Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/q7ECHMRxhoVFo5EWZfHJsG1yTyI.roa
File: q7ECHMRxhoVFo5EWZfHJsG1yTyI.roa (raw, json)
Hash identifier: R8KXnT1EW64bZVZpcA73U9pJIQ2Twf+wSygO7lft8Fs=
Subject key identifier: AB:B1:02:1C:C4:71:86:85:45:A3:91:16:65:F1:C9:B0:6D:72:4F:22
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0189BA8DBA8057994406F42C12DBFA1879E2
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/q7ECHMRxhoVFo5EWZfHJsG1yTyI.roa
Signing time: Thu 03 Aug 2023 08:39:57 +0000
ROA not before: Thu 03 Aug 2023 08:39:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 11938
IP address blocks: 85.133.241.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Aug 2023 08:03:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:8d:ba:80:57:99:44:06:f4:2c:12:db:fa:18:79:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Aug 3 08:39:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abb1021cc471868545a3911665f1c9b06d724f22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:56:94:a0:08:4a:f6:ae:57:c8:3d:ce:af:25:
27:e2:b0:bd:da:36:0e:1f:ec:a1:09:96:c5:f2:13:
0d:e8:6d:fd:c3:c0:42:cf:6b:7d:c5:7a:3f:e6:c8:
75:49:c2:ab:08:8a:dc:73:5d:8c:9e:39:a7:4e:75:
79:04:62:3f:dd:6e:b9:02:ca:fc:25:77:45:bb:1e:
cb:50:48:fe:73:4d:9e:51:e3:08:97:1e:13:ca:c8:
87:a2:38:71:f1:cc:e2:84:4a:ee:e5:ce:af:99:b4:
7e:3c:4d:8b:0e:56:39:6b:52:34:5b:2e:9d:99:e6:
25:dc:8e:f9:80:95:25:0e:41:b2:c7:d2:85:fc:e3:
24:79:fd:4f:f5:92:a3:4d:ce:31:06:db:ba:04:2d:
44:0b:23:1e:6b:57:84:66:9f:be:b0:c6:6e:37:7e:
d4:ec:80:7a:36:af:57:02:ce:9b:d6:6a:9e:b5:85:
28:d4:10:c8:ce:22:7d:4d:52:d8:ac:0b:c4:e6:86:
29:0e:1b:53:8a:dc:8d:c5:12:fa:30:c5:38:b1:34:
20:16:97:66:5a:83:0d:ab:b3:06:be:95:f9:c6:d3:
48:c3:03:72:2d:76:cf:5e:3e:05:84:cb:2a:b2:c0:
5f:be:c0:57:88:7e:d8:f2:b5:4d:c7:c9:72:59:e2:
6a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:B1:02:1C:C4:71:86:85:45:A3:91:16:65:F1:C9:B0:6D:72:4F:22
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/q7ECHMRxhoVFo5EWZfHJsG1yTyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.153.0/24
85.133.241.0/24
85.133.250.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:16:63:94:57:8b:76:fd:55:f5:56:ca:24:36:c6:9f:e1:e4:
08:2a:8f:78:e4:a1:50:27:e1:26:5f:f4:1f:44:3f:4f:93:ae:
46:6a:d8:58:b0:93:0e:f5:b8:b4:79:d7:5e:bb:00:bd:23:22:
2e:fe:c3:70:72:bd:53:f7:d0:4a:a7:3c:3a:c1:ce:6f:7c:6e:
fd:e1:14:5e:8f:66:cd:ab:92:e0:98:b8:01:12:fc:32:50:96:
8a:90:8f:8f:4e:37:47:11:f3:0c:16:5b:f2:14:e8:f5:ac:d1:
cc:71:96:1e:60:27:78:f3:7e:7d:99:b9:82:5e:f6:a4:d2:84:
8a:60:bf:f2:97:9a:cc:85:f7:b4:23:b9:e4:6d:a4:dd:9e:2a:
78:8d:0a:35:af:13:2e:3f:3f:05:8f:b9:7f:17:3f:61:ce:61:
01:f9:66:11:12:38:b7:87:35:5c:2c:ca:5b:cc:f3:fa:c0:ab:
3e:4d:b0:13:fe:b7:26:2e:3d:e2:d4:4c:66:51:d5:eb:97:cf:
40:e3:65:c3:8e:37:b2:78:39:63:51:88:18:17:74:53:56:54:
42:db:56:65:db:b9:85:40:67:aa:60:31:ea:34:5b:3f:71:8d:
61:3c:71:25:10:6f:71:3e:02:8d:02:97:da:71:6d:8f:3e:b5:
23:05:13:ed
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYm6jbqAV5lEBvQsEtv6GHniMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwODAzMDgzOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmIxMDIxY2M0NzE4Njg1NDVhMzkxMTY2NWYxYzliMDZkNzI0ZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllaUoAhK9q5XyD3OryUn4rC92jYO
H+yhCZbF8hMN6G39w8BCz2t9xXo/5sh1ScKrCIrcc12MnjmnTnV5BGI/3W65Asr8
JXdFux7LUEj+c02eUeMIlx4TysiHojhx8czihEru5c6vmbR+PE2LDlY5a1I0Wy6d
meYl3I75gJUlDkGyx9KF/OMkef1P9ZKjTc4xBtu6BC1ECyMea1eEZp++sMZuN37U
7IB6Nq9XAs6b1mqetYUo1BDIziJ9TVLYrAvE5oYpDhtTityNxRL6MMU4sTQgFpdm
WoMNq7MGvpX5xtNIwwNyLXbPXj4FhMsqssBfvsBXiH7Y8rVNx8lyWeJqpwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKuxAhzEcYaFRaORFmXxybBtck8iMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvcTdFQ0hNUnhob1ZGbzVFV1pmSEpzRzF5VHlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVYWZAwQA
VYXxAwQAVYX6MA0GCSqGSIb3DQEBCwUAA4IBAQAaFmOUV4t2/VX1VsokNsaf4eQI
Ko945KFQJ+EmX/QfRD9Pk65GathYsJMO9bi0eddeuwC9IyIu/sNwcr1T99BKpzw6
wc5vfG794RRej2bNq5LgmLgBEvwyUJaKkI+PTjdHEfMMFlvyFOj1rNHMcZYeYCd4
8359mbmCXvak0oSKYL/yl5rMhfe0I7nkbaTdnip4jQo1rxMuPz8Fj7l/Fz9hzmEB
+WYREji3hzVcLMpbzPP6wKs+TbAT/rcmLj3i1ExmUdXrl89A42XDjjeyeDljUYgY
F3RTVlRC21Zl27mFQGeqYDHqNFs/cY1hPHElEG9xPgKNApfacW2PPrUjBRPt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org