Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/p1zAKemcykiLWk16sNkQCy4PNMc.roa
File: p1zAKemcykiLWk16sNkQCy4PNMc.roa (raw, json)
Hash identifier: CtRXWbq9F0Esh4dZvx8NbLijLRMB5CAwNonAUBpxG9I=
Subject key identifier: A7:5C:C0:29:E9:9C:CA:48:8B:5A:4D:7A:B0:D9:10:0B:2E:0F:34:C7
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01896E2C586750B3AB249F0D01BC07F0D1B6
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/p1zAKemcykiLWk16sNkQCy4PNMc.roa
Signing time: Wed 19 Jul 2023 12:42:27 +0000
ROA not before: Wed 19 Jul 2023 12:42:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.233.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.237.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.242.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.241.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
85.133.248.0/22 maxlen: 22
85.133.249.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.199.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.216.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.226.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 19 Jul 2023 13:43:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6e:2c:58:67:50:b3:ab:24:9f:0d:01:bc:07:f0:d1:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jul 19 12:42:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a75cc029e99cca488b5a4d7ab0d9100b2e0f34c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4c:5b:52:1d:d2:c6:17:f2:e6:fe:3d:ad:e1:
5c:e0:c8:45:b2:15:3e:33:3f:a6:ab:28:f6:6a:02:
35:ff:e6:1b:61:84:f0:33:e2:74:dc:a7:b0:d2:8c:
0a:2a:37:32:91:4b:fe:43:d9:be:cf:db:9d:2e:44:
b1:8c:ca:87:72:c6:2d:de:a9:fb:52:dd:4b:e2:01:
84:fb:f2:d6:ee:23:24:c5:82:5f:69:0a:e6:96:1b:
77:17:79:1d:50:ca:96:5a:ee:11:4c:2a:62:96:37:
50:10:27:ad:ee:ca:12:e7:48:1f:a9:ac:fd:1f:08:
20:13:41:67:27:87:da:20:b9:e6:d0:da:b4:15:df:
8f:52:3b:4a:63:24:13:c5:c6:e7:8c:9c:33:ec:fa:
f9:4e:d3:b8:d0:9a:b7:21:47:8a:d9:b8:44:55:e1:
9b:cf:ea:5d:fa:18:3e:de:e2:f8:3a:2b:ef:b5:d4:
6a:08:c6:86:68:76:2b:d1:d6:aa:28:c2:a9:dc:41:
6d:3a:76:cc:64:9a:82:be:31:7e:b5:7d:7c:5c:71:
c1:54:b8:5b:1c:a6:d8:74:de:1d:7b:e4:e1:15:3a:
00:dd:5d:63:f3:e6:32:e5:3e:85:f3:ec:a2:c1:f9:
c9:ab:53:a8:6e:ee:54:ef:2f:b2:b3:a9:c8:3f:eb:
71:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:5C:C0:29:E9:9C:CA:48:8B:5A:4D:7A:B0:D9:10:0B:2E:0F:34:C7
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/p1zAKemcykiLWk16sNkQCy4PNMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
43:06:ee:a1:db:36:8a:b6:49:e2:8f:3d:3d:d6:2a:c3:70:35:
e8:70:f3:84:e4:39:e4:f5:9a:40:41:83:4f:ca:c3:b8:99:81:
a8:aa:a7:14:91:ee:1f:21:5f:40:5e:1e:14:2a:9a:f2:41:7d:
3d:7f:90:de:35:35:35:99:cb:59:c2:39:37:2a:f9:97:4e:54:
67:7f:93:ab:58:a0:b2:c9:d0:d1:70:81:ab:fb:30:d7:bc:06:
e5:53:bd:86:ef:4b:53:57:ba:5e:ac:db:6f:7c:79:6b:a7:36:
04:a9:af:90:55:5d:19:88:e1:8a:16:ce:6c:07:c3:a1:7d:d8:
21:ff:e7:84:85:80:ac:b4:ab:1f:30:e9:ff:f7:88:67:79:00:
35:5a:f1:f0:67:9a:97:94:64:49:68:17:ef:27:02:91:44:a0:
47:c8:50:44:53:68:4e:89:b5:d5:f0:58:f8:b5:ed:16:61:d7:
ff:04:55:18:52:55:b2:5b:69:e6:64:21:4a:8e:05:f2:14:3c:
17:e6:e9:03:a7:40:6c:9d:49:5b:6f:d7:96:29:90:74:5b:d8:
1e:77:6f:ce:8c:0b:2a:0e:a2:05:c0:e4:cc:0f:96:29:50:27:
18:0a:0b:d9:86:45:4c:34:63:b4:ac:0c:bc:9e:8e:e6:a0:fe:
95:57:27:53
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYluLFhnULOrJJ8NAbwH8NG2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNzE5MTI0MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzVjYzAyOWU5OWNjYTQ4OGI1YTRkN2FiMGQ5MTAwYjJlMGYzNGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuExbUh3Sxhfy5v49reFc4MhFshU+
Mz+mqyj2agI1/+YbYYTwM+J03Kew0owKKjcykUv+Q9m+z9udLkSxjMqHcsYt3qn7
Ut1L4gGE+/LW7iMkxYJfaQrmlht3F3kdUMqWWu4RTCpiljdQECet7soS50gfqaz9
HwggE0FnJ4faILnm0Nq0Fd+PUjtKYyQTxcbnjJwz7Pr5TtO40Jq3IUeK2bhEVeGb
z+pd+hg+3uL4OivvtdRqCMaGaHYr0daqKMKp3EFtOnbMZJqCvjF+tX18XHHBVLhb
HKbYdN4de+ThFToA3V1j8+Yy5T6F8+yiwfnJq1Oobu5U7y+ys6nIP+txAQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKdcwCnpnMpIi1pNerDZEAsuDzTHMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvcDF6QUtlbWN5a2lMV2sxNnNOa1FDeTRQTk1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQBDBu6h2zaKtkni
jz091irDcDXocPOE5Dnk9ZpAQYNPysO4mYGoqqcUke4fIV9AXh4UKpryQX09f5De
NTU1mctZwjk3KvmXTlRnf5OrWKCyydDRcIGr+zDXvAblU72G70tTV7perNtvfHlr
pzYEqa+QVV0ZiOGKFs5sB8Ohfdgh/+eEhYCstKsfMOn/94hneQA1WvHwZ5qXlGRJ
aBfvJwKRRKBHyFBEU2hOibXV8Fj4te0WYdf/BFUYUlWyW2nmZCFKjgXyFDwX5ukD
p0BsnUlbb9eWKZB0W9ged2/OjAsqDqIFwOTMD5YpUCcYCgvZhkVMNGO0rAy8no7m
oP6VVydT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org