Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/jW7Wy0XdMjJOgZkJxGq29vmKtSE.roa
File: jW7Wy0XdMjJOgZkJxGq29vmKtSE.roa (raw, json)
Hash identifier: eC79Kefk3bM/sJl+H276q7Nqts4Q0iHZ9AdxA5P3Vk0=
Subject key identifier: 8D:6E:D6:CB:45:DD:32:32:4E:81:99:09:C4:6A:B6:F6:F9:8A:B5:21
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01898C2909AAD7E1A24A57470D63EFFB891C
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/jW7Wy0XdMjJOgZkJxGq29vmKtSE.roa
Signing time: Tue 25 Jul 2023 08:27:26 +0000
ROA not before: Tue 25 Jul 2023 08:27:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211056
IP address blocks: 85.133.216.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.237.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8c:29:09:aa:d7:e1:a2:4a:57:47:0d:63:ef:fb:89:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jul 25 08:27:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d6ed6cb45dd32324e819909c46ab6f6f98ab521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d5:4c:19:da:dd:4c:66:3c:6e:1d:3e:b0:17:
8a:f0:61:82:e1:1d:4e:55:40:39:f6:3f:ff:cf:a2:
c6:6d:a1:0c:51:36:21:d3:b0:d9:82:56:c7:10:f5:
2f:cb:6c:0a:ad:89:4b:68:96:b9:0e:19:7c:cf:b8:
ab:a2:aa:c4:47:61:61:96:d2:b7:9f:77:1b:2e:0c:
f4:4b:55:a8:70:23:06:6c:48:e1:6a:dc:39:ee:58:
9e:80:58:6f:4e:76:76:fb:dc:30:d5:8c:08:03:ad:
ab:b9:df:1d:a1:da:f4:92:d2:ec:07:fd:91:61:8b:
11:d6:a6:88:c8:ce:26:40:bd:b5:90:51:8d:37:16:
51:9b:b9:d5:ad:53:42:1a:5e:00:f1:01:59:45:68:
62:03:1b:dd:37:2b:79:a6:f4:c4:52:97:93:60:b1:
49:d3:4d:1f:81:e9:37:0b:56:c0:23:62:95:45:2d:
72:74:ab:4f:40:59:10:06:70:05:aa:bb:a1:91:04:
6a:48:96:fa:8c:93:1d:66:5d:f3:4e:bf:73:8b:a0:
e8:cd:86:b6:6e:1d:7a:de:c6:10:bd:b7:1f:ec:70:
fa:2f:6d:76:ea:bd:40:33:d0:8b:87:94:65:54:11:
25:5a:02:64:bb:e0:26:4d:4e:32:52:4a:dd:43:da:
b2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:6E:D6:CB:45:DD:32:32:4E:81:99:09:C4:6A:B6:F6:F9:8A:B5:21
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/jW7Wy0XdMjJOgZkJxGq29vmKtSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.216.0/24
85.133.237.0-85.133.238.255
85.133.253.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:13:f0:19:c4:2e:9a:44:c5:2f:07:21:eb:35:5f:ae:f9:1c:
17:08:6b:34:d9:9a:53:27:7b:d6:c1:30:f0:9f:4a:ca:95:4e:
0c:eb:26:1e:b0:07:bb:9e:b8:89:31:48:1b:ec:7b:bc:2b:ec:
d0:bb:ce:87:72:32:07:8c:cb:51:ef:07:ce:6c:91:41:2a:f6:
42:ab:f3:9a:13:9f:c5:ea:ae:b9:ac:71:61:72:96:50:a7:57:
46:fa:ea:5c:7a:fd:92:25:7e:b2:7d:74:66:d6:1d:0b:82:02:
f7:1c:1e:f9:32:0e:a4:4c:45:50:ac:e8:ae:79:d9:4b:0f:af:
a8:08:80:00:a5:a2:73:7e:c3:93:f8:53:c3:84:d0:86:f2:bf:
87:aa:2c:9d:e1:79:93:ed:50:58:15:11:3d:ed:85:8a:02:41:
4f:42:83:b2:4a:a5:cc:0e:f0:40:bb:5b:e3:43:1e:57:cc:2d:
97:0f:f0:96:15:ee:03:3e:16:03:50:ee:be:b9:92:67:5a:0b:
fb:20:f9:95:9b:82:5e:28:0c:7a:d8:ae:56:c8:20:05:b7:b4:
ba:17:6f:3e:e8:18:f7:75:20:b9:fb:bc:2d:ae:2a:65:4a:2b:
e5:6c:9a:f3:e1:d4:79:4b:44:86:47:d1:30:0f:69:fa:fb:36:
fa:7a:d4:86
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYmMKQmq1+GiSldHDWPv+4kcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNzI1MDgyNzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDZlZDZjYjQ1ZGQzMjMyNGU4MTk5MDljNDZhYjZmNmY5OGFiNTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9VMGdrdTGY8bh0+sBeK8GGC4R1O
VUA59j//z6LGbaEMUTYh07DZglbHEPUvy2wKrYlLaJa5Dhl8z7iroqrER2FhltK3
n3cbLgz0S1WocCMGbEjhatw57liegFhvTnZ2+9ww1YwIA62rud8dodr0ktLsB/2R
YYsR1qaIyM4mQL21kFGNNxZRm7nVrVNCGl4A8QFZRWhiAxvdNyt5pvTEUpeTYLFJ
000fgek3C1bAI2KVRS1ydKtPQFkQBnAFqruhkQRqSJb6jJMdZl3zTr9zi6DozYa2
bh163sYQvbcf7HD6L2126r1AM9CLh5RlVBElWgJku+AmTU4yUkrdQ9qywQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFI1u1stF3TIyToGZCcRqtvb5irUhMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvalc3V3kwWGRNakpPZ1prSnhHcTI5dm1LdFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAVYXYMAwD
BABVhe0DBABVhe4DBABVhf0wDQYJKoZIhvcNAQELBQADggEBAKoT8BnELppExS8H
Ies1X675HBcIazTZmlMne9bBMPCfSsqVTgzrJh6wB7ueuIkxSBvse7wr7NC7zody
MgeMy1HvB85skUEq9kKr85oTn8XqrrmscWFyllCnV0b66lx6/ZIlfrJ9dGbWHQuC
AvccHvkyDqRMRVCs6K552UsPr6gIgAClonN+w5P4U8OE0Ibyv4eqLJ3heZPtUFgV
ET3thYoCQU9Cg7JKpcwO8EC7W+NDHlfMLZcP8JYV7gM+FgNQ7r65kmdaC/sg+ZWb
gl4oDHrYrlbIIAW3tLoXbz7oGPd1ILn7vC2uKmVKK+VsmvPh1HlLRIZH0TAPafr7
Nvp61IY=
-----END CERTIFICATE-----
Generated at Tue Sep 12 16:49:10 2023 by rpki-client on console-ams.rpki-client.org