Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/fdr67Bq5LGpk5_JWzOPeIFO4RgI.roa
File: fdr67Bq5LGpk5_JWzOPeIFO4RgI.roa (raw, json)
Hash identifier: n0QxcZrPOSKyKod77IKHkYLjxnI8Lz5YFfjhL9Zf/sE=
Subject key identifier: 7D:DA:FA:EC:1A:B9:2C:6A:64:E7:F2:56:CC:E3:DE:20:53:B8:46:02
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018858BE4590B4EE674DDC934326592BCA9D
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/fdr67Bq5LGpk5_JWzOPeIFO4RgI.roa
Signing time: Fri 26 May 2023 15:47:24 +0000
ROA not before: Fri 26 May 2023 15:47:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57142
IP address blocks: 85.133.174.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:58:be:45:90:b4:ee:67:4d:dc:93:43:26:59:2b:ca:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: May 26 15:47:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ddafaec1ab92c6a64e7f256cce3de2053b84602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4d:97:c3:20:12:8a:b4:b0:42:3f:36:ce:42:
ec:49:1b:35:7f:66:13:cc:42:9c:1e:94:75:11:19:
26:16:8c:f0:d0:d4:0b:92:f1:f7:ac:44:a2:90:5d:
af:24:1f:b4:d8:53:3d:15:f5:b4:01:91:a4:60:b3:
6e:64:ce:a8:e8:59:4e:dc:89:98:63:6e:fa:5c:41:
3f:2d:34:19:20:21:3c:b7:2c:11:ca:26:87:f7:6b:
92:02:95:66:6b:7f:3e:d1:a4:53:76:63:34:1d:e7:
9f:53:68:95:ed:d3:21:62:82:e5:cb:69:8c:36:e0:
01:d6:a3:be:07:b1:8f:5d:c2:b9:c8:ca:4d:7a:e7:
d2:8c:e7:89:dc:84:79:c0:e8:83:05:45:0b:9e:d6:
98:e9:2e:68:07:4a:f5:20:8e:81:c2:62:e0:7b:43:
71:a6:37:2e:68:7e:65:ab:1a:31:db:67:de:8a:91:
1d:28:e1:87:70:78:ca:77:5b:69:12:d8:28:30:3e:
fc:5d:a9:31:1c:02:2e:14:a0:c8:73:98:82:15:ff:
11:f9:54:be:8d:a6:5a:44:57:26:67:1a:ed:57:74:
28:97:d7:81:a6:19:83:24:b3:78:8c:4b:2f:46:fd:
4b:fc:c4:f6:c8:5e:20:79:6a:7b:0d:27:f3:4f:9c:
24:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:DA:FA:EC:1A:B9:2C:6A:64:E7:F2:56:CC:E3:DE:20:53:B8:46:02
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/fdr67Bq5LGpk5_JWzOPeIFO4RgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.143.0/24
85.133.174.0/24
85.133.227.0/24
185.41.3.0/24
Signature Algorithm: sha256WithRSAEncryption
34:14:1b:3a:3c:e8:16:0b:d1:22:21:18:c0:21:16:7d:86:00:
e9:ce:cb:9a:02:c8:dd:13:44:5e:89:60:72:85:1e:a9:5d:de:
f3:7f:7f:d7:bb:e8:18:f2:44:64:c3:f6:83:55:f0:24:91:55:
e2:d6:3d:2f:a6:8e:ef:7a:07:4b:ba:83:fe:bb:c6:aa:da:25:
19:b8:d0:be:c4:1d:f2:a1:ba:82:ca:19:7d:b6:ff:d2:f8:c2:
0c:9d:05:15:01:ca:ba:e2:ae:46:a1:7f:4e:db:30:48:3f:9d:
a1:5f:af:66:9d:ff:42:31:67:20:da:83:f7:de:3a:81:72:33:
ff:4d:c5:78:c2:83:38:ca:12:f8:0b:cf:48:76:7f:dd:65:70:
8e:d6:d2:b9:59:37:ed:5d:87:2e:af:6a:19:72:0c:0b:28:c2:
74:b7:9b:de:f3:73:f7:c6:b3:8d:c5:a2:7d:5b:ca:e8:6c:0b:
30:0a:c9:cb:55:b9:c7:93:85:82:3c:79:12:84:38:80:70:11:
62:59:0d:37:b6:cd:ca:75:a2:a1:1a:e3:db:e5:4a:44:74:13:
45:56:26:75:5e:8e:89:24:2d:49:32:2a:21:00:ef:e6:92:71:
c6:6f:9f:55:c7:bb:39:39:1d:29:94:da:be:15:9d:01:d0:74:
1e:9e:f7:f2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYhYvkWQtO5nTdyTQyZZK8qdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNTI2MTU0NzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGRhZmFlYzFhYjkyYzZhNjRlN2YyNTZjY2UzZGUyMDUzYjg0NjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkE2XwyASirSwQj82zkLsSRs1f2YT
zEKcHpR1ERkmFozw0NQLkvH3rESikF2vJB+02FM9FfW0AZGkYLNuZM6o6FlO3ImY
Y276XEE/LTQZICE8tywRyiaH92uSApVma38+0aRTdmM0HeefU2iV7dMhYoLly2mM
NuAB1qO+B7GPXcK5yMpNeufSjOeJ3IR5wOiDBUULntaY6S5oB0r1II6BwmLge0Nx
pjcuaH5lqxox22feipEdKOGHcHjKd1tpEtgoMD78XakxHAIuFKDIc5iCFf8R+VS+
jaZaRFcmZxrtV3Qol9eBphmDJLN4jEsvRv1L/MT2yF4geWp7DSfzT5wkAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH3a+uwauSxqZOfyVszj3iBTuEYCMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvZmRyNjdCcTVMR3BrNV9KV3pPUGVJRk80UmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVYWPAwQA
VYWuAwQAVYXjAwQAuSkDMA0GCSqGSIb3DQEBCwUAA4IBAQA0FBs6POgWC9EiIRjA
IRZ9hgDpzsuaAsjdE0ReiWByhR6pXd7zf3/Xu+gY8kRkw/aDVfAkkVXi1j0vpo7v
egdLuoP+u8aq2iUZuNC+xB3yobqCyhl9tv/S+MIMnQUVAcq64q5GoX9O2zBIP52h
X69mnf9CMWcg2oP33jqBcjP/TcV4woM4yhL4C89Idn/dZXCO1tK5WTftXYcur2oZ
cgwLKMJ0t5ve83P3xrONxaJ9W8robAswCsnLVbnHk4WCPHkShDiAcBFiWQ03ts3K
daKhGuPb5UpEdBNFViZ1Xo6JJC1JMiohAO/mknHGb59Vx7s5OR0plNq+FZ0B0HQe
nvfy
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:15 2023 by rpki-client on console-fra.rpki-client.org