Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/lZIP5XChii13zVPSrwxEIRBldK8.roa
File: lZIP5XChii13zVPSrwxEIRBldK8.roa (raw, json)
Hash identifier: SIpNJ0euBoKLBRsH41aDdDK1u8Y+ImLTA7Ljx+hsj/s=
Subject key identifier: 95:92:0F:E5:70:A1:8A:2D:77:CD:53:D2:AF:0C:44:21:10:65:74:AF
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018CE842CB7B84B8BD08624F1570C21353A6
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/lZIP5XChii13zVPSrwxEIRBldK8.roa
Signing time: Mon 08 Jan 2024 08:49:00 +0000
ROA not before: Mon 08 Jan 2024 08:49:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.242.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.204.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.202.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.224.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 10 Jan 2024 10:50:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e8:42:cb:7b:84:b8:bd:08:62:4f:15:70:c2:13:53:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 8 08:49:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95920fe570a18a2d77cd53d2af0c4421106574af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d1:55:5b:3b:d7:2f:bb:2e:52:87:1a:8a:c5:
74:4c:db:b0:17:d3:53:87:31:c4:a6:b8:96:df:4f:
5e:41:3b:96:a9:a1:cb:62:af:30:62:13:88:f2:b4:
93:16:88:ee:2a:3f:22:43:f1:3a:05:a7:84:bb:cd:
35:df:cf:6d:9e:bd:fe:6c:7d:31:f9:15:9d:6b:2c:
a1:82:d9:71:04:14:78:02:d1:eb:33:6a:01:3d:74:
af:71:59:62:26:ea:22:59:02:d9:b4:53:cf:dc:20:
88:ff:20:6b:fb:99:5d:ad:14:9d:79:56:18:c7:57:
ba:67:f2:85:0a:15:9d:ca:5f:a0:f5:c8:2f:90:4c:
bf:bc:a2:a0:24:1f:f8:b9:fb:1c:c1:30:96:7f:2c:
ea:a7:34:4f:b7:23:36:d8:36:dd:dd:68:12:a6:79:
4c:b4:6b:85:47:84:bf:e8:1d:81:31:a6:15:cc:d5:
76:76:27:c6:ba:8a:17:6a:e2:1f:b2:b0:74:62:63:
8f:db:dd:ed:a2:08:29:39:04:96:28:c9:2f:72:f3:
12:09:73:e0:84:b7:44:c4:15:ba:0b:c8:fd:e3:63:
37:b8:f5:45:8d:9d:61:99:aa:9d:86:fe:4e:f6:ef:
b8:f1:9d:21:4e:da:57:3f:cf:c1:ce:02:c4:28:45:
4f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:92:0F:E5:70:A1:8A:2D:77:CD:53:D2:AF:0C:44:21:10:65:74:AF
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/lZIP5XChii13zVPSrwxEIRBldK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
8b:b1:b8:58:9e:28:d8:a6:1e:07:3b:1b:12:ca:77:63:5e:e0:
5e:ac:d9:54:dc:3c:b4:4d:36:28:d9:f1:a5:fa:8f:14:65:f0:
59:53:8c:41:86:f9:90:ae:fb:7e:d3:49:e3:8c:d0:71:83:bb:
36:2b:a1:73:a8:ea:05:26:b3:84:f7:ca:02:7f:15:ce:8e:19:
a1:5c:a9:85:07:63:b4:91:af:15:c5:30:86:f9:d7:18:a0:7e:
b9:ae:e2:4d:d7:24:94:e7:23:20:7f:c7:12:4a:ee:0e:c9:94:
51:20:12:f5:5c:43:c7:8c:cb:b7:33:25:43:ad:ff:aa:71:7c:
1a:bf:3f:0c:18:df:93:dd:c1:02:63:52:b3:4b:71:93:b0:27:
4c:b9:0e:4e:46:16:7e:55:d4:f5:bb:43:1a:0e:05:57:12:9f:
c6:d4:94:b2:a1:7d:f5:40:01:2d:dd:04:99:de:cc:0f:a4:84:
ad:f8:8d:8b:c1:b4:f4:08:82:07:ca:30:c3:a9:21:1d:6c:0b:
7b:de:6c:f6:b4:14:d5:54:c3:e5:ae:45:c2:73:0a:d2:79:2b:
9f:41:6c:f8:f3:16:22:31:98:4b:ef:0f:fd:15:f1:62:27:33:
f6:23:fd:a0:2c:85:0b:ac:cf:b1:13:96:d6:eb:c4:91:7f:63:
bc:3a:3f:4b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzoQst7hLi9CGJPFXDCE1OmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMTA4MDg0OTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTkyMGZlNTcwYTE4YTJkNzdjZDUzZDJhZjBjNDQyMTEwNjU3NGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdFVWzvXL7suUocaisV0TNuwF9NT
hzHEpriW309eQTuWqaHLYq8wYhOI8rSTFojuKj8iQ/E6BaeEu801389tnr3+bH0x
+RWdayyhgtlxBBR4AtHrM2oBPXSvcVliJuoiWQLZtFPP3CCI/yBr+5ldrRSdeVYY
x1e6Z/KFChWdyl+g9cgvkEy/vKKgJB/4ufscwTCWfyzqpzRPtyM22Dbd3WgSpnlM
tGuFR4S/6B2BMaYVzNV2difGuooXauIfsrB0YmOP293toggpOQSWKMkvcvMSCXPg
hLdExBW6C8j942M3uPVFjZ1hmaqdhv5O9u+48Z0hTtpXP8/BzgLEKEVP+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJWSD+VwoYotd81T0q8MRCEQZXSvMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvbFpJUDVYQ2hpaTEzelZQU3J3eEVJUkJsZEs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQCLsbhYnijYph4H
OxsSyndjXuBerNlU3Dy0TTYo2fGl+o8UZfBZU4xBhvmQrvt+00njjNBxg7s2K6Fz
qOoFJrOE98oCfxXOjhmhXKmFB2O0ka8VxTCG+dcYoH65ruJN1ySU5yMgf8cSSu4O
yZRRIBL1XEPHjMu3MyVDrf+qcXwavz8MGN+T3cECY1KzS3GTsCdMuQ5ORhZ+VdT1
u0MaDgVXEp/G1JSyoX31QAEt3QSZ3swPpISt+I2LwbT0CIIHyjDDqSEdbAt73mz2
tBTVVMPlrkXCcwrSeSufQWz48xYiMZhL7w/9FfFiJzP2I/2gLIULrM+xE5bW68SR
f2O8Oj9L
-----END CERTIFICATE-----
Generated at Wed Jan 10 13:27:12 2024 by rpki-client on console-fra.rpki-client.org