Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/kZ12z4n5fJdEt8Pf5FIcU1uUieI.roa
File: kZ12z4n5fJdEt8Pf5FIcU1uUieI.roa (raw, json)
Hash identifier: W7PLXZs9+vplZR2dW4PM7tiAs0U4TDiVUyIgYqUkHp8=
Subject key identifier: 91:9D:76:CF:89:F9:7C:97:44:B7:C3:DF:E4:52:1C:53:5B:94:89:E2
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018B8AAB7B883337D69CDD02E035A271D759
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/kZ12z4n5fJdEt8Pf5FIcU1uUieI.roa
Signing time: Wed 01 Nov 2023 11:36:15 +0000
ROA not before: Wed 01 Nov 2023 11:36:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 85.133.174.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Nov 2023 12:22:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8a:ab:7b:88:33:37:d6:9c:dd:02:e0:35:a2:71:d7:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Nov 1 11:36:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=919d76cf89f97c9744b7c3dfe4521c535b9489e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:33:11:d4:54:60:24:9b:b5:e4:3b:e1:5b:44:
b8:35:e1:ec:23:bb:e9:39:f5:e4:8f:d1:98:29:25:
d6:00:eb:6b:a0:0d:71:16:58:df:b4:08:f0:1e:05:
d3:21:ba:d1:ac:72:13:72:ba:a7:67:d6:0f:83:3f:
d5:40:c2:44:a7:42:11:90:96:a9:af:f4:80:dc:af:
35:26:d5:11:e4:d7:d8:2f:6d:3d:57:93:bd:6f:8c:
e6:3d:8e:5e:5c:00:f1:f7:9d:e7:c1:81:71:9e:cf:
ee:30:ac:11:45:0e:83:b5:73:61:4b:22:a4:d0:87:
39:46:0e:88:f0:6e:c3:76:04:11:83:3a:d8:26:fa:
82:6f:27:80:63:82:25:ac:b0:c3:f3:8e:72:e0:64:
e1:74:7a:1c:cb:20:a7:22:30:d3:1f:de:68:e2:a4:
30:47:04:71:24:5a:31:05:ee:7a:6e:96:37:0a:12:
e6:7c:a7:36:db:4d:07:c4:bb:6e:87:e5:48:59:fb:
d2:3d:70:a5:92:d8:2e:ab:9a:33:a0:93:0c:86:93:
b7:4d:99:d6:68:50:ee:49:46:80:c9:3e:3c:3b:14:
7a:b1:40:5f:77:26:c6:1b:8b:9d:e7:22:67:a9:01:
d5:7c:74:6c:25:65:df:a5:cc:cb:fb:40:45:1e:f8:
7b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:9D:76:CF:89:F9:7C:97:44:B7:C3:DF:E4:52:1C:53:5B:94:89:E2
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/kZ12z4n5fJdEt8Pf5FIcU1uUieI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.146.0/24
85.133.156.0/24
85.133.161.0/24
85.133.174.0/24
85.133.178.0/23
85.133.208.0/24
85.133.215.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:b8:de:99:63:28:1f:29:01:a2:fb:87:ad:ba:ca:16:36:8e:
2a:7a:e8:87:fb:bd:d7:f9:ff:4e:9e:50:fc:80:e4:b9:be:05:
a7:be:47:f4:d1:a0:0b:94:d6:44:11:c6:66:74:68:88:ad:d3:
d3:92:32:9d:59:f0:bf:48:d3:4e:14:91:33:fd:60:c5:09:e0:
ef:59:18:f0:d4:23:81:3f:89:50:11:55:14:d7:25:5e:dc:78:
f6:99:cb:f6:95:6a:e5:a3:a2:e2:d6:fe:d2:a1:8b:2c:fa:8a:
83:e1:fa:b1:f9:d2:b0:a7:00:70:16:ee:62:ff:5c:ec:12:03:
e5:41:73:36:a1:20:ed:86:c3:0d:da:ec:15:2b:32:20:85:47:
24:35:30:e6:c1:65:b0:37:68:fa:5f:6b:be:37:d3:c6:3d:ed:
40:b7:7d:25:2a:a3:17:e5:c6:67:2f:97:c9:27:0e:f5:92:06:
cf:1c:33:88:02:7f:4f:57:f8:35:b0:ec:09:ac:84:47:06:27:
c7:45:e1:88:fa:d7:b8:d6:45:1d:be:06:25:4d:fe:68:56:bc:
86:1a:38:cf:bd:59:3c:44:ef:2c:1b:1a:bf:ff:09:a5:60:0a:
7e:86:34:3e:bd:9b:9b:2e:f2:a3:69:b6:a5:5f:a7:c1:fe:c2:
35:87:c5:9f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYuKq3uIMzfWnN0C4DWicddZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMxMTAxMTEzNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTlkNzZjZjg5Zjk3Yzk3NDRiN2MzZGZlNDUyMWM1MzViOTQ4OWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDMR1FRgJJu15DvhW0S4NeHsI7vp
OfXkj9GYKSXWAOtroA1xFljftAjwHgXTIbrRrHITcrqnZ9YPgz/VQMJEp0IRkJap
r/SA3K81JtUR5NfYL209V5O9b4zmPY5eXADx953nwYFxns/uMKwRRQ6DtXNhSyKk
0Ic5Rg6I8G7DdgQRgzrYJvqCbyeAY4IlrLDD845y4GThdHocyyCnIjDTH95o4qQw
RwRxJFoxBe56bpY3ChLmfKc2200HxLtuh+VIWfvSPXClktguq5ozoJMMhpO3TZnW
aFDuSUaAyT48OxR6sUBfdybGG4ud5yJnqQHVfHRsJWXfpczL+0BFHvh74wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJGdds+J+XyXRLfD3+RSHFNblIniMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEva1oxMno0bjVmSmRFdDhQZjVGSWNVMXVVaWVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVYWSAwQA
VYWcAwQAVYWhAwQAVYWuAwQBVYWyAwQAVYXQAwQAVYXXMA0GCSqGSIb3DQEBCwUA
A4IBAQB6uN6ZYygfKQGi+4etusoWNo4qeuiH+73X+f9OnlD8gOS5vgWnvkf00aAL
lNZEEcZmdGiIrdPTkjKdWfC/SNNOFJEz/WDFCeDvWRjw1COBP4lQEVUU1yVe3Hj2
mcv2lWrlo6Li1v7SoYss+oqD4fqx+dKwpwBwFu5i/1zsEgPlQXM2oSDthsMN2uwV
KzIghUckNTDmwWWwN2j6X2u+N9PGPe1At30lKqMX5cZnL5fJJw71kgbPHDOIAn9P
V/g1sOwJrIRHBifHReGI+te41kUdvgYlTf5oVryGGjjPvVk8RO8sGxq//wmlYAp+
hjQ+vZubLvKjabalX6fB/sI1h8Wf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org