Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/q5zNJfSCoNJHXxF1JNj2PdM9-u8.roa
File: q5zNJfSCoNJHXxF1JNj2PdM9-u8.roa (raw, json)
Hash identifier: R7q8M54wv5JijRFAue9e8QPdltSL5qYL6nCzXjgVXVM=
Subject key identifier: AB:9C:CD:25:F4:82:A0:D2:47:5F:11:75:24:D8:F6:3D:D3:3D:FA:EF
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0192A9A8FD604F13CF3E12FB510A22194B50
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/q5zNJfSCoNJHXxF1JNj2PdM9-u8.roa
Signing time: Sun 20 Oct 2024 11:21:17 +0000
ROA not before: Sun 20 Oct 2024 11:21:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214515
IP address blocks: 85.133.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 12:38:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a9:a8:fd:60:4f:13:cf:3e:12:fb:51:0a:22:19:4b:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Oct 20 11:21:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab9ccd25f482a0d2475f117524d8f63dd33dfaef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:83:88:c8:ad:db:0f:5c:f4:84:d6:36:05:f6:
f3:d7:58:0b:95:ab:86:6b:bf:25:c6:90:8e:df:f7:
24:4d:6e:55:75:91:2b:2e:ae:b8:93:f1:99:3f:ef:
10:c1:6d:b3:57:07:1d:c9:5c:cf:2e:cc:5b:de:91:
c6:99:b4:01:f2:d6:7b:f8:41:eb:20:a4:e3:d5:2e:
5f:18:d1:5a:d5:6b:92:92:d4:59:2e:a4:1f:1f:36:
22:16:84:05:60:dd:96:cf:c8:0c:db:2b:eb:07:9c:
82:cf:c5:28:9a:ea:b1:01:f2:4a:cd:7e:57:9f:4a:
76:63:a6:92:db:83:72:cf:f0:0c:ca:bd:57:fd:84:
20:10:55:ae:ff:95:c6:68:89:76:9a:b1:1b:76:c5:
78:95:da:39:92:44:37:51:54:f8:d2:72:07:0c:73:
66:3f:ed:1c:f5:33:8b:67:e1:5d:cd:50:99:c9:d3:
f6:16:8d:8f:13:c4:87:5b:76:df:88:91:08:d4:ca:
86:07:59:9c:e9:62:c8:a0:ab:c4:2d:13:27:8c:d3:
b1:56:82:a2:6d:24:7e:1e:f3:55:8d:a3:60:76:17:
75:0b:51:e5:c8:f6:a9:4d:3f:07:64:06:78:a6:32:
15:0d:eb:9d:e4:9d:8a:10:11:aa:90:99:49:b9:bd:
25:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:9C:CD:25:F4:82:A0:D2:47:5F:11:75:24:D8:F6:3D:D3:3D:FA:EF
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/q5zNJfSCoNJHXxF1JNj2PdM9-u8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.252.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:3c:8f:75:2d:74:a5:4c:f9:02:87:c8:c4:6c:05:bc:8e:3e:
ef:cd:ac:8c:ee:f0:a4:fb:9a:e5:9d:c3:5a:c8:6c:5e:a3:8a:
46:e3:95:3c:dc:a8:53:9b:b6:a4:60:e8:38:46:20:74:19:76:
df:a9:5f:36:c6:ce:f0:80:31:e3:9e:48:cb:dd:5c:72:bd:fe:
b5:71:17:2b:e0:28:35:cd:08:33:2c:ab:20:eb:9d:49:6b:ab:
28:a6:e4:d6:8a:c1:39:4d:85:ca:f2:4e:7a:14:31:88:ff:3d:
98:5a:18:9e:54:c3:63:6f:c2:96:71:0b:d0:1c:e3:7d:f7:bd:
83:0e:8f:19:c6:0e:53:b9:55:1a:5e:af:25:c0:c3:4e:27:22:
1f:ba:4b:f1:95:53:f6:7c:9d:7b:38:f5:50:f8:9b:05:a0:fb:
02:5c:7d:d5:e2:d2:9a:4d:06:ed:ca:e0:d3:bf:a4:d1:52:fb:
12:9b:f7:b4:07:f3:55:43:48:b8:b4:6c:9d:3f:9d:74:c2:81:
5e:49:fd:28:75:a7:5b:f2:03:f7:49:d1:dd:f5:b3:e6:92:1b:
21:20:62:b2:c7:99:f8:c6:37:3a:d2:79:6d:56:46:82:9f:89:
3f:77:4f:e3:52:86:a6:41:9d:f9:6c:8b:e1:71:7b:4c:36:70:
d7:16:49:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKpqP1gTxPPPhL7UQoiGUtQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQxMDIwMTEyMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjljY2QyNWY0ODJhMGQyNDc1ZjExNzUyNGQ4ZjYzZGQzM2RmYWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YOIyK3bD1z0hNY2Bfbz11gLlauG
a78lxpCO3/ckTW5VdZErLq64k/GZP+8QwW2zVwcdyVzPLsxb3pHGmbQB8tZ7+EHr
IKTj1S5fGNFa1WuSktRZLqQfHzYiFoQFYN2Wz8gM2yvrB5yCz8UomuqxAfJKzX5X
n0p2Y6aS24Nyz/AMyr1X/YQgEFWu/5XGaIl2mrEbdsV4ldo5kkQ3UVT40nIHDHNm
P+0c9TOLZ+FdzVCZydP2Fo2PE8SHW3bfiJEI1MqGB1mc6WLIoKvELRMnjNOxVoKi
bSR+HvNVjaNgdhd1C1HlyPapTT8HZAZ4pjIVDeud5J2KEBGqkJlJub0llwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKuczSX0gqDSR18RdSTY9j3TPfrvMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvcTV6TkpmU0NvTkpIWHhGMUpOajJQZE05LXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYX8MA0G
CSqGSIb3DQEBCwUAA4IBAQCcPI91LXSlTPkCh8jEbAW8jj7vzayM7vCk+5rlncNa
yGxeo4pG45U83KhTm7akYOg4RiB0GXbfqV82xs7wgDHjnkjL3Vxyvf61cRcr4Cg1
zQgzLKsg651Ja6sopuTWisE5TYXK8k56FDGI/z2YWhieVMNjb8KWcQvQHON9972D
Do8Zxg5TuVUaXq8lwMNOJyIfukvxlVP2fJ17OPVQ+JsFoPsCXH3V4tKaTQbtyuDT
v6TRUvsSm/e0B/NVQ0i4tGydP510woFeSf0odadb8gP3SdHd9bPmkhshIGKyx5n4
xjc60nltVkaCn4k/d0/jUoamQZ35bIvhcXtMNnDXFkkm
-----END CERTIFICATE-----
Generated at Mon Oct 21 15:40:34 2024 by rpki-client on console-fra.rpki-client.org