Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/cv0hcgNumEmMPvu8QoPYamXvE0E.roa
File: cv0hcgNumEmMPvu8QoPYamXvE0E.roa (raw, json)
Hash identifier: +UokqvH0rrZ49vk9Rdg0PhKjhSr37kVtTmBn6mICagM=
Subject key identifier: 72:FD:21:72:03:6E:98:49:8C:3E:FB:BC:42:83:D8:6A:65:EF:13:41
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01916078172861A451583967DAAF31304AAD
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/cv0hcgNumEmMPvu8QoPYamXvE0E.roa
Signing time: Sat 17 Aug 2024 13:12:48 +0000
ROA not before: Sat 17 Aug 2024 13:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 18 Aug 2024 14:46:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:60:78:17:28:61:a4:51:58:39:67:da:af:31:30:4a:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Aug 17 13:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72fd2172036e98498c3efbbc4283d86a65ef1341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9c:96:19:cd:d1:1f:b1:07:a1:7a:5c:d2:30:
26:b7:ff:36:30:44:a0:a5:8a:8a:f9:f1:e1:57:4b:
20:02:73:56:e7:7f:ed:68:0d:d5:00:0c:14:cb:a6:
45:c2:ca:a5:26:4f:a5:fc:7e:30:fe:1d:58:e3:64:
25:81:05:4e:ad:69:76:f7:65:03:2f:e7:7b:ca:f4:
b6:af:63:26:a1:77:12:49:6c:a0:87:2a:ac:e1:17:
3d:94:f6:60:4f:1e:3a:33:4b:d3:f9:71:05:3b:bc:
83:f2:ea:fa:08:b5:2c:4c:2c:1f:07:91:0c:c5:b5:
eb:a7:ad:05:6c:22:c9:70:f1:1b:af:85:b3:ff:72:
68:f6:64:72:c6:dc:64:63:f8:57:2b:29:2f:c9:f0:
d6:c7:c5:c6:f5:09:83:d1:f8:19:86:b5:82:71:61:
62:2e:47:38:dd:15:51:a0:3c:40:e4:80:b8:16:83:
37:09:8c:02:9e:98:0c:7a:46:90:ea:bd:da:47:b7:
dd:2c:1d:e7:87:75:77:3b:12:cc:6c:29:45:8a:7d:
f9:69:b0:12:a1:7b:06:71:a7:da:73:7b:07:d7:11:
67:3b:b5:a6:5f:9e:49:2e:d7:b3:37:64:75:72:8c:
57:86:c5:f9:0b:d1:6a:22:de:78:11:80:7b:21:56:
d8:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:FD:21:72:03:6E:98:49:8C:3E:FB:BC:42:83:D8:6A:65:EF:13:41
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/cv0hcgNumEmMPvu8QoPYamXvE0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.1.0-185.41.3.255
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
34:e7:5d:4a:79:63:09:ed:56:a5:98:e1:1e:da:08:b1:49:af:
89:4a:22:50:a3:e0:ee:ac:e5:2e:40:2f:a9:6e:dd:4e:96:ea:
63:35:d3:3b:74:54:2e:f2:b8:00:18:42:45:bb:32:2c:9d:c2:
33:24:9e:7e:67:8b:90:01:17:94:32:d3:6f:1a:44:7c:ea:7f:
7a:6c:78:9e:7b:96:9d:1d:c1:33:9f:2b:12:c8:50:1e:c9:0a:
93:34:5d:d2:db:91:83:f7:f3:ef:bb:bc:a2:59:07:e9:57:5f:
43:be:62:d5:0a:5d:b7:b0:f4:71:a7:95:aa:a5:94:b3:e5:78:
89:5f:f6:04:de:2f:96:8d:e0:34:ed:d4:a1:41:d2:98:12:95:
8b:9c:23:2c:77:41:2a:45:40:24:ae:16:9e:b6:f2:6c:23:06:
12:d0:57:0a:36:1b:9f:84:43:70:6a:47:38:a3:28:b8:5e:e0:
02:1f:6c:c4:06:5b:0b:84:51:c6:7e:87:cc:f4:ea:a8:41:77:
8a:57:6f:c1:6c:75:e5:67:56:80:c5:3f:64:df:8c:21:57:1f:
2e:b9:69:37:2f:e2:ef:6b:81:87:0d:58:eb:8c:b8:aa:59:51:
9a:cd:0b:30:45:10:e2:a3:db:79:f6:eb:b5:d5:2c:78:20:cf:
9a:b8:89:0c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZFgeBcoYaRRWDln2q8xMEqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwODE3MTMxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmZkMjE3MjAzNmU5ODQ5OGMzZWZiYmM0MjgzZDg2YTY1ZWYxMzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5yWGc3RH7EHoXpc0jAmt/82MESg
pYqK+fHhV0sgAnNW53/taA3VAAwUy6ZFwsqlJk+l/H4w/h1Y42QlgQVOrWl292UD
L+d7yvS2r2MmoXcSSWyghyqs4Rc9lPZgTx46M0vT+XEFO7yD8ur6CLUsTCwfB5EM
xbXrp60FbCLJcPEbr4Wz/3Jo9mRyxtxkY/hXKykvyfDWx8XG9QmD0fgZhrWCcWFi
Lkc43RVRoDxA5IC4FoM3CYwCnpgMekaQ6r3aR7fdLB3nh3V3OxLMbClFin35abAS
oXsGcafac3sH1xFnO7WmX55JLtezN2R1coxXhsX5C9FqIt54EYB7IVbYMQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHL9IXIDbphJjD77vEKD2Gpl7xNBMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvY3YwaGNnTnVtRW1NUHZ1OFFvUFlhbVh2RTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQHVYWAMAwD
BAC5KQEDBAK5KQAwDQQCAAIwBwMFAyoEh8AwDQYJKoZIhvcNAQELBQADggEBADTn
XUp5YwntVqWY4R7aCLFJr4lKIlCj4O6s5S5AL6lu3U6W6mM10zt0VC7yuAAYQkW7
MiydwjMknn5ni5ABF5Qy028aRHzqf3pseJ57lp0dwTOfKxLIUB7JCpM0XdLbkYP3
8++7vKJZB+lXX0O+YtUKXbew9HGnlaqllLPleIlf9gTeL5aN4DTt1KFB0pgSlYuc
Iyx3QSpFQCSuFp628mwjBhLQVwo2G5+EQ3BqRzijKLhe4AIfbMQGWwuEUcZ+h8z0
6qhBd4pXb8FsdeVnVoDFP2TfjCFXHy65aTcv4u9rgYcNWOuMuKpZUZrNCzBFEOKj
23n267XVLHggz5q4iQw=
-----END CERTIFICATE-----
Generated at Sun Aug 18 17:27:30 2024 by rpki-client on console-fra.rpki-client.org