Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/X1X6QrqhPzHwQhUCbckZMhBXBbM.roa
File: X1X6QrqhPzHwQhUCbckZMhBXBbM.roa (raw, json)
Hash identifier: 668y5XPI5iEx6qB/RgnTJ30oeNMPdQ+XPJUDktQmRqo=
Subject key identifier: 5F:55:FA:42:BA:A1:3F:31:F0:42:15:02:6D:C9:19:32:10:57:05:B3
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01872CBD81305169146AEE8348E0A4FBA45F
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/X1X6QrqhPzHwQhUCbckZMhBXBbM.roa
Signing time: Wed 29 Mar 2023 09:40:29 +0000
ROA not before: Wed 29 Mar 2023 09:40:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52209
IP address blocks: 85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.233.0/24 maxlen: 24
85.133.237.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.234.0/24 maxlen: 24
85.133.241.0/24 maxlen: 24
85.133.242.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.194.0/24 maxlen: 24
85.133.199.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.151.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Apr 2023 19:44:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2c:bd:81:30:51:69:14:6a:ee:83:48:e0:a4:fb:a4:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Mar 29 09:40:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f55fa42baa13f31f04215026dc91932105705b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:da:cc:41:da:c9:32:08:ae:5c:22:dc:23:c5:
6c:91:3a:9f:40:f6:81:aa:ce:e5:21:a5:a9:ea:0d:
ff:30:c4:f5:54:9e:20:8b:b8:5a:a0:73:32:c6:48:
31:b9:9d:73:53:c1:7b:0f:a2:85:0b:4a:c2:39:e9:
b7:30:0d:25:9a:7a:2e:6e:8a:57:4f:f5:56:9e:0b:
d2:56:cb:a6:fd:e7:67:66:6a:20:31:14:b7:6b:df:
86:5f:ff:a0:cf:78:cd:5a:76:58:58:85:fa:82:e5:
af:d8:f2:9d:5d:3a:bc:31:77:fb:6a:2d:01:47:f0:
d1:95:81:6e:81:20:82:01:e3:5f:6a:66:c9:6f:75:
fa:80:46:62:49:0d:72:d2:df:3a:82:a6:fb:ea:21:
51:42:dc:bd:60:53:a5:b7:b7:68:bf:a3:fb:e0:40:
4f:e5:a5:7f:22:1e:4c:23:68:56:f2:00:0e:e7:3f:
7c:e8:6e:f0:9d:54:61:b0:e1:80:e3:79:d2:0a:9a:
fa:16:dc:f0:ff:fc:81:5c:ce:d7:55:7b:ee:1c:70:
c8:96:d2:35:fa:62:f2:90:97:22:b5:9e:1e:c5:df:
ec:be:66:c8:dd:a5:25:df:4e:7c:31:da:03:ac:b3:
e0:19:1b:e5:2a:d6:d8:d8:26:0f:07:2b:18:af:69:
1e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:55:FA:42:BA:A1:3F:31:F0:42:15:02:6D:C9:19:32:10:57:05:B3
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/X1X6QrqhPzHwQhUCbckZMhBXBbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.132.0/24
85.133.135.0/24
85.133.143.0/24
85.133.151.0/24
85.133.153.0/24
85.133.160.0/23
85.133.166.0/24
85.133.174.0/24
85.133.194.0/24
85.133.199.0/24
85.133.205.0/24
85.133.208.0/24
85.133.219.0/24
85.133.221.0/24
85.133.227.0-85.133.228.255
85.133.233.0-85.133.234.255
85.133.237.0-85.133.238.255
85.133.241.0-85.133.242.255
85.133.250.0/24
Signature Algorithm: sha256WithRSAEncryption
91:ca:bf:7a:42:6c:85:af:6e:82:4d:91:1c:f6:d1:55:16:f5:
82:dd:25:bc:19:24:9f:e4:71:40:8d:5d:84:4a:27:67:a3:f2:
ef:55:aa:41:d0:4e:1a:6b:33:96:67:8b:1e:c8:bd:6f:15:05:
16:09:8f:db:b5:2d:43:8f:6f:98:44:08:58:7a:b4:97:22:64:
a0:58:a7:93:c7:02:0c:61:ba:30:d5:f1:6f:ce:9e:59:40:5a:
f4:db:37:90:ca:b8:f7:d0:ed:c4:b4:51:cb:fc:64:e2:d5:bf:
ff:b6:bb:ef:2d:9f:92:3a:7b:5d:da:ff:f4:e3:46:82:6e:f9:
35:e9:14:a8:5a:36:60:d4:98:a5:f1:0a:e5:66:55:88:9d:54:
f5:c8:ce:6a:4e:ff:83:d3:bc:7c:5f:f4:5e:8d:a6:b4:64:df:
75:d3:14:3c:7d:ca:05:93:4c:09:5d:0d:e9:15:69:b4:48:a6:
89:d3:c1:8f:cd:4a:3f:dd:a2:3e:de:82:8f:35:c5:bb:1a:34:
4d:64:04:46:ce:96:3c:bf:af:a7:c4:19:df:a8:f6:11:f7:50:
5f:0a:aa:19:31:a2:8e:ba:57:0b:c1:d0:24:5e:4e:1b:06:5f:
17:a0:0b:0c:fc:31:8e:54:1d:24:bf:79:c0:9a:ae:8b:c9:32:
7b:d8:ed:35
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAYcsvYEwUWkUau6DSOCk+6RfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwMzI5MDk0MDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjU1ZmE0MmJhYTEzZjMxZjA0MjE1MDI2ZGM5MTkzMjEwNTcwNWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNrMQdrJMgiuXCLcI8VskTqfQPaB
qs7lIaWp6g3/MMT1VJ4gi7haoHMyxkgxuZ1zU8F7D6KFC0rCOem3MA0lmnoubopX
T/VWngvSVsum/ednZmogMRS3a9+GX/+gz3jNWnZYWIX6guWv2PKdXTq8MXf7ai0B
R/DRlYFugSCCAeNfambJb3X6gEZiSQ1y0t86gqb76iFRQty9YFOlt7dov6P74EBP
5aV/Ih5MI2hW8gAO5z986G7wnVRhsOGA43nSCpr6Ftzw//yBXM7XVXvuHHDIltI1
+mLykJcitZ4exd/svmbI3aUl3058MdoDrLPgGRvlKtbY2CYPBysYr2kejQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFF9V+kK6oT8x8EIVAm3JGTIQVwWzMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvWDFYNlFycWhQekh3UWhVQ2Jja1pNaEJYQmJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBABV
hYQDBABVhYcDBABVhY8DBABVhZcDBABVhZkDBAFVhaADBABVhaYDBABVha4DBABV
hcIDBABVhccDBABVhc0DBABVhdADBABVhdsDBABVhd0wDAMEAFWF4wMEAFWF5DAM
AwQAVYXpAwQAVYXqMAwDBABVhe0DBABVhe4wDAMEAFWF8QMEAFWF8gMEAFWF+jAN
BgkqhkiG9w0BAQsFAAOCAQEAkcq/ekJsha9ugk2RHPbRVRb1gt0lvBkkn+RxQI1d
hEonZ6Py71WqQdBOGmszlmeLHsi9bxUFFgmP27UtQ49vmEQIWHq0lyJkoFink8cC
DGG6MNXxb86eWUBa9Ns3kMq499DtxLRRy/xk4tW//7a77y2fkjp7Xdr/9ONGgm75
NekUqFo2YNSYpfEK5WZViJ1U9cjOak7/g9O8fF/0Xo2mtGTfddMUPH3KBZNMCV0N
6RVptEimidPBj81KP92iPt6CjzXFuxo0TWQERs6WPL+vp8QZ36j2EfdQXwqqGTGi
jrpXC8HQJF5OGwZfF6ALDPwxjlQdJL95wJqui8kye9jtNQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org