Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/brnUZaAPSEWJanbzlbptROzzY0o.roa
File: brnUZaAPSEWJanbzlbptROzzY0o.roa (raw, json)
Hash identifier: T7r6znVPEINNjd8JiBiIxxvXF+fieJaMmP7wSgNy8eU=
Subject key identifier: 6E:B9:D4:65:A0:0F:48:45:89:6A:76:F3:95:BA:6D:44:EC:F3:63:4A
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01887345763D545707F819B50B45810B81B6
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/brnUZaAPSEWJanbzlbptROzzY0o.roa
Signing time: Wed 31 May 2023 19:25:12 +0000
ROA not before: Wed 31 May 2023 19:25:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 85.133.205.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.233.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Jun 2023 09:33:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:73:45:76:3d:54:57:07:f8:19:b5:0b:45:81:0b:81:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: May 31 19:25:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6eb9d465a00f4845896a76f395ba6d44ecf3634a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6d:f0:59:84:1d:45:4d:4b:17:9d:9a:83:f2:
8f:df:8e:20:a4:f3:d1:5e:5d:34:3f:d8:7e:35:28:
39:6c:80:cc:e9:b5:81:65:8e:75:5d:61:54:b0:b2:
58:13:a6:a9:7e:b9:c9:2e:d2:e7:f0:aa:75:79:51:
2a:91:5b:24:8d:f8:87:b8:11:64:0e:c4:88:c3:9f:
ac:33:f1:61:8a:56:07:16:5c:13:25:d3:11:cc:84:
89:bf:a9:0c:d5:18:07:2a:65:e8:06:3f:13:cc:05:
aa:ae:a1:5a:86:fd:c6:ad:05:14:c1:4f:67:a6:81:
af:3b:4b:cf:e2:a6:03:e8:ce:b4:53:bb:44:8b:b4:
d2:42:fd:25:3f:77:fd:b9:7e:2c:72:dc:25:83:ae:
b8:db:7c:b3:82:80:b8:6e:e9:1e:62:bc:b1:c0:73:
82:2e:2a:b3:03:83:49:8b:8d:50:eb:15:86:f2:55:
64:25:29:46:34:82:d6:10:cc:66:73:c4:43:98:1b:
28:89:06:16:7b:58:be:09:64:41:af:1e:d4:18:c3:
04:ab:b0:8a:84:a9:55:ee:ef:04:fd:f1:36:40:cb:
a9:bd:b9:94:d8:66:db:d7:0b:18:c6:dc:7c:a6:ae:
ef:ca:09:ac:bd:b8:d3:e6:5b:53:5a:dc:4d:f3:07:
b4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:B9:D4:65:A0:0F:48:45:89:6A:76:F3:95:BA:6D:44:EC:F3:63:4A
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/brnUZaAPSEWJanbzlbptROzzY0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.160.0/23
85.133.205.0/24
85.133.208.0/24
85.133.233.0/24
Signature Algorithm: sha256WithRSAEncryption
59:80:d0:e0:10:cd:dd:72:ca:bd:28:f7:75:e5:18:15:88:24:
0d:3e:2f:be:ba:d1:ec:f7:3b:22:0c:0a:dc:cf:7e:2a:bb:ed:
88:16:91:0b:fc:05:f3:00:ac:6f:be:b3:b8:ce:c8:ca:31:aa:
ae:c4:bc:4b:42:23:c8:41:9b:7b:a4:3e:ba:39:96:91:d7:f5:
5e:c6:c4:a7:61:e0:ea:fc:03:40:1a:58:27:3a:8c:90:87:d3:
66:91:d0:5c:3c:78:40:be:c2:42:91:6a:b6:77:5f:9b:53:82:
25:3c:31:fd:e5:b6:71:e4:ca:a4:4d:f4:f2:ad:3b:a9:74:99:
00:f2:12:82:ad:99:95:8e:32:eb:3f:6e:b9:23:9a:0d:44:cd:
b0:61:7d:f8:7e:11:ae:16:2e:d9:e3:7f:6a:ee:5b:af:7a:93:
b5:97:04:f9:e1:e3:ac:08:78:dc:84:60:da:e6:dd:8b:e3:4b:
b1:cd:c2:a8:19:03:89:e5:11:68:0d:13:3d:0e:a8:97:65:e7:
61:fe:17:c7:2c:08:3c:35:b7:96:38:5f:fc:13:37:5c:9a:c5:
68:b6:63:1f:06:2e:29:07:06:e6:07:57:46:bb:98:7f:2e:22:
51:6f:be:4c:4f:7a:6c:a8:e5:51:97:69:2d:b4:20:af:0f:6f:
e1:a4:6c:3a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYhzRXY9VFcH+Bm1C0WBC4G2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNTMxMTkyNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWI5ZDQ2NWEwMGY0ODQ1ODk2YTc2ZjM5NWJhNmQ0NGVjZjM2MzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1m3wWYQdRU1LF52ag/KP344gpPPR
Xl00P9h+NSg5bIDM6bWBZY51XWFUsLJYE6apfrnJLtLn8Kp1eVEqkVskjfiHuBFk
DsSIw5+sM/FhilYHFlwTJdMRzISJv6kM1RgHKmXoBj8TzAWqrqFahv3GrQUUwU9n
poGvO0vP4qYD6M60U7tEi7TSQv0lP3f9uX4sctwlg66423yzgoC4bukeYryxwHOC
LiqzA4NJi41Q6xWG8lVkJSlGNILWEMxmc8RDmBsoiQYWe1i+CWRBrx7UGMMEq7CK
hKlV7u8E/fE2QMupvbmU2Gbb1wsYxtx8pq7vygmsvbjT5ltTWtxN8we0fQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG651GWgD0hFiWp285W6bUTs82NKMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvYnJuVVphQVBTRVdKYW5iemxicHRST3p6WTBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBVYWgAwQA
VYXNAwQAVYXQAwQAVYXpMA0GCSqGSIb3DQEBCwUAA4IBAQBZgNDgEM3dcsq9KPd1
5RgViCQNPi++utHs9zsiDArcz34qu+2IFpEL/AXzAKxvvrO4zsjKMaquxLxLQiPI
QZt7pD66OZaR1/VexsSnYeDq/ANAGlgnOoyQh9NmkdBcPHhAvsJCkWq2d1+bU4Il
PDH95bZx5MqkTfTyrTupdJkA8hKCrZmVjjLrP265I5oNRM2wYX34fhGuFi7Z439q
7luvepO1lwT54eOsCHjchGDa5t2L40uxzcKoGQOJ5RFoDRM9DqiXZedh/hfHLAg8
NbeWOF/8EzdcmsVotmMfBi4pBwbmB1dGu5h/LiJRb75MT3psqOVRl2kttCCvD2/h
pGw6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org