Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Yl0agLmYUpFz4mNliN8tB9eBN0c.roa
File: Yl0agLmYUpFz4mNliN8tB9eBN0c.roa (raw, json)
Hash identifier: Fs1Qn+PbNa3kSou0KllTn0oztV+vhIcCmDxHA9mMV9w=
Subject key identifier: 62:5D:1A:80:B9:98:52:91:73:E2:63:65:88:DF:2D:07:D7:81:37:47
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018B90008927B2E9DBEE5B32BCB42675F5CF
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Yl0agLmYUpFz4mNliN8tB9eBN0c.roa
Signing time: Thu 02 Nov 2023 12:27:15 +0000
ROA not before: Thu 02 Nov 2023 12:27:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.209.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 04 Nov 2023 08:35:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:90:00:89:27:b2:e9:db:ee:5b:32:bc:b4:26:75:f5:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Nov 2 12:27:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=625d1a80b998529173e2636588df2d07d7813747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:fa:e5:88:41:bf:43:cb:53:bb:3e:d5:c8:9e:
34:72:1a:c9:9d:21:64:4b:7c:05:3b:37:10:e7:d8:
ec:cc:b6:85:18:bb:73:14:88:9a:6e:36:96:8c:b6:
78:25:d8:04:a3:3f:f2:91:f3:35:15:31:2b:b3:c2:
a0:69:b0:93:d7:1e:92:78:53:2b:0b:c8:d0:2e:f8:
9b:67:54:7f:f9:ba:f2:4d:b8:d5:be:17:1f:5b:57:
58:11:42:8e:f3:51:94:58:2a:b2:a9:c4:81:11:d2:
cf:74:e6:53:77:8f:72:16:08:ca:c9:0c:4e:0f:89:
c3:ba:06:98:73:f2:eb:64:07:09:72:67:e9:d3:e6:
9a:33:3e:17:01:c3:df:27:6f:2b:b9:9e:ed:d1:ad:
07:a1:cb:8b:24:74:8c:4b:7b:9f:50:b7:2b:82:f4:
25:24:a3:5a:b9:59:3c:5c:c2:ad:c8:ce:08:3d:2c:
e3:0b:bb:16:72:d4:2b:c9:38:09:9e:06:62:39:bf:
af:ad:21:87:25:13:99:5c:da:ac:7c:bc:c9:c3:4d:
98:f3:19:9f:ee:e6:db:46:cc:78:51:47:f5:9c:a9:
f0:d2:8c:46:b3:a0:f0:fe:f2:23:ab:7a:e0:77:4b:
af:62:4b:c7:1f:c0:ef:c6:50:71:05:8a:ee:ea:9d:
fe:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:5D:1A:80:B9:98:52:91:73:E2:63:65:88:DF:2D:07:D7:81:37:47
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Yl0agLmYUpFz4mNliN8tB9eBN0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
13:ff:80:8f:82:9e:53:19:73:7c:9d:1d:91:4c:46:48:e4:e6:
a8:f7:d1:0e:1e:fa:72:f6:27:b5:c0:ef:25:d8:e7:5e:b1:5c:
79:72:f7:5e:db:ec:a6:e4:99:ae:38:23:bf:0f:a7:09:31:8e:
6b:66:18:16:e5:c4:82:b1:97:86:88:d8:49:03:9b:66:6a:93:
49:a7:34:30:2b:d2:5b:d7:f3:94:93:5f:90:bc:82:ad:19:b1:
e5:e6:69:c2:3d:86:c1:34:da:e4:19:39:83:e0:7a:f1:a7:d2:
c9:93:4e:da:b6:66:45:f9:6f:f7:a3:6a:59:99:3a:52:e9:4b:
68:1f:21:86:ec:d1:c7:08:6e:5f:e7:52:6a:37:45:bd:8c:1f:
83:27:f9:ff:d8:03:e9:a5:2a:66:5e:b1:64:d5:22:af:ef:d3:
b8:b6:03:49:20:75:46:07:c4:bc:3b:94:c4:55:35:fe:5e:ef:
28:ff:6e:c9:80:4e:ba:be:cd:5e:a7:32:c4:0b:7b:d9:1d:83:
fd:96:6e:22:ac:b5:ec:82:13:69:77:a0:4e:32:96:40:9f:76:
08:8a:32:66:8d:e1:36:b9:6f:c2:28:87:65:2c:23:53:47:b1:
dc:7f:c3:c9:ab:98:a7:d0:04:6d:81:04:e3:68:da:16:0e:d8:
53:77:59:80
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYuQAIknsunb7lsyvLQmdfXPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMxMTAyMTIyNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjVkMWE4MGI5OTg1MjkxNzNlMjYzNjU4OGRmMmQwN2Q3ODEzNzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPrliEG/Q8tTuz7VyJ40chrJnSFk
S3wFOzcQ59jszLaFGLtzFIiabjaWjLZ4JdgEoz/ykfM1FTErs8KgabCT1x6SeFMr
C8jQLvibZ1R/+bryTbjVvhcfW1dYEUKO81GUWCqyqcSBEdLPdOZTd49yFgjKyQxO
D4nDugaYc/LrZAcJcmfp0+aaMz4XAcPfJ28ruZ7t0a0HocuLJHSMS3ufULcrgvQl
JKNauVk8XMKtyM4IPSzjC7sWctQryTgJngZiOb+vrSGHJROZXNqsfLzJw02Y8xmf
7ubbRsx4UUf1nKnw0oxGs6Dw/vIjq3rgd0uvYkvHH8DvxlBxBYru6p3+AQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGJdGoC5mFKRc+JjZYjfLQfXgTdHMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvWWwwYWdMbVlVcEZ6NG1ObGlOOHRCOWVCTjBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQAT/4CPgp5TGXN8
nR2RTEZI5Oao99EOHvpy9ie1wO8l2OdesVx5cvde2+ym5JmuOCO/D6cJMY5rZhgW
5cSCsZeGiNhJA5tmapNJpzQwK9Jb1/OUk1+QvIKtGbHl5mnCPYbBNNrkGTmD4Hrx
p9LJk07atmZF+W/3o2pZmTpS6UtoHyGG7NHHCG5f51JqN0W9jB+DJ/n/2APppSpm
XrFk1SKv79O4tgNJIHVGB8S8O5TEVTX+Xu8o/27JgE66vs1epzLEC3vZHYP9lm4i
rLXsghNpd6BOMpZAn3YIijJmjeE2uW/CKIdlLCNTR7Hcf8PJq5in0ARtgQTjaNoW
DthTd1mA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org