Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/bIVPsPjrcnf1N7umg2erdyRR78k.roa
File: bIVPsPjrcnf1N7umg2erdyRR78k.roa (raw, json)
Hash identifier: A1vEIqAXQ2+QJ9A7/kVFeMU/DhkuNR1Y4KkN4rvLwTQ=
Subject key identifier: 6C:85:4F:B0:F8:EB:72:77:F5:37:BB:A6:83:67:AB:77:24:51:EF:C9
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018B8AAB7BF550F64BF66C5CA8D11B1A54AF
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/bIVPsPjrcnf1N7umg2erdyRR78k.roa
Signing time: Wed 01 Nov 2023 11:36:16 +0000
ROA not before: Wed 01 Nov 2023 11:36:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213200
IP address blocks: 85.133.137.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8a:ab:7b:f5:50:f6:4b:f6:6c:5c:a8:d1:1b:1a:54:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Nov 1 11:36:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c854fb0f8eb7277f537bba68367ab772451efc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:10:3d:f6:58:92:27:59:c5:b2:e4:ad:aa:5b:
01:e1:e5:2a:f7:9a:d7:59:73:53:48:f3:16:27:4f:
5d:af:7d:bb:e6:a6:0b:d4:7e:27:35:1a:9d:64:18:
3e:1b:47:0c:22:c5:ca:83:12:a7:84:84:b3:60:ad:
3e:67:31:46:6d:fb:a6:03:5d:4c:e8:c1:7c:dc:b3:
c4:65:e6:68:68:e6:31:29:7f:5c:01:8d:ce:2b:d0:
ba:39:e1:ff:ac:d3:a5:7f:b7:dc:24:fc:44:38:a6:
de:ed:09:9c:c7:ec:d2:9a:10:14:b8:40:e0:91:11:
df:2c:e3:78:40:01:b8:57:f9:04:3b:0b:a7:fb:6c:
61:03:c2:7a:49:02:7e:14:da:2d:aa:40:9e:91:f2:
c9:af:ec:fc:73:5b:d7:b2:fc:f4:ec:7c:b9:fc:ec:
13:92:36:86:2b:93:8b:f2:ce:40:a1:76:48:d0:a4:
b9:04:ae:50:be:6c:f3:52:ae:3e:6b:9c:1b:0d:b3:
46:61:8c:b3:71:c3:01:d7:43:15:79:23:c6:43:2c:
fb:90:89:91:4a:83:e3:86:1f:7a:53:87:df:34:cd:
a0:79:dc:a6:0d:91:f6:ac:46:5c:89:95:e4:a5:d5:
5f:2f:e2:4a:d1:49:ae:01:8e:54:78:a2:f7:d1:44:
92:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:85:4F:B0:F8:EB:72:77:F5:37:BB:A6:83:67:AB:77:24:51:EF:C9
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/bIVPsPjrcnf1N7umg2erdyRR78k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.137.0/24
85.133.153.0/24
85.133.160.0/24
Signature Algorithm: sha256WithRSAEncryption
85:c3:25:d5:b1:8f:49:b6:8f:40:af:67:89:a4:3f:38:82:ea:
0d:38:1c:4a:4a:7b:7e:34:e9:d1:77:8c:f4:f1:f9:8a:68:ce:
f8:cc:d2:29:41:9e:d1:8a:f4:6a:b0:12:27:bb:74:e5:12:81:
3c:cb:83:8e:c7:d4:28:33:98:ab:fc:b7:73:05:02:50:01:b6:
d8:3c:45:cb:01:c1:98:67:d1:b9:6a:e7:1a:68:f1:15:44:6a:
34:45:85:bc:86:3c:99:49:12:3a:b2:b7:73:b2:45:a0:04:8c:
cc:36:dc:40:3d:8f:3f:38:d3:de:0a:37:8f:81:26:5a:c7:2f:
5b:dd:43:73:3e:e1:46:3e:c2:97:97:84:37:a5:0b:18:02:ef:
1c:49:4a:22:41:14:e4:8a:1e:e8:64:f0:9e:34:f9:c7:a1:2f:
b6:9d:0d:94:b4:14:3c:7e:fe:8d:ed:d6:75:30:46:d7:b4:1e:
9d:25:03:39:37:4b:5c:37:c4:22:9d:e9:16:5c:8e:1c:17:a8:
5e:d2:60:37:da:b6:d0:df:35:9b:80:24:60:4e:a9:72:ab:1c:
53:69:5e:9d:2c:f0:26:5c:1d:72:68:a8:dc:7e:82:9b:0a:52:
39:84:22:d7:e4:a8:b0:4d:7a:27:00:8f:6a:24:f5:33:17:dd:
53:a0:81:7c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYuKq3v1UPZL9mxcqNEbGlSvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMxMTAxMTEzNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzg1NGZiMGY4ZWI3Mjc3ZjUzN2JiYTY4MzY3YWI3NzI0NTFlZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBA99liSJ1nFsuStqlsB4eUq95rX
WXNTSPMWJ09dr3275qYL1H4nNRqdZBg+G0cMIsXKgxKnhISzYK0+ZzFGbfumA11M
6MF83LPEZeZoaOYxKX9cAY3OK9C6OeH/rNOlf7fcJPxEOKbe7Qmcx+zSmhAUuEDg
kRHfLON4QAG4V/kEOwun+2xhA8J6SQJ+FNotqkCekfLJr+z8c1vXsvz07Hy5/OwT
kjaGK5OL8s5AoXZI0KS5BK5QvmzzUq4+a5wbDbNGYYyzccMB10MVeSPGQyz7kImR
SoPjhh96U4ffNM2gedymDZH2rEZciZXkpdVfL+JK0UmuAY5UeKL30USSdwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGyFT7D463J39Te7poNnq3ckUe/JMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvYklWUHNQanJjbmYxTjd1bWcyZXJkeVJSNzhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVYWJAwQA
VYWZAwQAVYWgMA0GCSqGSIb3DQEBCwUAA4IBAQCFwyXVsY9Jto9Ar2eJpD84guoN
OBxKSnt+NOnRd4z08fmKaM74zNIpQZ7RivRqsBInu3TlEoE8y4OOx9QoM5ir/Ldz
BQJQAbbYPEXLAcGYZ9G5aucaaPEVRGo0RYW8hjyZSRI6srdzskWgBIzMNtxAPY8/
ONPeCjePgSZaxy9b3UNzPuFGPsKXl4Q3pQsYAu8cSUoiQRTkih7oZPCeNPnHoS+2
nQ2UtBQ8fv6N7dZ1MEbXtB6dJQM5N0tcN8QinekWXI4cF6he0mA32rbQ3zWbgCRg
TqlyqxxTaV6dLPAmXB1yaKjcfoKbClI5hCLX5KiwTXonAI9qJPUzF91ToIF8
-----END CERTIFICATE-----
Generated at Sat Nov 4 11:12:20 2023 by rpki-client on console-fra.rpki-client.org