Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/bO7N-yRHO6U0-Q2naczmkL-fvtY.roa
File: bO7N-yRHO6U0-Q2naczmkL-fvtY.roa (raw, json)
Hash identifier: tGt1VcmE/HpeeIYhhjpgd/dv/Sy/GHgwGdMudpHUs0Q=
Subject key identifier: 6C:EE:CD:FB:24:47:3B:A5:34:F9:0D:A7:69:CC:E6:90:BF:9F:BE:D6
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0191FFEF748DA721EC1A924C9EEFEDFCF802
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/bO7N-yRHO6U0-Q2naczmkL-fvtY.roa
Signing time: Tue 17 Sep 2024 12:22:48 +0000
ROA not before: Tue 17 Sep 2024 12:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 01 Oct 2024 12:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:ef:74:8d:a7:21:ec:1a:92:4c:9e:ef:ed:fc:f8:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Sep 17 12:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ceecdfb24473ba534f90da769cce690bf9fbed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:57:e4:cf:6e:a6:6c:98:e4:f7:8d:61:e0:e0:
93:e0:70:b7:21:e4:ee:bd:2b:ba:9a:b4:64:dd:34:
97:b7:b0:07:b8:5d:18:10:b3:79:eb:1a:4b:bd:a9:
3b:09:c9:65:28:7f:45:16:a1:05:30:f4:1b:c0:2d:
d2:60:5c:66:6b:75:ec:be:cc:47:a4:16:6f:4e:e5:
49:11:fd:6b:0c:f2:88:9a:5b:e1:3c:3f:93:e9:a5:
a6:d8:0b:23:d1:ef:27:e7:99:a3:a7:41:4d:86:29:
54:00:c4:4f:fe:84:b8:d5:e1:3a:02:22:80:37:31:
bf:80:b0:df:a7:81:12:60:b8:ff:b1:42:cd:e0:94:
f7:e6:10:f6:14:15:da:b1:66:f3:9b:72:da:ed:10:
71:85:35:99:0b:57:99:1c:09:a0:6f:dc:12:ad:a9:
24:c2:82:06:b3:a3:da:50:ff:72:45:b8:54:47:65:
08:2c:58:c4:ea:d2:88:95:37:fa:65:07:08:56:2e:
c2:da:97:21:54:7b:c1:bc:4c:ab:16:bd:22:d1:40:
7d:e4:23:b5:2c:ab:3d:e4:e6:14:3a:0f:e6:5a:0c:
01:51:40:de:28:35:31:c8:12:5e:b5:03:72:48:8f:
bb:e3:ea:80:f9:de:3f:13:e6:84:e3:43:52:1d:5a:
8b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:EE:CD:FB:24:47:3B:A5:34:F9:0D:A7:69:CC:E6:90:BF:9F:BE:D6
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/bO7N-yRHO6U0-Q2naczmkL-fvtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
3e:77:8f:c9:15:f2:ec:db:4b:58:28:c9:c2:40:d1:16:f3:b9:
b3:40:75:55:8f:37:38:ba:c6:5f:e3:74:18:2c:b5:63:5a:14:
92:d2:07:38:d1:1b:0e:84:2b:11:06:da:39:61:db:a3:14:04:
f2:b2:c9:c4:26:38:6b:6d:55:03:78:89:b4:14:bf:7f:41:85:
d7:ed:a2:d4:cc:41:12:19:63:cf:f1:64:2d:7b:dd:38:01:5f:
51:40:4e:93:81:f8:bd:55:ed:f0:46:54:91:9c:0f:13:30:c8:
6d:e1:b0:f1:73:9f:4e:e3:79:d3:a3:2d:6d:93:eb:c1:01:29:
d9:d9:8c:fc:78:43:64:d3:4a:37:0e:08:91:ec:a9:79:fc:8a:
f2:76:fa:4a:7c:5a:60:53:e8:24:f1:37:81:2a:e9:80:c0:45:
55:4f:60:a7:a7:94:8c:97:15:f5:ca:5f:f1:44:03:56:3c:4a:
e1:ae:9f:e8:c1:55:13:76:0d:8a:74:02:19:31:e0:48:05:f6:
b4:8d:c6:45:c0:dd:34:02:f0:6e:b1:62:ae:7a:7a:33:cf:0b:
cc:c3:3e:9f:da:13:14:6b:e6:d2:8a:87:9d:9f:e2:ac:73:b4:
00:db:ec:36:42:95:cf:b5:32:e3:90:64:1f:85:b7:f2:c3:d1:
b2:91:57:f7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZH/73SNpyHsGpJMnu/t/PgCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwOTE3MTIyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2VlY2RmYjI0NDczYmE1MzRmOTBkYTc2OWNjZTY5MGJmOWZiZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlfkz26mbJjk941h4OCT4HC3IeTu
vSu6mrRk3TSXt7AHuF0YELN56xpLvak7CcllKH9FFqEFMPQbwC3SYFxma3XsvsxH
pBZvTuVJEf1rDPKImlvhPD+T6aWm2Asj0e8n55mjp0FNhilUAMRP/oS41eE6AiKA
NzG/gLDfp4ESYLj/sULN4JT35hD2FBXasWbzm3La7RBxhTWZC1eZHAmgb9wSrakk
woIGs6PaUP9yRbhUR2UILFjE6tKIlTf6ZQcIVi7C2pchVHvBvEyrFr0i0UB95CO1
LKs95OYUOg/mWgwBUUDeKDUxyBJetQNySI+74+qA+d4/E+aE40NSHVqLAwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGzuzfskRzulNPkNp2nM5pC/n77WMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvYk83Ti15UkhPNlUwLVEybmFjem1rTC1mdnRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQA+d4/JFfLs20tYKMnCQNEW
87mzQHVVjzc4usZf43QYLLVjWhSS0gc40RsOhCsRBto5YdujFATyssnEJjhrbVUD
eIm0FL9/QYXX7aLUzEESGWPP8WQte904AV9RQE6Tgfi9Ve3wRlSRnA8TMMht4bDx
c59O43nToy1tk+vBASnZ2Yz8eENk00o3DgiR7Kl5/IrydvpKfFpgU+gk8TeBKumA
wEVVT2Cnp5SMlxX1yl/xRANWPErhrp/owVUTdg2KdAIZMeBIBfa0jcZFwN00AvBu
sWKuenozzwvMwz6f2hMUa+bSioedn+Ksc7QA2+w2QpXPtTLjkGQfhbfyw9GykVf3
-----END CERTIFICATE-----
Generated at Tue Oct 1 13:52:16 2024 by rpki-client on console-fra.rpki-client.org