Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/ssOPoddCaCMasIqYazzS6lAIkdY.roa
File: ssOPoddCaCMasIqYazzS6lAIkdY.roa (raw, json)
Hash identifier: 74JxYoYiAZ8M0/IQ1Trc+I+MBOA39tmDDCr0NyIzf+I=
Subject key identifier: B2:C3:8F:A1:D7:42:68:23:1A:B0:8A:98:6B:3C:D2:EA:50:08:91:D6
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0189E3961C62FC1F8910123555EB0689B06D
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/ssOPoddCaCMasIqYazzS6lAIkdY.roa
Signing time: Fri 11 Aug 2023 07:53:32 +0000
ROA not before: Fri 11 Aug 2023 07:53:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60707
IP address blocks: 85.133.174.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Aug 2023 07:57:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e3:96:1c:62:fc:1f:89:10:12:35:55:eb:06:89:b0:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Aug 11 07:53:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2c38fa1d74268231ab08a986b3cd2ea500891d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:22:02:6f:39:76:d6:74:3f:96:40:74:48:75:
6c:e1:0a:b3:d3:91:ed:fc:6a:bf:1e:d1:ff:8c:a1:
d2:da:75:cd:b4:cd:f7:c1:9a:a3:39:c1:ac:64:c5:
f7:73:5e:4a:f8:77:12:39:94:63:77:9e:85:d8:67:
f6:d6:11:24:19:f0:38:5d:a4:d4:fc:0a:7d:6f:68:
84:69:56:8f:e7:61:86:3e:b5:3c:03:54:51:bd:92:
2c:26:b5:0f:1c:bf:f9:6f:b5:84:36:d9:f6:cc:f7:
96:d5:3a:8a:ea:0b:3f:c2:88:ae:7c:7b:70:f5:d0:
97:90:df:28:fa:ce:2a:00:bd:88:19:37:c4:a7:84:
6b:8f:07:fd:3b:5b:d3:f1:d7:78:2a:6c:6b:7c:3d:
fa:17:7e:c5:dd:f7:2a:83:c1:ac:95:d9:f8:bf:04:
0c:02:02:1d:b9:dd:95:ef:a8:47:04:d1:51:84:9a:
ce:e8:e8:d6:6c:d3:fd:9d:88:c4:3d:73:25:79:6c:
83:e0:c7:94:eb:cc:9d:a7:ff:a4:fb:e4:62:47:ef:
32:6b:87:0d:89:10:c0:ab:28:2b:b9:c7:8a:94:ae:
8b:f5:93:2b:15:58:04:8a:de:04:2e:28:c9:b7:72:
32:ff:d7:ef:df:68:23:18:d5:95:1a:a6:c6:40:bf:
6d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:C3:8F:A1:D7:42:68:23:1A:B0:8A:98:6B:3C:D2:EA:50:08:91:D6
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/ssOPoddCaCMasIqYazzS6lAIkdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.135.0/24
85.133.174.0/24
85.133.227.0/24
Signature Algorithm: sha256WithRSAEncryption
30:80:b9:50:e7:d7:7b:85:96:03:47:e7:21:c5:2c:a2:54:53:
85:c3:a4:e3:ff:2e:5e:d2:1c:1f:44:ae:38:80:2e:42:aa:9d:
57:6f:56:18:cd:cb:32:0f:19:31:ba:e9:cd:e9:ac:fd:bd:85:
b2:89:85:5c:d7:a2:aa:4d:8b:35:4e:76:a0:cb:4f:ec:d3:e9:
b8:39:56:3d:42:74:97:51:36:6d:96:60:25:65:ba:5f:2d:1e:
88:80:6b:21:df:da:95:97:88:f3:90:ac:6a:7a:92:7d:80:14:
f9:b1:a3:1a:09:42:6d:9b:f5:66:d6:8a:b7:7d:12:35:63:6f:
c8:9f:00:a3:87:0b:d1:fb:90:b4:bd:52:8f:79:18:e2:94:e6:
3e:37:a9:d9:0b:94:81:96:2e:af:bf:c9:22:5f:7b:a5:1b:f4:
a3:77:29:6e:84:91:fb:a2:83:df:29:f4:99:f7:d2:b3:2a:0d:
65:13:a2:88:ee:11:3c:1e:0d:7a:48:35:a6:52:c0:ab:9f:83:
4c:6a:ee:6c:fd:0d:58:1d:73:f1:06:49:bc:c6:89:a2:83:a7:
2e:0a:61:76:a4:07:41:05:30:b2:7a:98:2a:47:e7:f3:3d:aa:
4a:56:77:9b:21:37:f2:d4:f4:b3:f8:75:07:10:12:3d:9b:29:
c4:9d:30:20
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnjlhxi/B+JEBI1VesGibBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwODExMDc1MzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmMzOGZhMWQ3NDI2ODIzMWFiMDhhOTg2YjNjZDJlYTUwMDg5MWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyICbzl21nQ/lkB0SHVs4Qqz05Ht
/Gq/HtH/jKHS2nXNtM33wZqjOcGsZMX3c15K+HcSOZRjd56F2Gf21hEkGfA4XaTU
/Ap9b2iEaVaP52GGPrU8A1RRvZIsJrUPHL/5b7WENtn2zPeW1TqK6gs/woiufHtw
9dCXkN8o+s4qAL2IGTfEp4Rrjwf9O1vT8dd4KmxrfD36F37F3fcqg8Gsldn4vwQM
AgIdud2V76hHBNFRhJrO6OjWbNP9nYjEPXMleWyD4MeU68ydp/+k++RiR+8ya4cN
iRDAqygruceKlK6L9ZMrFVgEit4ELijJt3Iy/9fv32gjGNWVGqbGQL9tXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLLDj6HXQmgjGrCKmGs80upQCJHWMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvc3NPUG9kZENhQ01hc0lxWWF6elM2bEFJa2RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVYWHAwQA
VYWuAwQAVYXjMA0GCSqGSIb3DQEBCwUAA4IBAQAwgLlQ59d7hZYDR+chxSyiVFOF
w6Tj/y5e0hwfRK44gC5Cqp1Xb1YYzcsyDxkxuunN6az9vYWyiYVc16KqTYs1Tnag
y0/s0+m4OVY9QnSXUTZtlmAlZbpfLR6IgGsh39qVl4jzkKxqepJ9gBT5saMaCUJt
m/Vm1oq3fRI1Y2/InwCjhwvR+5C0vVKPeRjilOY+N6nZC5SBli6vv8kiX3ulG/Sj
dyluhJH7ooPfKfSZ99KzKg1lE6KI7hE8Hg16SDWmUsCrn4NMau5s/Q1YHXPxBkm8
xomig6cuCmF2pAdBBTCyepgqR+fzPapKVnebITfy1PSz+HUHEBI9mynEnTAg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org