Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/oyMTnbD-jwllwNAQJgmMImrzdDw.roa
File: oyMTnbD-jwllwNAQJgmMImrzdDw.roa (raw, json)
Hash identifier: JW+oj0Tfh6B/xETRp94YvI3Ji5oGHPN+cItT9cpCpLg=
Subject key identifier: A3:23:13:9D:B0:FE:8F:09:65:C0:D0:10:26:09:8C:22:6A:F3:74:3C
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 019248668041C539221927AAE59B61EDE44A
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/oyMTnbD-jwllwNAQJgmMImrzdDw.roa
Signing time: Tue 01 Oct 2024 14:05:29 +0000
ROA not before: Tue 01 Oct 2024 14:05:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 09 Oct 2024 07:15:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:48:66:80:41:c5:39:22:19:27:aa:e5:9b:61:ed:e4:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Oct 1 14:05:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a323139db0fe8f0965c0d01026098c226af3743c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:74:8c:c7:33:9c:54:67:e3:7c:5e:b7:c5:a3:
f2:35:be:39:c4:05:81:b7:10:93:56:df:f2:f6:28:
7b:b6:b1:14:79:ed:ed:58:20:d7:c1:65:d3:46:4e:
fa:e5:5e:0f:92:5a:bb:52:16:8a:4f:b0:4c:46:72:
a1:56:c6:61:51:88:9c:43:9f:87:4b:2f:00:8a:19:
b9:f4:28:20:e3:9b:2c:71:d9:a5:15:da:f1:c5:f8:
00:c2:c5:4b:e1:47:b0:d7:88:40:37:63:d0:1b:61:
79:79:6f:92:bb:b8:47:67:73:57:fa:b7:bd:0f:25:
af:23:03:12:6c:75:c4:94:73:65:4e:68:38:20:8b:
57:56:ad:0e:9b:84:d3:37:0a:39:58:24:07:9d:75:
e4:4a:1d:18:e4:34:8f:79:47:93:ba:aa:f7:f5:fe:
45:3d:fd:82:72:7c:2c:1d:da:14:65:b0:16:ec:26:
55:97:63:3a:23:e1:59:a0:e6:e8:09:e1:58:81:28:
ae:f0:31:81:9c:00:61:94:81:ac:3e:52:de:0e:f4:
0a:0e:1b:be:90:94:b3:a9:6d:62:0f:12:dc:d7:9b:
6f:15:30:21:c8:a2:1c:1a:b8:a6:e9:b1:55:ef:b6:
7c:06:be:8d:53:f5:e0:96:61:6b:0d:9a:d7:d1:8f:
68:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:23:13:9D:B0:FE:8F:09:65:C0:D0:10:26:09:8C:22:6A:F3:74:3C
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/oyMTnbD-jwllwNAQJgmMImrzdDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
84:b3:94:0b:96:09:f2:b0:59:49:79:45:80:55:b0:f8:c9:48:
95:d5:cd:7f:93:01:6b:c3:f4:a3:39:e9:38:ed:ad:55:24:36:
6b:ba:cb:91:32:68:a1:e5:e0:fb:13:bf:e0:08:bb:a8:53:48:
05:8d:ab:8a:73:82:f0:c6:eb:d5:88:30:61:6b:45:82:02:f8:
dd:55:7b:32:2e:07:cc:af:7b:91:67:31:20:e2:44:de:e7:db:
5c:c8:ff:f8:b3:7d:5d:ff:d8:43:1d:f1:7e:68:ad:4c:b1:fc:
5d:62:80:8e:57:af:50:dc:52:cb:f8:b6:ed:17:8c:be:49:0b:
fb:42:a6:01:87:46:ae:99:04:9d:07:09:7a:b6:c0:db:41:a2:
19:8c:0e:9b:4f:be:67:0d:d7:22:1d:7e:2e:14:44:4a:df:2a:
b3:64:e7:19:21:7d:3f:a7:fe:25:20:e5:9d:14:d7:bf:09:72:
3e:55:10:00:4a:0e:58:50:be:f9:f2:b8:a0:a3:6c:00:bf:97:
b8:49:51:ab:44:7f:6c:54:94:7f:8a:e6:35:76:56:ee:5a:02:
2f:48:11:3c:45:33:05:a5:f8:b5:7a:8d:2a:c9:da:0e:de:85:
9b:50:bb:db:ed:48:8f:a4:01:01:fc:ff:d9:75:a5:de:5c:52:
e4:ad:17:ca
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZJIZoBBxTkiGSeq5Zth7eRKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQxMDAxMTQwNTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzIzMTM5ZGIwZmU4ZjA5NjVjMGQwMTAyNjA5OGMyMjZhZjM3NDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnSMxzOcVGfjfF63xaPyNb45xAWB
txCTVt/y9ih7trEUee3tWCDXwWXTRk765V4Pklq7UhaKT7BMRnKhVsZhUYicQ5+H
Sy8Aihm59Cgg45sscdmlFdrxxfgAwsVL4Uew14hAN2PQG2F5eW+Su7hHZ3NX+re9
DyWvIwMSbHXElHNlTmg4IItXVq0Om4TTNwo5WCQHnXXkSh0Y5DSPeUeTuqr39f5F
Pf2CcnwsHdoUZbAW7CZVl2M6I+FZoOboCeFYgSiu8DGBnABhlIGsPlLeDvQKDhu+
kJSzqW1iDxLc15tvFTAhyKIcGrim6bFV77Z8Br6NU/XglmFrDZrX0Y9orwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKMjE52w/o8JZcDQECYJjCJq83Q8MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvb3lNVG5iRC1qd2xsd05BUUpnbU1JbXJ6ZER3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQCEs5QLlgnysFlJeUWAVbD4
yUiV1c1/kwFrw/SjOek47a1VJDZrusuRMmih5eD7E7/gCLuoU0gFjauKc4LwxuvV
iDBha0WCAvjdVXsyLgfMr3uRZzEg4kTe59tcyP/4s31d/9hDHfF+aK1MsfxdYoCO
V69Q3FLL+LbtF4y+SQv7QqYBh0aumQSdBwl6tsDbQaIZjA6bT75nDdciHX4uFERK
3yqzZOcZIX0/p/4lIOWdFNe/CXI+VRAASg5YUL758rigo2wAv5e4SVGrRH9sVJR/
iuY1dlbuWgIvSBE8RTMFpfi1eo0qydoO3oWbULvb7UiPpAEB/P/ZdaXeXFLkrRfK
-----END CERTIFICATE-----
Generated at Wed Oct 9 10:56:24 2024 by rpki-client on console-ams.rpki-client.org