Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/s7tx7wdTenS9J3WZjUAjeZ6eaHM.roa
File: s7tx7wdTenS9J3WZjUAjeZ6eaHM.roa (raw, json)
Hash identifier: ASq51GrLj+0kO7lTYlj1syDIW7ctp1mD7Hjkj4WXTcU=
Subject key identifier: B3:BB:71:EF:07:53:7A:74:BD:27:75:99:8D:40:23:79:9E:9E:68:73
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018CC793F12D958ECD456CF73457D11FC6D4
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/s7tx7wdTenS9J3WZjUAjeZ6eaHM.roa
Signing time: Tue 02 Jan 2024 00:30:10 +0000
ROA not before: Tue 02 Jan 2024 00:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.202.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.224.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:f1:2d:95:8e:cd:45:6c:f7:34:57:d1:1f:c6:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 2 00:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3bb71ef07537a74bd2775998d4023799e9e6873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:78:d9:02:98:b3:6e:6e:8b:1f:53:32:bc:29:
2c:be:24:18:6d:3f:03:a5:58:cd:b2:a3:c7:db:99:
e0:5d:79:e5:e0:d5:2f:6a:8e:7f:30:63:9d:f5:dd:
25:2d:40:1e:e5:2b:e0:de:08:8f:0f:d0:cd:25:7d:
37:d5:6a:3b:ef:dd:61:8e:cb:bc:0f:f7:eb:4d:14:
15:26:f7:08:f0:75:43:09:d7:85:5e:4f:08:79:52:
69:fd:4e:25:d9:a7:61:09:08:07:86:c7:cf:fb:63:
67:ac:bc:34:d5:bf:5c:92:45:83:e9:7b:d9:bc:aa:
72:96:b4:2f:47:51:b0:2c:c4:a1:85:01:d2:40:d6:
c8:8a:f8:c9:bd:a7:65:2f:c5:f0:9c:cc:9a:23:6f:
ab:da:c5:47:cd:61:bd:5f:03:e1:d0:ec:54:91:c5:
e8:51:cb:19:de:ef:7f:bb:79:78:9d:b7:e2:ff:d3:
88:d7:46:c8:8c:90:9a:e1:d7:44:11:7b:6e:ce:9a:
c9:c1:3d:4d:7f:90:15:f3:ea:7f:4b:f9:cf:89:10:
30:30:67:97:1d:0e:85:e7:77:80:65:e6:78:0d:e4:
44:2d:2c:d2:f1:cb:70:b5:93:cf:0e:7f:bd:01:d7:
b0:d9:a5:c1:7f:15:35:ab:3c:33:d7:fa:1b:01:02:
4a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:BB:71:EF:07:53:7A:74:BD:27:75:99:8D:40:23:79:9E:9E:68:73
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/s7tx7wdTenS9J3WZjUAjeZ6eaHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
80:dc:e9:4f:5d:f5:07:88:2c:1a:78:be:18:de:de:86:3b:7a:
b0:4b:48:71:e8:b5:fb:1e:87:53:25:ca:d9:97:1f:6d:11:ed:
89:71:19:96:16:0b:5e:5f:ed:da:29:b8:63:20:02:db:98:22:
11:96:03:80:21:e6:1a:1a:d5:9e:4b:8d:ff:75:aa:4d:1d:6b:
c3:07:f7:35:86:fd:e8:80:5f:a0:56:c9:60:1c:6a:3d:3c:1e:
d8:c7:f0:a4:4b:97:e8:84:af:67:cf:5a:1a:fb:40:2d:8d:0a:
21:3f:8c:8c:f1:c6:3c:1d:7d:87:12:50:1c:28:d5:95:26:9f:
28:0a:0a:9e:5a:33:38:d0:7e:85:35:d7:1c:61:ad:0b:a9:76:
31:89:72:6b:5b:9b:77:7a:5c:90:9d:3d:db:49:d4:f7:8a:8f:
e2:9a:5c:20:80:ee:30:f1:56:8e:f4:1f:5d:22:90:71:5f:dd:
b7:a9:de:3b:28:4b:4c:12:02:72:bd:b7:14:e0:05:2c:6a:1e:
ba:b3:3b:10:8f:94:17:79:75:f0:e4:0f:cd:aa:0f:14:66:48:
20:f8:09:c8:fd:9b:61:4a:4f:81:ae:b2:e7:13:a2:8d:04:c7:
f9:fc:b4:7e:8a:5c:a4:64:83:6a:29:bd:75:59:55:67:1d:53:
a2:b8:87:ea
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHk/EtlY7NRWz3NFfRH8bUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMTAyMDAzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2JiNzFlZjA3NTM3YTc0YmQyNzc1OTk4ZDQwMjM3OTllOWU2ODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXjZApizbm6LH1MyvCksviQYbT8D
pVjNsqPH25ngXXnl4NUvao5/MGOd9d0lLUAe5Svg3giPD9DNJX031Wo7791hjsu8
D/frTRQVJvcI8HVDCdeFXk8IeVJp/U4l2adhCQgHhsfP+2NnrLw01b9ckkWD6XvZ
vKpylrQvR1GwLMShhQHSQNbIivjJvadlL8XwnMyaI2+r2sVHzWG9XwPh0OxUkcXo
UcsZ3u9/u3l4nbfi/9OI10bIjJCa4ddEEXtuzprJwT1Nf5AV8+p/S/nPiRAwMGeX
HQ6F53eAZeZ4DeRELSzS8ctwtZPPDn+9Adew2aXBfxU1qzwz1/obAQJKxQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLO7ce8HU3p0vSd1mY1AI3menmhzMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvczd0eDd3ZFRlblM5SjNXWmpVQWplWjZlYUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQCA3OlPXfUHiCwa
eL4Y3t6GO3qwS0hx6LX7HodTJcrZlx9tEe2JcRmWFgteX+3aKbhjIALbmCIRlgOA
IeYaGtWeS43/dapNHWvDB/c1hv3ogF+gVslgHGo9PB7Yx/CkS5fohK9nz1oa+0At
jQohP4yM8cY8HX2HElAcKNWVJp8oCgqeWjM40H6FNdccYa0LqXYxiXJrW5t3elyQ
nT3bSdT3io/imlwggO4w8VaO9B9dIpBxX923qd47KEtMEgJyvbcU4AUsah66szsQ
j5QXeXXw5A/Nqg8UZkgg+AnI/ZthSk+BrrLnE6KNBMf5/LR+ilykZINqKb11WVVn
HVOiuIfq
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:44 2024 by rpki-client on console-fra.rpki-client.org