Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Z9nhxfNMuXgsU-EMv15tUnzw78w.roa
File: Z9nhxfNMuXgsU-EMv15tUnzw78w.roa (raw, json)
Hash identifier: UwatHfrtnZ7xz1iDBTLHWOi2vD88HqmrKxG+XlPUrwQ=
Subject key identifier: 67:D9:E1:C5:F3:4C:B9:78:2C:53:E1:0C:BF:5E:6D:52:7C:F0:EF:CC
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0192AF15D6A3EB2667D7C273D3BFB393817C
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Z9nhxfNMuXgsU-EMv15tUnzw78w.roa
Signing time: Mon 21 Oct 2024 12:38:16 +0000
ROA not before: Mon 21 Oct 2024 12:38:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.167.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.168.0/24 maxlen: 24
85.133.170.0/24 maxlen: 24
85.133.171.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.175.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.176.0/24 maxlen: 24
85.133.177.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.180.0/24 maxlen: 24
85.133.181.0/24 maxlen: 24
85.133.182.0/24 maxlen: 24
85.133.183.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.184.0/24 maxlen: 24
85.133.185.0/24 maxlen: 24
85.133.186.0/24 maxlen: 24
85.133.187.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.188.0/24 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.190.0/24 maxlen: 24
85.133.191.0/24 maxlen: 24
85.133.192.0/24 maxlen: 24
85.133.193.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.248.0/24 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/24 maxlen: 24
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 22 Oct 2024 07:36:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:af:15:d6:a3:eb:26:67:d7:c2:73:d3:bf:b3:93:81:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Oct 21 12:38:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67d9e1c5f34cb9782c53e10cbf5e6d527cf0efcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5b:10:0d:4b:83:43:e9:cc:d7:61:08:c1:b4:
3a:5b:d3:de:a6:b5:fe:70:f5:d5:49:93:44:a2:db:
e3:93:15:6f:58:9d:8e:13:94:92:6c:44:fa:b8:01:
9f:a6:49:d9:3d:d0:83:eb:3c:a3:5f:5e:9d:e9:e8:
08:2e:38:50:87:25:21:8b:39:e8:cd:12:db:e5:50:
01:de:82:fa:a6:c7:5b:41:18:ba:14:b4:82:10:f8:
0e:a8:a4:75:62:35:94:93:3b:c4:84:ef:5d:52:59:
a4:3c:02:bf:16:92:58:8c:a2:a2:ea:6a:37:3d:13:
65:f6:26:9e:c0:f7:56:1d:44:fd:98:51:b7:cf:8e:
86:c1:72:24:af:0e:19:0f:6a:62:26:95:90:c6:85:
b0:25:37:e1:ac:db:1a:59:9a:5f:25:e0:84:d3:9a:
b5:1d:da:12:63:44:1c:e5:b8:c1:9e:85:15:de:87:
ce:b7:77:5d:4c:f2:bb:61:66:99:84:b9:a4:11:fe:
66:e7:8a:73:64:91:3e:34:8d:04:89:93:4b:c1:d6:
33:b9:ed:94:ba:e0:a3:56:d3:f5:95:40:7b:fe:7c:
2c:de:5b:85:94:2c:f9:c0:6f:45:95:c1:8c:91:fd:
59:02:f6:b0:58:ed:59:04:c7:90:14:02:fe:94:18:
53:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D9:E1:C5:F3:4C:B9:78:2C:53:E1:0C:BF:5E:6D:52:7C:F0:EF:CC
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Z9nhxfNMuXgsU-EMv15tUnzw78w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
a3:cb:b8:77:5e:84:5e:88:1c:92:6d:3e:47:1f:bb:54:6f:c6:
3b:77:ca:79:1c:e5:ba:7e:b5:e4:e6:6c:5c:d1:a5:59:23:7a:
7e:ad:35:de:be:1a:a0:b2:7a:6f:b9:12:37:9d:a0:ad:7d:1f:
75:99:40:d8:95:e0:3b:59:bd:3f:5b:7a:f1:f6:89:01:43:7a:
c8:26:30:c1:d6:32:d6:22:75:ec:4a:4d:85:cc:4c:6a:b9:04:
8c:f0:c5:84:06:53:3c:37:41:0c:f9:ce:72:f9:44:97:cc:af:
e7:83:3d:98:0d:a1:ca:04:9b:ce:47:3d:f4:ba:46:90:79:48:
56:0e:24:1d:e4:e9:fc:1c:11:b6:bf:f9:d9:29:55:16:b6:c8:
c1:d7:03:f5:ef:f2:65:65:86:60:8d:36:1d:ff:1d:09:06:54:
54:75:4c:7f:a1:26:c4:db:27:88:8b:a6:25:dc:30:06:d4:c2:
17:f5:29:39:d6:0d:e5:14:2a:88:12:7e:98:21:91:25:f6:49:
6b:9a:bb:c8:0e:65:c7:d7:f4:d8:74:b7:68:3f:00:67:20:6b:
fb:09:d8:65:f4:ea:e2:92:19:fc:15:ed:22:bb:15:37:31:66:
a6:ff:ba:ef:3e:e1:dc:0c:26:d0:85:d3:f1:7d:7d:ae:d1:02:
de:c2:3b:28
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZKvFdaj6yZn18Jz07+zk4F8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQxMDIxMTIzODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2Q5ZTFjNWYzNGNiOTc4MmM1M2UxMGNiZjVlNmQ1MjdjZjBlZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFsQDUuDQ+nM12EIwbQ6W9PeprX+
cPXVSZNEotvjkxVvWJ2OE5SSbET6uAGfpknZPdCD6zyjX16d6egILjhQhyUhizno
zRLb5VAB3oL6psdbQRi6FLSCEPgOqKR1YjWUkzvEhO9dUlmkPAK/FpJYjKKi6mo3
PRNl9iaewPdWHUT9mFG3z46GwXIkrw4ZD2piJpWQxoWwJTfhrNsaWZpfJeCE05q1
HdoSY0Qc5bjBnoUV3ofOt3ddTPK7YWaZhLmkEf5m54pzZJE+NI0EiZNLwdYzue2U
uuCjVtP1lUB7/nws3luFlCz5wG9FlcGMkf1ZAvawWO1ZBMeQFAL+lBhT9wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGfZ4cXzTLl4LFPhDL9ebVJ88O/MMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvWjluaHhmTk11WGdzVS1FTXYxNXRVbnp3Nzh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQCjy7h3XoReiBySbT5HH7tU
b8Y7d8p5HOW6frXk5mxc0aVZI3p+rTXevhqgsnpvuRI3naCtfR91mUDYleA7Wb0/
W3rx9okBQ3rIJjDB1jLWInXsSk2FzExquQSM8MWEBlM8N0EM+c5y+USXzK/ngz2Y
DaHKBJvORz30ukaQeUhWDiQd5On8HBG2v/nZKVUWtsjB1wP17/JlZYZgjTYd/x0J
BlRUdUx/oSbE2yeIi6Yl3DAG1MIX9Sk51g3lFCqIEn6YIZEl9klrmrvIDmXH1/TY
dLdoPwBnIGv7Cdhl9Orikhn8Fe0iuxU3MWam/7rvPuHcDCbQhdPxfX2u0QLewjso
-----END CERTIFICATE-----
Generated at Tue Oct 22 10:09:30 2024 by rpki-client on console-fra.rpki-client.org