Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/dgh6VK6mjpbcpWMF8xYV42Iu9f0.roa
File: dgh6VK6mjpbcpWMF8xYV42Iu9f0.roa (raw, json)
Hash identifier: oawyaW4xKpGDcg5D4UFZFeBgMjy5JS663+WHTJeT3R8=
Subject key identifier: 76:08:7A:54:AE:A6:8E:96:DC:A5:63:05:F3:16:15:E3:62:2E:F5:FD
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0192B33486E418D7D946635BCAF94C4A78AB
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/dgh6VK6mjpbcpWMF8xYV42Iu9f0.roa
Signing time: Tue 22 Oct 2024 07:50:17 +0000
ROA not before: Tue 22 Oct 2024 07:50:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204104
IP address blocks: 85.133.151.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.194.0/24 maxlen: 24
85.133.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Oct 2024 16:15:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:34:86:e4:18:d7:d9:46:63:5b:ca:f9:4c:4a:78:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Oct 22 07:50:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76087a54aea68e96dca56305f31615e3622ef5fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7d:02:48:2b:45:da:ef:d1:66:5b:2e:a9:1a:
e8:62:40:28:84:6e:ca:03:8e:ce:05:7c:aa:45:66:
67:d5:d6:3c:20:aa:43:79:15:9c:0f:81:e8:3b:3e:
5c:bb:a6:ce:fc:a3:9c:9e:e8:76:3c:6e:d9:d1:2c:
bf:f3:bb:c6:76:da:26:21:80:0e:7d:29:73:87:28:
e1:9c:bd:f5:e3:2b:c4:7d:b0:29:cf:f3:e1:60:fe:
a6:88:8e:73:5f:5b:58:e0:6e:4f:04:0c:84:3a:0a:
d0:cf:b5:84:5e:5e:31:16:7c:26:5a:7f:17:c1:82:
c5:92:7d:b4:cb:f0:9d:ce:40:a6:88:22:80:23:9e:
d7:5b:21:23:82:25:6b:76:3b:ef:07:8c:5e:b3:c6:
23:35:7b:86:14:bc:65:e0:c2:95:fb:f9:8f:ad:e9:
43:07:8c:bc:02:c5:76:76:e7:45:1b:3e:29:4b:32:
fa:c4:2b:c1:a3:36:2e:ff:b0:37:dd:8e:f2:50:c5:
5a:33:18:1e:d7:a8:0b:15:bd:c4:f5:d1:7d:26:04:
86:67:69:cf:28:6a:76:7c:21:67:82:37:8b:94:da:
83:c1:15:07:ca:54:9d:ca:07:4e:b5:b1:a4:25:cb:
56:a1:1a:23:76:e4:7f:ae:99:ce:68:be:3a:bf:39:
3c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:08:7A:54:AE:A6:8E:96:DC:A5:63:05:F3:16:15:E3:62:2E:F5:FD
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/dgh6VK6mjpbcpWMF8xYV42Iu9f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.151.0/24
85.133.166.0/24
85.133.194.0/24
85.133.252.0/24
Signature Algorithm: sha256WithRSAEncryption
55:fb:74:f8:ef:e4:2d:e9:9d:90:4f:60:5a:d3:1c:e4:38:c6:
49:0c:5b:c8:13:3f:88:11:90:52:8b:16:20:c1:3b:bf:04:bb:
7f:48:6f:57:cc:ed:47:fe:05:35:c7:c9:93:74:20:04:28:77:
e7:f8:f2:55:51:67:13:af:3a:07:60:e7:fd:46:31:a9:e7:2e:
1a:92:72:b3:1b:bc:ba:08:fe:a5:af:35:38:ce:ce:61:78:1c:
4a:d2:78:82:24:b1:79:a9:5b:03:b2:15:27:2f:42:4a:b8:c0:
6e:89:73:42:a3:28:ba:72:88:0c:0f:6b:55:24:da:c1:23:0e:
e2:e4:ca:5c:8d:cd:2c:79:f2:b5:3b:cd:e3:bf:1a:fb:41:b6:
dc:7f:72:ee:7c:de:75:6b:82:18:0f:d9:b5:e3:4b:ae:aa:b7:
ea:27:d5:67:c7:af:29:92:cd:eb:70:70:41:fa:51:2c:ab:29:
9d:27:b8:06:83:81:fa:21:fc:57:1d:3e:ab:7f:81:6f:27:56:
33:f1:98:e1:9c:8f:5d:62:ef:01:f0:1a:9f:c1:d4:fd:91:fa:
17:49:a4:34:26:3f:c8:6c:92:5d:c6:bb:6b:50:61:cd:67:e9:
74:62:62:ef:b9:f2:ae:13:60:7a:a6:01:3d:05:6a:52:8b:14:
4b:37:c4:5f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZKzNIbkGNfZRmNbyvlMSnirMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQxMDIyMDc1MDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjA4N2E1NGFlYTY4ZTk2ZGNhNTYzMDVmMzE2MTVlMzYyMmVmNWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAun0CSCtF2u/RZlsuqRroYkAohG7K
A47OBXyqRWZn1dY8IKpDeRWcD4HoOz5cu6bO/KOcnuh2PG7Z0Sy/87vGdtomIYAO
fSlzhyjhnL314yvEfbApz/PhYP6miI5zX1tY4G5PBAyEOgrQz7WEXl4xFnwmWn8X
wYLFkn20y/CdzkCmiCKAI57XWyEjgiVrdjvvB4xes8YjNXuGFLxl4MKV+/mPrelD
B4y8AsV2dudFGz4pSzL6xCvBozYu/7A33Y7yUMVaMxge16gLFb3E9dF9JgSGZ2nP
KGp2fCFngjeLlNqDwRUHylSdygdOtbGkJctWoRojduR/rpnOaL46vzk8HwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHYIelSupo6W3KVjBfMWFeNiLvX9MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvZGdoNlZLNm1qcGJjcFdNRjh4WVY0Mkl1OWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVYWXAwQA
VYWmAwQAVYXCAwQAVYX8MA0GCSqGSIb3DQEBCwUAA4IBAQBV+3T47+Qt6Z2QT2Ba
0xzkOMZJDFvIEz+IEZBSixYgwTu/BLt/SG9XzO1H/gU1x8mTdCAEKHfn+PJVUWcT
rzoHYOf9RjGp5y4aknKzG7y6CP6lrzU4zs5heBxK0niCJLF5qVsDshUnL0JKuMBu
iXNCoyi6cogMD2tVJNrBIw7i5Mpcjc0sefK1O83jvxr7Qbbcf3LufN51a4IYD9m1
40uuqrfqJ9Vnx68pks3rcHBB+lEsqymdJ7gGg4H6IfxXHT6rf4FvJ1Yz8ZjhnI9d
Yu8B8BqfwdT9kfoXSaQ0Jj/IbJJdxrtrUGHNZ+l0YmLvufKuE2B6pgE9BWpSixRL
N8Rf
Generated at Wed Oct 23 18:06:43 2024 by rpki-client on console-fra.rpki-client.org