Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/YfBfVkAMEN5pT3ixO62Ya8upnjc.roa
File: YfBfVkAMEN5pT3ixO62Ya8upnjc.roa (raw, json)
Hash identifier: jXLHMLQVn9hW/5a802Ua86Ju6oaxdoSn6DPXOwZvGls=
Subject key identifier: 61:F0:5F:56:40:0C:10:DE:69:4F:78:B1:3B:AD:98:6B:CB:A9:9E:37
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0192AF15D74E7851D199B55998FA01D5CEC0
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/YfBfVkAMEN5pT3ixO62Ya8upnjc.roa
Signing time: Mon 21 Oct 2024 12:38:17 +0000
ROA not before: Mon 21 Oct 2024 12:38:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204104
IP address blocks: 85.133.151.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 07:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:af:15:d7:4e:78:51:d1:99:b5:59:98:fa:01:d5:ce:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Oct 21 12:38:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61f05f56400c10de694f78b13bad986bcba99e37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:19:0f:d3:9f:ed:ea:41:9c:e2:63:df:fc:4a:
d1:d9:33:d4:97:b8:f8:b3:bb:09:e3:45:6b:68:18:
09:c3:9a:cc:58:19:8b:cc:90:2a:cc:88:50:33:5a:
92:22:31:2e:ad:11:4e:81:b4:8d:12:4c:c8:43:8d:
d8:18:74:71:0c:4d:43:33:50:25:12:dc:dd:58:e1:
32:a6:c4:58:49:52:68:01:b2:76:de:a1:c9:e4:bb:
af:48:69:42:db:5c:5a:df:31:aa:59:f5:0d:53:59:
04:e3:50:a5:25:f8:41:a5:6a:ae:02:ed:ed:01:ae:
95:ba:d4:63:82:51:23:bc:f2:48:d9:75:e8:b1:18:
bc:0a:dc:6f:13:32:a6:c3:24:cb:0b:42:c5:d5:6e:
28:5b:a6:81:8c:a6:b4:29:ee:cb:47:49:15:93:24:
19:d2:dc:8e:1d:cf:8c:db:b7:3d:71:43:d8:6c:75:
e2:ca:bf:b3:71:cb:75:05:a1:8f:d6:06:99:e1:b7:
57:f1:5a:be:7d:d8:29:9a:48:94:2e:72:5e:dc:87:
20:8f:74:04:49:d1:93:71:89:c8:11:38:fc:f5:6d:
e8:e3:24:35:af:a2:9c:c7:53:d5:43:24:89:6c:c4:
f8:23:f0:e1:9b:c0:cc:ff:64:a8:69:93:d1:09:e1:
5e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F0:5F:56:40:0C:10:DE:69:4F:78:B1:3B:AD:98:6B:CB:A9:9E:37
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/YfBfVkAMEN5pT3ixO62Ya8upnjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.151.0/24
85.133.166.0/24
85.133.194.0/24
Signature Algorithm: sha256WithRSAEncryption
09:25:5b:2f:bf:a5:bc:01:ee:36:62:d8:b8:a9:0b:7c:7e:0a:
77:e1:21:08:60:8e:ff:36:08:e3:cb:48:22:06:9e:42:85:06:
37:68:77:5b:5a:b7:9c:89:1e:71:c5:9c:a3:d4:23:13:8b:06:
92:57:3e:96:77:e0:4f:22:99:d5:9e:88:98:a2:47:3f:95:7a:
ce:05:f5:05:45:fa:b2:72:d1:3e:62:e7:86:d0:db:5e:d7:58:
70:fe:f7:50:11:20:e9:f4:bd:c2:ce:97:d2:27:c7:63:db:08:
d8:8d:31:66:ef:64:b5:90:81:dc:6a:05:12:db:af:60:d9:17:
86:ff:c8:89:5c:19:9d:23:b5:15:95:bb:6c:9c:49:44:6d:ac:
b7:81:6c:ee:f8:90:92:96:51:71:ed:fe:84:f9:65:ed:15:48:
37:99:b3:4b:11:ab:81:21:aa:21:58:0f:75:04:47:89:7d:b6:
d1:32:81:7a:ab:ee:b8:fc:0c:c9:6d:19:a4:aa:00:fd:82:ea:
c5:9e:c4:09:7c:f6:dd:90:c4:8b:d7:a5:65:63:5f:70:6a:50:
8f:9a:e9:c5:5c:d3:41:16:dd:4f:76:ba:65:2f:78:d5:0f:c1:
e2:5e:53:2a:7b:bf:fc:54:f7:c7:61:76:1d:38:de:99:02:f9:
58:30:11:b1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZKvFddOeFHRmbVZmPoB1c7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQxMDIxMTIzODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWYwNWY1NjQwMGMxMGRlNjk0Zjc4YjEzYmFkOTg2YmNiYTk5ZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphkP05/t6kGc4mPf/ErR2TPUl7j4
s7sJ40VraBgJw5rMWBmLzJAqzIhQM1qSIjEurRFOgbSNEkzIQ43YGHRxDE1DM1Al
EtzdWOEypsRYSVJoAbJ23qHJ5LuvSGlC21xa3zGqWfUNU1kE41ClJfhBpWquAu3t
Aa6VutRjglEjvPJI2XXosRi8CtxvEzKmwyTLC0LF1W4oW6aBjKa0Ke7LR0kVkyQZ
0tyOHc+M27c9cUPYbHXiyr+zcct1BaGP1gaZ4bdX8Vq+fdgpmkiULnJe3Icgj3QE
SdGTcYnIETj89W3o4yQ1r6Kcx1PVQySJbMT4I/Dhm8DM/2SoaZPRCeFeeQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGHwX1ZADBDeaU94sTutmGvLqZ43MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvWWZCZlZrQU1FTjVwVDNpeE82MllhOHVwbmpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVYWXAwQA
VYWmAwQAVYXCMA0GCSqGSIb3DQEBCwUAA4IBAQAJJVsvv6W8Ae42Yti4qQt8fgp3
4SEIYI7/Ngjjy0giBp5ChQY3aHdbWreciR5xxZyj1CMTiwaSVz6Wd+BPIpnVnoiY
okc/lXrOBfUFRfqyctE+YueG0Nte11hw/vdQESDp9L3CzpfSJ8dj2wjYjTFm72S1
kIHcagUS269g2ReG/8iJXBmdI7UVlbtsnElEbay3gWzu+JCSllFx7f6E+WXtFUg3
mbNLEauBIaohWA91BEeJfbbRMoF6q+64/AzJbRmkqgD9gurFnsQJfPbdkMSL16Vl
Y19walCPmunFXNNBFt1PdrplL3jVD8HiXlMqe7/8VPfHYXYdON6ZAvlYMBGx
-----END CERTIFICATE-----
Generated at Tue Oct 22 11:00:17 2024 by rpki-client on console-ams.rpki-client.org