Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/lDtuAPFxakNd8dWbjGzo_yg8xdY.roa
File: lDtuAPFxakNd8dWbjGzo_yg8xdY.roa (raw, json)
Hash identifier: HbhehIeNvMOw5ovT/XdNrK0FirDSZIapGh3K391pzts=
Subject key identifier: 94:3B:6E:00:F1:71:6A:43:5D:F1:D5:9B:8C:6C:E8:FF:28:3C:C5:D6
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018C7833BF134807A2BFC8EBDDF3E071AF16
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/lDtuAPFxakNd8dWbjGzo_yg8xdY.roa
Signing time: Sun 17 Dec 2023 14:35:06 +0000
ROA not before: Sun 17 Dec 2023 14:35:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51889
IP address blocks: 85.133.199.0/24 maxlen: 24
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Dec 2023 15:12:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:78:33:bf:13:48:07:a2:bf:c8:eb:dd:f3:e0:71:af:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Dec 17 14:35:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=943b6e00f1716a435df1d59b8c6ce8ff283cc5d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:78:b7:ab:dd:81:db:e2:68:ba:77:0f:80:51:
2a:55:9e:ff:f9:df:ab:4a:24:7b:1e:b7:51:74:30:
7a:0e:6d:5a:a6:33:31:cd:88:5a:7f:5c:f1:0e:b6:
db:c5:08:ad:8c:82:76:f6:61:3b:b2:2c:93:e3:d8:
51:91:25:d0:5a:08:5d:d2:73:01:ac:ba:82:7f:43:
a9:f5:a6:0b:e6:09:51:e8:36:9c:ce:b1:76:66:3f:
7f:f6:ad:29:c7:2a:64:f4:fd:46:6b:1f:65:cf:18:
ad:9b:6e:1c:b8:30:aa:78:6a:c0:53:2a:08:6a:1d:
dc:52:8c:e7:a7:99:7f:3e:be:08:72:70:03:6f:40:
03:8d:d0:fd:25:01:3e:72:46:b9:fd:ae:0e:79:06:
62:82:83:97:72:64:d8:6a:1f:9a:44:ea:91:21:37:
49:ed:8b:6e:06:b7:59:a4:f0:93:5a:db:0b:e2:0a:
fa:05:a2:f1:62:b5:4b:5c:11:1f:7d:22:78:c7:cc:
d3:38:18:45:88:9b:0f:ff:e6:d6:86:d5:48:a7:62:
3e:6f:07:f0:06:d9:9e:1f:6c:f7:05:5e:b4:a8:3c:
a0:15:c6:19:25:37:dd:cf:0c:b0:45:7f:aa:7c:cf:
15:44:ae:81:cb:6b:82:d6:dd:c6:b5:60:b4:65:8b:
de:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:3B:6E:00:F1:71:6A:43:5D:F1:D5:9B:8C:6C:E8:FF:28:3C:C5:D6
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/lDtuAPFxakNd8dWbjGzo_yg8xdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.199.0/24
85.133.203.0-85.133.205.255
Signature Algorithm: sha256WithRSAEncryption
54:2c:b3:8d:bb:8f:21:77:f1:0e:76:ad:94:b3:b3:f7:42:27:
fa:12:22:1f:d7:dc:28:6c:41:66:61:29:60:f2:b8:08:b3:47:
48:aa:2e:71:c9:ee:0e:bc:de:8a:18:5e:27:b2:07:33:56:a2:
e2:e6:43:f3:f8:0d:cb:b2:b9:6a:9d:6d:df:ca:f7:26:22:1e:
44:56:c6:9b:91:e2:ca:66:63:52:ba:ee:9b:7c:26:83:c7:a8:
0b:76:78:c5:41:3d:56:07:f1:ca:4c:0a:01:33:0e:eb:75:d2:
e2:fd:b5:07:5e:ba:ac:30:f4:8b:6e:1f:49:aa:ca:bf:74:ee:
6c:75:6d:1a:54:21:f9:21:6c:09:e4:33:f7:35:73:76:f1:be:
f2:b7:65:d4:9f:06:36:a9:9d:16:3d:91:78:f2:ab:8f:7f:4b:
d0:10:6d:8a:8f:90:e8:37:00:27:c4:79:17:dd:b9:13:22:48:
74:30:1e:a1:e1:6f:b5:5e:fe:fb:c9:f0:f0:19:97:a6:f5:cb:
e8:bc:fd:02:90:52:b8:1f:88:f8:61:52:fd:a9:61:03:b7:1b:
d4:e5:d6:7f:0a:e4:99:4a:39:ff:b6:5b:21:f5:28:28:c7:2d:
0a:ca:a0:80:cb:1a:fb:73:46:55:aa:b9:84:dd:af:6e:d5:6c:
f1:61:98:8e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYx4M78TSAeiv8jr3fPgca8WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMxMjE3MTQzNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDNiNmUwMGYxNzE2YTQzNWRmMWQ1OWI4YzZjZThmZjI4M2NjNWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3i3q92B2+JouncPgFEqVZ7/+d+r
SiR7HrdRdDB6Dm1apjMxzYhaf1zxDrbbxQitjIJ29mE7siyT49hRkSXQWghd0nMB
rLqCf0Op9aYL5glR6DaczrF2Zj9/9q0pxypk9P1Gax9lzxitm24cuDCqeGrAUyoI
ah3cUoznp5l/Pr4IcnADb0ADjdD9JQE+cka5/a4OeQZigoOXcmTYah+aROqRITdJ
7YtuBrdZpPCTWtsL4gr6BaLxYrVLXBEffSJ4x8zTOBhFiJsP/+bWhtVIp2I+bwfw
BtmeH2z3BV60qDygFcYZJTfdzwywRX+qfM8VRK6By2uC1t3GtWC0ZYve1QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJQ7bgDxcWpDXfHVm4xs6P8oPMXWMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvbER0dUFQRnhha05kOGRXYmpHem9feWc4eGRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAVYXHMAwD
BABVhcsDBAFVhcwwDQYJKoZIhvcNAQELBQADggEBAFQss427jyF38Q52rZSzs/dC
J/oSIh/X3ChsQWZhKWDyuAizR0iqLnHJ7g683ooYXieyBzNWouLmQ/P4DcuyuWqd
bd/K9yYiHkRWxpuR4spmY1K67pt8JoPHqAt2eMVBPVYH8cpMCgEzDut10uL9tQde
uqww9ItuH0mqyr907mx1bRpUIfkhbAnkM/c1c3bxvvK3ZdSfBjapnRY9kXjyq49/
S9AQbYqPkOg3ACfEeRfduRMiSHQwHqHhb7Ve/vvJ8PAZl6b1y+i8/QKQUrgfiPhh
Uv2pYQO3G9Tl1n8K5JlKOf+2WyH1KCjHLQrKoIDLGvtzRlWquYTdr27VbPFhmI4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org