Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/_4LEsxMxun-zURvhdQE2egXYUJY.roa
File: _4LEsxMxun-zURvhdQE2egXYUJY.roa (raw, json)
Hash identifier: 7Xj8zXyhW+f40OjJr+cSbbP1bNCTwkGZOo0Gy/Ax+Vo=
Subject key identifier: FF:82:C4:B3:13:31:BA:7F:B3:51:1B:E1:75:01:36:7A:05:D8:50:96
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0189A60AB7AB4ECDC4A47309BD8FD8ACD8E0
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/_4LEsxMxun-zURvhdQE2egXYUJY.roa
Signing time: Sun 30 Jul 2023 09:04:27 +0000
ROA not before: Sun 30 Jul 2023 09:04:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/22 maxlen: 22
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.209.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.226.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 30 Jul 2023 13:56:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a6:0a:b7:ab:4e:cd:c4:a4:73:09:bd:8f:d8:ac:d8:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jul 30 09:04:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff82c4b31331ba7fb3511be17501367a05d85096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a8:9f:1a:4f:f7:14:f0:26:ce:23:7d:d2:10:
bc:1f:fb:fc:a2:8f:83:dd:c0:bc:fc:c4:5a:7c:12:
a1:52:cd:ad:b4:3c:6e:a3:2e:2c:1d:cc:54:22:75:
61:53:e8:75:28:19:c2:31:0a:68:30:36:9a:6f:5a:
e2:4d:80:9f:5a:ad:4a:27:b1:59:9a:5b:c5:bd:b8:
df:0e:e8:2a:3c:a7:6c:6a:38:70:c7:85:36:30:0d:
64:68:47:af:e3:6f:e9:7c:40:2e:fc:c1:a1:33:5b:
3a:56:6a:b0:b7:be:ec:5b:e3:9d:48:d1:43:15:23:
e0:95:02:56:f7:51:cb:29:93:a9:d5:0c:c6:ab:76:
1b:dd:c4:34:89:08:ba:76:dd:b6:f0:ea:f1:22:7d:
d2:3a:8a:08:f6:17:0f:9c:0a:1f:03:63:c6:76:9e:
b6:e9:fd:b1:07:76:8d:a1:55:9f:dd:37:1e:6d:71:
68:1b:af:15:e2:58:53:cf:72:69:a6:8f:d7:d4:3e:
54:a1:56:5d:14:c1:2e:33:4c:97:3b:62:c5:a9:75:
81:4f:02:5f:bb:10:bf:72:b7:92:a9:c9:25:79:21:
8f:57:fe:7c:7f:97:9d:7c:72:ff:ec:30:1a:dd:48:
ef:d8:89:f4:10:15:40:7e:c9:f7:2c:a5:f3:55:af:
3f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:82:C4:B3:13:31:BA:7F:B3:51:1B:E1:75:01:36:7A:05:D8:50:96
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/_4LEsxMxun-zURvhdQE2egXYUJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
8c:10:ac:97:2d:44:33:3e:c8:4f:1e:89:e1:12:8b:bb:17:65:
cc:19:a9:92:be:e8:31:a8:aa:cd:2a:aa:43:15:56:c4:b0:4b:
e6:f3:44:bd:63:3e:00:1f:da:dd:9c:55:f5:39:99:4d:c3:2a:
3e:ea:c6:3e:94:f7:5a:99:ef:ce:08:bf:09:b7:a9:d3:67:aa:
04:d9:9f:09:71:1e:96:69:64:4b:3a:0d:c8:75:b9:ff:8c:e7:
49:56:95:5c:62:e2:41:7d:18:ab:e9:2c:88:58:24:b5:a9:7b:
1c:90:26:2e:06:8b:d9:1c:6d:ae:b7:28:62:e1:d6:16:79:62:
f0:ac:ae:51:b3:9a:1d:c9:18:07:21:e7:e2:22:3c:9f:2b:3d:
15:17:9e:69:c6:91:c6:84:21:3f:ec:83:40:7b:55:9e:49:a9:
54:9c:7e:fa:ff:16:11:5d:79:c3:0a:bd:b9:4a:9b:a6:2e:da:
2b:af:04:4e:df:ee:11:4c:16:14:de:cb:d4:60:8a:92:ea:26:
5d:df:7c:04:c6:c2:e6:5d:63:ec:c7:84:2c:78:75:37:4e:ea:
49:88:34:e0:7e:39:0f:3f:b7:7f:52:f8:dc:ee:9a:5e:7d:dc:
a1:53:e8:b3:4b:1b:f7:05:0f:33:c6:5c:3c:95:fb:7b:a8:35:
1c:7a:22:2c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYmmCrerTs3EpHMJvY/YrNjgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNzMwMDkwNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjgyYzRiMzEzMzFiYTdmYjM1MTFiZTE3NTAxMzY3YTA1ZDg1MDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6ifGk/3FPAmziN90hC8H/v8oo+D
3cC8/MRafBKhUs2ttDxuoy4sHcxUInVhU+h1KBnCMQpoMDaab1riTYCfWq1KJ7FZ
mlvFvbjfDugqPKdsajhwx4U2MA1kaEev42/pfEAu/MGhM1s6Vmqwt77sW+OdSNFD
FSPglQJW91HLKZOp1QzGq3Yb3cQ0iQi6dt228OrxIn3SOooI9hcPnAofA2PGdp62
6f2xB3aNoVWf3TcebXFoG68V4lhTz3Jppo/X1D5UoVZdFMEuM0yXO2LFqXWBTwJf
uxC/creSqckleSGPV/58f5edfHL/7DAa3Ujv2In0EBVAfsn3LKXzVa8/kwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFP+CxLMTMbp/s1Eb4XUBNnoF2FCWMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvXzRMRXN4TXh1bi16VVJ2aGRRRTJlZ1hZVUpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQCMEKyXLUQzPshP
HonhEou7F2XMGamSvugxqKrNKqpDFVbEsEvm80S9Yz4AH9rdnFX1OZlNwyo+6sY+
lPdame/OCL8Jt6nTZ6oE2Z8JcR6WaWRLOg3Idbn/jOdJVpVcYuJBfRir6SyIWCS1
qXsckCYuBovZHG2utyhi4dYWeWLwrK5Rs5odyRgHIefiIjyfKz0VF55pxpHGhCE/
7INAe1WeSalUnH76/xYRXXnDCr25SpumLtorrwRO3+4RTBYU3svUYIqS6iZd33wE
xsLmXWPsx4QseHU3TupJiDTgfjkPP7d/Uvjc7ppefdyhU+izSxv3BQ8zxlw8lft7
qDUceiIs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org