Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/iAO7AnRgOSx8qgMxM9_bRPmxZqk.roa
File: iAO7AnRgOSx8qgMxM9_bRPmxZqk.roa (raw, json)
Hash identifier: eSpeHB9AWE81QXr8Z0TlrzWqfBpn9JQTdcu3F3VM5sE=
Subject key identifier: 88:03:BB:02:74:60:39:2C:7C:AA:03:31:33:DF:DB:44:F9:B1:66:A9
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018B1EE880F9954E0AA593582A0C25C735EF
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/iAO7AnRgOSx8qgMxM9_bRPmxZqk.roa
Signing time: Wed 11 Oct 2023 13:23:55 +0000
ROA not before: Wed 11 Oct 2023 13:23:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.233.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.236.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.241.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.199.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.205.0/24 maxlen: 24
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.202.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:e8:80:f9:95:4e:0a:a5:93:58:2a:0c:25:c7:35:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Oct 11 13:23:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8803bb027460392c7caa033133dfdb44f9b166a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:44:ec:d3:31:36:0f:06:08:70:99:b1:d1:d6:
14:de:e6:72:3f:39:04:ab:e4:62:51:a6:2c:08:ca:
b9:f0:7f:85:a9:09:a2:2c:49:8c:8a:3c:81:74:3d:
6c:aa:b9:0e:1b:5b:fc:28:52:d9:94:11:a8:2f:2e:
64:68:5f:3e:09:15:d1:ab:01:d7:94:1e:1d:1a:14:
a7:18:ab:30:c6:f5:c4:8e:85:24:fc:88:ac:09:c6:
2f:52:5f:c0:15:b7:c5:98:f7:d4:82:ac:25:36:dc:
c6:a6:d4:de:cb:ae:93:ec:de:4b:e4:18:71:af:5d:
ce:b6:04:e2:a1:2a:c9:b0:af:63:04:dc:d9:1f:30:
1f:9f:c2:10:da:ed:81:48:e9:a8:e8:ae:23:23:12:
a7:92:af:3b:8a:b0:df:02:97:15:1f:67:8b:66:dd:
3c:d0:95:bc:b0:0a:1b:b5:5c:db:cb:fe:4c:e6:5d:
71:aa:62:c8:69:0a:9d:30:73:7f:e6:8d:da:b3:48:
27:9d:e1:2d:ef:e6:2b:88:18:60:a1:80:c6:d6:66:
b7:26:83:6d:a4:0f:7a:af:3b:41:9b:1f:c8:b0:25:
dd:f0:21:f2:2d:69:57:08:2d:e0:6b:ab:54:29:c6:
55:f2:84:7c:ee:f1:0e:80:44:5d:a4:95:a9:a4:b2:
dd:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:03:BB:02:74:60:39:2C:7C:AA:03:31:33:DF:DB:44:F9:B1:66:A9
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/iAO7AnRgOSx8qgMxM9_bRPmxZqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
67:d5:fe:f6:67:90:0b:05:40:4f:e1:3d:1f:fa:ed:0c:c6:6a:
00:94:26:f4:60:8c:d6:ca:ed:f8:db:1d:99:96:86:f5:f9:42:
32:a9:8b:a6:e7:5a:63:d2:47:2c:f3:5f:b3:bc:cd:c1:62:eb:
cb:ce:4d:3b:82:5c:ac:96:0d:b3:62:31:3d:8e:c7:3c:a6:27:
54:28:ab:37:b2:f7:9b:9a:0b:ce:13:8c:c0:e9:12:d4:23:64:
e0:94:4a:ab:3b:68:56:c2:4b:cf:87:88:5e:3e:b8:26:8d:e6:
f9:81:21:28:fe:2e:e1:fd:c6:a0:01:6b:41:e6:45:97:16:e3:
73:c8:f3:10:b9:92:fa:70:20:c5:3a:f8:22:a1:8b:a8:95:42:
c6:12:8f:af:70:05:5b:97:49:65:03:07:d9:6d:1b:4a:05:25:
75:0b:ca:a8:63:7d:d7:d4:4d:af:90:13:05:95:98:59:cf:1d:
20:8c:f5:23:00:85:b1:d0:8c:e1:85:d6:95:4f:eb:07:e2:c9:
1d:a2:69:15:e4:58:88:22:59:a9:dd:33:12:f6:2b:23:88:ed:
e4:fd:53:d8:1f:6d:08:dd:79:9f:22:26:6f:c4:cc:ed:ce:e6:
83:d4:5a:ca:bc:04:5e:fe:b3:d8:93:a2:d1:0d:ae:5a:9a:5a:
8e:d1:1c:b9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYse6ID5lU4KpZNYKgwlxzXvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMxMDExMTMyMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODAzYmIwMjc0NjAzOTJjN2NhYTAzMzEzM2RmZGI0NGY5YjE2NmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUTs0zE2DwYIcJmx0dYU3uZyPzkE
q+RiUaYsCMq58H+FqQmiLEmMijyBdD1sqrkOG1v8KFLZlBGoLy5kaF8+CRXRqwHX
lB4dGhSnGKswxvXEjoUk/IisCcYvUl/AFbfFmPfUgqwlNtzGptTey66T7N5L5Bhx
r13OtgTioSrJsK9jBNzZHzAfn8IQ2u2BSOmo6K4jIxKnkq87irDfApcVH2eLZt08
0JW8sAobtVzby/5M5l1xqmLIaQqdMHN/5o3as0gnneEt7+YriBhgoYDG1ma3JoNt
pA96rztBmx/IsCXd8CHyLWlXCC3ga6tUKcZV8oR87vEOgERdpJWppLLdXwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIgDuwJ0YDksfKoDMTPf20T5sWapMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvaUFPN0FuUmdPU3g4cWdNeE05X2JSUG14WnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQBn1f72Z5ALBUBP
4T0f+u0MxmoAlCb0YIzWyu342x2Zlob1+UIyqYum51pj0kcs81+zvM3BYuvLzk07
glyslg2zYjE9jsc8pidUKKs3svebmgvOE4zA6RLUI2TglEqrO2hWwkvPh4hePrgm
jeb5gSEo/i7h/cagAWtB5kWXFuNzyPMQuZL6cCDFOvgioYuolULGEo+vcAVbl0ll
AwfZbRtKBSV1C8qoY33X1E2vkBMFlZhZzx0gjPUjAIWx0IzhhdaVT+sH4skdomkV
5FiIIlmp3TMS9isjiO3k/VPYH20I3XmfIiZvxMztzuaD1FrKvARe/rPYk6LRDa5a
mlqO0Ry5
Generated at Wed Oct 18 08:09:25 2023 by rpki-client on console-ams.rpki-client.org