Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/r2vGf1CZfEoao_RpSbP91DFnoDo.roa
File: r2vGf1CZfEoao_RpSbP91DFnoDo.roa (raw, json)
Hash identifier: B/ZAzSHJcjVW/a3N2TunI3K3TCXVHFCDuVB5IE14xM0=
Subject key identifier: AF:6B:C6:7F:50:99:7C:4A:1A:A3:F4:69:49:B3:FD:D4:31:67:A0:3A
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01902ED4290FA94770B76DA33C10A86E8825
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/r2vGf1CZfEoao_RpSbP91DFnoDo.roa
Signing time: Wed 19 Jun 2024 04:49:34 +0000
ROA not before: Wed 19 Jun 2024 04:49:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35372
IP address blocks: 85.133.195.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Jun 2024 18:14:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2e:d4:29:0f:a9:47:70:b7:6d:a3:3c:10:a8:6e:88:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jun 19 04:49:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af6bc67f50997c4a1aa3f46949b3fdd43167a03a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d2:e6:82:5f:88:bb:79:d0:d1:bb:57:bc:3b:
79:18:a3:c3:e0:75:f0:7a:e7:c1:3c:17:41:77:82:
68:11:6a:30:07:5d:bf:0f:e3:a8:be:be:34:13:88:
ad:b2:a1:46:ea:f8:f8:fc:8a:2a:24:12:8d:53:5d:
ab:d8:15:e1:66:fd:d8:52:ba:f3:ef:71:df:33:67:
13:fc:cc:b8:d9:d4:8f:11:7d:79:93:ca:fa:38:a6:
6a:a9:e2:fa:88:6d:66:c0:af:6e:3c:d8:56:ee:ca:
e7:7a:6b:97:f5:5f:45:c8:01:5e:5e:a9:d9:1d:3e:
45:e6:50:4a:90:0f:5c:08:ce:08:20:2c:b0:df:56:
fc:86:23:d9:26:bb:19:50:e3:f0:7f:01:c1:58:4d:
3d:96:4d:c2:04:31:50:23:b7:b0:32:cb:d6:2c:3a:
4a:68:ec:39:0a:0c:60:66:d5:39:c5:a7:31:34:79:
81:e8:e4:8a:db:33:d9:31:d8:25:0b:cb:67:8d:a0:
0b:f0:ef:93:f3:54:c2:57:22:58:4c:6d:cd:60:51:
94:c7:ec:de:30:20:89:a4:59:5c:e5:db:73:26:a0:
e8:a4:b0:f8:a5:68:45:bf:28:7d:2f:6b:61:0c:9a:
a0:7e:9d:1b:d6:d7:bc:6e:ab:02:b0:e2:37:54:f8:
0e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:6B:C6:7F:50:99:7C:4A:1A:A3:F4:69:49:B3:FD:D4:31:67:A0:3A
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/r2vGf1CZfEoao_RpSbP91DFnoDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.195.0/24
85.133.225.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:4d:dd:1d:f7:b8:01:48:5a:d0:33:43:6f:97:8f:ec:c2:ab:
7d:ac:08:78:a5:c4:9e:74:61:32:40:f2:c0:7f:28:1e:fe:b1:
39:9b:a2:55:48:99:00:dc:75:57:6c:42:33:ec:a5:79:e5:fb:
cb:5b:f5:af:fd:59:90:e3:39:e8:70:7c:66:d1:9d:10:4b:be:
c0:43:31:5a:45:5a:28:28:fa:86:1e:82:f9:3c:8f:49:85:70:
c0:56:d4:41:a8:8a:3e:9a:44:ca:70:b7:c3:a3:fd:7b:04:eb:
4e:2c:bd:02:40:dc:43:16:3f:1f:cc:fd:52:21:5d:ed:ff:bb:
40:1f:03:96:fa:09:9e:45:42:70:2a:bd:0b:95:6a:27:fc:d7:
5e:25:2a:c9:27:a9:e8:92:df:c7:aa:da:d8:f3:9d:4a:a9:20:
09:33:35:0c:16:0d:ad:eb:f8:a9:1a:1e:50:53:7d:df:4c:82:
a5:7b:41:6f:cc:72:82:5a:19:eb:a7:2f:a9:dc:09:66:af:69:
11:94:e6:c7:07:82:e5:65:18:28:e7:d1:fb:87:dd:7a:a8:04:
7e:66:9d:98:03:d0:f8:4f:b6:41:30:95:67:e3:cf:ad:47:2f:
29:7e:da:bc:c8:d0:20:9a:0d:e1:75:a8:7f:e0:12:10:1e:09:
d2:df:7d:b9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAu1CkPqUdwt22jPBCoboglMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwNjE5MDQ0OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjZiYzY3ZjUwOTk3YzRhMWFhM2Y0Njk0OWIzZmRkNDMxNjdhMDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9Lmgl+Iu3nQ0btXvDt5GKPD4HXw
eufBPBdBd4JoEWowB12/D+Oovr40E4itsqFG6vj4/IoqJBKNU12r2BXhZv3YUrrz
73HfM2cT/My42dSPEX15k8r6OKZqqeL6iG1mwK9uPNhW7srnemuX9V9FyAFeXqnZ
HT5F5lBKkA9cCM4IICyw31b8hiPZJrsZUOPwfwHBWE09lk3CBDFQI7ewMsvWLDpK
aOw5CgxgZtU5xacxNHmB6OSK2zPZMdglC8tnjaAL8O+T81TCVyJYTG3NYFGUx+ze
MCCJpFlc5dtzJqDopLD4pWhFvyh9L2thDJqgfp0b1te8bqsCsOI3VPgOLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK9rxn9QmXxKGqP0aUmz/dQxZ6A6MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvcjJ2R2YxQ1pmRW9hb19ScFNiUDkxREZub0RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVYXDAwQA
VYXhMA0GCSqGSIb3DQEBCwUAA4IBAQCrTd0d97gBSFrQM0Nvl4/swqt9rAh4pcSe
dGEyQPLAfyge/rE5m6JVSJkA3HVXbEIz7KV55fvLW/Wv/VmQ4znocHxm0Z0QS77A
QzFaRVooKPqGHoL5PI9JhXDAVtRBqIo+mkTKcLfDo/17BOtOLL0CQNxDFj8fzP1S
IV3t/7tAHwOW+gmeRUJwKr0LlWon/NdeJSrJJ6nokt/HqtrY851KqSAJMzUMFg2t
6/ipGh5QU33fTIKle0FvzHKCWhnrpy+p3Almr2kRlObHB4LlZRgo59H7h916qAR+
Zp2YA9D4T7ZBMJVn48+tRy8pftq8yNAgmg3hdah/4BIQHgnS3325
-----END CERTIFICATE-----
Generated at Sat Jun 22 21:01:09 2024 by rpki-client on console-ams.rpki-client.org