Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/jnidCgYs0qynehbAU8I_i_jjYJM.roa
File: jnidCgYs0qynehbAU8I_i_jjYJM.roa (raw, json)
Hash identifier: er/sL/tLjUKLcIowu9vf7caGsV5z5n736gA/SArsiT4=
Subject key identifier: 8E:78:9D:0A:06:2C:D2:AC:A7:7A:16:C0:53:C2:3F:8B:F8:E3:60:93
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018E0F7E545A68A6D86A0BFABF803DC0CE12
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/jnidCgYs0qynehbAU8I_i_jjYJM.roa
Signing time: Tue 05 Mar 2024 16:42:01 +0000
ROA not before: Tue 05 Mar 2024 16:42:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.206.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.224.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.240.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 09 Mar 2024 06:33:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0f:7e:54:5a:68:a6:d8:6a:0b:fa:bf:80:3d:c0:ce:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Mar 5 16:42:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e789d0a062cd2aca77a16c053c23f8bf8e36093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a9:23:8c:57:8f:cf:ae:77:b9:7f:49:24:6a:
af:8d:d5:27:eb:d6:e5:fc:9a:01:9f:70:e5:22:ab:
24:a6:83:64:a2:23:14:5c:fb:51:c6:67:07:f5:6e:
96:55:85:9b:aa:4c:df:b8:f2:26:56:d9:c7:e5:a0:
32:ec:e0:02:ae:49:be:e7:51:25:c3:8d:74:a7:1b:
86:bf:fc:90:a7:02:41:19:e5:26:90:a6:9e:c0:5f:
68:a9:a4:ec:12:45:c6:bf:0a:fa:bd:1a:c6:23:3a:
91:22:a4:a1:c9:88:4f:07:8a:60:df:f5:fd:b1:21:
fa:8a:42:6e:a0:2b:cb:71:30:67:a5:5b:87:53:64:
ae:ef:e8:35:ec:46:fb:d6:dc:7e:da:d7:5b:42:df:
a3:11:65:1d:57:5f:15:32:52:c6:50:33:5a:ac:54:
0e:59:c7:4a:40:27:aa:84:9b:15:d9:5d:f4:6b:d3:
d3:21:cf:02:60:3f:38:cd:b0:e5:e9:76:c4:51:8c:
89:6a:80:27:30:fb:47:9c:32:e2:30:ba:fc:c3:92:
3b:8c:c9:77:58:54:15:c7:9b:5c:6a:b4:bd:3e:5b:
63:01:84:a0:45:c1:e9:0d:80:af:25:a5:e0:e9:59:
57:cb:38:fa:43:8a:d8:00:ef:e8:63:c0:30:ae:7e:
ed:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:78:9D:0A:06:2C:D2:AC:A7:7A:16:C0:53:C2:3F:8B:F8:E3:60:93
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/jnidCgYs0qynehbAU8I_i_jjYJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.1.0-185.41.3.255
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
42:4d:88:d8:a7:7f:e8:6e:4a:01:77:d2:76:8b:6b:fa:0a:79:
92:91:e7:de:7b:a6:a5:9c:7e:b3:42:e3:78:5d:a6:1d:fa:14:
ee:b2:fd:8e:b7:43:24:19:59:a3:ef:ee:30:cc:ee:f1:0b:9a:
60:e6:f1:64:fd:2f:fb:45:5d:ae:09:a3:5a:65:a8:f0:ba:b2:
96:c9:69:b9:d1:28:1c:c2:a4:15:ff:86:c1:a9:5f:bc:c2:30:
a7:fa:49:4b:ba:29:00:0d:55:fe:31:9b:f4:e2:89:42:cd:c5:
99:c0:0f:bc:38:74:19:f4:6c:67:bc:15:1a:18:61:10:c7:36:
fd:7a:17:60:b8:4b:0b:72:c8:a6:25:58:8f:74:be:39:36:fe:
af:16:15:17:06:2e:9b:f4:5b:a7:48:71:cf:c0:b4:18:49:82:
a3:25:50:0c:13:d7:6d:45:3b:d4:5b:2d:8c:76:7a:2d:f3:d6:
3b:54:94:df:93:d5:a9:06:00:4a:aa:60:e4:c6:96:d9:ca:a6:
89:86:5c:02:c5:2c:78:07:55:5b:e0:78:ba:51:c8:67:bd:f4:
d1:aa:bb:97:e1:7c:b9:1c:f9:26:51:89:3d:6e:f6:2a:86:e7:
d2:20:77:9a:59:86:35:41:1a:a5:29:b9:87:85:5b:cd:29:16:
d0:24:cb:13
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY4PflRaaKbYagv6v4A9wM4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMzA1MTY0MjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTc4OWQwYTA2MmNkMmFjYTc3YTE2YzA1M2MyM2Y4YmY4ZTM2MDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqkjjFePz653uX9JJGqvjdUn69bl
/JoBn3DlIqskpoNkoiMUXPtRxmcH9W6WVYWbqkzfuPImVtnH5aAy7OACrkm+51El
w410pxuGv/yQpwJBGeUmkKaewF9oqaTsEkXGvwr6vRrGIzqRIqShyYhPB4pg3/X9
sSH6ikJuoCvLcTBnpVuHU2Su7+g17Eb71tx+2tdbQt+jEWUdV18VMlLGUDNarFQO
WcdKQCeqhJsV2V30a9PTIc8CYD84zbDl6XbEUYyJaoAnMPtHnDLiMLr8w5I7jMl3
WFQVx5tcarS9PltjAYSgRcHpDYCvJaXg6VlXyzj6Q4rYAO/oY8Awrn7t/QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFI54nQoGLNKsp3oWwFPCP4v442CTMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvam5pZENnWXMwcXluZWhiQVU4SV9pX2pqWUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQHVYWAMAwD
BAC5KQEDBAK5KQAwDQQCAAIwBwMFAyoEh8AwDQYJKoZIhvcNAQELBQADggEBAEJN
iNinf+huSgF30naLa/oKeZKR5957pqWcfrNC43hdph36FO6y/Y63QyQZWaPv7jDM
7vELmmDm8WT9L/tFXa4Jo1plqPC6spbJabnRKBzCpBX/hsGpX7zCMKf6SUu6KQAN
Vf4xm/TiiULNxZnAD7w4dBn0bGe8FRoYYRDHNv16F2C4SwtyyKYlWI90vjk2/q8W
FRcGLpv0W6dIcc/AtBhJgqMlUAwT121FO9RbLYx2ei3z1jtUlN+T1akGAEqqYOTG
ltnKpomGXALFLHgHVVvgeLpRyGe99NGqu5fhfLkc+SZRiT1u9iqG59Igd5pZhjVB
GqUpuYeFW80pFtAkyxM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org