Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/lFmpKN7-5om4u48BP46NYap_krY.roa
File: lFmpKN7-5om4u48BP46NYap_krY.roa (raw, json)
Hash identifier: 4BRZVi0xn+OjbcyhJJiPGss/2vEeRof8roozu14Sk9s=
Subject key identifier: 94:59:A9:28:DE:FE:E6:89:B8:BB:8F:01:3F:8E:8D:61:AA:7F:92:B6
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018804B151738CE186F0FCA4369FD052F916
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/lFmpKN7-5om4u48BP46NYap_krY.roa
Signing time: Wed 10 May 2023 08:05:09 +0000
ROA not before: Wed 10 May 2023 08:05:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.236.0/22 maxlen: 22
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/22 maxlen: 22
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.209.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.226.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.136.0/22 maxlen: 22
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.156.0/22 maxlen: 22
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.168.0/22 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 14 May 2023 18:35:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:04:b1:51:73:8c:e1:86:f0:fc:a4:36:9f:d0:52:f9:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: May 10 08:05:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9459a928defee689b8bb8f013f8e8d61aa7f92b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e4:18:04:d7:35:04:a9:47:96:33:9b:b6:7c:
07:32:12:5c:54:28:1b:3c:18:09:58:9e:eb:8a:ee:
4c:d2:56:f5:29:48:9c:40:42:cf:6e:f7:5e:95:02:
a3:66:92:57:2c:60:d6:4b:bb:90:39:2c:76:61:15:
60:9d:8b:ff:4c:da:e0:52:01:3d:42:69:37:c9:71:
2b:88:a5:43:00:4c:0a:c9:5a:14:5a:c7:54:c7:7b:
ae:58:c5:33:8a:49:60:0e:c0:e7:30:b1:3d:f4:8c:
46:28:21:93:31:2a:00:7b:2f:7b:e8:11:8d:e2:a4:
58:44:db:0a:e4:c8:c1:f7:77:ac:17:4a:a6:2e:c6:
28:55:79:6c:c7:97:0a:95:9b:30:8a:e8:a8:29:29:
cc:d5:b5:1a:80:d7:99:76:6a:3c:3c:d7:d2:5f:7a:
9e:87:48:c6:ad:90:46:60:3d:51:ac:48:14:44:80:
a8:2d:b5:ed:7e:14:c4:f8:f0:2e:ad:44:2b:b2:bd:
3a:2b:78:10:22:01:35:56:3b:53:90:a9:8c:a7:42:
3f:47:34:5c:9c:5d:d6:e7:08:a1:46:7b:39:4d:c1:
08:f4:00:4b:41:0b:f9:77:ce:21:5e:69:00:fe:50:
d8:a1:9f:35:08:c9:b4:4f:94:f6:16:99:fa:63:e8:
8b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:59:A9:28:DE:FE:E6:89:B8:BB:8F:01:3F:8E:8D:61:AA:7F:92:B6
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/lFmpKN7-5om4u48BP46NYap_krY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
9a:54:1d:62:da:e6:fe:e3:5e:60:07:0e:5c:08:de:83:0c:08:
cd:88:2a:f6:6f:7b:09:85:81:52:47:5e:53:ee:51:ef:94:04:
ab:ab:ac:2e:a3:fd:a1:05:80:f4:b6:e6:45:ab:0b:ae:77:52:
5e:91:27:55:21:88:51:ca:eb:41:c8:2d:7a:90:09:17:0a:a0:
e7:9b:3f:c7:a2:d6:5d:0a:fc:20:16:9a:52:98:aa:34:91:2c:
b9:45:0b:cc:65:37:e0:7f:f1:b0:46:f9:50:f8:71:5f:ae:53:
6e:80:f6:93:a6:92:eb:86:2b:33:e8:19:f6:51:ee:a2:85:74:
0c:2d:4e:d0:95:c7:08:37:aa:ac:25:80:73:c4:62:c0:20:39:
d7:36:b8:4a:67:1f:eb:2a:3c:e6:bc:e7:89:df:5f:f8:ca:55:
6f:b2:82:8e:2d:30:7d:85:c3:2a:97:79:7a:bc:42:96:0a:95:
f7:0e:25:2c:f6:7a:af:25:e4:ae:d9:c2:7d:d3:d4:4d:38:f3:
db:f3:90:9b:80:86:ce:b1:b0:20:1c:7d:ff:2e:8d:d5:8b:a1:
85:30:67:9e:5d:47:62:e0:c7:8b:12:73:c5:31:1a:8b:97:6c:
33:50:2a:36:91:4e:3c:47:20:30:79:22:62:46:18:be:81:6d:
6d:d3:f9:33
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYgEsVFzjOGG8PykNp/QUvkWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNTEwMDgwNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDU5YTkyOGRlZmVlNjg5YjhiYjhmMDEzZjhlOGQ2MWFhN2Y5MmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0eQYBNc1BKlHljObtnwHMhJcVCgb
PBgJWJ7riu5M0lb1KUicQELPbvdelQKjZpJXLGDWS7uQOSx2YRVgnYv/TNrgUgE9
Qmk3yXEriKVDAEwKyVoUWsdUx3uuWMUziklgDsDnMLE99IxGKCGTMSoAey976BGN
4qRYRNsK5MjB93esF0qmLsYoVXlsx5cKlZswiuioKSnM1bUagNeZdmo8PNfSX3qe
h0jGrZBGYD1RrEgURICoLbXtfhTE+PAurUQrsr06K3gQIgE1VjtTkKmMp0I/RzRc
nF3W5wihRns5TcEI9ABLQQv5d84hXmkA/lDYoZ81CMm0T5T2Fpn6Y+iLlQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJRZqSje/uaJuLuPAT+OjWGqf5K2MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvbEZtcEtONy01b200dTQ4QlA0Nk5ZYXBfa3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQCaVB1i2ub+415gBw5cCN6D
DAjNiCr2b3sJhYFSR15T7lHvlASrq6wuo/2hBYD0tuZFqwuud1JekSdVIYhRyutB
yC16kAkXCqDnmz/HotZdCvwgFppSmKo0kSy5RQvMZTfgf/GwRvlQ+HFfrlNugPaT
ppLrhisz6Bn2Ue6ihXQMLU7QlccIN6qsJYBzxGLAIDnXNrhKZx/rKjzmvOeJ31/4
ylVvsoKOLTB9hcMql3l6vEKWCpX3DiUs9nqvJeSu2cJ909RNOPPb85CbgIbOsbAg
HH3/Lo3Vi6GFMGeeXUdi4MeLEnPFMRqLl2wzUCo2kU48RyAweSJiRhi+gW1t0/kz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org