Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/wzQJJk6-4oC6K03SNyO0cq20CYo.roa
File: wzQJJk6-4oC6K03SNyO0cq20CYo.roa (raw, json)
Hash identifier: bQTQlgJpiJNMCd+MLOJz+ygiHHS4fa4siK8EWTfM9PY=
Subject key identifier: C3:34:09:26:4E:BE:E2:80:BA:2B:4D:D2:37:23:B4:72:AD:B4:09:8A
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01877991F6B91C2E6914E81FC57CF49406D9
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/wzQJJk6-4oC6K03SNyO0cq20CYo.roa
Signing time: Thu 13 Apr 2023 07:43:41 +0000
ROA not before: Thu 13 Apr 2023 07:43:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.228.0/22 maxlen: 22
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.236.0/22 maxlen: 22
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/22 maxlen: 22
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.194.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.208.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.209.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.226.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.132.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.136.0/22 maxlen: 22
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.156.0/22 maxlen: 22
85.133.154.0/24 maxlen: 24
85.133.160.0/22 maxlen: 22
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 13 Apr 2023 07:46:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:79:91:f6:b9:1c:2e:69:14:e8:1f:c5:7c:f4:94:06:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Apr 13 07:43:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c33409264ebee280ba2b4dd23723b472adb4098a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a7:95:eb:96:15:e5:17:30:a7:48:8b:9e:66:
21:65:bd:eb:a4:9a:50:8b:e0:a3:c7:f6:24:af:96:
39:72:03:13:83:c7:0c:69:e3:61:3f:61:a1:b5:dd:
f7:de:7e:dd:da:f6:e6:41:95:85:a1:e5:d3:e3:35:
a6:5d:ab:1e:a3:5b:69:03:d6:a6:1c:5f:af:4b:59:
0f:b8:f0:f1:9f:15:ec:35:ae:7e:06:35:f0:2a:fc:
f2:0c:94:da:9e:da:70:36:ba:b9:20:46:5d:b1:56:
b9:e4:6f:c6:de:fe:b8:95:ec:e9:7d:f7:c6:87:28:
bf:7a:b5:ad:4c:78:87:36:4c:ff:6d:48:29:67:11:
d6:2a:eb:55:48:79:37:33:15:dc:89:04:b0:58:7f:
74:f4:28:ec:66:92:0b:45:95:86:93:39:e9:b6:5a:
f6:27:19:63:a1:3e:78:22:84:68:76:0c:56:13:05:
e2:21:83:f0:2a:94:66:41:55:9c:20:e7:6b:05:3e:
e0:69:46:6f:16:fe:8a:6d:d6:39:29:1f:4a:c1:b8:
91:88:70:74:44:de:84:a4:eb:55:a7:8b:3c:c9:89:
18:5b:de:59:a5:e2:48:ed:d2:dd:61:2e:08:c7:18:
34:f0:eb:ee:c4:cf:59:ec:ee:6d:90:32:1d:1b:7f:
8e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:34:09:26:4E:BE:E2:80:BA:2B:4D:D2:37:23:B4:72:AD:B4:09:8A
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/wzQJJk6-4oC6K03SNyO0cq20CYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
26:39:bb:5a:3f:bf:81:57:22:f7:b3:00:90:db:cd:d7:a3:cb:
35:65:30:85:d9:99:93:b0:29:4f:88:ce:96:18:31:52:8a:7f:
5b:b7:dd:ba:2b:87:38:d9:20:8d:4a:df:ac:1a:45:e8:4a:e7:
20:9b:5f:5c:d9:09:f2:7c:d9:ab:d7:13:8a:09:56:f2:b3:33:
a6:0f:1a:74:57:78:32:f9:51:64:84:f7:3e:0e:11:de:7a:85:
ff:af:9b:1c:4a:30:d4:50:10:71:d2:59:db:e6:ec:05:d9:02:
be:de:e6:05:28:cb:c9:3f:31:12:41:bb:d5:d3:68:55:61:e4:
cf:cd:41:20:e9:72:fd:57:af:63:cb:c0:23:42:4f:2d:c1:9c:
79:99:b0:73:40:ba:27:88:96:de:66:c7:40:a5:6f:83:95:d1:
63:1f:cc:83:d6:b6:5a:d4:e1:f6:6f:28:d7:4d:2c:0c:b4:d5:
17:3f:ba:d7:1f:a5:c7:ae:a7:83:49:50:97:e4:c2:aa:61:89:
3c:d9:27:22:32:95:fc:02:70:da:27:fd:e1:91:df:b5:2e:2c:
96:94:47:00:72:dc:c4:c5:81:3d:87:5f:18:ce:06:e2:ee:3b:
04:ab:5c:e7:2f:ab:6d:69:5d:d5:dd:d1:61:f7:62:46:37:86:
83:d7:6d:df
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYd5kfa5HC5pFOgfxXz0lAbZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNDEzMDc0MzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzM0MDkyNjRlYmVlMjgwYmEyYjRkZDIzNzIzYjQ3MmFkYjQwOThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6eV65YV5Rcwp0iLnmYhZb3rpJpQ
i+Cjx/Ykr5Y5cgMTg8cMaeNhP2Ghtd333n7d2vbmQZWFoeXT4zWmXaseo1tpA9am
HF+vS1kPuPDxnxXsNa5+BjXwKvzyDJTantpwNrq5IEZdsVa55G/G3v64lezpfffG
hyi/erWtTHiHNkz/bUgpZxHWKutVSHk3MxXciQSwWH909CjsZpILRZWGkznptlr2
JxljoT54IoRodgxWEwXiIYPwKpRmQVWcIOdrBT7gaUZvFv6KbdY5KR9KwbiRiHB0
RN6EpOtVp4s8yYkYW95ZpeJI7dLdYS4Ixxg08OvuxM9Z7O5tkDIdG3+OwQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMM0CSZOvuKAuitN0jcjtHKttAmKMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvd3pRSkprNi00b0M2SzAzU055TzBjcTIwQ1lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQAmObtaP7+BVyL3swCQ283X
o8s1ZTCF2ZmTsClPiM6WGDFSin9bt926K4c42SCNSt+sGkXoSucgm19c2QnyfNmr
1xOKCVbyszOmDxp0V3gy+VFkhPc+DhHeeoX/r5scSjDUUBBx0lnb5uwF2QK+3uYF
KMvJPzESQbvV02hVYeTPzUEg6XL9V69jy8AjQk8twZx5mbBzQLoniJbeZsdApW+D
ldFjH8yD1rZa1OH2byjXTSwMtNUXP7rXH6XHrqeDSVCX5MKqYYk82SciMpX8AnDa
J/3hkd+1LiyWlEcActzExYE9h18Yzgbi7jsEq1znL6ttaV3V3dFh92JGN4aD123f
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org