Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Y_VatMiTPBJ6eRjfrOfoKrPMbGo.roa
File: Y_VatMiTPBJ6eRjfrOfoKrPMbGo.roa (raw, json)
Hash identifier: akjH6vownpxnp/PN50k+aHQy6f1I5zeocQySDRY4yTk=
Subject key identifier: 63:F5:5A:B4:C8:93:3C:12:7A:79:18:DF:AC:E7:E8:2A:B3:CC:6C:6A
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0192B393BE6E6F8020F0F9500EBA7D74D0AB
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Y_VatMiTPBJ6eRjfrOfoKrPMbGo.roa
Signing time: Tue 22 Oct 2024 09:34:17 +0000
ROA not before: Tue 22 Oct 2024 09:34:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.167.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.168.0/24 maxlen: 24
85.133.170.0/24 maxlen: 24
85.133.171.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.175.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.176.0/24 maxlen: 24
85.133.177.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.180.0/24 maxlen: 24
85.133.181.0/24 maxlen: 24
85.133.182.0/24 maxlen: 24
85.133.183.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.184.0/24 maxlen: 24
85.133.185.0/24 maxlen: 24
85.133.186.0/24 maxlen: 24
85.133.187.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.188.0/24 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.190.0/24 maxlen: 24
85.133.191.0/24 maxlen: 24
85.133.192.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.214.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.248.0/24 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 22 Oct 2024 13:59:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:93:be:6e:6f:80:20:f0:f9:50:0e:ba:7d:74:d0:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Oct 22 09:34:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63f55ab4c8933c127a7918dface7e82ab3cc6c6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:be:7f:ab:64:92:d1:b5:b3:96:60:7e:6f:03:
03:b7:c2:6a:d3:4f:11:45:b7:1e:90:5d:cb:95:94:
b8:95:ad:8b:39:dc:9f:b4:e5:6b:ae:01:69:e5:fe:
77:c6:6f:2d:8e:30:e0:f6:1b:f1:ad:04:32:71:59:
f4:86:32:5b:44:0d:09:41:84:e9:51:b8:0c:ca:19:
c0:96:77:11:d0:48:46:05:90:0d:52:18:c5:34:73:
b7:5f:0d:95:11:79:64:1b:26:e4:8a:96:b0:44:49:
48:e9:bd:cd:06:74:6e:19:0a:99:6c:c5:33:ad:f2:
5d:99:a9:f2:3c:7c:0a:bf:e1:91:be:d9:5b:10:d0:
62:11:9b:d6:5c:78:72:0f:45:4f:35:6f:d2:d0:a9:
b8:a2:a5:9c:c5:91:8a:ac:84:12:a8:03:d9:65:5e:
3d:a3:0d:5a:ec:2b:b2:de:20:71:3b:0a:13:0f:69:
72:2d:77:e1:ab:6e:3a:eb:ff:ba:fd:24:5b:14:86:
5d:24:ee:fe:50:40:e4:65:4c:90:fa:88:56:c1:dd:
23:b2:2a:5d:83:3d:b6:39:59:31:15:ac:aa:49:3a:
2f:0d:f5:66:a8:b4:de:67:15:7b:07:bd:98:f7:df:
10:75:a4:1f:04:c2:7a:07:93:ab:a5:1a:5c:2a:2f:
9e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:F5:5A:B4:C8:93:3C:12:7A:79:18:DF:AC:E7:E8:2A:B3:CC:6C:6A
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Y_VatMiTPBJ6eRjfrOfoKrPMbGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
11:ac:9f:35:06:5f:14:0c:fc:66:78:6f:3c:e8:8e:e3:fa:bd:
fb:4a:b3:36:bb:ff:4d:ff:57:3c:dc:4c:73:87:cb:a0:7b:2b:
27:9b:ba:56:fe:01:1d:c6:56:3d:0b:27:f1:1f:94:44:4e:c5:
a2:ba:25:18:ea:6a:b3:dc:cb:3f:1b:e0:1a:5f:f0:52:5e:3a:
28:af:5e:83:da:d1:d7:4d:19:43:99:5b:69:a7:28:5a:58:66:
82:5b:fc:c2:1b:cf:63:68:8f:24:c3:97:50:2b:82:75:78:42:
ca:55:91:60:bd:c9:17:b4:25:0f:2b:75:91:f7:85:f5:47:c5:
1b:e4:eb:e8:fa:8e:b9:05:80:e0:32:1b:89:c9:8a:ec:5b:5b:
5c:bc:a0:a2:a8:f5:a5:d6:85:4d:39:f2:f6:b0:09:f5:c6:e8:
5f:e5:44:02:e3:38:77:2d:dd:7a:88:28:30:59:a7:af:8d:b1:
7b:48:4c:9a:32:9c:35:47:e6:6f:d4:7d:4e:39:4d:01:94:ff:
07:f9:9a:ee:f4:bf:0f:58:74:c3:66:f8:50:f9:37:a3:9f:be:
95:d3:03:ca:7f:1d:42:02:36:df:6c:7b:4a:a7:ce:f3:77:9a:
05:71:38:d7:fb:6a:6c:0f:26:14:a0:5f:b6:4a:8d:2e:04:d5:
79:3f:16:47
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZKzk75ub4Ag8PlQDrp9dNCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQxMDIyMDkzNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2Y1NWFiNGM4OTMzYzEyN2E3OTE4ZGZhY2U3ZTgyYWIzY2M2YzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzr5/q2SS0bWzlmB+bwMDt8Jq008R
RbcekF3LlZS4la2LOdyftOVrrgFp5f53xm8tjjDg9hvxrQQycVn0hjJbRA0JQYTp
UbgMyhnAlncR0EhGBZANUhjFNHO3Xw2VEXlkGybkipawRElI6b3NBnRuGQqZbMUz
rfJdmanyPHwKv+GRvtlbENBiEZvWXHhyD0VPNW/S0Km4oqWcxZGKrIQSqAPZZV49
ow1a7Cuy3iBxOwoTD2lyLXfhq2466/+6/SRbFIZdJO7+UEDkZUyQ+ohWwd0jsipd
gz22OVkxFayqSTovDfVmqLTeZxV7B72Y998QdaQfBMJ6B5OrpRpcKi+e/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGP1WrTIkzwSenkY36zn6CqzzGxqMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvWV9WYXRNaVRQQko2ZVJqZnJPZm9LclBNYkdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQARrJ81Bl8UDPxmeG886I7j
+r37SrM2u/9N/1c83Exzh8ugeysnm7pW/gEdxlY9CyfxH5RETsWiuiUY6mqz3Ms/
G+AaX/BSXjoor16D2tHXTRlDmVtppyhaWGaCW/zCG89jaI8kw5dQK4J1eELKVZFg
vckXtCUPK3WR94X1R8Ub5Ovo+o65BYDgMhuJyYrsW1tcvKCiqPWl1oVNOfL2sAn1
xuhf5UQC4zh3Ld16iCgwWaevjbF7SEyaMpw1R+Zv1H1OOU0BlP8H+Zru9L8PWHTD
ZvhQ+Tejn76V0wPKfx1CAjbfbHtKp87zd5oFcTjX+2psDyYUoF+2So0uBNV5PxZH
-----END CERTIFICATE-----
Generated at Tue Oct 22 16:58:43 2024 by rpki-client on console-ams.rpki-client.org