Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/iqHqCbgmjlH-aWMWVxc3gQHzLFk.roa
File: iqHqCbgmjlH-aWMWVxc3gQHzLFk.roa (raw, json)
Hash identifier: osWNcrO/HeXWM2BlzIz2iI6DWIdCpQA2z8H4fIFnFPg=
Subject key identifier: 8A:A1:EA:09:B8:26:8E:51:FE:69:63:16:57:17:37:81:01:F3:2C:59
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018804B23C0090C0D0F5B02CA6B384D085AE
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/iqHqCbgmjlH-aWMWVxc3gQHzLFk.roa
Signing time: Wed 10 May 2023 08:06:09 +0000
ROA not before: Wed 10 May 2023 08:06:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54339
IP address blocks: 85.133.227.0/24 maxlen: 24
85.133.233.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.234.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.237.0/24 maxlen: 24
85.133.241.0/24 maxlen: 24
85.133.242.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.199.0/24 maxlen: 24
85.133.194.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.132.0/22 maxlen: 22
85.133.135.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.151.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 May 2023 14:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:04:b2:3c:00:90:c0:d0:f5:b0:2c:a6:b3:84:d0:85:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: May 10 08:06:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8aa1ea09b8268e51fe6963165717378101f32c59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ba:29:5a:26:71:bb:94:df:01:11:e1:98:0a:
80:1b:da:a6:f8:33:f3:88:6c:bc:3f:e1:1b:52:ba:
c4:41:b6:44:63:62:2c:18:7b:82:89:dd:c3:b7:39:
00:05:dc:a5:34:3d:0d:03:5d:6f:56:e2:aa:d8:e5:
fe:17:45:1e:90:4c:fa:68:e2:42:48:5c:aa:cb:7e:
8a:4e:e5:7b:f0:73:88:8e:76:02:e0:07:1f:22:a9:
54:ef:af:16:0b:c8:07:37:61:40:ee:38:2a:17:d5:
90:c0:b3:a7:b4:45:31:17:60:f6:8f:31:b4:05:5b:
96:b9:64:eb:0d:53:74:70:35:1e:2b:93:d3:e4:8f:
f2:92:e5:f9:25:bf:f1:46:dd:03:b7:74:57:74:7d:
08:6b:f6:75:ed:1d:d3:96:db:ae:35:65:4a:85:8e:
8b:17:1b:86:33:d6:51:b8:11:68:59:e9:4e:eb:0d:
24:1d:1c:bd:3d:b9:20:90:63:e7:07:50:b1:b3:5e:
2c:e0:21:5c:7a:63:1f:92:cc:23:61:3f:0b:f0:0e:
5b:a9:43:78:e9:dc:34:8f:44:bd:8d:81:fe:e7:2f:
0e:77:ed:74:c4:00:7f:28:d3:ba:b2:a5:74:04:9e:
a5:7d:30:4f:30:b5:4e:cc:e9:c6:f7:85:06:7e:e4:
6e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A1:EA:09:B8:26:8E:51:FE:69:63:16:57:17:37:81:01:F3:2C:59
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/iqHqCbgmjlH-aWMWVxc3gQHzLFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.132.0/22
85.133.143.0/24
85.133.151.0/24
85.133.153.0/24
85.133.160.0/23
85.133.166.0/24
85.133.174.0/24
85.133.178.0/24
85.133.194.0/24
85.133.199.0/24
85.133.205.0/24
85.133.208.0/24
85.133.219.0/24
85.133.221.0/24
85.133.227.0-85.133.228.255
85.133.233.0-85.133.234.255
85.133.237.0-85.133.238.255
85.133.241.0-85.133.242.255
85.133.250.0/24
85.133.253.0/24
185.41.0.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:4b:c4:0a:bb:ea:7e:37:22:f9:52:0c:71:6f:fb:e3:7b:87:
e0:70:3b:b2:32:ea:27:73:83:20:e7:14:62:8e:8b:03:d5:45:
96:e3:26:cc:1d:87:22:ec:9e:23:1c:83:23:1e:f2:82:fb:78:
99:26:98:ea:f6:e2:21:c6:a8:94:d5:2c:05:f6:ec:68:0a:9b:
01:f6:5f:51:75:ba:3c:c0:8a:42:06:55:b6:82:3f:92:ca:df:
33:13:9c:5b:bd:b3:04:ae:cd:b5:5d:64:24:ca:f4:3e:74:83:
fc:e0:27:46:dd:40:3f:ce:92:e7:bd:33:28:f7:ff:fb:30:7a:
ce:fd:68:79:51:e3:2a:9e:57:0a:b8:93:fa:b4:68:54:03:de:
e3:17:9a:af:07:ae:6e:ec:20:ea:f0:25:03:cf:df:21:9c:ac:
99:2b:f3:6e:bc:e8:52:45:9c:34:74:50:64:1b:e8:70:37:49:
74:12:67:b3:cb:43:29:51:25:45:18:18:4d:f4:bb:b0:b2:e9:
dc:df:18:ad:73:fc:1c:79:6b:b9:d1:1c:8f:39:8d:7b:7a:1d:
25:a0:a9:4a:e0:aa:a6:61:d2:34:87:aa:0a:02:98:e6:7e:8c:
2f:9a:45:ad:f3:d0:1a:b7:27:e8:1c:6e:80:4f:bb:3e:4a:40:
ac:69:18:fe
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYgEsjwAkMDQ9bAsprOE0IWuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNTEwMDgwNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWExZWEwOWI4MjY4ZTUxZmU2OTYzMTY1NzE3Mzc4MTAxZjMyYzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbopWiZxu5TfARHhmAqAG9qm+DPz
iGy8P+EbUrrEQbZEY2IsGHuCid3DtzkABdylND0NA11vVuKq2OX+F0UekEz6aOJC
SFyqy36KTuV78HOIjnYC4AcfIqlU768WC8gHN2FA7jgqF9WQwLOntEUxF2D2jzG0
BVuWuWTrDVN0cDUeK5PT5I/ykuX5Jb/xRt0Dt3RXdH0Ia/Z17R3TltuuNWVKhY6L
FxuGM9ZRuBFoWelO6w0kHRy9PbkgkGPnB1Cxs14s4CFcemMfkswjYT8L8A5bqUN4
6dw0j0S9jYH+5y8Od+10xAB/KNO6sqV0BJ6lfTBPMLVOzOnG94UGfuRu/QIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFIqh6gm4Jo5R/mljFlcXN4EB8yxZMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvaXFIcUNiZ21qbEgtYVdNV1Z4YzNnUUh6TEZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAJV
hYQDBABVhY8DBABVhZcDBABVhZkDBAFVhaADBABVhaYDBABVha4DBABVhbIDBABV
hcIDBABVhccDBABVhc0DBABVhdADBABVhdsDBABVhd0wDAMEAFWF4wMEAFWF5DAM
AwQAVYXpAwQAVYXqMAwDBABVhe0DBABVhe4wDAMEAFWF8QMEAFWF8gMEAFWF+gME
AFWF/QMEArkpADANBgkqhkiG9w0BAQsFAAOCAQEAtkvECrvqfjci+VIMcW/743uH
4HA7sjLqJ3ODIOcUYo6LA9VFluMmzB2HIuyeIxyDIx7ygvt4mSaY6vbiIcaolNUs
BfbsaAqbAfZfUXW6PMCKQgZVtoI/ksrfMxOcW72zBK7NtV1kJMr0PnSD/OAnRt1A
P86S570zKPf/+zB6zv1oeVHjKp5XCriT+rRoVAPe4xearweubuwg6vAlA8/fIZys
mSvzbrzoUkWcNHRQZBvocDdJdBJns8tDKVElRRgYTfS7sLLp3N8YrXP8HHlrudEc
jzmNe3odJaCpSuCqpmHSNIeqCgKY5n6ML5pFrfPQGrcn6BxugE+7PkpArGkY/g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org