Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/t48jG7l7f3-68E-uYxVrzOkrIeY.roa
File: t48jG7l7f3-68E-uYxVrzOkrIeY.roa (raw, json)
Hash identifier: +XlTRYGVZ3VoqE3xpF53ac4OYaaLMaOeQctNoUTFgIw=
Subject key identifier: B7:8F:23:1B:B9:7B:7F:7F:BA:F0:4F:AE:63:15:6B:CC:E9:2B:21:E6
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018CC793F2A104C4E096ABAD23DAAA6AC81B
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/t48jG7l7f3-68E-uYxVrzOkrIeY.roa
Signing time: Tue 02 Jan 2024 00:30:11 +0000
ROA not before: Tue 02 Jan 2024 00:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201194
IP address blocks: 85.133.199.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Jan 2024 12:18:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:f2:a1:04:c4:e0:96:ab:ad:23:da:aa:6a:c8:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 2 00:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b78f231bb97b7f7fbaf04fae63156bcce92b21e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0b:de:03:49:9b:44:07:0f:9a:39:1d:e3:a6:
88:31:82:cc:1a:b3:22:50:e9:10:80:f9:29:04:88:
38:5d:69:e7:a3:57:78:fe:ba:3a:19:14:98:3f:66:
0d:21:63:05:db:46:b2:de:83:e9:83:6e:59:95:c0:
5b:77:3d:ed:51:ee:99:fe:12:02:36:05:e0:06:c5:
e2:3e:16:7e:37:ea:88:37:94:c0:90:e8:3c:cc:12:
91:ef:90:18:9d:04:ed:c4:f8:63:f6:bf:30:2e:38:
d2:a4:21:27:28:83:c6:b8:22:4e:3f:95:ab:c9:0a:
ca:a3:d4:27:c1:50:7e:5d:d8:14:94:8f:73:81:b0:
5b:ca:f6:a0:1b:ee:2b:3a:1c:09:5c:7c:6d:b2:a6:
aa:7a:51:bc:46:ae:38:2b:2f:e4:e3:13:16:ca:3f:
77:e4:df:26:5b:d9:a5:36:7c:aa:4e:e5:6c:71:58:
18:4e:d4:18:d9:66:e5:5e:35:39:3e:f4:89:f2:1a:
e4:4f:81:b4:d3:16:d2:c1:15:a9:7f:f2:3f:20:d6:
62:9a:38:7c:e9:40:61:02:05:de:cf:79:e7:60:14:
55:0e:15:af:8f:cc:5e:06:eb:e7:62:a0:0f:d1:be:
e5:db:4e:bb:39:ed:1e:f8:12:ab:ec:fd:fc:0a:ca:
e8:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:8F:23:1B:B9:7B:7F:7F:BA:F0:4F:AE:63:15:6B:CC:E9:2B:21:E6
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/t48jG7l7f3-68E-uYxVrzOkrIeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.199.0/24
85.133.203.0-85.133.205.255
85.133.250.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:31:50:dd:fe:a1:99:51:8f:cf:a6:c9:bc:79:37:34:cf:c5:
29:a6:13:6e:45:86:bf:08:8c:aa:08:3d:c5:d3:7b:84:27:a7:
60:3c:24:4d:14:02:be:84:f9:23:a8:74:60:8f:41:37:11:bb:
3e:08:19:07:ef:f3:00:23:eb:c7:ed:8e:80:4a:db:32:af:5a:
26:49:26:72:90:85:f1:ab:97:c2:d0:0a:1a:d9:e2:91:1c:a5:
09:1d:d3:cf:19:51:95:1f:09:84:79:2a:74:8e:8e:cb:85:c7:
fe:16:f2:4f:63:d4:fe:85:8c:26:79:4c:85:cb:09:df:16:cf:
c1:d1:d9:dd:35:8c:89:1c:ab:ff:95:6b:b6:4e:1b:2b:38:45:
09:76:44:ea:0b:3e:1f:2c:55:97:ab:b4:0e:5c:2f:1e:d9:34:
da:c7:b5:7e:f1:ed:29:48:2f:b4:ae:25:4b:77:e0:22:cb:f7:
61:4d:7b:0b:70:df:6f:80:b6:48:bf:20:e5:f1:24:3f:8a:5b:
dc:eb:a0:6f:d9:cc:1c:df:9f:eb:38:62:aa:e7:3f:ee:fe:6b:
e4:d9:da:c4:b7:77:6f:52:c5:d9:6f:06:2a:dd:b4:ee:a5:53:
d6:6b:9f:76:78:14:af:e1:9c:06:3a:7e:47:f1:d2:fb:64:d0:
40:89:b3:ec
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzHk/KhBMTglqutI9qqasgbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMTAyMDAzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzhmMjMxYmI5N2I3ZjdmYmFmMDRmYWU2MzE1NmJjY2U5MmIyMWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQveA0mbRAcPmjkd46aIMYLMGrMi
UOkQgPkpBIg4XWnno1d4/ro6GRSYP2YNIWMF20ay3oPpg25ZlcBbdz3tUe6Z/hIC
NgXgBsXiPhZ+N+qIN5TAkOg8zBKR75AYnQTtxPhj9r8wLjjSpCEnKIPGuCJOP5Wr
yQrKo9QnwVB+XdgUlI9zgbBbyvagG+4rOhwJXHxtsqaqelG8Rq44Ky/k4xMWyj93
5N8mW9mlNnyqTuVscVgYTtQY2WblXjU5PvSJ8hrkT4G00xbSwRWpf/I/INZimjh8
6UBhAgXez3nnYBRVDhWvj8xeBuvnYqAP0b7l2067Oe0e+BKr7P38CsroYwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLePIxu5e39/uvBPrmMVa8zpKyHmMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvdDQ4akc3bDdmMy02OEUtdVl4VnJ6T2tySWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAVYXHMAwD
BABVhcsDBAFVhcwDBABVhfowDQYJKoZIhvcNAQELBQADggEBAE4xUN3+oZlRj8+m
ybx5NzTPxSmmE25Fhr8IjKoIPcXTe4Qnp2A8JE0UAr6E+SOodGCPQTcRuz4IGQfv
8wAj68ftjoBK2zKvWiZJJnKQhfGrl8LQChrZ4pEcpQkd088ZUZUfCYR5KnSOjsuF
x/4W8k9j1P6FjCZ5TIXLCd8Wz8HR2d01jIkcq/+Va7ZOGys4RQl2ROoLPh8sVZer
tA5cLx7ZNNrHtX7x7SlIL7SuJUt34CLL92FNewtw32+Atki/IOXxJD+KW9zroG/Z
zBzfn+s4YqrnP+7+a+TZ2sS3d29SxdlvBirdtO6lU9Zrn3Z4FK/hnAY6fkfx0vtk
0ECJs+w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org