Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/j_wKIxex5vM6id4KdjsSV1-6UmI.roa
File: j_wKIxex5vM6id4KdjsSV1-6UmI.roa (raw, json)
Hash identifier: VSHGeDyUFn42tP7VtZTzFYvIbcj1qdr+2YVvXo0udVU=
Subject key identifier: 8F:FC:0A:23:17:B1:E6:F3:3A:89:DE:0A:76:3B:12:57:5F:BA:52:62
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018CB67D5CD3BB4EC74C5E65FAE2BD7CCC42
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/j_wKIxex5vM6id4KdjsSV1-6UmI.roa
Signing time: Fri 29 Dec 2023 16:51:58 +0000
ROA not before: Fri 29 Dec 2023 16:51:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204104
IP address blocks: 85.133.194.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b6:7d:5c:d3:bb:4e:c7:4c:5e:65:fa:e2:bd:7c:cc:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Dec 29 16:51:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ffc0a2317b1e6f33a89de0a763b12575fba5262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:40:e9:e1:dc:4f:e0:b4:3c:79:a3:c2:a4:29:
c4:49:fe:fe:f7:7a:50:09:18:39:fa:b2:c7:2d:5d:
e9:34:7f:2e:b7:c6:16:6e:b4:37:05:c8:c2:38:6e:
e0:81:c9:56:92:0b:b8:78:ff:d5:99:53:0a:cb:92:
d3:1d:5f:b3:39:31:b8:32:d7:e7:fa:72:3a:b5:85:
99:20:c7:e7:54:83:7d:8a:ed:63:2a:c8:e3:37:10:
aa:e5:62:e3:0e:e1:a4:5a:26:ac:4b:5d:33:de:b1:
70:5a:37:2f:b0:dd:3f:70:f7:8d:2d:1e:09:c8:00:
f7:5d:13:85:3c:e6:23:81:7b:dd:b0:ef:fe:da:81:
24:d6:14:66:c3:29:71:72:75:34:18:1c:5a:07:4d:
30:f3:65:82:3e:6a:20:76:39:ec:bd:95:8a:6e:15:
8f:cb:e0:92:a4:26:24:20:78:50:4c:c0:34:6e:d9:
d3:63:60:da:e8:4d:f3:79:b3:a2:c2:55:d3:2b:84:
0c:8c:c9:3d:73:a3:e1:81:e4:1e:da:4c:a8:50:94:
43:9e:c7:fd:07:20:26:4f:5d:e9:32:99:ae:e7:0f:
dd:84:c7:b9:4f:fd:ed:65:69:2f:73:3d:b2:f3:e9:
32:35:45:27:07:5a:f6:3a:12:75:fa:c5:49:63:12:
50:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:FC:0A:23:17:B1:E6:F3:3A:89:DE:0A:76:3B:12:57:5F:BA:52:62
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/j_wKIxex5vM6id4KdjsSV1-6UmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.132.0/24
85.133.166.0/24
85.133.194.0/24
Signature Algorithm: sha256WithRSAEncryption
51:ae:de:46:79:1e:a4:b6:a7:69:60:f7:81:74:3a:a6:8f:32:
b0:a0:1a:4a:18:f8:59:11:a6:0b:bf:f2:34:a1:75:a5:ea:d0:
97:62:a9:0f:ed:e6:f6:14:7c:a1:79:11:48:b5:9a:c1:96:3f:
1e:71:58:b0:e5:a6:67:70:03:f9:29:77:f4:4d:cf:33:f0:7c:
63:aa:b4:d5:fe:b7:f5:39:92:6b:07:24:e1:2b:c3:57:79:1c:
e1:58:ab:6d:50:ba:6f:94:74:8c:35:bd:9f:6b:7c:31:de:66:
26:aa:d0:ab:60:71:d0:d1:b3:03:ae:50:f0:1a:ad:cc:5e:4b:
b1:3c:bf:68:a6:82:aa:2c:52:55:e7:74:06:07:9c:7e:53:90:
20:dd:aa:88:a1:2f:ca:b1:98:9b:ef:c0:91:6b:04:0b:1c:04:
1b:2c:67:b0:31:73:da:79:8a:ae:6c:23:ba:a4:c7:dc:43:64:
71:52:ee:85:fa:6f:7b:b9:f9:ee:c5:09:4c:61:db:e2:59:5b:
99:17:34:40:28:db:37:87:05:51:08:db:bd:95:d4:60:85:bf:
50:55:8d:62:dc:e1:e9:57:83:dc:34:fb:07:0a:3f:81:02:06:
06:69:74:f2:78:bd:42:ee:16:85:69:c1:29:29:02:87:3f:9f:
23:d9:e5:21
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYy2fVzTu07HTF5l+uK9fMxCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMxMjI5MTY1MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmZjMGEyMzE3YjFlNmYzM2E4OWRlMGE3NjNiMTI1NzVmYmE1MjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUDp4dxP4LQ8eaPCpCnESf7+93pQ
CRg5+rLHLV3pNH8ut8YWbrQ3BcjCOG7ggclWkgu4eP/VmVMKy5LTHV+zOTG4Mtfn
+nI6tYWZIMfnVIN9iu1jKsjjNxCq5WLjDuGkWiasS10z3rFwWjcvsN0/cPeNLR4J
yAD3XROFPOYjgXvdsO/+2oEk1hRmwylxcnU0GBxaB00w82WCPmogdjnsvZWKbhWP
y+CSpCYkIHhQTMA0btnTY2Da6E3zebOiwlXTK4QMjMk9c6PhgeQe2kyoUJRDnsf9
ByAmT13pMpmu5w/dhMe5T/3tZWkvcz2y8+kyNUUnB1r2OhJ1+sVJYxJQ4QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI/8CiMXsebzOoneCnY7EldfulJiMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEval93S0l4ZXg1dk02aWQ0S2Rqc1NWMS02VW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVYWEAwQA
VYWmAwQAVYXCMA0GCSqGSIb3DQEBCwUAA4IBAQBRrt5GeR6ktqdpYPeBdDqmjzKw
oBpKGPhZEaYLv/I0oXWl6tCXYqkP7eb2FHyheRFItZrBlj8ecViw5aZncAP5KXf0
Tc8z8HxjqrTV/rf1OZJrByThK8NXeRzhWKttULpvlHSMNb2fa3wx3mYmqtCrYHHQ
0bMDrlDwGq3MXkuxPL9opoKqLFJV53QGB5x+U5Ag3aqIoS/KsZib78CRawQLHAQb
LGewMXPaeYqubCO6pMfcQ2RxUu6F+m97ufnuxQlMYdviWVuZFzRAKNs3hwVRCNu9
ldRghb9QVY1i3OHpV4PcNPsHCj+BAgYGaXTyeL1C7haFacEpKQKHP58j2eUh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org