Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/W2ks2ot8bvwFTZkcp4MifEuag2s.roa
File: W2ks2ot8bvwFTZkcp4MifEuag2s.roa (raw, json)
Hash identifier: M8ibIqbFMGrDalL2fU02cLNqGy+xL+TgjsIc/OGSYkw=
Subject key identifier: 5B:69:2C:DA:8B:7C:6E:FC:05:4D:99:1C:A7:83:22:7C:4B:9A:83:6B
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018B41AC8494CA9AA6FD750183E7F20B3389
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/W2ks2ot8bvwFTZkcp4MifEuag2s.roa
Signing time: Wed 18 Oct 2023 07:25:07 +0000
ROA not before: Wed 18 Oct 2023 07:25:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211056
IP address blocks: 85.133.194.0/24 maxlen: 24
85.133.216.0/24 maxlen: 24
85.133.233.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.237.0/24 maxlen: 24
85.133.236.0/24 maxlen: 24
85.133.241.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:41:ac:84:94:ca:9a:a6:fd:75:01:83:e7:f2:0b:33:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Oct 18 07:25:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b692cda8b7c6efc054d991ca783227c4b9a836b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9b:84:aa:ac:31:14:75:e6:90:3f:ac:81:97:
61:63:d8:5d:ba:40:16:1f:7b:68:ae:8a:c2:80:d7:
e5:1d:98:14:63:04:e2:01:55:2d:73:95:3c:ec:3d:
56:5c:8f:3f:3c:a3:65:b7:9d:e1:30:7c:a0:f1:16:
cc:06:c2:31:06:98:57:9c:23:07:28:dc:61:10:58:
11:59:4e:60:96:6e:92:6f:79:3a:a0:3b:05:35:56:
a6:a3:03:ae:db:24:e0:91:41:6f:c9:70:1c:f9:d2:
2d:6a:ce:e1:cd:ca:40:a7:07:08:7c:ab:ff:4f:eb:
cd:3c:b6:42:6b:5f:2f:c2:6f:62:47:e7:bb:2f:81:
de:31:e1:2e:ae:ee:db:6c:12:f9:bf:63:4b:ed:73:
a3:4d:3d:76:fc:ee:2f:f5:3e:84:55:8d:df:ff:7b:
8a:73:a2:3d:a8:9e:1e:c5:ee:d8:58:0c:3c:35:3f:
8e:0b:81:2d:a2:5f:5c:dd:37:b5:22:0e:53:a8:a5:
68:4a:5d:40:6a:ab:2a:c3:1f:f0:81:63:51:8e:13:
81:40:c3:79:f7:1d:b8:c6:43:ad:7f:b8:46:3a:9b:
88:cd:18:ed:a4:9f:da:d0:1d:d3:07:7c:b0:1f:0e:
ec:b2:b3:97:9b:03:e1:b3:ae:77:71:04:bd:7d:a9:
bf:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:69:2C:DA:8B:7C:6E:FC:05:4D:99:1C:A7:83:22:7C:4B:9A:83:6B
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/W2ks2ot8bvwFTZkcp4MifEuag2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.194.0/24
85.133.216.0/24
85.133.233.0/24
85.133.236.0-85.133.238.255
85.133.241.0/24
85.133.253.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:e2:d7:9a:95:f0:9e:72:6f:57:0e:a8:4e:16:4a:9a:5c:91:
d7:eb:94:f8:e9:ae:c0:d3:e1:f8:a7:6c:05:aa:fa:15:e5:ca:
6a:cc:5c:fa:15:2b:42:aa:46:6b:7f:9e:71:84:e0:d5:d8:56:
b4:5c:12:af:b0:f3:e6:2b:36:ab:1e:1c:4a:15:18:c1:69:56:
1a:15:d7:82:a6:68:4d:be:ba:b0:6c:e1:51:19:30:16:d1:4b:
70:97:6f:6a:d2:00:26:af:16:4a:a6:13:cf:cb:d9:25:f3:9d:
04:3f:d0:46:77:d1:c2:37:dd:be:b7:aa:fe:31:9f:a7:08:42:
08:7c:c2:6f:a7:8f:63:9f:f6:af:48:e9:2f:f7:a5:34:f8:d9:
65:8a:cb:74:a7:7a:e7:6d:45:82:c0:de:1a:1f:c5:29:7d:45:
8c:0a:2d:81:11:60:8c:1c:2e:c9:06:37:e2:2a:96:bc:d7:2c:
33:bc:61:52:da:c0:c5:d4:a4:94:af:42:e8:59:49:20:47:50:
03:f6:77:18:8b:46:77:3e:10:84:86:2c:ef:8f:69:70:dc:9e:
8e:ab:96:03:ee:94:03:8c:e0:ae:7e:30:3a:58:5f:94:cf:ef:
6a:3d:aa:83:36:5f:4e:3a:6d:df:1a:f2:40:d9:8e:33:b0:66:
db:c0:59:e3
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYtBrISUypqm/XUBg+fyCzOJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMxMDE4MDcyNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjY5MmNkYThiN2M2ZWZjMDU0ZDk5MWNhNzgzMjI3YzRiOWE4MzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZuEqqwxFHXmkD+sgZdhY9hdukAW
H3tororCgNflHZgUYwTiAVUtc5U87D1WXI8/PKNlt53hMHyg8RbMBsIxBphXnCMH
KNxhEFgRWU5glm6Sb3k6oDsFNVamowOu2yTgkUFvyXAc+dItas7hzcpApwcIfKv/
T+vNPLZCa18vwm9iR+e7L4HeMeEuru7bbBL5v2NL7XOjTT12/O4v9T6EVY3f/3uK
c6I9qJ4exe7YWAw8NT+OC4Etol9c3Te1Ig5TqKVoSl1Aaqsqwx/wgWNRjhOBQMN5
9x24xkOtf7hGOpuIzRjtpJ/a0B3TB3ywHw7ssrOXmwPhs653cQS9fam//QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFFtpLNqLfG78BU2ZHKeDInxLmoNrMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvVzJrczJvdDhidndGVFprY3A0TWlmRXVhZzJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAVYXCAwQA
VYXYAwQAVYXpMAwDBAJVhewDBABVhe4DBABVhfEDBABVhf0wDQYJKoZIhvcNAQEL
BQADggEBAEvi15qV8J5yb1cOqE4WSppckdfrlPjprsDT4finbAWq+hXlymrMXPoV
K0KqRmt/nnGE4NXYVrRcEq+w8+YrNqseHEoVGMFpVhoV14KmaE2+urBs4VEZMBbR
S3CXb2rSACavFkqmE8/L2SXznQQ/0EZ30cI33b63qv4xn6cIQgh8wm+nj2Of9q9I
6S/3pTT42WWKy3SneudtRYLA3hofxSl9RYwKLYERYIwcLskGN+IqlrzXLDO8YVLa
wMXUpJSvQuhZSSBHUAP2dxiLRnc+EISGLO+PaXDcno6rlgPulAOM4K5+MDpYX5TP
72o9qoM2X046bd8a8kDZjjOwZtvAWeM=
-----END CERTIFICATE-----
Generated at Wed Nov 1 13:20:10 2023 by rpki-client on console-fra.rpki-client.org