Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/s6kU7Ck4A5WgAr8VwLWgcsP0_es.roa
File: s6kU7Ck4A5WgAr8VwLWgcsP0_es.roa (raw, json)
Hash identifier: wa5UFTULPKUFrWNPPnZmn3tahKGpZSRvmQfQFU+vEro=
Subject key identifier: B3:A9:14:EC:29:38:03:95:A0:02:BF:15:C0:B5:A0:72:C3:F4:FD:EB
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0189B5EEE0B83765D08757D45751DE97A4B6
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/s6kU7Ck4A5WgAr8VwLWgcsP0_es.roa
Signing time: Wed 02 Aug 2023 11:07:58 +0000
ROA not before: Wed 02 Aug 2023 11:07:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 85.133.208.0/24 maxlen: 24
85.133.233.0/24 maxlen: 24
85.133.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Aug 2023 16:13:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b5:ee:e0:b8:37:65:d0:87:57:d4:57:51:de:97:a4:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Aug 2 11:07:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3a914ec29380395a002bf15c0b5a072c3f4fdeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b2:c3:2c:3a:87:ca:8c:5c:41:d0:4a:74:fb:
78:ba:5c:96:29:8f:f4:da:21:00:a0:8d:c2:8a:96:
1f:a0:5d:66:10:4e:18:ee:e0:2c:f5:8e:08:ad:49:
a4:bd:9c:13:e0:ed:fa:0c:87:7f:e1:4f:7a:40:41:
98:53:07:e5:a2:b7:45:03:1b:b2:43:36:8f:c3:68:
ab:7e:77:01:cb:fc:6a:36:d1:80:1f:c0:7a:de:d3:
33:d8:ff:6a:e4:53:d9:9d:79:af:92:24:6f:32:08:
83:2f:31:a6:44:04:2f:53:2c:bc:fb:ea:f8:a2:03:
29:33:54:6e:9c:91:c5:ab:4b:46:73:6f:12:1e:39:
75:4c:c1:2f:e6:44:ee:d3:c6:73:61:31:7f:ca:8b:
5e:bb:8c:06:80:96:5a:f5:2e:76:ed:f8:9f:46:62:
09:98:71:48:aa:bf:1b:63:d0:4a:ca:e8:fe:59:db:
7c:eb:1f:bb:eb:c7:b8:40:46:d9:c3:c7:aa:67:91:
2d:fe:11:2b:14:d3:a2:a6:92:70:34:03:d5:5b:91:
9a:54:ea:22:c7:4f:07:f1:cf:b1:f7:d1:1f:f1:1c:
26:5d:ba:92:73:22:02:79:e4:8b:b6:bb:4b:b8:7a:
df:ab:f6:e7:05:c6:ac:ca:48:e6:2a:a4:22:0f:bf:
fc:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:A9:14:EC:29:38:03:95:A0:02:BF:15:C0:B5:A0:72:C3:F4:FD:EB
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/s6kU7Ck4A5WgAr8VwLWgcsP0_es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.208.0/24
85.133.233.0/24
85.133.242.0/24
Signature Algorithm: sha256WithRSAEncryption
35:de:a0:08:07:29:20:f1:55:fe:50:d5:a5:8d:c6:e6:fa:49:
20:29:80:cd:47:e9:69:9a:ab:8b:7e:ba:21:f1:2b:db:c3:24:
83:19:51:1d:d8:fb:de:c9:76:5c:ec:ca:b2:f5:28:9b:b5:d0:
90:a8:99:ea:fd:89:59:4f:a5:0b:e3:6d:44:d4:02:5d:53:f2:
e3:8d:63:6c:95:38:5e:69:1b:61:30:e5:b3:16:da:cb:b1:cb:
53:b3:cf:5d:c1:8d:10:ae:10:3f:c8:9d:59:1f:00:40:85:95:
28:96:cd:9b:bc:4b:e1:92:5a:cc:fc:be:a3:1b:c2:d5:55:2f:
ff:e3:55:34:94:0e:6d:47:c4:b0:88:02:0f:09:42:91:ef:6a:
6c:12:df:06:22:09:c5:68:aa:70:a6:1a:7c:20:7c:a5:76:df:
3c:01:ba:04:e6:cf:4d:1b:7f:07:f6:d6:0c:0d:0d:4f:07:5b:
a8:99:4b:8a:5e:a8:2b:40:81:6c:e3:aa:c0:9e:2f:9f:1d:35:
34:86:80:f3:c3:41:14:6d:b4:6c:75:79:aa:30:c9:28:db:4b:
6c:11:88:3b:8a:15:0a:b6:f7:30:64:35:97:05:c7:4c:0a:35:
45:f5:5f:4a:74:40:d3:a3:e1:ed:45:ae:83:0a:ba:7f:98:d4:
fe:d4:63:e0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYm17uC4N2XQh1fUV1Hel6S2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwODAyMTEwNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2E5MTRlYzI5MzgwMzk1YTAwMmJmMTVjMGI1YTA3MmMzZjRmZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbLDLDqHyoxcQdBKdPt4ulyWKY/0
2iEAoI3CipYfoF1mEE4Y7uAs9Y4IrUmkvZwT4O36DId/4U96QEGYUwflordFAxuy
QzaPw2irfncBy/xqNtGAH8B63tMz2P9q5FPZnXmvkiRvMgiDLzGmRAQvUyy8++r4
ogMpM1RunJHFq0tGc28SHjl1TMEv5kTu08ZzYTF/yoteu4wGgJZa9S527fifRmIJ
mHFIqr8bY9BKyuj+Wdt86x+768e4QEbZw8eqZ5Et/hErFNOippJwNAPVW5GaVOoi
x08H8c+x99Ef8RwmXbqScyICeeSLtrtLuHrfq/bnBcasykjmKqQiD7/8SQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLOpFOwpOAOVoAK/FcC1oHLD9P3rMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvczZrVTdDazRBNVdnQXI4VndMV2djc1AwX2VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVYXQAwQA
VYXpAwQAVYXyMA0GCSqGSIb3DQEBCwUAA4IBAQA13qAIBykg8VX+UNWljcbm+kkg
KYDNR+lpmquLfroh8SvbwySDGVEd2PveyXZc7Mqy9SibtdCQqJnq/YlZT6UL421E
1AJdU/LjjWNslTheaRthMOWzFtrLsctTs89dwY0QrhA/yJ1ZHwBAhZUols2bvEvh
klrM/L6jG8LVVS//41U0lA5tR8SwiAIPCUKR72psEt8GIgnFaKpwphp8IHyldt88
AboE5s9NG38H9tYMDQ1PB1uomUuKXqgrQIFs46rAni+fHTU0hoDzw0EUbbRsdXmq
MMko20tsEYg7ihUKtvcwZDWXBcdMCjVF9V9KdEDTo+HtRa6DCrp/mNT+1GPg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org