Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/ocqSPGP_S037tJsQzdr-KEdW-vc.roa
File: ocqSPGP_S037tJsQzdr-KEdW-vc.roa (raw, json)
Hash identifier: GLq7sm8w6Sza/rm60QLvczYuUG9uloDfdpdto8EgENQ=
Subject key identifier: A1:CA:92:3C:63:FF:4B:4D:FB:B4:9B:10:CD:DA:FE:28:47:56:FA:F7
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018972091C377D0E271042F548D541942205
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/ocqSPGP_S037tJsQzdr-KEdW-vc.roa
Signing time: Thu 20 Jul 2023 06:42:26 +0000
ROA not before: Thu 20 Jul 2023 06:42:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.237.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
85.133.248.0/22 maxlen: 22
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.209.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.216.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.226.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 24 Jul 2023 14:14:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:72:09:1c:37:7d:0e:27:10:42:f5:48:d5:41:94:22:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jul 20 06:42:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1ca923c63ff4b4dfbb49b10cddafe284756faf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f4:53:02:c3:05:08:ef:18:f6:3d:68:65:8b:
e9:de:85:fb:48:04:03:30:f6:43:eb:b5:7a:1f:c9:
22:40:72:1a:bf:3a:88:8c:ae:cc:53:6d:57:87:ea:
2e:7d:ea:3a:a6:3b:c9:76:ec:b0:26:8c:87:fe:52:
39:f2:f2:e7:96:54:7e:cc:b4:4f:df:55:6a:cd:aa:
b6:0e:2a:76:d6:43:c2:25:ba:85:81:c1:61:8c:54:
b6:9d:4e:5a:b9:42:9f:2c:14:55:62:59:8a:67:b3:
93:65:d9:9b:5c:06:f2:d6:2d:1d:5f:4a:0f:fd:5e:
7a:9c:ff:37:9c:24:fc:fa:b5:10:8e:ad:70:f2:da:
68:52:88:f7:a9:a0:ea:c9:45:a1:16:45:f6:1d:b7:
94:32:07:51:56:2a:6d:47:22:b6:45:19:23:72:39:
15:74:24:29:65:ab:15:fe:1c:1a:2a:65:9d:30:f7:
ee:97:2a:9e:78:2c:c2:a7:1e:8d:b6:88:35:5d:95:
f2:c3:16:5e:4d:4c:ed:ed:7d:78:a6:d4:c5:a8:13:
d0:4e:a0:a3:de:c4:75:8d:0b:23:f9:04:af:8a:cc:
c8:d8:d5:5f:85:02:ea:fd:cf:3a:b6:85:84:32:79:
4b:a5:33:44:7a:74:38:99:e7:1a:b6:43:fb:38:a6:
f4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:CA:92:3C:63:FF:4B:4D:FB:B4:9B:10:CD:DA:FE:28:47:56:FA:F7
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/ocqSPGP_S037tJsQzdr-KEdW-vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
4b:5e:8e:9c:e7:05:5f:5f:31:bc:d8:7f:7f:b8:23:4d:4b:35:
79:85:52:ff:9f:bf:56:5d:bf:ed:7e:36:6e:c5:ed:94:ac:3d:
c5:a3:cf:41:ae:c9:93:f0:a9:22:9d:1c:30:77:bf:c0:76:ab:
d6:7b:f3:9a:19:ce:92:6d:db:46:53:8a:06:30:9d:28:4a:64:
2e:22:b9:91:50:76:1a:63:b3:8b:17:ef:ed:0a:a2:08:4b:c4:
d8:9b:97:ec:a0:50:3b:8b:fa:2c:0b:81:79:72:6f:f4:2c:dc:
4b:f7:05:39:3a:0a:16:cc:44:01:9a:a6:1c:23:fe:90:73:bb:
45:9b:84:bd:43:58:71:85:9e:7c:7d:49:50:cb:4f:04:a9:5b:
af:91:76:5f:6a:32:f4:f2:08:6b:81:f3:2e:fb:ef:a3:88:90:
38:77:93:9a:33:80:d8:e6:70:50:78:be:18:9c:af:aa:69:57:
0b:c0:a2:97:4c:8a:49:f0:20:6c:31:59:60:b4:52:df:aa:47:
ab:df:7f:be:db:1a:2b:69:31:79:92:95:7b:c2:92:bb:7d:45:
02:b2:8e:54:ff:ae:42:86:10:e6:58:57:39:0f:7d:da:69:a4:
bc:65:02:a2:98:6b:05:6d:6a:f7:38:7b:4d:3d:80:ab:d4:cf:
05:c5:2a:9a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYlyCRw3fQ4nEEL1SNVBlCIFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNzIwMDY0MjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWNhOTIzYzYzZmY0YjRkZmJiNDliMTBjZGRhZmUyODQ3NTZmYWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPRTAsMFCO8Y9j1oZYvp3oX7SAQD
MPZD67V6H8kiQHIavzqIjK7MU21Xh+oufeo6pjvJduywJoyH/lI58vLnllR+zLRP
31Vqzaq2Dip21kPCJbqFgcFhjFS2nU5auUKfLBRVYlmKZ7OTZdmbXAby1i0dX0oP
/V56nP83nCT8+rUQjq1w8tpoUoj3qaDqyUWhFkX2HbeUMgdRViptRyK2RRkjcjkV
dCQpZasV/hwaKmWdMPfulyqeeCzCpx6Ntog1XZXywxZeTUzt7X14ptTFqBPQTqCj
3sR1jQsj+QSviszI2NVfhQLq/c86toWEMnlLpTNEenQ4mecatkP7OKb0NQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKHKkjxj/0tN+7SbEM3a/ihHVvr3MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvb2NxU1BHUF9TMDM3dEpzUXpkci1LRWRXLXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQBLXo6c5wVfXzG8
2H9/uCNNSzV5hVL/n79WXb/tfjZuxe2UrD3Fo89BrsmT8KkinRwwd7/AdqvWe/Oa
Gc6SbdtGU4oGMJ0oSmQuIrmRUHYaY7OLF+/tCqIIS8TYm5fsoFA7i/osC4F5cm/0
LNxL9wU5OgoWzEQBmqYcI/6Qc7tFm4S9Q1hxhZ58fUlQy08EqVuvkXZfajL08ghr
gfMu+++jiJA4d5OaM4DY5nBQeL4YnK+qaVcLwKKXTIpJ8CBsMVlgtFLfqker33++
2xoraTF5kpV7wpK7fUUCso5U/65ChhDmWFc5D33aaaS8ZQKimGsFbWr3OHtNPYCr
1M8FxSqa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org