Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/e_bzWm6rU8eyJUP0fGoO2x0lxsQ.roa
File: e_bzWm6rU8eyJUP0fGoO2x0lxsQ.roa (raw, json)
Hash identifier: A9b89MxBnb5pCyeem/kgOT/4L+9Z8+fif6zdkuw3C+M=
Subject key identifier: 7B:F6:F3:5A:6E:AB:53:C7:B2:25:43:F4:7C:6A:0E:DB:1D:25:C6:C4
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018B8061831C9E4B2C414256EF2EFA22386D
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/e_bzWm6rU8eyJUP0fGoO2x0lxsQ.roa
Signing time: Mon 30 Oct 2023 11:39:16 +0000
ROA not before: Mon 30 Oct 2023 11:39:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 85.133.174.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Nov 2023 11:36:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:61:83:1c:9e:4b:2c:41:42:56:ef:2e:fa:22:38:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Oct 30 11:39:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7bf6f35a6eab53c7b22543f47c6a0edb1d25c6c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1a:70:a2:b9:1c:d0:cc:10:d4:28:4e:51:a6:
9c:53:d7:50:01:c6:05:f8:a0:58:4a:07:b8:05:5c:
b3:38:10:9b:24:ec:9a:7f:48:40:3d:1c:87:d2:99:
c9:c1:ac:de:16:67:33:cf:60:66:e6:d8:05:02:60:
85:ff:fd:71:55:46:c6:d7:cc:0d:10:d5:78:68:cf:
29:94:62:fe:4d:94:ab:53:1d:62:59:cf:44:62:50:
95:a1:b9:4f:6d:45:1a:fe:dc:5e:8a:f6:50:56:58:
e7:f4:5f:01:15:16:4d:08:bc:1d:51:52:ff:a0:d8:
41:e5:9f:3d:7a:34:2b:a0:46:11:74:23:6e:b9:89:
14:3e:59:88:8b:84:bf:49:f7:3d:7b:c1:85:87:78:
7f:b8:16:2b:54:6b:c7:b7:d6:a5:88:d3:92:36:fd:
c7:c5:3a:73:d3:a2:22:29:ba:bb:1d:7a:aa:5e:8f:
06:bb:9b:4f:40:39:bd:e5:22:09:ad:42:c3:ad:31:
49:76:cc:96:60:1a:43:06:08:b0:31:3f:8d:b5:bb:
d2:51:07:70:b8:8d:48:39:37:c2:42:1c:d3:e7:70:
92:5d:c1:16:d4:e1:88:d2:3d:45:60:70:4f:df:80:
61:ab:58:d2:17:4d:57:96:31:e3:6e:48:7b:f8:09:
c9:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F6:F3:5A:6E:AB:53:C7:B2:25:43:F4:7C:6A:0E:DB:1D:25:C6:C4
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/e_bzWm6rU8eyJUP0fGoO2x0lxsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.137.0/24
85.133.146.0/24
85.133.153.0/24
85.133.156.0/24
85.133.160.0/23
85.133.174.0/24
85.133.178.0/23
85.133.208.0/24
85.133.215.0/24
Signature Algorithm: sha256WithRSAEncryption
81:d3:f0:2e:41:ab:04:21:31:1d:52:af:0f:2e:74:ce:07:84:
30:8c:80:79:a4:2e:8b:59:3a:02:45:8a:15:b9:0f:d9:6e:8b:
42:e7:10:af:a4:fe:de:13:65:55:67:2b:06:69:89:c2:f4:75:
ce:2c:6e:cc:a2:bf:61:61:77:d9:b4:b5:c9:a1:4e:35:c1:6c:
a2:43:46:33:73:27:8f:23:91:5f:46:2f:dd:87:e7:a2:e7:20:
7e:e8:4c:5d:6d:67:33:f7:fb:66:57:95:02:c2:db:54:ba:85:
fe:b1:df:08:20:c6:c9:de:4d:f7:c7:d3:88:99:5b:75:48:92:
8e:b4:50:97:39:bd:0b:8c:1a:69:53:68:09:44:84:1d:ca:d3:
67:25:51:3b:e7:68:c8:91:a7:e7:df:5c:d6:bc:71:ec:c1:6f:
56:e0:f7:36:69:c9:87:27:20:1c:0f:cc:3d:2d:1c:97:9f:b9:
5e:7e:1c:2d:12:cf:80:9d:18:dd:34:08:af:cb:f5:7d:8f:3e:
cb:8c:f7:38:6d:9b:17:33:a1:d1:25:08:32:7f:76:80:2d:86:
c5:f3:c1:ae:be:ca:46:86:bc:04:1d:34:e3:6a:06:d0:68:1e:
e3:71:ad:75:e6:dc:40:8e:6d:88:63:e2:09:cb:68:c7:83:6e:
a5:f1:be:21
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYuAYYMcnkssQUJW7y76IjhtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMxMDMwMTEzOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmY2ZjM1YTZlYWI1M2M3YjIyNTQzZjQ3YzZhMGVkYjFkMjVjNmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBpworkc0MwQ1ChOUaacU9dQAcYF
+KBYSge4BVyzOBCbJOyaf0hAPRyH0pnJwazeFmczz2Bm5tgFAmCF//1xVUbG18wN
ENV4aM8plGL+TZSrUx1iWc9EYlCVoblPbUUa/txeivZQVljn9F8BFRZNCLwdUVL/
oNhB5Z89ejQroEYRdCNuuYkUPlmIi4S/Sfc9e8GFh3h/uBYrVGvHt9aliNOSNv3H
xTpz06IiKbq7HXqqXo8Gu5tPQDm95SIJrULDrTFJdsyWYBpDBgiwMT+NtbvSUQdw
uI1IOTfCQhzT53CSXcEW1OGI0j1FYHBP34Bhq1jSF01XljHjbkh7+AnJqwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHv281puq1PHsiVD9HxqDtsdJcbEMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvZV9ieldtNnJVOGV5SlVQMGZHb08yeDBseHNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVYWJAwQA
VYWSAwQAVYWZAwQAVYWcAwQBVYWgAwQAVYWuAwQBVYWyAwQAVYXQAwQAVYXXMA0G
CSqGSIb3DQEBCwUAA4IBAQCB0/AuQasEITEdUq8PLnTOB4QwjIB5pC6LWToCRYoV
uQ/ZbotC5xCvpP7eE2VVZysGaYnC9HXOLG7Mor9hYXfZtLXJoU41wWyiQ0YzcyeP
I5FfRi/dh+ei5yB+6ExdbWcz9/tmV5UCwttUuoX+sd8IIMbJ3k33x9OImVt1SJKO
tFCXOb0LjBppU2gJRIQdytNnJVE752jIkafn31zWvHHswW9W4Pc2acmHJyAcD8w9
LRyXn7lefhwtEs+AnRjdNAivy/V9jz7LjPc4bZsXM6HRJQgyf3aALYbF88GuvspG
hrwEHTTjagbQaB7jca115txAjm2IY+IJy2jHg26l8b4h
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org