Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Yj2ol97SI03E293QNJLPMD6Pix4.roa
File: Yj2ol97SI03E293QNJLPMD6Pix4.roa (raw, json)
Hash identifier: T2CuDJFdfxnIcjntA1pn2aTZK6wciRxNRKniZB72I20=
Subject key identifier: 62:3D:A8:97:DE:D2:23:4D:C4:DB:DD:D0:34:92:CF:30:3E:8F:8B:1E
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018CC793F3DCE19B28113CFAC18764AE438D
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Yj2ol97SI03E293QNJLPMD6Pix4.roa
Signing time: Tue 02 Jan 2024 00:30:11 +0000
ROA not before: Tue 02 Jan 2024 00:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211056
IP address blocks: 85.133.216.0/24 maxlen: 24
85.133.233.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.237.0/24 maxlen: 24
85.133.236.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Mar 2024 13:06:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:f3:dc:e1:9b:28:11:3c:fa:c1:87:64:ae:43:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 2 00:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=623da897ded2234dc4dbddd03492cf303e8f8b1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:cb:a7:8a:7a:3f:3d:d0:77:0e:7e:6e:38:e4:
6e:03:4d:b5:43:d5:e4:91:36:50:3e:a6:20:31:92:
5f:4e:61:14:e3:13:89:7d:ec:e1:fc:77:b5:a0:24:
5a:42:a1:12:2e:3f:6d:2b:24:24:7f:16:f0:fd:2c:
82:06:71:fe:49:77:67:ff:e0:ba:be:4a:4b:b7:b9:
41:11:e9:36:8f:58:cc:70:85:98:5c:d3:53:05:07:
27:70:5e:d4:66:5d:35:bf:1e:01:54:fc:4b:14:67:
ed:25:f3:be:a3:b7:bc:85:0f:94:b7:43:1d:e2:aa:
b6:98:3e:dd:5d:02:09:eb:5e:f7:d1:6f:43:cb:70:
b7:dc:8a:67:98:f0:ec:93:9b:1f:2d:c0:57:38:2d:
40:ec:d9:55:77:c9:b5:b1:5c:38:3c:ee:4a:f0:de:
76:a5:c4:97:88:83:29:ad:34:80:93:de:cb:bf:f5:
ff:da:ca:ab:18:9f:f4:87:58:9f:b7:49:8e:e6:b4:
3b:4e:e7:dd:14:bc:34:dd:94:e1:d4:a5:34:ab:2d:
3a:c4:9e:77:9a:8b:52:4f:55:07:dd:22:95:a4:dd:
a1:b0:16:98:3d:5d:0a:2d:b8:89:61:a2:14:a0:21:
55:4b:c3:e6:38:18:d8:28:51:a7:ed:87:a9:12:1e:
1b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:3D:A8:97:DE:D2:23:4D:C4:DB:DD:D0:34:92:CF:30:3E:8F:8B:1E
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Yj2ol97SI03E293QNJLPMD6Pix4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.216.0/24
85.133.233.0/24
85.133.236.0-85.133.238.255
85.133.253.0/24
Signature Algorithm: sha256WithRSAEncryption
49:46:73:94:ea:4a:1a:8d:86:d8:7a:36:7b:e3:4a:48:a7:1b:
b4:92:bf:fe:54:02:ea:11:38:85:8a:9e:c6:41:6f:f8:9c:9a:
2b:d9:b0:54:b4:43:b0:5e:0e:13:f0:14:d6:34:6a:8b:5e:a7:
0d:10:65:ad:92:54:86:bc:47:06:53:fe:55:dd:e4:18:9d:d1:
e7:88:a9:6f:74:0e:7a:fa:64:f6:9c:34:1d:f0:9e:76:0f:23:
c2:96:20:9d:e4:45:18:83:7f:c8:99:c3:03:20:f7:89:29:c0:
68:a2:7d:ac:ba:c0:ec:0b:41:88:e6:83:d5:d8:b4:7f:cf:50:
ef:ca:b4:ff:d2:26:3c:ea:e5:4c:8c:dc:ba:97:59:6b:d3:3c:
fe:03:07:12:8d:de:03:93:45:31:e6:d5:56:b9:8b:85:2c:7a:
f6:76:69:5a:66:51:5c:4e:79:e0:72:86:6c:39:b9:9d:48:21:
99:6c:09:27:a2:d9:c7:2d:fb:2a:02:43:6d:2f:fe:1e:43:8e:
c4:80:13:48:22:aa:d5:5c:ad:a4:1c:28:a0:a1:9f:bd:10:e5:
d5:bf:a4:7f:1d:da:6a:3b:d9:dc:c9:25:ab:41:b1:a4:81:0a:
1a:47:08:94:b3:c4:38:10:27:7e:97:a1:db:6e:47:cb:c5:72:
01:07:0c:f1
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzHk/Pc4ZsoETz6wYdkrkONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMTAyMDAzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjNkYTg5N2RlZDIyMzRkYzRkYmRkZDAzNDkyY2YzMDNlOGY4YjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sunino/PdB3Dn5uOORuA021Q9Xk
kTZQPqYgMZJfTmEU4xOJfezh/He1oCRaQqESLj9tKyQkfxbw/SyCBnH+SXdn/+C6
vkpLt7lBEek2j1jMcIWYXNNTBQcncF7UZl01vx4BVPxLFGftJfO+o7e8hQ+Ut0Md
4qq2mD7dXQIJ61730W9Dy3C33IpnmPDsk5sfLcBXOC1A7NlVd8m1sVw4PO5K8N52
pcSXiIMprTSAk97Lv/X/2sqrGJ/0h1ift0mO5rQ7TufdFLw03ZTh1KU0qy06xJ53
motST1UH3SKVpN2hsBaYPV0KLbiJYaIUoCFVS8PmOBjYKFGn7YepEh4bYQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGI9qJfe0iNNxNvd0DSSzzA+j4seMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvWWoyb2w5N1NJMDNFMjkzUU5KTFBNRDZQaXg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVYXYAwQA
VYXpMAwDBAJVhewDBABVhe4DBABVhf0wDQYJKoZIhvcNAQELBQADggEBAElGc5Tq
ShqNhth6NnvjSkinG7SSv/5UAuoROIWKnsZBb/icmivZsFS0Q7BeDhPwFNY0aote
pw0QZa2SVIa8RwZT/lXd5Bid0eeIqW90Dnr6ZPacNB3wnnYPI8KWIJ3kRRiDf8iZ
wwMg94kpwGiifay6wOwLQYjmg9XYtH/PUO/KtP/SJjzq5UyM3LqXWWvTPP4DBxKN
3gOTRTHm1Va5i4UsevZ2aVpmUVxOeeByhmw5uZ1IIZlsCSei2cct+yoCQ20v/h5D
jsSAE0giqtVcraQcKKChn70Q5dW/pH8d2mo72dzJJatBsaSBChpHCJSzxDgQJ36X
odtuR8vFcgEHDPE=
-----END CERTIFICATE-----
Generated at Fri Mar 29 18:00:35 2024 by rpki-client on console-fra.rpki-client.org