Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/rIwgJlsPTtbJvEZDkgFnah-Mses.roa
File: rIwgJlsPTtbJvEZDkgFnah-Mses.roa (raw, json)
Hash identifier: kMhnEiBpv3yq31KNtgHFeeaMh7lV7j4UFoDt+aObV/o=
Subject key identifier: AC:8C:20:26:5B:0F:4E:D6:C9:BC:46:43:92:01:67:6A:1F:8C:B1:EB
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01902ED429965DF36F5E764A145888E18DDE
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/rIwgJlsPTtbJvEZDkgFnah-Mses.roa
Signing time: Wed 19 Jun 2024 04:49:34 +0000
ROA not before: Wed 19 Jun 2024 04:49:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.206.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.224.0/23 maxlen: 24
85.133.224.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 22 Jun 2024 17:57:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2e:d4:29:96:5d:f3:6f:5e:76:4a:14:58:88:e1:8d:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jun 19 04:49:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac8c20265b0f4ed6c9bc46439201676a1f8cb1eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c1:5f:91:e3:b7:25:5c:d2:91:3c:8b:08:46:
aa:f3:40:2c:6b:1c:65:e0:57:e8:4f:18:e2:2b:e4:
be:cd:3f:c9:f6:7d:5f:72:7e:2a:3e:bd:eb:bb:55:
c4:7a:b2:91:5e:db:ec:0c:5f:c9:70:49:26:98:52:
a4:cc:1e:e2:92:3f:3d:0b:6f:ff:7e:7b:9d:ce:5d:
7c:30:f0:25:45:c3:97:54:df:93:e0:3f:bb:d2:ef:
98:49:0a:9a:cd:73:c4:92:89:fb:46:ef:63:92:20:
ba:3d:2f:21:50:f9:e3:c6:08:2f:36:65:cd:96:9e:
68:b4:0c:fe:d5:16:37:40:37:06:ad:e6:bc:ce:87:
89:0b:e0:26:7b:e4:ac:17:4b:80:8d:cc:0b:f3:6c:
3d:63:c5:de:be:d3:58:38:2a:8d:6f:3e:9e:bf:fb:
f3:e2:8e:c2:18:ff:ca:74:e8:18:7a:9a:be:f0:ef:
54:68:f0:b2:cf:1b:24:7e:f5:70:f1:42:ec:3c:85:
df:78:8b:10:d5:61:71:9a:98:9f:22:02:39:e1:20:
2b:cc:c5:d9:5f:bb:67:ea:57:f0:ce:7c:4a:38:87:
c6:2d:6f:d6:89:7d:e7:b7:0a:b0:b3:e5:44:3b:09:
d9:5b:93:4e:44:ba:78:05:cc:36:cd:84:57:9b:00:
eb:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:8C:20:26:5B:0F:4E:D6:C9:BC:46:43:92:01:67:6A:1F:8C:B1:EB
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/rIwgJlsPTtbJvEZDkgFnah-Mses.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.1.0-185.41.3.255
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
15:75:96:dd:bd:2b:37:81:4c:2a:75:1c:47:44:58:f6:da:fb:
f9:75:60:c4:a6:c1:cf:23:a8:7c:90:d3:8a:01:8e:bf:80:58:
1c:09:6d:e3:28:c3:ca:52:67:54:3b:d3:bb:19:a9:ac:18:52:
f3:80:38:a5:3a:36:fc:24:54:27:2a:25:4e:58:42:35:2a:f4:
e8:1b:dc:b1:e5:d9:34:7e:c5:ba:92:c1:6d:1c:a2:2f:e2:86:
85:8e:86:4e:c1:7a:3e:55:54:ab:69:41:09:40:8c:5c:97:1b:
e2:be:dd:e7:2a:22:ff:63:b9:da:fe:43:9d:a1:34:26:36:71:
9c:bc:db:b1:73:14:c4:88:49:76:88:49:86:8d:92:a5:40:c9:
cd:ab:f7:5d:c9:c9:4d:da:5f:06:be:ac:89:01:1c:c0:27:39:
58:0a:25:6c:17:a9:5a:ff:39:f9:ae:d5:16:94:dc:12:2f:f6:
38:a2:1e:77:5d:77:10:44:5b:4a:4a:8c:3e:d0:d2:82:30:da:
90:88:39:03:2c:e0:e0:c3:e3:51:ee:fa:e9:37:35:e5:3e:97:
fa:e4:d5:1f:f0:fc:92:c0:44:b7:5f:1d:26:6f:5d:2c:ea:01:
23:f5:2d:a7:d2:d6:8d:1d:b0:0b:ee:d5:58:d0:ed:dc:56:a9:
99:54:d4:6e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZAu1CmWXfNvXnZKFFiI4Y3eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwNjE5MDQ0OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzhjMjAyNjViMGY0ZWQ2YzliYzQ2NDM5MjAxNjc2YTFmOGNiMWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28FfkeO3JVzSkTyLCEaq80Asaxxl
4FfoTxjiK+S+zT/J9n1fcn4qPr3ru1XEerKRXtvsDF/JcEkmmFKkzB7ikj89C2//
fnudzl18MPAlRcOXVN+T4D+70u+YSQqazXPEkon7Ru9jkiC6PS8hUPnjxggvNmXN
lp5otAz+1RY3QDcGrea8zoeJC+Ame+SsF0uAjcwL82w9Y8XevtNYOCqNbz6ev/vz
4o7CGP/KdOgYepq+8O9UaPCyzxskfvVw8ULsPIXfeIsQ1WFxmpifIgI54SArzMXZ
X7tn6lfwznxKOIfGLW/WiX3ntwqws+VEOwnZW5NORLp4Bcw2zYRXmwDrcQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKyMICZbD07WybxGQ5IBZ2ofjLHrMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvckl3Z0psc1BUdGJKdkVaRGtnRm5haC1Nc2VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQHVYWAMAwD
BAC5KQEDBAK5KQAwDQQCAAIwBwMFAyoEh8AwDQYJKoZIhvcNAQELBQADggEBABV1
lt29KzeBTCp1HEdEWPba+/l1YMSmwc8jqHyQ04oBjr+AWBwJbeMow8pSZ1Q707sZ
qawYUvOAOKU6NvwkVCcqJU5YQjUq9Ogb3LHl2TR+xbqSwW0coi/ihoWOhk7Bej5V
VKtpQQlAjFyXG+K+3ecqIv9judr+Q52hNCY2cZy827FzFMSISXaISYaNkqVAyc2r
913JyU3aXwa+rIkBHMAnOVgKJWwXqVr/Ofmu1RaU3BIv9jiiHndddxBEW0pKjD7Q
0oIw2pCIOQMs4ODD41Hu+uk3NeU+l/rk1R/w/JLARLdfHSZvXSzqASP1LafS1o0d
sAvu1VjQ7dxWqZlU1G4=
-----END CERTIFICATE-----
Generated at Sat Jun 22 18:54:43 2024 by rpki-client on console-fra.rpki-client.org