Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/wxalafMYXOscld9hpY1R5sgL2G4.roa
File: wxalafMYXOscld9hpY1R5sgL2G4.roa (raw, json)
Hash identifier: W8J75BUWXcq7Lw1LIGnRHe5EZ+gzZXfjSxoFRhJ0bOc=
Subject key identifier: C3:16:A5:69:F3:18:5C:EB:1C:95:DF:61:A5:8D:51:E6:C8:0B:D8:6E
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018B806182E8BABEA4B7DFE93AA92128E935
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/wxalafMYXOscld9hpY1R5sgL2G4.roa
Signing time: Mon 30 Oct 2023 11:39:16 +0000
ROA not before: Mon 30 Oct 2023 11:39:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.210.0/23 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.209.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Nov 2023 12:22:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:61:82:e8:ba:be:a4:b7:df:e9:3a:a9:21:28:e9:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Oct 30 11:39:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c316a569f3185ceb1c95df61a58d51e6c80bd86e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a2:91:4b:fd:c2:87:59:00:62:b8:ec:30:62:
6a:0c:72:5e:89:18:20:6c:49:05:86:86:d6:4f:de:
dd:ce:d5:1e:87:cf:f2:6e:12:4e:8b:c0:c5:f5:28:
41:d4:d6:94:61:75:1c:53:59:17:00:2b:f9:83:6c:
89:46:4d:91:af:27:de:b0:e9:5a:b2:57:2d:2a:16:
a1:56:69:e4:5b:d9:40:4a:59:41:e1:88:d5:fa:5d:
28:8a:68:57:2b:27:30:bc:99:b1:06:85:0e:a5:37:
5f:86:44:ba:6a:2a:3e:d0:32:5e:dd:d9:a5:b0:3d:
20:46:94:39:a2:e4:fd:09:99:26:ad:ac:48:3f:b1:
11:50:f6:e2:41:9c:b8:b5:7e:de:ed:d6:35:29:a5:
5f:b2:cc:7c:8e:24:90:c0:ba:66:2b:6b:af:a0:aa:
62:ef:ff:07:0d:ed:f5:d3:1e:4d:8c:b0:43:d8:1a:
84:7f:ea:60:76:02:99:5a:62:8f:65:2e:64:a6:78:
35:89:fe:9a:6f:10:a3:69:42:93:6f:89:eb:ad:52:
23:82:8e:af:34:bf:56:85:f1:ab:fa:d8:60:10:c5:
a7:5e:bd:ef:ec:f7:e9:60:f7:91:2c:ee:97:c8:a4:
90:95:c4:ac:2e:e1:20:39:50:b5:c1:db:b5:5f:71:
93:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:16:A5:69:F3:18:5C:EB:1C:95:DF:61:A5:8D:51:E6:C8:0B:D8:6E
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/wxalafMYXOscld9hpY1R5sgL2G4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
94:76:8d:fb:d0:d4:38:ff:4e:de:31:60:37:09:f3:a8:08:c9:
f9:44:f1:f3:d8:13:cf:aa:d4:ae:b7:0d:e4:7a:96:5c:6b:d4:
49:18:c9:6b:bc:d7:cd:d9:fb:90:94:2a:bb:05:58:2e:39:4b:
a4:bc:3d:f5:23:3d:d6:83:01:f6:a9:e0:84:65:c6:1c:de:12:
9e:78:72:4a:a2:03:33:34:9d:42:05:29:9d:3e:e6:23:e4:c8:
c3:56:0f:f5:bb:36:30:af:ea:a6:44:68:69:7a:29:b2:bb:81:
29:9a:27:c5:bc:b1:f5:24:f6:98:65:2e:cf:0e:ef:e5:37:0a:
58:eb:1c:27:21:98:ff:4b:69:47:6f:b5:63:ea:b3:00:81:a2:
92:2e:04:ac:ce:51:77:d6:58:86:c1:60:6d:8c:79:04:aa:d3:
9e:1b:b2:28:e2:c6:00:b4:cd:61:ee:da:1c:05:5c:b6:f2:72:
ee:81:ff:b5:4b:27:37:23:67:dd:6e:d0:25:a6:44:47:8c:da:
99:2b:4b:f5:1c:03:21:e8:83:05:67:68:c6:61:e5:37:cc:eb:
22:60:05:59:2b:2e:b9:5e:85:1a:d5:30:5c:ea:e7:32:8c:5c:
40:ad:a2:96:25:f1:bc:8c:1f:16:30:30:34:0c:a9:2e:df:98:
d3:d5:df:b5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYuAYYLour6kt9/pOqkhKOk1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMxMDMwMTEzOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzE2YTU2OWYzMTg1Y2ViMWM5NWRmNjFhNThkNTFlNmM4MGJkODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaKRS/3Ch1kAYrjsMGJqDHJeiRgg
bEkFhobWT97dztUeh8/ybhJOi8DF9ShB1NaUYXUcU1kXACv5g2yJRk2RryfesOla
slctKhahVmnkW9lASllB4YjV+l0oimhXKycwvJmxBoUOpTdfhkS6aio+0DJe3dml
sD0gRpQ5ouT9CZkmraxIP7ERUPbiQZy4tX7e7dY1KaVfssx8jiSQwLpmK2uvoKpi
7/8HDe310x5NjLBD2BqEf+pgdgKZWmKPZS5kpng1if6abxCjaUKTb4nrrVIjgo6v
NL9WhfGr+thgEMWnXr3v7PfpYPeRLO6XyKSQlcSsLuEgOVC1wdu1X3GTuQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMMWpWnzGFzrHJXfYaWNUebIC9huMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvd3hhbGFmTVlYT3NjbGQ5aHBZMVI1c2dMMkc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQCUdo370NQ4/07e
MWA3CfOoCMn5RPHz2BPPqtSutw3kepZca9RJGMlrvNfN2fuQlCq7BVguOUukvD31
Iz3WgwH2qeCEZcYc3hKeeHJKogMzNJ1CBSmdPuYj5MjDVg/1uzYwr+qmRGhpeimy
u4EpmifFvLH1JPaYZS7PDu/lNwpY6xwnIZj/S2lHb7Vj6rMAgaKSLgSszlF31liG
wWBtjHkEqtOeG7Io4sYAtM1h7tocBVy28nLugf+1Syc3I2fdbtAlpkRHjNqZK0v1
HAMh6IMFZ2jGYeU3zOsiYAVZKy65XoUa1TBc6ucyjFxAraKWJfG8jB8WMDA0DKku
35jT1d+1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org