Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/gF2WV8P1cQT5P4ZBBnu4-p6FUq4.roa
File: gF2WV8P1cQT5P4ZBBnu4-p6FUq4.roa (raw, json)
Hash identifier: qraq7O5vNKBGaGe9ym1sGO9+a9G10GcdvUlabFHLx90=
Subject key identifier: 80:5D:96:57:C3:F5:71:04:F9:3F:86:41:06:7B:B8:FA:9E:85:52:AE
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0192C012982CEB87726AC84826A8D74FCF79
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/gF2WV8P1cQT5P4ZBBnu4-p6FUq4.roa
Signing time: Thu 24 Oct 2024 19:48:16 +0000
ROA not before: Thu 24 Oct 2024 19:48:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 85.133.234.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c0:12:98:2c:eb:87:72:6a:c8:48:26:a8:d7:4f:cf:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Oct 24 19:48:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=805d9657c3f57104f93f8641067bb8fa9e8552ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:ee:d8:13:30:a0:5b:86:a4:01:e1:33:67:22:
0e:9e:49:21:a9:a5:bb:80:f7:76:76:4a:23:02:4f:
a9:71:05:61:f6:39:f1:46:94:ef:3f:3a:a0:94:c8:
e6:28:43:d2:e6:45:12:1e:c4:6a:9b:4f:af:f0:dc:
2c:19:c4:e8:ca:cf:a1:8a:4d:df:b0:ab:a9:68:6f:
84:67:cf:4b:74:aa:73:bc:13:2d:72:c8:fb:27:d9:
a3:78:4b:d9:7a:5e:a6:96:3f:76:39:fe:41:b4:ae:
7e:db:19:16:58:6f:2b:ea:e0:d7:0a:ba:ce:87:d7:
90:bb:9b:c5:bd:5e:d2:48:46:e2:56:35:dd:d3:9f:
36:e2:9e:9a:32:3f:70:d3:34:a4:85:2b:e4:8f:21:
ef:2f:95:f6:d7:fc:48:2f:1b:7c:12:be:4d:10:02:
88:ca:cf:f0:5a:fd:91:a5:4c:55:07:f1:ba:23:8e:
c4:6a:a0:c5:35:dd:13:ba:47:f8:bb:96:01:d5:7f:
4a:f4:d6:20:6b:f0:d2:be:b5:0f:32:08:97:54:7e:
d4:ac:5b:05:fc:1d:23:41:58:3c:3e:d5:3b:c3:64:
54:44:d5:ac:a6:a9:db:4c:08:d3:c1:29:5c:fd:18:
c3:f5:e5:83:ad:ac:b5:f6:58:f0:13:14:dc:40:b6:
18:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:5D:96:57:C3:F5:71:04:F9:3F:86:41:06:7B:B8:FA:9E:85:52:AE
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/gF2WV8P1cQT5P4ZBBnu4-p6FUq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.234.0/24
85.133.246.0/24
85.133.251.0-85.133.252.255
Signature Algorithm: sha256WithRSAEncryption
15:fd:23:bb:82:e2:41:0b:6f:66:73:32:62:de:34:5f:6b:a9:
91:00:61:ea:ab:63:b6:b0:c8:2e:52:14:56:f5:a6:39:87:29:
28:a1:7d:29:6c:1b:1d:73:cb:ad:86:90:d6:69:14:0d:b3:8a:
da:7a:d8:18:37:58:71:b3:e4:43:bc:68:64:38:d9:84:a6:00:
d7:33:50:83:cf:60:70:4d:09:40:13:97:8a:5c:d8:fa:b0:e0:
58:10:98:36:09:7f:7a:d8:91:e4:b1:4f:55:70:06:ea:61:17:
db:f8:36:35:29:34:93:65:db:b4:ab:d2:58:eb:50:bd:03:23:
6e:f6:a4:32:05:7b:75:c4:20:98:d2:64:06:af:d7:97:da:0e:
6c:f1:ad:db:69:cf:8c:df:77:bc:64:24:d3:bb:c0:ab:b2:2e:
d2:49:49:0b:fc:b6:ff:f9:18:37:b2:88:ee:72:e2:72:d2:e1:
5c:d1:9e:df:b1:f3:9a:af:ab:f5:2f:39:b8:fc:f9:dd:6a:29:
23:e9:af:ab:55:86:50:eb:89:51:e7:ac:10:73:f1:4b:c2:be:
ac:fb:0d:60:74:e1:3a:ae:28:59:27:ca:d9:52:26:67:c2:26:
03:fa:a8:53:2d:46:18:5f:fb:06:84:c0:62:5d:f4:6e:62:5c:
b6:1d:40:ab
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZLAEpgs64dyashIJqjXT895MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQxMDI0MTk0ODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDVkOTY1N2MzZjU3MTA0ZjkzZjg2NDEwNjdiYjhmYTllODU1MmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+7YEzCgW4akAeEzZyIOnkkhqaW7
gPd2dkojAk+pcQVh9jnxRpTvPzqglMjmKEPS5kUSHsRqm0+v8NwsGcToys+hik3f
sKupaG+EZ89LdKpzvBMtcsj7J9mjeEvZel6mlj92Of5BtK5+2xkWWG8r6uDXCrrO
h9eQu5vFvV7SSEbiVjXd05824p6aMj9w0zSkhSvkjyHvL5X21/xILxt8Er5NEAKI
ys/wWv2RpUxVB/G6I47EaqDFNd0Tukf4u5YB1X9K9NYga/DSvrUPMgiXVH7UrFsF
/B0jQVg8PtU7w2RURNWspqnbTAjTwSlc/RjD9eWDray19ljwExTcQLYYRwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIBdllfD9XEE+T+GQQZ7uPqehVKuMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvZ0YyV1Y4UDFjUVQ1UDRaQkJudTQtcDZGVXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAVYXqAwQA
VYX2MAwDBABVhfsDBABVhfwwDQYJKoZIhvcNAQELBQADggEBABX9I7uC4kELb2Zz
MmLeNF9rqZEAYeqrY7awyC5SFFb1pjmHKSihfSlsGx1zy62GkNZpFA2zitp62Bg3
WHGz5EO8aGQ42YSmANczUIPPYHBNCUATl4pc2Pqw4FgQmDYJf3rYkeSxT1VwBuph
F9v4NjUpNJNl27Sr0ljrUL0DI272pDIFe3XEIJjSZAav15faDmzxrdtpz4zfd7xk
JNO7wKuyLtJJSQv8tv/5GDeyiO5y4nLS4VzRnt+x85qvq/UvObj8+d1qKSPpr6tV
hlDriVHnrBBz8UvCvqz7DWB04TquKFknytlSJmfCJgP6qFMtRhhf+waEwGJd9G5i
XLYdQKs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:31:27 2025 by rpki-client