Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/tyec-nt61jIrGtYCNdQbw4ktc6I.roa
File: tyec-nt61jIrGtYCNdQbw4ktc6I.roa (raw, json)
Hash identifier: zgLNUspnRyzqLQOpK1LwFBXTPX5zc7AIhA+Bfktfiy8=
Subject key identifier: B7:27:9C:FA:7B:7A:D6:32:2B:1A:D6:02:35:D4:1B:C3:89:2D:73:A2
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018F672F3036094B67157133952295E218B9
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/tyec-nt61jIrGtYCNdQbw4ktc6I.roa
Signing time: Sat 11 May 2024 10:24:56 +0000
ROA not before: Sat 11 May 2024 10:24:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/17 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.189.0/24 maxlen: 24
85.133.192.0/22 maxlen: 22
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.206.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.224.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.240.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 16 May 2024 09:44:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:67:2f:30:36:09:4b:67:15:71:33:95:22:95:e2:18:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: May 11 10:24:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7279cfa7b7ad6322b1ad60235d41bc3892d73a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:91:dc:f6:3b:8c:a5:ed:22:c1:dd:5c:af:3f:
75:13:15:14:01:5c:48:4a:b3:fa:a7:c9:ba:81:0b:
90:05:91:48:71:7c:bc:8d:2c:2b:40:be:6b:f6:84:
91:31:3b:63:d9:82:de:1c:1f:3b:3d:26:af:9a:bc:
90:72:d8:5b:40:7c:c9:37:10:a4:27:f3:48:37:0b:
bb:0d:b2:3f:c5:3d:50:00:bd:6d:1d:6a:0d:9c:98:
c6:34:6e:9a:c2:7d:8a:b5:90:0f:b6:56:9c:01:19:
33:3d:ab:5f:ef:86:4f:99:a3:cd:ae:01:4e:e7:5a:
50:08:61:4d:fa:4f:b9:29:29:b6:a3:0c:d9:9f:44:
ff:54:35:f8:d9:d1:6e:15:6e:62:8b:bf:46:7b:23:
36:b9:9b:5e:03:c4:81:5b:79:75:e7:ba:70:07:72:
78:75:d7:b7:1f:18:a5:c9:79:b8:ba:47:c3:60:66:
51:82:3a:61:d9:b3:64:fb:1a:9f:11:18:aa:39:90:
9b:0b:d2:e9:2c:38:54:aa:48:ae:62:af:46:f6:14:
6f:29:62:21:e1:18:ad:d7:9d:58:ff:40:81:48:20:
50:a1:1e:e3:78:c9:98:b8:32:97:92:60:8b:93:37:
4f:80:ec:c7:19:6a:23:dc:26:7b:fe:d9:b6:3e:e9:
6c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:27:9C:FA:7B:7A:D6:32:2B:1A:D6:02:35:D4:1B:C3:89:2D:73:A2
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/tyec-nt61jIrGtYCNdQbw4ktc6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.1.0-185.41.3.255
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
5e:25:5d:97:fb:f6:ce:81:1b:53:ff:f9:75:f3:43:18:3c:cf:
60:c2:c0:99:0f:ab:ec:04:9e:e5:82:96:e0:5f:1d:0c:26:ad:
1b:a5:68:23:60:4a:31:5d:ce:7b:17:65:a7:f7:4b:c2:ca:6c:
75:15:d8:9f:69:a8:ad:83:b5:54:a2:4f:fa:ed:e5:d1:d6:45:
65:29:fe:c2:08:f3:88:ad:ea:5b:84:7f:d2:76:b1:94:3d:51:
1f:bb:d8:2a:c5:ad:b2:49:91:c5:1a:2b:5e:cf:ee:7f:b6:ec:
71:f6:f0:7b:45:99:f1:18:11:15:4b:5c:dc:b0:48:65:26:ca:
37:52:52:94:0e:fa:16:b9:09:c5:17:62:f1:5f:fb:e5:2e:fc:
cc:24:69:d1:3d:07:2d:c6:f2:86:6b:52:33:78:0a:a9:5a:d7:
ee:a2:7e:bf:23:81:ed:c3:7e:28:16:bc:8e:d9:4e:1f:06:27:
9f:4a:66:8f:b5:d1:06:cd:2c:b7:7e:f6:11:88:da:8a:f8:c0:
e5:49:9c:40:ed:d0:ff:fb:b2:0d:1f:e0:4b:c4:0c:db:27:84:
e1:76:ac:31:ad:a6:ae:f6:0a:1f:40:46:0e:b7:ff:d6:71:08:
2e:e3:2b:f7:1f:93:19:a2:af:6e:c9:4e:ea:11:61:60:5c:93:
06:d0:91:38
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY9nLzA2CUtnFXEzlSKV4hi5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwNTExMTAyNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzI3OWNmYTdiN2FkNjMyMmIxYWQ2MDIzNWQ0MWJjMzg5MmQ3M2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJHc9juMpe0iwd1crz91ExUUAVxI
SrP6p8m6gQuQBZFIcXy8jSwrQL5r9oSRMTtj2YLeHB87PSavmryQcthbQHzJNxCk
J/NINwu7DbI/xT1QAL1tHWoNnJjGNG6awn2KtZAPtlacARkzPatf74ZPmaPNrgFO
51pQCGFN+k+5KSm2owzZn0T/VDX42dFuFW5ii79GeyM2uZteA8SBW3l157pwB3J4
dde3HxilyXm4ukfDYGZRgjph2bNk+xqfERiqOZCbC9LpLDhUqkiuYq9G9hRvKWIh
4Rit151Y/0CBSCBQoR7jeMmYuDKXkmCLkzdPgOzHGWoj3CZ7/tm2PulsyQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLcnnPp7etYyKxrWAjXUG8OJLXOiMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvdHllYy1udDYxaklyR3RZQ05kUWJ3NGt0YzZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQHVYWAMAwD
BAC5KQEDBAK5KQAwDQQCAAIwBwMFAyoEh8AwDQYJKoZIhvcNAQELBQADggEBAF4l
XZf79s6BG1P/+XXzQxg8z2DCwJkPq+wEnuWCluBfHQwmrRulaCNgSjFdznsXZaf3
S8LKbHUV2J9pqK2DtVSiT/rt5dHWRWUp/sII84it6luEf9J2sZQ9UR+72CrFrbJJ
kcUaK17P7n+27HH28HtFmfEYERVLXNywSGUmyjdSUpQO+ha5CcUXYvFf++Uu/Mwk
adE9By3G8oZrUjN4Cqla1+6ifr8jge3DfigWvI7ZTh8GJ59KZo+10QbNLLd+9hGI
2or4wOVJnEDt0P/7sg0f4EvEDNsnhOF2rDGtpq72Ch9ARg63/9ZxCC7jK/cfkxmi
r27JTuoRYWBckwbQkTg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org