Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/rUDHN9b1OkJCBBhJp2Tkck53sFA.roa
File: rUDHN9b1OkJCBBhJp2Tkck53sFA.roa (raw, json)
Hash identifier: D6CI+vWIWoRTwvxydFXcvx36z7uWqnYEXND62LSjvnQ=
Subject key identifier: AD:40:C7:37:D6:F5:3A:42:42:04:18:49:A7:64:E4:72:4E:77:B0:50
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018804AF7D3B75B07BB30475DA2883E9B204
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/rUDHN9b1OkJCBBhJp2Tkck53sFA.roa
Signing time: Wed 10 May 2023 08:03:09 +0000
ROA not before: Wed 10 May 2023 08:03:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.233.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.236.0/22 maxlen: 22
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.237.0/24 maxlen: 24
85.133.234.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.242.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.241.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/22 maxlen: 22
85.133.249.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.209.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.226.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.136.0/22 maxlen: 22
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.156.0/22 maxlen: 22
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.168.0/22 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 10 May 2023 08:04:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:04:af:7d:3b:75:b0:7b:b3:04:75:da:28:83:e9:b2:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: May 10 08:03:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad40c737d6f53a4242041849a764e4724e77b050
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:42:59:46:8c:34:dc:f1:0b:e0:c9:1b:cb:17:
a0:fc:ae:5a:e2:58:2a:17:be:c9:12:ef:95:25:29:
e6:92:05:17:f4:28:11:8b:7a:a9:5f:13:ce:7b:06:
73:84:02:73:02:0f:da:75:ec:33:89:50:cd:ed:88:
dc:d8:9f:aa:a1:95:15:88:ba:97:3b:64:6e:ee:93:
bf:4f:b1:fc:ec:3f:57:9c:43:8e:89:b7:c4:ad:04:
c7:48:b1:8d:36:20:d8:6d:ab:4e:a1:50:f0:11:89:
76:fa:0f:96:0f:49:42:56:5c:31:62:84:96:1d:f4:
db:76:45:96:8f:aa:0b:e6:f4:ca:16:5c:55:28:56:
27:0b:4e:66:a6:6e:6b:1f:ab:56:c7:17:b4:70:7f:
1c:65:e3:ae:73:27:10:c7:41:68:1e:8e:98:ef:b6:
9a:aa:2f:89:fd:e1:07:9d:6f:72:ef:a7:f2:79:3e:
0a:9a:2b:5e:61:e6:e1:07:39:fc:32:e1:e0:da:c7:
21:8a:af:99:44:3d:7f:76:53:e5:18:75:b8:fb:58:
b0:07:55:28:ac:69:32:f1:02:f0:c1:b6:47:0e:62:
08:95:70:77:0b:74:f6:0b:3c:7b:6b:51:d0:db:a7:
66:17:90:33:70:47:de:28:a3:19:ee:42:48:c1:e8:
0a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:40:C7:37:D6:F5:3A:42:42:04:18:49:A7:64:E4:72:4E:77:B0:50
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/rUDHN9b1OkJCBBhJp2Tkck53sFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
44:cb:06:11:88:a0:c7:31:ee:e0:41:73:d4:ae:93:18:ec:6d:
7e:b2:db:f4:11:de:b0:d0:e6:40:72:d1:d3:d3:00:91:ac:8a:
58:3b:cd:44:e3:d3:bc:38:e5:fa:47:6d:05:e2:b4:2d:de:47:
1c:54:1b:64:cc:da:b2:19:a6:52:43:b5:a4:56:12:83:49:2c:
c9:b5:a9:fc:25:e0:b5:25:5e:85:7a:b5:b8:66:74:73:6e:a3:
fd:3a:d9:db:0c:f5:66:22:3e:8e:16:3e:aa:eb:03:bd:20:6d:
42:ad:7f:f0:14:5a:7f:fa:a1:cb:de:8f:88:7c:9c:47:a2:74:
ea:e2:ca:0b:5f:70:cc:37:c3:24:ff:d3:48:8f:74:53:3c:1c:
b4:61:82:2d:0d:ea:b0:1a:1b:84:b5:39:74:d4:f5:d6:93:71:
3c:a6:24:a3:92:ee:58:25:6f:a6:25:21:09:33:09:81:0f:1d:
cc:a8:8c:46:f3:d0:67:f3:dd:9f:e9:61:fc:87:48:a1:5f:07:
12:5c:8b:93:9b:2e:8d:f3:8c:c0:10:f3:0e:4b:32:d3:40:01:
4e:60:5a:ce:65:b3:7c:d0:2f:22:ff:ce:bc:8a:9d:35:d9:2b:
bb:a3:d6:35:4b:27:96:27:14:56:52:ba:fc:39:df:19:9c:91:
46:c6:fe:2d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYgEr307dbB7swR12iiD6bIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNTEwMDgwMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDQwYzczN2Q2ZjUzYTQyNDIwNDE4NDlhNzY0ZTQ3MjRlNzdiMDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEJZRow03PEL4Mkbyxeg/K5a4lgq
F77JEu+VJSnmkgUX9CgRi3qpXxPOewZzhAJzAg/adewziVDN7Yjc2J+qoZUViLqX
O2Ru7pO/T7H87D9XnEOOibfErQTHSLGNNiDYbatOoVDwEYl2+g+WD0lCVlwxYoSW
HfTbdkWWj6oL5vTKFlxVKFYnC05mpm5rH6tWxxe0cH8cZeOucycQx0FoHo6Y77aa
qi+J/eEHnW9y76fyeT4KmiteYebhBzn8MuHg2schiq+ZRD1/dlPlGHW4+1iwB1Uo
rGky8QLwwbZHDmIIlXB3C3T2Czx7a1HQ26dmF5AzcEfeKKMZ7kJIwegKiQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK1AxzfW9TpCQgQYSadk5HJOd7BQMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvclVESE45YjFPa0pDQkJoSnAyVGtjazUzc0ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQBEywYRiKDHMe7gQXPUrpMY
7G1+stv0Ed6w0OZActHT0wCRrIpYO81E49O8OOX6R20F4rQt3kccVBtkzNqyGaZS
Q7WkVhKDSSzJtan8JeC1JV6FerW4ZnRzbqP9OtnbDPVmIj6OFj6q6wO9IG1CrX/w
FFp/+qHL3o+IfJxHonTq4soLX3DMN8Mk/9NIj3RTPBy0YYItDeqwGhuEtTl01PXW
k3E8piSjku5YJW+mJSEJMwmBDx3MqIxG89Bn892f6WH8h0ihXwcSXIuTmy6N84zA
EPMOSzLTQAFOYFrOZbN80C8i/868ip012Su7o9Y1SyeWJxRWUrr8Od8ZnJFGxv4t
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org