Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/trOnIhe5E-ddKOb4BMl8yI-70G0.roa
File: trOnIhe5E-ddKOb4BMl8yI-70G0.roa (raw, json)
Hash identifier: og+YMxmpQVMhJHKTM7hvhT7DwJenQzcDj0LOd6TZElM=
Subject key identifier: B6:B3:A7:22:17:B9:13:E7:5D:28:E6:F8:04:C9:7C:C8:8F:BB:D0:6D
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0191B6DFC01FFD478AF999CCCAA21559817A
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/trOnIhe5E-ddKOb4BMl8yI-70G0.roa
Signing time: Tue 03 Sep 2024 07:53:22 +0000
ROA not before: Tue 03 Sep 2024 07:53:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42337
IP address blocks: 85.133.215.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 12:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b6:df:c0:1f:fd:47:8a:f9:99:cc:ca:a2:15:59:81:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Sep 3 07:53:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6b3a72217b913e75d28e6f804c97cc88fbbd06d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b1:52:4c:ae:bf:fa:2a:e7:28:30:5c:33:91:
7e:b8:d2:3c:18:00:a1:fc:62:a1:33:fc:bf:01:fd:
de:74:bc:27:3f:37:b7:59:e8:1b:46:3d:42:42:5d:
08:22:e9:66:0e:ed:05:36:cf:6c:4f:c1:73:5a:b0:
29:f4:f8:13:ac:85:db:25:34:c1:e5:fc:3d:17:63:
f5:07:8f:a8:b0:e2:2a:01:19:30:48:fd:b0:7a:6f:
6c:0f:b5:0e:a3:32:7f:b7:4e:bd:53:a7:22:92:da:
b7:ca:01:6c:6b:58:ba:e4:7f:5c:90:02:61:ba:d1:
db:76:42:2a:12:bd:e4:a0:14:24:df:96:bd:d1:20:
f1:1f:cd:cf:9b:15:d0:cc:57:29:ca:1a:55:9d:89:
6b:88:4a:7a:56:f7:54:4d:2b:c2:48:6d:ca:1c:6d:
37:d9:20:69:36:2d:06:e7:c4:bb:1f:94:3a:23:cc:
87:0d:e8:76:c9:68:7b:2f:97:b8:88:a8:a1:d2:fd:
1d:5f:9c:ba:5e:5c:05:cf:22:cc:bf:ed:28:eb:c2:
b1:4c:2a:f3:86:e3:65:00:ef:e9:3c:9a:11:98:1a:
7b:8f:86:c2:10:09:bf:aa:59:b0:86:7e:6b:bf:09:
e3:ef:97:5d:e8:89:d7:eb:15:95:ea:2d:5d:46:39:
54:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:B3:A7:22:17:B9:13:E7:5D:28:E6:F8:04:C9:7C:C8:8F:BB:D0:6D
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/trOnIhe5E-ddKOb4BMl8yI-70G0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.215.0/24
85.133.217.0/24
85.133.225.0/24
85.133.227.0-85.133.228.255
85.133.240.0/24
85.133.247.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:49:77:55:d0:d9:3d:b3:83:39:8a:cf:71:6c:76:e6:42:d7:
23:64:56:a9:8e:10:18:fd:a9:14:d5:fd:ee:81:c9:32:e5:97:
ee:17:50:10:82:91:3a:3a:86:0b:ae:a8:73:64:dd:28:7b:6b:
a3:e1:db:f8:5b:4c:d8:42:10:c9:47:61:0e:04:23:5d:fa:e2:
8f:fc:bd:22:57:34:fb:9e:ec:70:17:04:b8:79:be:50:47:ea:
26:34:7b:28:05:1c:ef:04:75:fa:f5:9e:dd:7c:fb:e1:bf:21:
83:b9:b3:9b:64:ed:f4:87:ef:56:8a:fb:9b:7d:64:56:2f:af:
2e:60:20:48:c5:e6:bd:18:26:3d:b0:13:4f:97:33:ce:69:05:
ce:c0:fa:f3:c7:72:21:b6:e8:3a:f7:d7:96:46:f3:91:92:1d:
61:9e:a3:67:cd:5e:b4:eb:2b:bf:9d:f6:bc:19:ef:39:4d:f6:
ce:d4:8b:cf:a6:ea:13:34:d3:aa:bf:22:86:9b:59:0e:d2:2e:
c2:ea:51:cc:cd:2c:fb:64:f8:1d:70:a4:a1:6b:b3:f5:25:52:
a2:d4:51:f6:b6:4c:9c:db:2b:dc:12:7d:91:78:da:1b:13:68:
ae:52:fd:f2:ec:25:ce:3f:94:e0:23:90:dc:7f:a6:ea:97:f7:
59:56:b7:3c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZG238Af/UeK+ZnMyqIVWYF6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwOTAzMDc1MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmIzYTcyMjE3YjkxM2U3NWQyOGU2ZjgwNGM5N2NjODhmYmJkMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbFSTK6/+irnKDBcM5F+uNI8GACh
/GKhM/y/Af3edLwnPze3WegbRj1CQl0IIulmDu0FNs9sT8FzWrAp9PgTrIXbJTTB
5fw9F2P1B4+osOIqARkwSP2wem9sD7UOozJ/t069U6ciktq3ygFsa1i65H9ckAJh
utHbdkIqEr3koBQk35a90SDxH83PmxXQzFcpyhpVnYlriEp6VvdUTSvCSG3KHG03
2SBpNi0G58S7H5Q6I8yHDeh2yWh7L5e4iKih0v0dX5y6XlwFzyLMv+0o68KxTCrz
huNlAO/pPJoRmBp7j4bCEAm/qlmwhn5rvwnj75dd6InX6xWV6i1dRjlUcwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLazpyIXuRPnXSjm+ATJfMiPu9BtMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvdHJPbkloZTVFLWRkS09iNEJNbDh5SS03MEcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAVYXXAwQA
VYXZAwQAVYXhMAwDBABVheMDBABVheQDBABVhfADBABVhfcwDQYJKoZIhvcNAQEL
BQADggEBAKlJd1XQ2T2zgzmKz3FsduZC1yNkVqmOEBj9qRTV/e6ByTLll+4XUBCC
kTo6hguuqHNk3Sh7a6Ph2/hbTNhCEMlHYQ4EI1364o/8vSJXNPue7HAXBLh5vlBH
6iY0eygFHO8Edfr1nt18++G/IYO5s5tk7fSH71aK+5t9ZFYvry5gIEjF5r0YJj2w
E0+XM85pBc7A+vPHciG26Dr315ZG85GSHWGeo2fNXrTrK7+d9rwZ7zlN9s7Ui8+m
6hM006q/IoabWQ7SLsLqUczNLPtk+B1wpKFrs/UlUqLUUfa2TJzbK9wSfZF42hsT
aK5S/fLsJc4/lOAjkNx/puqX91lWtzw=
-----END CERTIFICATE-----
Generated at Tue Sep 17 18:26:53 2024 by rpki-client on console-ams.rpki-client.org