Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/mG3Od7CT1TGtkLMZsalLilFGMw8.roa
File: mG3Od7CT1TGtkLMZsalLilFGMw8.roa (raw, json)
Hash identifier: IneqnU8+oVdPcXsFvPnvPmnfi41nQEZv+ms6Z55Zv4E=
Subject key identifier: 98:6D:CE:77:B0:93:D5:31:AD:90:B3:19:B1:A9:4B:8A:51:46:33:0F
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018B9978D9A7268DD5C6BE26DFBACC1BB833
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/mG3Od7CT1TGtkLMZsalLilFGMw8.roa
Signing time: Sat 04 Nov 2023 08:35:15 +0000
ROA not before: Sat 04 Nov 2023 08:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.199.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.205.0/24 maxlen: 24
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.202.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 04 Nov 2023 10:19:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:99:78:d9:a7:26:8d:d5:c6:be:26:df:ba:cc:1b:b8:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Nov 4 08:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=986dce77b093d531ad90b319b1a94b8a5146330f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:76:08:de:28:79:44:6a:37:7e:56:4a:12:64:
31:b1:3d:d1:b2:f7:c4:d3:aa:f3:1e:c2:49:e1:f9:
32:6d:ae:c6:55:0a:5a:ba:28:54:d5:43:d2:82:f1:
1e:4e:4b:36:31:24:1c:1c:86:47:c4:45:ca:c2:07:
99:c7:3d:f1:1a:64:0a:9e:68:cb:50:dc:fb:da:26:
8e:54:7a:20:db:c5:cb:c9:53:57:a7:62:52:5c:f7:
f0:a5:2f:2c:e6:de:68:ff:f0:9a:7e:88:c6:0b:5a:
15:46:3c:3e:59:fd:aa:79:a8:30:a0:4c:69:3d:94:
47:63:d7:d9:8a:6a:bb:55:76:cb:b7:77:d3:78:09:
a6:c3:a9:07:ea:c6:60:6e:4d:56:d1:19:0e:8a:e9:
25:f8:bf:43:bb:33:22:0a:c9:e2:3c:50:6d:04:88:
b6:33:de:32:44:1b:7d:ea:7c:d0:be:79:b5:0b:d5:
25:cf:9a:e6:df:81:6b:8c:c5:ab:83:86:52:b2:1c:
d8:35:60:ae:c9:47:99:f4:b5:df:92:94:c2:a7:ee:
d4:66:ef:ee:a1:4e:8f:fb:12:68:25:7e:29:04:94:
4c:ad:3b:ec:57:b6:22:ac:fe:cd:39:36:92:f5:0d:
86:b2:70:c7:f5:5b:b9:7c:ea:8d:a9:4d:e5:6d:50:
91:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:6D:CE:77:B0:93:D5:31:AD:90:B3:19:B1:A9:4B:8A:51:46:33:0F
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/mG3Od7CT1TGtkLMZsalLilFGMw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
84:52:d6:c3:d7:8a:15:4f:1f:62:a9:8a:07:91:6f:6b:70:62:
aa:62:0b:9d:52:b9:a9:29:3e:4f:71:f9:39:58:db:a4:49:cb:
1a:d3:03:54:47:56:1a:07:02:99:53:f7:72:a5:33:e2:d4:df:
c2:77:2d:de:e1:3c:ae:bd:00:0b:2a:06:09:9c:3e:54:86:6c:
05:93:37:c4:17:aa:ec:01:cb:1c:85:ed:d1:40:87:6e:22:d5:
76:9c:cc:36:0b:23:e4:b5:be:e4:10:cc:c0:33:f9:03:cb:49:
57:9d:7c:dc:a7:d2:eb:be:cf:b5:52:b2:44:db:88:3c:2a:35:
0c:9c:75:d5:1c:44:aa:95:04:b7:2b:af:7f:36:5a:ce:c7:d2:
f8:f5:33:4a:14:85:ae:f7:9f:6c:cc:b7:aa:27:b0:67:5e:20:
84:a7:93:d8:4d:e4:97:07:b8:58:89:13:fd:ed:18:17:ea:83:
aa:55:fb:32:f6:e2:c7:b1:96:76:13:c9:cb:54:1b:0a:17:bc:
8f:0b:08:53:d9:7a:22:41:03:0a:4e:b1:17:b1:89:40:95:e3:
78:45:87:f4:99:6c:13:75:54:25:26:b0:c3:ec:28:9f:21:68:
e7:c2:a4:31:99:99:6a:c6:47:02:af:de:38:15:4a:22:c3:a5:
c1:60:a0:2d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYuZeNmnJo3Vxr4m37rMG7gzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMxMTA0MDgzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODZkY2U3N2IwOTNkNTMxYWQ5MGIzMTliMWE5NGI4YTUxNDYzMzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnYI3ih5RGo3flZKEmQxsT3RsvfE
06rzHsJJ4fkyba7GVQpauihU1UPSgvEeTks2MSQcHIZHxEXKwgeZxz3xGmQKnmjL
UNz72iaOVHog28XLyVNXp2JSXPfwpS8s5t5o//CafojGC1oVRjw+Wf2qeagwoExp
PZRHY9fZimq7VXbLt3fTeAmmw6kH6sZgbk1W0RkOiukl+L9DuzMiCsniPFBtBIi2
M94yRBt96nzQvnm1C9Ulz5rm34FrjMWrg4ZSshzYNWCuyUeZ9LXfkpTCp+7UZu/u
oU6P+xJoJX4pBJRMrTvsV7YirP7NOTaS9Q2GsnDH9Vu5fOqNqU3lbVCRYwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJhtznewk9UxrZCzGbGpS4pRRjMPMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvbUczT2Q3Q1QxVEd0a0xNWnNhbExpbEZHTXc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQCEUtbD14oVTx9i
qYoHkW9rcGKqYgudUrmpKT5Pcfk5WNukScsa0wNUR1YaBwKZU/dypTPi1N/Cdy3e
4TyuvQALKgYJnD5UhmwFkzfEF6rsAcsche3RQIduItV2nMw2CyPktb7kEMzAM/kD
y0lXnXzcp9Lrvs+1UrJE24g8KjUMnHXVHESqlQS3K69/NlrOx9L49TNKFIWu959s
zLeqJ7BnXiCEp5PYTeSXB7hYiRP97RgX6oOqVfsy9uLHsZZ2E8nLVBsKF7yPCwhT
2XoiQQMKTrEXsYlAleN4RYf0mWwTdVQlJrDD7CifIWjnwqQxmZlqxkcCr944FUoi
w6XBYKAt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org