Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/bTmlnk-qhZIE8AdLn_BDCLVV4aU.roa
File: bTmlnk-qhZIE8AdLn_BDCLVV4aU.roa (raw, json)
Hash identifier: UitgRssOwE+tSQXKELTB3exve+Ms9+R+zwARIrOkFvo=
Subject key identifier: 6D:39:A5:9E:4F:AA:85:92:04:F0:07:4B:9F:F0:43:08:B5:55:E1:A5
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01896E642F4374FC21DA73DF119FA4BC7CEE
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/bTmlnk-qhZIE8AdLn_BDCLVV4aU.roa
Signing time: Wed 19 Jul 2023 13:43:26 +0000
ROA not before: Wed 19 Jul 2023 13:43:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204104
IP address blocks: 85.133.132.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.151.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Sep 2023 07:55:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6e:64:2f:43:74:fc:21:da:73:df:11:9f:a4:bc:7c:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jul 19 13:43:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d39a59e4faa859204f0074b9ff04308b555e1a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:46:bc:20:ce:4b:ee:e6:89:ff:1f:f7:51:c4:
bb:f0:eb:f4:e5:62:25:cd:d1:04:f4:3a:c0:5d:77:
3e:47:4b:d1:78:68:b9:0e:83:0e:a3:94:ea:8c:f6:
b4:c6:7b:8f:2c:fd:b0:01:2c:39:5c:b8:b1:dd:c6:
8f:67:49:d1:1f:02:5e:9f:f4:51:74:05:52:fc:e3:
9d:44:ed:b8:d0:16:bc:85:42:39:c1:c2:bb:83:bf:
e8:87:13:e1:18:45:3f:09:b2:68:6d:89:d9:2b:2d:
6a:41:aa:3b:79:17:2f:84:b7:d8:c5:94:3b:d7:9f:
e8:40:2a:cd:f1:5d:00:e0:93:01:7c:8a:b3:16:80:
c8:11:9e:54:9e:6e:3a:4d:10:25:0d:51:7b:8a:21:
32:74:f7:76:3c:50:1d:1f:ad:94:8b:2b:75:24:89:
64:20:2d:ed:74:7d:31:8e:2c:e3:63:12:fe:6a:46:
be:73:b4:72:b3:5f:96:8a:6f:4a:03:49:34:34:c0:
84:d4:a1:62:d7:68:64:13:8c:08:27:39:2d:05:43:
77:c2:9b:b1:b2:1a:9c:1d:1d:8e:3a:0d:0d:00:90:
c2:9c:4f:3e:ad:ab:93:e8:c6:06:37:cd:57:e6:50:
b6:04:2e:8a:a2:6a:04:25:08:81:5c:dd:f6:16:1d:
b8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:39:A5:9E:4F:AA:85:92:04:F0:07:4B:9F:F0:43:08:B5:55:E1:A5
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/bTmlnk-qhZIE8AdLn_BDCLVV4aU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.132.0/24
85.133.143.0/24
85.133.151.0/24
85.133.166.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:73:7d:13:ce:42:d3:e4:65:db:1d:70:98:9b:4a:e8:c3:0f:
8a:8d:db:6d:b4:4f:cb:5f:3a:43:7c:19:7c:b9:c1:ae:3d:48:
10:a9:b4:31:33:5f:25:60:95:b2:70:0b:74:5a:9a:88:cc:19:
cf:95:ce:6a:e1:bb:d4:ce:05:14:71:0f:dc:8b:c4:d1:66:a0:
a5:82:3d:0f:c2:d9:56:02:3e:ac:5e:ea:b4:a7:e4:c6:01:4e:
8c:83:f9:13:c4:a3:b9:a7:3c:0f:7d:d5:d0:60:b2:b5:e6:ee:
6a:40:66:12:04:f8:c6:ca:64:6f:15:e7:20:2b:09:90:cd:8e:
c4:4d:0c:40:4a:92:47:9b:11:4d:c9:87:fa:41:77:76:53:75:
ff:5f:d1:96:80:8a:0b:b1:dc:70:d3:3c:5b:87:c9:72:de:2d:
df:be:3c:00:66:8d:70:f6:fc:85:f9:71:05:b4:b0:74:7f:2a:
a2:10:ab:30:5c:8f:25:7d:ad:a0:43:e0:98:99:8c:1b:50:cf:
bd:e7:2e:62:a1:e8:b1:92:87:a4:28:7b:2e:ed:b2:92:f5:24:
91:fb:41:8c:3a:11:ce:d2:33:d9:dc:21:71:30:f5:37:55:38:
ce:5d:93:af:47:be:ff:8d:31:b9:06:7e:b9:e9:56:23:e4:df:
e6:6d:50:f3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYluZC9DdPwh2nPfEZ+kvHzuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNzE5MTM0MzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDM5YTU5ZTRmYWE4NTkyMDRmMDA3NGI5ZmYwNDMwOGI1NTVlMWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUa8IM5L7uaJ/x/3UcS78Ov05WIl
zdEE9DrAXXc+R0vReGi5DoMOo5TqjPa0xnuPLP2wASw5XLix3caPZ0nRHwJen/RR
dAVS/OOdRO240Ba8hUI5wcK7g7/ohxPhGEU/CbJobYnZKy1qQao7eRcvhLfYxZQ7
15/oQCrN8V0A4JMBfIqzFoDIEZ5Unm46TRAlDVF7iiEydPd2PFAdH62Uiyt1JIlk
IC3tdH0xjizjYxL+aka+c7Rys1+Wim9KA0k0NMCE1KFi12hkE4wIJzktBUN3wpux
shqcHR2OOg0NAJDCnE8+rauT6MYGN81X5lC2BC6KomoEJQiBXN32Fh24uQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG05pZ5PqoWSBPAHS5/wQwi1VeGlMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvYlRtbG5rLXFoWklFOEFkTG5fQkRDTFZWNGFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVYWEAwQA
VYWPAwQAVYWXAwQAVYWmMA0GCSqGSIb3DQEBCwUAA4IBAQCnc30TzkLT5GXbHXCY
m0roww+KjdtttE/LXzpDfBl8ucGuPUgQqbQxM18lYJWycAt0WpqIzBnPlc5q4bvU
zgUUcQ/ci8TRZqClgj0PwtlWAj6sXuq0p+TGAU6Mg/kTxKO5pzwPfdXQYLK15u5q
QGYSBPjGymRvFecgKwmQzY7ETQxASpJHmxFNyYf6QXd2U3X/X9GWgIoLsdxw0zxb
h8ly3i3fvjwAZo1w9vyF+XEFtLB0fyqiEKswXI8lfa2gQ+CYmYwbUM+95y5ioeix
koekKHsu7bKS9SSR+0GMOhHO0jPZ3CFxMPU3VTjOXZOvR77/jTG5Bn656VYj5N/m
bVDz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org