Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/r4iXWsmY2IWWIJ2-ddG7Er3_jek.roa
File: r4iXWsmY2IWWIJ2-ddG7Er3_jek.roa (raw, json)
Hash identifier: 9O3BLaJLKOjgNFQQhEB2poivQTT/X5aoqXyppWeZYYk=
Subject key identifier: AF:88:97:5A:C9:98:D8:85:96:20:9D:BE:75:D1:BB:12:BD:FF:8D:E9
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018CC8FA520EDEC19DC458218D362E2A9C98
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/r4iXWsmY2IWWIJ2-ddG7Er3_jek.roa
Signing time: Tue 02 Jan 2024 07:01:37 +0000
ROA not before: Tue 02 Jan 2024 07:01:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48147
IP address blocks: 85.133.178.0/23 maxlen: 24
85.133.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 10:50:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:fa:52:0e:de:c1:9d:c4:58:21:8d:36:2e:2a:9c:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 2 07:01:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af88975ac998d88596209dbe75d1bb12bdff8de9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:cc:2a:63:7b:46:94:09:b8:b5:cf:d6:51:0b:
73:aa:5d:01:e8:14:1a:f1:be:52:cb:d5:48:9d:7e:
79:21:82:8a:b0:4e:e1:57:83:4f:23:0d:33:f2:b1:
d7:9c:16:a1:d6:70:51:a1:fd:ea:22:a8:e5:15:c2:
89:bb:5d:33:51:40:73:9e:57:5c:8c:f3:4c:6f:77:
e0:b4:ed:03:c9:c7:3a:74:6a:09:e7:96:e1:6a:51:
b6:03:b3:cb:9f:29:4a:58:05:85:19:4d:3f:30:f0:
81:25:dd:4d:92:ba:ca:10:fe:94:63:14:a4:ea:6f:
35:08:36:d5:7e:0e:2d:3e:6f:19:25:ca:1e:3d:54:
2f:bf:df:01:79:ec:bb:5d:6b:79:00:3c:3d:49:e8:
f9:09:50:a0:83:81:f1:83:ee:13:03:22:39:fa:40:
1f:66:0b:35:d2:8d:8e:24:a7:cb:c6:c2:57:90:25:
b5:c0:23:8e:86:3d:b9:cb:06:d5:1b:fe:bd:f2:3c:
84:17:42:26:03:b9:5d:13:16:d9:51:c2:e3:29:6c:
47:01:de:38:43:3e:4b:9a:26:58:1c:8d:07:3b:00:
f7:22:09:e9:76:a9:d3:ab:46:cc:22:8c:1d:d8:8a:
f8:75:0f:e1:fa:1b:7d:b8:6a:ba:9d:32:c7:2e:2a:
b3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:88:97:5A:C9:98:D8:85:96:20:9D:BE:75:D1:BB:12:BD:FF:8D:E9
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/r4iXWsmY2IWWIJ2-ddG7Er3_jek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.178.0/23
85.133.241.0/24
Signature Algorithm: sha256WithRSAEncryption
33:1a:18:5d:a9:dd:87:ea:42:0d:02:bd:78:98:65:00:eb:3a:
25:58:b0:19:e8:90:4e:b6:b9:25:24:58:33:d0:a7:d4:66:e1:
35:73:d5:af:f8:63:5f:ec:9d:40:4d:41:5d:1a:c8:2d:98:c5:
23:28:6c:ce:32:64:7c:61:41:d6:01:39:84:98:cd:48:95:a4:
c4:ca:92:f0:1e:d8:97:e0:68:39:aa:80:f6:da:bc:bb:bf:43:
02:0b:cc:52:75:56:bf:b6:b2:9b:d4:b3:e9:48:85:50:79:f3:
90:0c:a8:22:b9:69:77:46:1d:d3:0f:36:2f:ec:2c:a1:9a:73:
48:ff:42:0b:e8:40:35:15:3a:9e:37:36:53:21:1b:d8:73:fa:
26:dd:1f:88:55:62:af:7a:b7:b9:3b:68:fc:d3:e9:fa:a8:ff:
e7:29:86:cf:9b:cf:d6:6b:44:f2:b0:b7:3f:80:a2:80:22:53:
00:da:77:d4:a9:c2:7e:96:00:09:d9:d4:57:1b:57:68:c6:46:
db:b5:c4:60:64:3b:28:7f:1e:71:a3:d1:0f:16:4e:38:bb:ee:
60:8a:57:6e:1e:f7:a8:75:cf:b5:3f:b9:87:03:ac:f8:f1:1b:
65:1d:cc:1c:75:fe:06:82:ba:df:7a:a7:56:cd:6c:79:a7:07:
94:67:1a:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI+lIO3sGdxFghjTYuKpyYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMTAyMDcwMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjg4OTc1YWM5OThkODg1OTYyMDlkYmU3NWQxYmIxMmJkZmY4ZGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMwqY3tGlAm4tc/WUQtzql0B6BQa
8b5Sy9VInX55IYKKsE7hV4NPIw0z8rHXnBah1nBRof3qIqjlFcKJu10zUUBznldc
jPNMb3fgtO0Dycc6dGoJ55bhalG2A7PLnylKWAWFGU0/MPCBJd1NkrrKEP6UYxSk
6m81CDbVfg4tPm8ZJcoePVQvv98Beey7XWt5ADw9Sej5CVCgg4Hxg+4TAyI5+kAf
Zgs10o2OJKfLxsJXkCW1wCOOhj25ywbVG/698jyEF0ImA7ldExbZUcLjKWxHAd44
Qz5LmiZYHI0HOwD3IgnpdqnTq0bMIowd2Ir4dQ/h+ht9uGq6nTLHLiqzewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK+Il1rJmNiFliCdvnXRuxK9/43pMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvcjRpWFdzbVkySVdXSUoyLWRkRzdFcjNfamVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVYWyAwQA
VYXxMA0GCSqGSIb3DQEBCwUAA4IBAQAzGhhdqd2H6kINAr14mGUA6zolWLAZ6JBO
trklJFgz0KfUZuE1c9Wv+GNf7J1ATUFdGsgtmMUjKGzOMmR8YUHWATmEmM1IlaTE
ypLwHtiX4Gg5qoD22ry7v0MCC8xSdVa/trKb1LPpSIVQefOQDKgiuWl3Rh3TDzYv
7CyhmnNI/0IL6EA1FTqeNzZTIRvYc/om3R+IVWKvere5O2j80+n6qP/nKYbPm8/W
a0TysLc/gKKAIlMA2nfUqcJ+lgAJ2dRXG1doxkbbtcRgZDsofx5xo9EPFk44u+5g
ilduHveodc+1P7mHA6z48RtlHcwcdf4GgrrfeqdWzWx5pweUZxpu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org