Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/lcqlqKSpuFEHKreoNXAXF53pKPY.roa
File: lcqlqKSpuFEHKreoNXAXF53pKPY.roa (raw, json)
Hash identifier: TKcq2jg9JP3KFRXkKPT3itcGXWfyVbJSeFLni+UAE9U=
Subject key identifier: 95:CA:A5:A8:A4:A9:B8:51:07:2A:B7:A8:35:70:17:17:9D:E9:28:F6
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018D751301EE2654113F3DAB15260CEAC3F0
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/lcqlqKSpuFEHKreoNXAXF53pKPY.roa
Signing time: Sun 04 Feb 2024 17:03:16 +0000
ROA not before: Sun 04 Feb 2024 17:03:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.202.0/24 maxlen: 24
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.206.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.224.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.240.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 05 Feb 2024 10:32:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:75:13:01:ee:26:54:11:3f:3d:ab:15:26:0c:ea:c3:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Feb 4 17:03:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95caa5a8a4a9b851072ab7a8357017179de928f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0e:ee:9a:88:d8:6f:9f:0e:47:61:e2:bc:67:
a3:40:02:a4:42:0b:51:00:27:51:e7:eb:03:18:db:
86:17:bf:20:06:07:89:ce:7f:c9:f0:9f:7b:cf:a4:
d9:54:66:64:73:5b:81:47:ef:ed:76:14:73:d6:42:
38:f3:a8:f8:c7:a2:09:81:8a:60:ae:ba:1b:52:23:
a5:38:8a:14:e7:ed:44:1c:13:63:cb:f1:20:bf:76:
dc:e5:4d:44:c1:d0:85:44:32:1f:30:73:f7:bf:cc:
35:d2:e5:ea:44:47:ca:f4:09:9a:28:b3:31:d7:9b:
cc:db:b4:f8:ff:5e:3c:75:2d:56:eb:a3:26:34:47:
5d:cc:b6:5c:03:ec:80:b1:5e:e3:f7:66:45:42:a4:
55:b2:61:b8:08:0b:e9:22:45:9d:d0:ff:48:96:1b:
a8:8a:79:7b:0e:d1:83:e1:57:7b:71:4f:af:da:70:
62:02:f9:e8:2c:6b:99:a5:f5:ff:ca:5b:2a:a9:7f:
9e:8b:f4:7d:56:59:23:81:b9:14:e2:89:e0:79:09:
ea:7d:1b:e9:9b:f2:70:ee:4a:40:3b:d1:d2:29:ab:
e7:cb:bd:1e:c6:2d:93:62:9e:ba:44:57:ce:bf:f6:
dd:c3:f6:13:7f:94:29:6c:48:01:34:b9:29:1a:e1:
71:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:CA:A5:A8:A4:A9:B8:51:07:2A:B7:A8:35:70:17:17:9D:E9:28:F6
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/lcqlqKSpuFEHKreoNXAXF53pKPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
38:99:08:c7:94:58:f0:12:69:d3:0a:0b:f9:82:21:f2:1d:8f:
3a:7f:14:a8:df:e4:6f:77:ff:1b:16:86:51:1c:95:c0:62:d1:
cc:08:00:5b:3e:5f:68:c3:aa:6a:95:b0:19:88:64:64:ad:9b:
9f:db:b4:87:85:bc:cc:b7:38:e1:aa:ab:92:00:97:3a:c4:48:
64:27:f2:28:24:eb:42:47:0a:f5:3e:13:0a:51:06:6f:78:d8:
8e:68:62:77:51:2f:6c:09:64:58:45:57:83:1d:96:55:ad:57:
c7:20:46:ce:d7:23:ab:00:b9:42:35:2d:91:6a:75:b5:a8:a6:
51:04:b2:b8:ad:8a:96:0b:c2:e7:40:14:fe:1a:bd:bf:55:91:
db:53:67:fb:4c:7a:ab:78:28:15:2f:b6:7f:be:fe:9e:98:16:
86:34:50:7e:3c:59:ce:16:c2:92:d9:70:96:5c:67:75:ea:33:
d9:7b:a7:8c:82:19:77:06:a6:4c:18:ac:eb:84:cb:a2:f2:d4:
88:c4:66:ab:1e:fb:02:48:c8:c2:4f:32:9c:b9:f6:3b:8f:1b:
9f:26:66:43:d6:a0:da:d0:1e:ed:db:36:db:bf:6a:b7:cb:66:
3e:39:0c:20:2d:e4:7b:d7:7b:49:1e:f1:46:6d:22:41:23:9d:
e3:c8:91:92
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY11EwHuJlQRPz2rFSYM6sPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMjA0MTcwMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWNhYTVhOGE0YTliODUxMDcyYWI3YTgzNTcwMTcxNzlkZTkyOGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmA7umojYb58OR2HivGejQAKkQgtR
ACdR5+sDGNuGF78gBgeJzn/J8J97z6TZVGZkc1uBR+/tdhRz1kI486j4x6IJgYpg
rrobUiOlOIoU5+1EHBNjy/Egv3bc5U1EwdCFRDIfMHP3v8w10uXqREfK9AmaKLMx
15vM27T4/148dS1W66MmNEddzLZcA+yAsV7j92ZFQqRVsmG4CAvpIkWd0P9Ilhuo
inl7DtGD4Vd7cU+v2nBiAvnoLGuZpfX/ylsqqX+ei/R9VlkjgbkU4ongeQnqfRvp
m/Jw7kpAO9HSKavny70exi2TYp66RFfOv/bdw/YTf5QpbEgBNLkpGuFxywIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJXKpaikqbhRByq3qDVwFxed6Sj2MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvbGNxbHFLU3B1RkVIS3Jlb05YQVhGNTNwS1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQA4mQjHlFjwEmnT
Cgv5giHyHY86fxSo3+Rvd/8bFoZRHJXAYtHMCABbPl9ow6pqlbAZiGRkrZuf27SH
hbzMtzjhqquSAJc6xEhkJ/IoJOtCRwr1PhMKUQZveNiOaGJ3US9sCWRYRVeDHZZV
rVfHIEbO1yOrALlCNS2RanW1qKZRBLK4rYqWC8LnQBT+Gr2/VZHbU2f7THqreCgV
L7Z/vv6emBaGNFB+PFnOFsKS2XCWXGd16jPZe6eMghl3BqZMGKzrhMui8tSIxGar
HvsCSMjCTzKcufY7jxufJmZD1qDa0B7t2zbbv2q3y2Y+OQwgLeR713tJHvFGbSJB
I53jyJGS
-----END CERTIFICATE-----
Generated at Mon Feb 5 14:32:37 2024 by rpki-client on console-fra.rpki-client.org