Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/utCGHEP5bfXTFbGHwkyMXu114cA.roa
File: utCGHEP5bfXTFbGHwkyMXu114cA.roa (raw, json)
Hash identifier: cVpMgG4xW5h2tAo4oEdbs7GfvSALb2NJK0m6uEkclvw=
Subject key identifier: BA:D0:86:1C:43:F9:6D:F5:D3:15:B1:87:C2:4C:8C:5E:ED:75:E1:C0
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 019427B5FD312E956242476D648AE0B1315B
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/utCGHEP5bfXTFbGHwkyMXu114cA.roa
Signing time: Thu 02 Jan 2025 15:50:25 +0000
ROA not before: Thu 02 Jan 2025 15:50:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198154
IP address blocks: 85.133.221.0/24 maxlen: 24
85.133.224.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 08:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:fd:31:2e:95:62:42:47:6d:64:8a:e0:b1:31:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 2 15:50:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bad0861c43f96df5d315b187c24c8c5eed75e1c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:fe:5f:41:12:78:75:06:22:2a:84:3c:f1:cc:
78:3c:09:0a:c9:20:5f:a4:60:77:d8:64:e6:70:09:
43:ca:ee:ac:37:c4:be:66:25:43:a1:e5:b0:da:89:
b7:41:95:a3:27:09:e7:72:74:e0:43:4c:54:26:ae:
98:f2:f3:30:36:5e:83:2e:68:ca:ad:d0:a7:41:d1:
bb:1b:53:c4:b5:26:72:e0:59:b0:01:38:cd:6c:68:
01:b3:8f:96:27:83:1e:d1:04:26:15:30:d7:26:18:
37:08:6d:ee:b5:35:39:85:0b:f3:e9:27:66:b2:cf:
8b:d4:18:62:d5:02:05:54:88:b4:9b:d1:18:31:4f:
1f:5f:22:e3:8b:49:b2:cd:2c:2a:49:5a:b2:aa:b8:
a1:d4:33:25:a2:a7:be:99:07:16:35:f0:b5:23:d3:
3c:d5:40:d0:7f:ce:05:b1:5c:e8:98:7c:8b:33:ad:
da:da:7e:cf:bb:c8:70:8f:08:bd:fb:c5:18:51:7a:
4e:47:aa:e5:90:44:b0:de:94:1a:e8:b3:f0:74:74:
90:4c:6c:87:28:dd:2a:f9:1a:14:32:82:79:c1:ca:
2e:5d:0b:8e:76:fa:b7:56:96:e5:13:cc:c1:3c:aa:
28:28:fe:1b:d2:70:d8:45:bf:e4:5c:08:e8:eb:05:
e7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:D0:86:1C:43:F9:6D:F5:D3:15:B1:87:C2:4C:8C:5E:ED:75:E1:C0
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/utCGHEP5bfXTFbGHwkyMXu114cA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.221.0/24
85.133.224.0/24
85.133.250.0/24
Signature Algorithm: sha256WithRSAEncryption
20:38:98:fd:79:c1:1e:e1:81:62:b1:3c:00:d1:fc:dc:a0:54:
86:6a:a2:a2:0e:65:38:8d:51:b4:4f:c9:6a:36:9f:6f:ee:fa:
bb:14:92:7a:83:3d:1d:e0:c8:5d:d2:79:4c:ae:ee:62:58:d1:
23:51:d4:7b:ff:45:cd:dd:1f:89:3c:11:8c:e9:cd:a0:f8:00:
14:0f:1b:11:be:b8:c8:70:d9:df:28:f2:62:e9:ce:3f:d6:09:
3a:b9:64:1e:26:98:d4:d0:81:24:27:c6:c4:96:51:ce:ef:ac:
03:bd:19:56:9f:a3:79:e7:48:2e:11:59:23:e8:98:8e:fb:b5:
ee:53:a4:7e:33:47:04:a5:69:33:ff:03:a1:51:3a:43:1a:38:
4c:01:d8:4b:b5:2c:70:9e:a2:6a:60:df:2b:b5:18:cb:4f:c0:
1f:08:41:ed:6e:c8:b6:82:05:3e:0b:64:52:e9:8e:28:49:43:
24:04:a0:4a:f0:7a:5a:ee:5d:2d:39:5c:9b:2f:a1:a6:a9:5c:
fc:81:6b:7f:11:11:31:61:6e:68:ca:13:d3:3f:22:62:09:28:
d0:15:fa:36:cd:e3:8a:ba:2b:e6:f2:c6:c3:26:0a:17:f5:14:
ee:87:be:f3:2b:c2:5a:be:2f:22:a1:11:a0:d3:75:55:2b:64:
34:c0:a9:f3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQntf0xLpViQkdtZIrgsTFbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwMTAyMTU1MDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWQwODYxYzQzZjk2ZGY1ZDMxNWIxODdjMjRjOGM1ZWVkNzVlMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/5fQRJ4dQYiKoQ88cx4PAkKySBf
pGB32GTmcAlDyu6sN8S+ZiVDoeWw2om3QZWjJwnncnTgQ0xUJq6Y8vMwNl6DLmjK
rdCnQdG7G1PEtSZy4FmwATjNbGgBs4+WJ4Me0QQmFTDXJhg3CG3utTU5hQvz6Sdm
ss+L1Bhi1QIFVIi0m9EYMU8fXyLji0myzSwqSVqyqrih1DMloqe+mQcWNfC1I9M8
1UDQf84FsVzomHyLM63a2n7Pu8hwjwi9+8UYUXpOR6rlkESw3pQa6LPwdHSQTGyH
KN0q+RoUMoJ5wcouXQuOdvq3VpblE8zBPKooKP4b0nDYRb/kXAjo6wXnUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLrQhhxD+W310xWxh8JMjF7tdeHAMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvdXRDR0hFUDViZlhURmJHSHdreU1YdTExNGNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVYXdAwQA
VYXgAwQAVYX6MA0GCSqGSIb3DQEBCwUAA4IBAQAgOJj9ecEe4YFisTwA0fzcoFSG
aqKiDmU4jVG0T8lqNp9v7vq7FJJ6gz0d4Mhd0nlMru5iWNEjUdR7/0XN3R+JPBGM
6c2g+AAUDxsRvrjIcNnfKPJi6c4/1gk6uWQeJpjU0IEkJ8bEllHO76wDvRlWn6N5
50guEVkj6JiO+7XuU6R+M0cEpWkz/wOhUTpDGjhMAdhLtSxwnqJqYN8rtRjLT8Af
CEHtbsi2ggU+C2RS6Y4oSUMkBKBK8Hpa7l0tOVybL6GmqVz8gWt/ERExYW5oyhPT
PyJiCSjQFfo2zeOKuivm8sbDJgoX9RTuh77zK8Javi8ioRGg03VVK2Q0wKnz
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:34:39 2025 by rpki-client