Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/d0RO6b_xrXX0aH7wYnSmFcR3dBw.roa
File: d0RO6b_xrXX0aH7wYnSmFcR3dBw.roa (raw, json)
Hash identifier: 5chnwsLla+GvdMQwJFt9Q0/vYNchYrxfLvDJhFQYMI0=
Subject key identifier: 77:44:4E:E9:BF:F1:AD:75:F4:68:7E:F0:62:74:A6:15:C4:77:74:1C
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018B5CA91113634F496BF2DF1EE0EEF2EB79
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/d0RO6b_xrXX0aH7wYnSmFcR3dBw.roa
Signing time: Mon 23 Oct 2023 13:11:05 +0000
ROA not before: Mon 23 Oct 2023 13:11:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.209.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5c:a9:11:13:63:4f:49:6b:f2:df:1e:e0:ee:f2:eb:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Oct 23 13:11:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77444ee9bff1ad75f4687ef06274a615c477741c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c0:c7:bb:ec:20:96:a5:02:a9:57:d5:80:28:
0d:39:39:f3:f4:81:fd:4f:9a:6c:c8:88:48:74:36:
4b:f8:a8:5c:c1:7c:dc:6d:71:f9:05:79:fe:8c:01:
f4:0e:49:4a:0e:c2:1f:75:97:41:e2:ed:f1:2c:89:
48:58:19:5d:b8:8f:0d:29:9e:9c:6d:a5:b2:3a:83:
85:d4:fc:f7:37:32:7d:12:ac:e3:a1:6d:5c:8c:96:
63:ec:b5:f7:f4:9b:ed:99:ea:ac:bb:66:54:61:46:
ca:22:af:1e:f3:cc:66:20:75:76:3b:06:b3:b4:f2:
2b:52:06:4b:d0:35:06:55:4a:27:35:c0:c4:fb:49:
6a:cf:2d:e2:d5:f2:3f:d7:57:28:42:28:39:78:b7:
37:fe:b1:ab:0e:0d:9f:4b:3c:1e:97:db:f9:24:02:
aa:3a:a1:b0:4a:38:63:9d:66:14:48:1c:2d:25:ab:
0d:c9:33:c7:62:0a:98:36:39:29:7c:5a:60:96:2b:
aa:83:f0:a7:cb:a5:a5:43:ee:eb:34:a0:dd:f3:55:
68:b6:72:e8:32:3b:0f:e1:fc:a9:47:2b:56:00:67:
79:95:54:c2:af:f6:2d:c9:3d:c4:01:2d:81:83:82:
53:dd:40:34:a7:72:cc:dc:73:87:de:6f:c6:f1:33:
ad:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:44:4E:E9:BF:F1:AD:75:F4:68:7E:F0:62:74:A6:15:C4:77:74:1C
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/d0RO6b_xrXX0aH7wYnSmFcR3dBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
16:24:a1:88:5b:e8:bd:d5:98:cf:e0:c5:3e:d0:a3:0a:10:d2:
ac:69:e4:c4:f4:5c:8c:8f:a0:6b:6c:06:c3:84:24:b7:ca:fb:
3b:95:fa:c9:bf:a9:f8:8a:ce:38:a8:ee:77:61:df:a0:c3:39:
79:c2:58:c0:f2:3a:12:bc:08:69:bb:1c:fc:5e:6a:14:5a:e2:
f5:eb:c8:f7:01:a6:b9:3f:35:6d:40:8e:bb:66:43:2a:9c:76:
e0:52:25:1b:c3:65:65:4c:01:ab:67:a7:a0:af:cc:c7:ab:7b:
db:64:02:0a:1f:66:45:7a:00:9a:5f:0b:24:d5:71:c2:48:10:
2c:21:c7:82:ed:57:76:43:18:d6:1e:a5:12:c5:01:3e:70:4d:
6c:e7:33:27:2b:6f:cd:d7:85:24:1d:55:c5:94:50:f2:24:69:
a8:fb:5e:ef:62:d9:d1:5e:25:c2:83:1a:72:fa:fe:a1:df:7b:
f0:ad:0c:3e:1f:8a:b6:19:8f:b2:9f:29:f5:b3:4f:02:ab:36:
e2:01:73:96:62:d0:67:e1:09:c3:fa:16:11:82:9c:c7:7d:a6:
78:0d:4f:8d:97:e7:b0:a5:49:a7:f1:a7:d1:ea:18:cd:f5:02:
b6:a1:21:4c:a6:ed:9b:9d:4d:4e:00:11:a9:85:9c:06:90:3c:
68:1d:4f:e3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYtcqRETY09Ja/LfHuDu8ut5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMxMDIzMTMxMTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzQ0NGVlOWJmZjFhZDc1ZjQ2ODdlZjA2Mjc0YTYxNWM0Nzc3NDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsDHu+wglqUCqVfVgCgNOTnz9IH9
T5psyIhIdDZL+KhcwXzcbXH5BXn+jAH0DklKDsIfdZdB4u3xLIlIWBlduI8NKZ6c
baWyOoOF1Pz3NzJ9EqzjoW1cjJZj7LX39Jvtmeqsu2ZUYUbKIq8e88xmIHV2Owaz
tPIrUgZL0DUGVUonNcDE+0lqzy3i1fI/11coQig5eLc3/rGrDg2fSzwel9v5JAKq
OqGwSjhjnWYUSBwtJasNyTPHYgqYNjkpfFpgliuqg/Cny6WlQ+7rNKDd81VotnLo
MjsP4fypRytWAGd5lVTCr/YtyT3EAS2Bg4JT3UA0p3LM3HOH3m/G8TOtowIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHdETum/8a119Gh+8GJ0phXEd3QcMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvZDBSTzZiX3hyWFgwYUg3d1luU21GY1IzZEJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQAWJKGIW+i91ZjP
4MU+0KMKENKsaeTE9FyMj6BrbAbDhCS3yvs7lfrJv6n4is44qO53Yd+gwzl5wljA
8joSvAhpuxz8XmoUWuL168j3Aaa5PzVtQI67ZkMqnHbgUiUbw2VlTAGrZ6egr8zH
q3vbZAIKH2ZFegCaXwsk1XHCSBAsIceC7Vd2QxjWHqUSxQE+cE1s5zMnK2/N14Uk
HVXFlFDyJGmo+17vYtnRXiXCgxpy+v6h33vwrQw+H4q2GY+ynyn1s08CqzbiAXOW
YtBn4QnD+hYRgpzHfaZ4DU+Nl+ewpUmn8afR6hjN9QK2oSFMpu2bnU1OABGphZwG
kDxoHU/j
-----END CERTIFICATE-----
Generated at Mon Oct 30 12:02:51 2023 by rpki-client on console-ams.rpki-client.org