76:94:88:22:de:a9:d3:d8:b3:a5:
de:5d:0b:48:4f:3a:22:cc:8b:39:1f:30:3a:1a:22:9e:52:b8:
f4:0d:f1:a3:dc:ac:d6:ec:ef:5d:4e:2e:b2:b0:c4:fa:f7:ff:
fe:3b:bc:97:81:f8:60:42:a6:58:26:89:2a:84:93:19:e5:e8:
01:b3:59:50:6a:7f:92:c8:08:58:b6:97:76:14:b5:0f:8d:b9:
b0:d0:37:19:60:1f:c1:00:34:cd:a8:b1:75:53:7a:bc:62:7f:
30:89:ed:33
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYkGdBNyoijzbLmawhdKdupzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNjI5MDkyMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmMyYWFkY2MyYWRlNThkNGY3ODU5YmU3ODFkZDk3M2E0YmZkMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZHEZhTL70oI1YOXagbZhJeO83nf
ljxDZQaA02zUOHSDpAehs61hVvyTf3dUnCv4NJuFUU2YiGY6O6+lEMHypwUwibN5
gSFmQQI5GJHo0fyhVaNw+RDh/EK5UiA3cu5u5o9sRBrm8Wox+oVnkp9jueEXab+i
dsH/49IMizUqLQ4tLpsF5NPFapTIsQ3LReATUlhBv5JHzVBm6JCqcrphVqB4dX8f
0fa1IEwvU2x15JYd9sGgLrPr9HQslvWK9kHJEV3VOmcuHvQp0Us2AUHTq4Bmr2BI
bNkrr8j+0Pfl0B/xby53bNmYyiYu+WVCjc+Ol7yhg/4x3ktHmzSYHgT7qwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFbCqtzCreWNT3hZvngd2XOkv9EjMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvVnNLcTNNS3Q1WTFQZUZtLWVCM1pjNlNfMFNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVYWXAwQA
VYWZAwQAVYWyAwQAVYXkAwQAVYXxAwQAVYX6MA0GCSqGSIb3DQEBCwUAA4IBAQBT
P2TjKTN7eKV/veiBWxYlmoTNULdtq/A+Ic6mGhDa1As7lRlkmb5HAKZSOXut9nQL
xuQN5jbNYyDpWzUqmosSYcD7pNgdFnEEP9E5yJX4o75IBZCYEXzHexaFGqA/fSYN
rqBc4pld9LSgf5rjqE1RszKLLfgLb8zI62bEib6mxrACWGyFFtMd4LJBsYTPUNyM
arP3ySig5HaUiCLeqdPYs6XeXQtITzoizIs5HzA6GiKeUrj0DfGj3KzW7O9dTi6y
sMT69//+O7yXgfhgQqZYJokqhJMZ5egBs1lQan+SyAhYtpd2FLUPjbmw0DcZYB/B
ADTNqLF1U3q8Yn8wie0z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org