Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/iZguFHTjBcILwNTP5vVXHL8JXME.roa
File: iZguFHTjBcILwNTP5vVXHL8JXME.roa (raw, json)
Hash identifier: lonug5mnFCR8eNWa+UE6EmPQazenrAEZO2SmESnbMq4=
Subject key identifier: 89:98:2E:14:74:E3:05:C2:0B:C0:D4:CF:E6:F5:57:1C:BF:09:5C:C1
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018D3AFCF06C6FD1DABCF4E1A812EE9FC363
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/iZguFHTjBcILwNTP5vVXHL8JXME.roa
Signing time: Wed 24 Jan 2024 10:21:11 +0000
ROA not before: Wed 24 Jan 2024 10:21:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204104
IP address blocks: 85.133.132.0/24 maxlen: 24
85.133.151.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jul 2024 06:39:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3a:fc:f0:6c:6f:d1:da:bc:f4:e1:a8:12:ee:9f:c3:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 24 10:21:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89982e1474e305c20bc0d4cfe6f5571cbf095cc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:33:3c:d4:d5:82:50:ee:57:ef:17:2e:14:6f:
2e:6c:fa:26:c7:30:40:e8:5b:ee:2c:76:e1:de:ef:
2d:15:e3:90:1c:00:c6:bc:41:aa:05:b0:35:9c:8c:
fc:d8:9f:91:16:82:5f:34:ea:49:07:18:9e:2f:68:
7f:f6:15:34:69:3a:ab:e6:e2:9d:df:02:2b:5f:5f:
68:83:e3:12:b9:19:41:99:c3:8f:80:49:2b:5d:34:
7f:f2:e1:4b:df:93:a4:f7:ad:df:9b:32:3f:b1:00:
41:59:7e:3d:bf:a6:b6:a3:e5:a2:3e:46:86:37:95:
a2:38:96:6f:27:79:f7:b0:00:df:26:97:56:31:0a:
0a:8d:f0:04:88:96:a5:3f:73:ee:3e:a3:c0:bf:fb:
6f:b7:a9:75:ae:a6:e3:74:31:41:a1:b6:88:fc:11:
11:59:c6:38:1f:3e:7a:db:3d:e6:a4:9a:e4:91:b1:
ac:94:72:69:cd:5b:a9:02:fe:27:0d:23:af:1a:18:
94:5e:8d:a6:2a:81:75:02:57:f4:82:c3:3e:99:eb:
0d:45:47:de:15:43:76:b8:46:bd:57:cd:51:42:5c:
71:d8:16:31:9c:95:86:98:8d:2d:e6:d0:94:18:f1:
a2:f2:7f:f3:a5:2c:d3:c8:b0:87:51:9d:d4:5c:88:
52:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:98:2E:14:74:E3:05:C2:0B:C0:D4:CF:E6:F5:57:1C:BF:09:5C:C1
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/iZguFHTjBcILwNTP5vVXHL8JXME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.132.0/24
85.133.151.0/24
85.133.166.0/24
85.133.194.0/24
Signature Algorithm: sha256WithRSAEncryption
77:a4:75:f4:fb:a9:08:28:3a:41:8e:b2:d7:f5:23:df:e5:74:
18:16:7c:88:9d:f2:00:e8:16:e0:72:c7:b3:5f:f1:82:0b:c6:
f5:76:5a:3d:e2:27:56:40:ca:30:ce:e0:cb:6f:1c:b1:02:a0:
cc:03:01:47:24:9a:43:3d:1c:55:8c:20:f7:df:33:ef:51:0f:
73:e0:54:30:fd:25:e3:ae:b5:9b:84:47:89:c5:11:16:84:81:
9d:f3:5d:58:b3:8b:34:65:66:23:75:41:c6:a0:20:d6:97:74:
ef:64:21:7d:59:a8:3d:72:f4:56:42:ef:f6:23:34:e2:c3:aa:
b4:17:2f:45:97:49:56:32:ee:c5:f0:7a:15:29:7b:63:df:4e:
52:34:05:7a:af:54:04:0e:14:ed:9e:6d:20:f5:90:5b:d7:04:
36:d9:36:e6:6b:a5:b5:11:4a:c6:50:b4:95:ea:74:11:19:51:
1a:85:94:1c:19:05:33:d2:06:64:8d:a1:63:f3:55:39:fe:f3:
8f:36:8d:c7:eb:09:1e:15:c4:f8:94:0d:33:10:bc:91:00:b7:
07:fc:7b:31:87:b0:36:4e:86:ad:96:a1:9e:17:61:6e:ca:fa:
d4:5c:a9:7c:65:cd:0e:d0:0d:5c:6a:eb:c3:64:c5:07:21:3b:
6a:a2:49:38
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY06/PBsb9HavPThqBLun8NjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMTI0MTAyMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTk4MmUxNDc0ZTMwNWMyMGJjMGQ0Y2ZlNmY1NTcxY2JmMDk1Y2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzM81NWCUO5X7xcuFG8ubPomxzBA
6FvuLHbh3u8tFeOQHADGvEGqBbA1nIz82J+RFoJfNOpJBxieL2h/9hU0aTqr5uKd
3wIrX19og+MSuRlBmcOPgEkrXTR/8uFL35Ok963fmzI/sQBBWX49v6a2o+WiPkaG
N5WiOJZvJ3n3sADfJpdWMQoKjfAEiJalP3PuPqPAv/tvt6l1rqbjdDFBobaI/BER
WcY4Hz562z3mpJrkkbGslHJpzVupAv4nDSOvGhiUXo2mKoF1Alf0gsM+mesNRUfe
FUN2uEa9V81RQlxx2BYxnJWGmI0t5tCUGPGi8n/zpSzTyLCHUZ3UXIhSwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFImYLhR04wXCC8DUz+b1Vxy/CVzBMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvaVpndUZIVGpCY0lMd05UUDV2VlhITDhKWE1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVYWEAwQA
VYWXAwQAVYWmAwQAVYXCMA0GCSqGSIb3DQEBCwUAA4IBAQB3pHX0+6kIKDpBjrLX
9SPf5XQYFnyInfIA6BbgcsezX/GCC8b1dlo94idWQMowzuDLbxyxAqDMAwFHJJpD
PRxVjCD33zPvUQ9z4FQw/SXjrrWbhEeJxREWhIGd811Ys4s0ZWYjdUHGoCDWl3Tv
ZCF9Wag9cvRWQu/2IzTiw6q0Fy9Fl0lWMu7F8HoVKXtj305SNAV6r1QEDhTtnm0g
9ZBb1wQ22Tbma6W1EUrGULSV6nQRGVEahZQcGQUz0gZkjaFj81U5/vOPNo3H6wke
FcT4lA0zELyRALcH/Hsxh7A2ToatlqGeF2FuyvrUXKl8Zc0O0A1cauvDZMUHITtq
okk4
-----END CERTIFICATE-----
Generated at Wed Jul 24 07:59:45 2024 by rpki-client on console-fra.rpki-client.org