Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/_hZDmvYxjRqti7hYu4IpbDYhwY8.roa
File: _hZDmvYxjRqti7hYu4IpbDYhwY8.roa (raw, json)
Hash identifier: Sak0XPb5QzB/LGOTGnLefyuMRWmxnt+3LOlimmvVxJs=
Subject key identifier: FE:16:43:9A:F6:31:8D:1A:AD:8B:B8:58:BB:82:29:6C:36:21:C1:8F
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018F06202F9F9DD2F92AA9D06C1917FCCF36
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/_hZDmvYxjRqti7hYu4IpbDYhwY8.roa
Signing time: Mon 22 Apr 2024 14:05:23 +0000
ROA not before: Mon 22 Apr 2024 14:05:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 85.133.174.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Apr 2024 08:27:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:06:20:2f:9f:9d:d2:f9:2a:a9:d0:6c:19:17:fc:cf:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Apr 22 14:05:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe16439af6318d1aad8bb858bb82296c3621c18f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:32:b4:ae:c7:1c:1a:ea:91:f2:f6:f8:12:c9:
d0:e8:73:31:21:e3:fa:cc:53:ed:9a:cf:f4:94:01:
6a:95:8b:38:a8:6d:c3:d7:a8:59:65:9a:01:61:eb:
f2:d8:f3:0e:c7:3b:32:ce:d7:ce:7c:1e:77:4c:22:
0f:71:86:bd:8e:85:ba:d0:15:65:8f:12:39:8d:ba:
33:58:db:70:1c:f6:a2:17:1f:54:fb:10:e3:06:67:
61:a7:ef:e1:89:ed:04:1e:05:27:5f:ec:48:08:28:
62:bb:77:a6:1f:13:c2:81:05:5f:36:b1:48:04:46:
d2:f4:fc:88:e5:64:1c:6c:16:ec:99:56:29:4e:64:
b4:41:f6:2c:a5:2c:0a:fe:b3:c5:90:38:d2:a9:d0:
d8:cc:5b:10:2f:98:4b:3a:5c:85:8e:ac:36:fa:b1:
73:dd:0e:d8:b3:80:3e:55:0f:ee:0a:8f:99:a2:e0:
84:24:c2:76:fc:1c:17:cb:fd:8a:49:ef:3a:4a:57:
1f:3d:b5:ae:e6:f6:f7:79:fd:81:ee:08:cd:08:2b:
31:38:fe:bf:11:8f:68:d8:63:7e:69:bb:fc:91:58:
12:55:80:0d:bc:f3:b1:0c:f2:df:da:dd:5b:c2:79:
1c:c9:5b:6f:c5:84:35:d6:8d:f6:5e:17:bc:ad:02:
43:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:16:43:9A:F6:31:8D:1A:AD:8B:B8:58:BB:82:29:6C:36:21:C1:8F
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/_hZDmvYxjRqti7hYu4IpbDYhwY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.174.0/24
85.133.205.0/24
85.133.208.0/24
85.133.215.0/24
85.133.217.0-85.133.219.255
85.133.227.0-85.133.228.255
Signature Algorithm: sha256WithRSAEncryption
6d:ef:99:7b:b6:d3:6f:b1:38:e6:93:28:62:c4:49:96:83:38:
61:6a:dd:13:53:b8:89:d7:18:e3:09:4f:8f:d9:38:50:30:04:
62:34:91:1f:28:d6:c7:a9:3b:11:b1:ce:c1:1e:34:d0:49:42:
18:d5:70:28:0d:fa:d1:82:e1:f7:dd:75:30:04:b1:3a:1d:a5:
e5:8b:f8:8d:7b:ed:f1:9d:c8:c0:03:ca:d5:59:9c:08:5b:58:
2c:87:66:5f:27:44:1b:a4:d6:b7:e3:5d:e7:76:8e:92:f7:02:
4a:e7:08:19:37:6b:75:6a:55:98:1c:a7:74:f6:b4:5c:3c:6b:
13:09:99:f0:08:23:b1:ef:1d:4c:90:5d:36:7a:f8:57:e3:b5:
f8:91:2e:3d:ed:cc:91:08:af:09:00:42:05:fa:8e:a5:a2:99:
cd:c1:20:78:59:94:d3:df:58:a0:6d:68:5a:7d:45:6d:87:89:
76:ba:6f:95:ed:1a:72:58:ab:dd:a6:05:f6:ce:c6:a0:0e:55:
a6:f5:51:43:fa:16:f7:e4:c3:3a:2c:86:54:fc:01:57:89:2d:
50:8a:c8:8d:8e:73:d6:99:9b:bd:2c:aa:cf:4a:73:39:67:ba:
3f:14:52:ce:c2:5b:27:63:27:db:d5:bb:a6:e6:7d:28:17:bc:
70:87:ad:b6
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY8GIC+fndL5KqnQbBkX/M82MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwNDIyMTQwNTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTE2NDM5YWY2MzE4ZDFhYWQ4YmI4NThiYjgyMjk2YzM2MjFjMThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTK0rsccGuqR8vb4EsnQ6HMxIeP6
zFPtms/0lAFqlYs4qG3D16hZZZoBYevy2PMOxzsyztfOfB53TCIPcYa9joW60BVl
jxI5jbozWNtwHPaiFx9U+xDjBmdhp+/hie0EHgUnX+xICChiu3emHxPCgQVfNrFI
BEbS9PyI5WQcbBbsmVYpTmS0QfYspSwK/rPFkDjSqdDYzFsQL5hLOlyFjqw2+rFz
3Q7Ys4A+VQ/uCo+ZouCEJMJ2/BwXy/2KSe86SlcfPbWu5vb3ef2B7gjNCCsxOP6/
EY9o2GN+abv8kVgSVYANvPOxDPLf2t1bwnkcyVtvxYQ11o32Xhe8rQJDGQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFP4WQ5r2MY0arYu4WLuCKWw2IcGPMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvX2haRG12WXhqUnF0aTdoWXU0SXBiRFlod1k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQAVYWuAwQA
VYXNAwQAVYXQAwQAVYXXMAwDBABVhdkDBAJVhdgwDAMEAFWF4wMEAFWF5DANBgkq
hkiG9w0BAQsFAAOCAQEAbe+Ze7bTb7E45pMoYsRJloM4YWrdE1O4idcY4wlPj9k4
UDAEYjSRHyjWx6k7EbHOwR400ElCGNVwKA360YLh9911MASxOh2l5Yv4jXvt8Z3I
wAPK1VmcCFtYLIdmXydEG6TWt+Nd53aOkvcCSucIGTdrdWpVmByndPa0XDxrEwmZ
8Agjse8dTJBdNnr4V+O1+JEuPe3MkQivCQBCBfqOpaKZzcEgeFmU099YoG1oWn1F
bYeJdrpvle0aclir3aYF9s7GoA5VpvVRQ/oW9+TDOiyGVPwBV4ktUIrIjY5z1pmb
vSyqz0pzOWe6PxRSzsJbJ2Mn29W7puZ9KBe8cIettg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org