Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/qLupfq9hgKFLF-J25EJTiF6R7DE.roa
File: qLupfq9hgKFLF-J25EJTiF6R7DE.roa (raw, json)
Hash identifier: 0PSafj4MbKjJ41DznQHLYd/LLGXdRiox1mdEIHQSKag=
Subject key identifier: A8:BB:A9:7E:AF:61:80:A1:4B:17:E2:76:E4:42:53:88:5E:91:EC:31
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018972091A3CCEDF9CDA888F4956A1B9CA15
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/qLupfq9hgKFLF-J25EJTiF6R7DE.roa
Signing time: Thu 20 Jul 2023 06:42:26 +0000
ROA not before: Thu 20 Jul 2023 06:42:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 85.133.179.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 30 Jul 2023 09:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:72:09:1a:3c:ce:df:9c:da:88:8f:49:56:a1:b9:ca:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jul 20 06:42:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8bba97eaf6180a14b17e276e44253885e91ec31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e5:ec:ca:e8:e8:b0:8b:26:47:60:c6:f1:5f:
10:91:25:e4:99:b8:d9:37:62:83:bd:6d:10:93:28:
96:cc:c4:86:e3:d1:d2:31:60:18:00:fc:9f:fb:3f:
9e:08:be:a0:78:0e:33:f6:87:a3:6c:66:d8:9e:40:
6f:ad:76:b0:41:d5:33:94:10:04:d5:7e:55:80:f8:
e4:30:77:a7:f7:f1:f0:0b:ca:7d:7f:6d:0a:8e:b1:
39:42:7a:e0:d6:c0:95:d0:4b:ba:54:eb:42:8f:1b:
1b:70:bd:25:f6:d8:8d:e9:1c:ca:4e:85:08:9f:0f:
3c:40:fa:32:78:16:2d:1b:0c:4b:cc:e3:99:3b:e0:
da:f6:6a:3d:41:df:01:12:a2:99:f2:79:c4:28:ff:
a1:cd:ca:d8:d5:4d:d0:75:c1:b8:b4:a6:9c:6d:8a:
02:ee:68:3e:51:88:56:23:71:8d:6f:8f:b0:b7:b0:
c8:2d:34:90:68:81:5a:ae:5a:cb:3a:b0:a1:43:e0:
fb:89:57:6b:62:9e:1f:d7:99:bf:f2:f6:e2:1a:9c:
43:ee:07:22:6e:d3:a8:3f:26:a6:bb:42:f8:7a:53:
b4:88:e7:b0:e3:65:14:61:aa:1e:e8:33:9f:67:73:
56:7f:35:4a:d5:20:ea:19:14:da:f1:af:cb:56:d0:
45:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:BB:A9:7E:AF:61:80:A1:4B:17:E2:76:E4:42:53:88:5E:91:EC:31
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/qLupfq9hgKFLF-J25EJTiF6R7DE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.137.0/24
85.133.156.0/24
85.133.165.0/24
85.133.179.0/24
85.133.215.0/24
85.133.217.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:da:77:e0:4e:b2:2b:58:e2:69:92:b9:98:d9:d9:7e:83:8d:
3a:0b:d1:eb:61:7c:87:49:05:d1:7c:8d:fc:49:66:43:eb:28:
5a:7d:39:f8:68:2c:e5:0e:f1:b9:fc:f0:af:73:07:36:60:4f:
da:4d:cb:4a:fc:76:a1:5c:7b:c2:7c:fd:5a:03:f7:83:7e:fb:
35:32:56:aa:87:48:41:45:3b:77:34:80:0e:a8:9e:d2:92:b1:
97:dd:39:bb:c2:65:81:20:8a:06:3a:ad:bf:89:d1:33:26:c3:
51:c2:b4:7c:89:2e:38:4e:45:b3:59:29:8c:bf:08:ae:20:e3:
92:04:ef:4d:2b:36:4b:02:c6:4f:52:55:2e:eb:c7:8f:ec:c1:
3a:b9:2b:28:fd:57:68:40:08:25:a9:bc:97:ea:ed:45:1a:a7:
e9:7c:0b:26:86:05:26:d7:47:b9:27:0f:24:49:6c:c2:86:77:
5c:38:da:7d:c6:65:52:cf:5f:c5:64:71:ee:f6:05:ea:9a:9a:
86:2d:47:99:63:e8:8d:54:ec:9f:7a:3a:60:96:61:8b:3a:10:
be:d1:98:61:f0:66:cd:70:8d:03:2c:67:be:76:d9:3b:29:4b:
d1:38:8c:b8:8b:44:97:c1:7e:f2:e4:d7:ac:62:38:b4:c7:72:
54:b6:16:93
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYlyCRo8zt+c2oiPSVahucoVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNzIwMDY0MjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGJiYTk3ZWFmNjE4MGExNGIxN2UyNzZlNDQyNTM4ODVlOTFlYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieXsyujosIsmR2DG8V8QkSXkmbjZ
N2KDvW0QkyiWzMSG49HSMWAYAPyf+z+eCL6geA4z9oejbGbYnkBvrXawQdUzlBAE
1X5VgPjkMHen9/HwC8p9f20KjrE5Qnrg1sCV0Eu6VOtCjxsbcL0l9tiN6RzKToUI
nw88QPoyeBYtGwxLzOOZO+Da9mo9Qd8BEqKZ8nnEKP+hzcrY1U3QdcG4tKacbYoC
7mg+UYhWI3GNb4+wt7DILTSQaIFarlrLOrChQ+D7iVdrYp4f15m/8vbiGpxD7gci
btOoPyamu0L4elO0iOew42UUYaoe6DOfZ3NWfzVK1SDqGRTa8a/LVtBF3QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKi7qX6vYYChSxfiduRCU4hekewxMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvcUx1cGZxOWhnS0ZMRi1KMjVFSlRpRjZSN0RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVYWJAwQA
VYWcAwQAVYWlAwQAVYWzAwQAVYXXAwQAVYXZMA0GCSqGSIb3DQEBCwUAA4IBAQAv
2nfgTrIrWOJpkrmY2dl+g406C9HrYXyHSQXRfI38SWZD6yhafTn4aCzlDvG5/PCv
cwc2YE/aTctK/HahXHvCfP1aA/eDfvs1Mlaqh0hBRTt3NIAOqJ7SkrGX3Tm7wmWB
IIoGOq2/idEzJsNRwrR8iS44TkWzWSmMvwiuIOOSBO9NKzZLAsZPUlUu68eP7ME6
uSso/VdoQAglqbyX6u1FGqfpfAsmhgUm10e5Jw8kSWzChndcONp9xmVSz1/FZHHu
9gXqmpqGLUeZY+iNVOyfejpglmGLOhC+0Zhh8GbNcI0DLGe+dtk7KUvROIy4i0SX
wX7y5NesYji0x3JUthaT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org