Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/aoOgEaDSUmeoVFu-bQ1cIewmwVM.roa
File: aoOgEaDSUmeoVFu-bQ1cIewmwVM.roa (raw, json)
Hash identifier: JwbZxEbJ9yNdGFyAQSxFzUAPCit47WGYxlGh5EEda5Q=
Subject key identifier: 6A:83:A0:11:A0:D2:52:67:A8:54:5B:BE:6D:0D:5C:21:EC:26:C1:53
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0190412B8E79B7BA37006AACA7C108A0D11D
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/aoOgEaDSUmeoVFu-bQ1cIewmwVM.roa
Signing time: Sat 22 Jun 2024 18:18:11 +0000
ROA not before: Sat 22 Jun 2024 18:18:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.195.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.224.0/23 maxlen: 24
85.133.224.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 23 Jun 2024 15:18:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:41:2b:8e:79:b7:ba:37:00:6a:ac:a7:c1:08:a0:d1:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jun 22 18:18:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a83a011a0d25267a8545bbe6d0d5c21ec26c153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:53:98:89:32:f6:df:93:15:d7:50:57:e1:87:
03:a2:e9:d6:22:01:3a:0a:cc:20:bc:44:66:b0:de:
17:14:4a:ec:ff:34:ff:8e:bb:dd:4d:3b:8e:49:64:
69:da:4d:23:b4:04:1c:39:6b:e8:dc:46:03:aa:5a:
d1:37:2e:0b:62:f5:5b:a7:6f:b6:10:d6:bc:fa:60:
80:60:c7:ef:d0:37:94:b5:bd:8c:c3:87:d9:12:b8:
00:c4:2c:f1:d3:98:22:53:31:bd:8b:fe:27:16:2f:
80:0d:6e:7b:d0:74:9a:80:bd:87:52:30:70:b5:b6:
73:26:69:79:50:7c:9b:45:e3:1b:25:3c:27:4a:89:
12:b2:2c:57:d4:0b:a0:d3:12:5f:2e:84:57:4f:44:
3f:42:a3:56:03:f3:53:01:95:0c:ad:67:06:75:45:
e9:44:ec:8b:af:7a:15:1a:be:19:66:97:e1:10:fe:
13:53:f5:fe:77:cf:05:1f:ec:db:5c:dd:21:7f:65:
29:66:14:75:0d:02:3d:e0:a7:22:cb:bd:7f:cc:d8:
2c:cd:6e:14:03:d2:d1:ed:81:61:12:55:b8:86:d1:
f4:f9:91:78:79:36:3d:0b:19:30:13:60:79:8e:62:
58:22:db:4f:d3:e8:17:33:31:38:fb:05:02:1a:31:
e5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:83:A0:11:A0:D2:52:67:A8:54:5B:BE:6D:0D:5C:21:EC:26:C1:53
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/aoOgEaDSUmeoVFu-bQ1cIewmwVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.1.0-185.41.3.255
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
04:b2:91:4a:9a:90:8f:e0:59:b0:6a:ea:f7:1a:4c:be:44:6c:
27:e3:8d:1c:c3:95:3e:7d:03:9a:de:69:ea:c5:2c:e7:fd:be:
54:77:16:5b:f5:ff:85:08:a0:7c:12:ef:2d:a7:a7:a5:8e:f8:
da:f1:e5:f7:38:db:dd:f2:99:66:40:48:27:dc:25:eb:ff:95:
77:fc:fc:ba:cd:28:f0:7f:d4:b3:3f:22:66:70:c0:00:58:22:
b6:9b:3a:6e:2d:16:e3:0d:8d:5a:7e:40:49:51:9e:69:d7:32:
dd:d9:e5:21:54:9f:8a:b8:72:53:86:b6:79:fc:bb:d5:14:a0:
74:75:ee:77:0f:2d:4f:35:3e:ba:ff:5c:1e:47:a9:34:d2:26:
0f:d9:40:00:c2:36:26:1f:a3:59:0b:90:27:2c:83:61:29:7d:
ca:be:9c:98:bf:01:a1:1b:98:63:e9:d0:32:3c:06:09:e1:fe:
72:9f:9a:dc:4c:7d:b0:e8:00:fa:83:b8:0e:59:03:48:ed:f6:
f3:17:24:14:18:f1:86:40:8a:58:c1:28:93:69:b2:b1:cf:9f:
7a:ab:9a:4f:f3:69:e8:9f:42:1b:43:7c:a5:07:00:e6:9e:ba:
54:5f:83:e7:78:c4:da:26:b2:69:88:69:f8:05:28:94:de:5b:
d4:d0:1c:5f
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZBBK455t7o3AGqsp8EIoNEdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwNjIyMTgxODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTgzYTAxMWEwZDI1MjY3YTg1NDViYmU2ZDBkNWMyMWVjMjZjMTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lOYiTL235MV11BX4YcDounWIgE6
CswgvERmsN4XFErs/zT/jrvdTTuOSWRp2k0jtAQcOWvo3EYDqlrRNy4LYvVbp2+2
ENa8+mCAYMfv0DeUtb2Mw4fZErgAxCzx05giUzG9i/4nFi+ADW570HSagL2HUjBw
tbZzJml5UHybReMbJTwnSokSsixX1Aug0xJfLoRXT0Q/QqNWA/NTAZUMrWcGdUXp
ROyLr3oVGr4ZZpfhEP4TU/X+d88FH+zbXN0hf2UpZhR1DQI94Kciy71/zNgszW4U
A9LR7YFhElW4htH0+ZF4eTY9CxkwE2B5jmJYIttP0+gXMzE4+wUCGjHlJQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGqDoBGg0lJnqFRbvm0NXCHsJsFTMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvYW9PZ0VhRFNVbWVvVkZ1LWJRMWNJZXdtd1ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQHVYWAMAwD
BAC5KQEDBAK5KQAwDQQCAAIwBwMFAyoEh8AwDQYJKoZIhvcNAQELBQADggEBAASy
kUqakI/gWbBq6vcaTL5EbCfjjRzDlT59A5reaerFLOf9vlR3Flv1/4UIoHwS7y2n
p6WO+Nrx5fc4293ymWZASCfcJev/lXf8/LrNKPB/1LM/ImZwwABYIrabOm4tFuMN
jVp+QElRnmnXMt3Z5SFUn4q4clOGtnn8u9UUoHR17ncPLU81Prr/XB5HqTTSJg/Z
QADCNiYfo1kLkCcsg2Epfcq+nJi/AaEbmGPp0DI8Bgnh/nKfmtxMfbDoAPqDuA5Z
A0jt9vMXJBQY8YZAiljBKJNpsrHPn3qrmk/zaeifQhtDfKUHAOaeulRfg+d4xNom
smmIafgFKJTeW9TQHF8=
-----END CERTIFICATE-----
Generated at Sun Jun 23 19:21:43 2024 by rpki-client on console-ams.rpki-client.org