Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/xax6SF1t9zhmfDo7cFUlQ7BDUuM.roa
File: xax6SF1t9zhmfDo7cFUlQ7BDUuM.roa (raw, json)
Hash identifier: YFRPV/niq/HE2HGkAa/Vecy8kS1y4XNP7WX1LJtP6GM=
Subject key identifier: C5:AC:7A:48:5D:6D:F7:38:66:7C:3A:3B:70:55:25:43:B0:43:52:E3
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018F0F373A2A86B001C5304BFAA61CCD8577
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/xax6SF1t9zhmfDo7cFUlQ7BDUuM.roa
Signing time: Wed 24 Apr 2024 08:27:08 +0000
ROA not before: Wed 24 Apr 2024 08:27:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 85.133.174.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 May 2024 10:24:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0f:37:3a:2a:86:b0:01:c5:30:4b:fa:a6:1c:cd:85:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Apr 24 08:27:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5ac7a485d6df738667c3a3b70552543b04352e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b0:2a:c5:96:38:46:66:6f:20:4b:13:8d:03:
74:c0:b9:94:90:75:d0:4f:87:b2:88:d1:27:a8:35:
1f:4c:c0:0b:9f:95:54:e5:9b:43:b1:e4:74:57:12:
b4:d4:41:26:e0:27:55:cf:5e:61:3f:9b:35:2a:c9:
92:e2:a1:38:6d:05:31:bf:76:10:44:87:c5:d4:65:
90:29:65:ff:e0:c9:19:a8:50:c3:f1:39:d2:fd:b4:
77:9c:61:9d:8f:ae:f6:47:36:73:f7:b1:e5:c1:ac:
12:3a:21:94:6e:c7:dc:a9:8e:23:17:be:6b:8a:fa:
ee:3b:48:34:44:07:8f:1a:91:c9:26:ad:af:b5:62:
67:14:89:c7:e9:36:83:2c:50:ad:5e:a5:45:61:b9:
47:68:43:6e:75:e3:0f:69:23:01:3d:5d:7a:da:90:
9a:77:30:bd:69:c5:4c:7f:d6:80:0a:65:d7:32:7a:
56:7d:8c:52:57:fb:d4:b9:56:3a:49:72:5c:73:1a:
63:97:73:bd:16:fb:4d:8c:bd:d9:08:dd:0e:84:85:
71:f5:24:6e:63:b1:9d:b7:7a:73:3b:b0:51:43:d9:
cd:da:c2:f7:54:c1:ab:0a:33:c4:28:92:61:91:f8:
50:1a:6d:e2:19:be:1c:23:f4:c4:ac:dd:dd:8d:a3:
0c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:AC:7A:48:5D:6D:F7:38:66:7C:3A:3B:70:55:25:43:B0:43:52:E3
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/xax6SF1t9zhmfDo7cFUlQ7BDUuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.174.0/24
85.133.208.0/24
85.133.215.0/24
85.133.217.0-85.133.219.255
85.133.227.0-85.133.228.255
Signature Algorithm: sha256WithRSAEncryption
26:27:40:1a:38:28:d4:9a:aa:ee:0d:82:ab:c6:5b:9d:31:37:
47:c9:a7:51:ca:6b:ca:a2:4e:80:64:88:45:1f:c1:f8:36:d7:
4f:a6:d8:9f:16:ad:0e:e3:14:1f:cc:a8:8d:5a:29:dd:7a:ee:
d6:5f:bb:1f:cf:82:11:ae:b8:b7:28:fc:0c:7e:92:b0:63:78:
c7:6b:c5:67:b3:38:b6:08:ea:05:0e:70:17:de:6f:c9:32:e3:
50:61:63:4a:56:9d:ff:f2:b5:26:84:17:71:1a:ef:ec:d3:84:
14:27:69:84:3e:bb:80:38:71:bc:29:1f:e3:be:ef:ff:58:23:
d8:05:0a:7d:85:4f:6a:60:0c:c1:6d:5c:63:77:bf:9d:8d:f4:
de:c5:41:ca:22:d5:8a:af:01:b3:98:c8:5d:8f:05:83:fb:98:
71:03:2b:5d:9d:42:cd:d0:03:04:ba:bd:4c:45:e7:58:9f:0f:
cf:2e:5a:50:dc:e2:3d:9c:39:f9:fe:f3:4b:3d:b1:ef:b0:b8:
c9:90:22:7b:ad:6f:c6:3b:51:88:d4:f3:67:5e:43:89:2f:f8:
f7:19:4b:77:98:6d:ac:b8:ce:93:a9:bb:cf:a1:1d:24:0d:35:
47:54:1e:4e:21:4a:63:cd:92:5c:84:a3:18:19:7a:2d:38:ee:
65:ca:3e:0c
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAY8PNzoqhrABxTBL+qYczYV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwNDI0MDgyNzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWFjN2E0ODVkNmRmNzM4NjY3YzNhM2I3MDU1MjU0M2IwNDM1MmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLAqxZY4RmZvIEsTjQN0wLmUkHXQ
T4eyiNEnqDUfTMALn5VU5ZtDseR0VxK01EEm4CdVz15hP5s1KsmS4qE4bQUxv3YQ
RIfF1GWQKWX/4MkZqFDD8TnS/bR3nGGdj672RzZz97HlwawSOiGUbsfcqY4jF75r
ivruO0g0RAePGpHJJq2vtWJnFInH6TaDLFCtXqVFYblHaENudeMPaSMBPV162pCa
dzC9acVMf9aACmXXMnpWfYxSV/vUuVY6SXJccxpjl3O9FvtNjL3ZCN0OhIVx9SRu
Y7Gdt3pzO7BRQ9nN2sL3VMGrCjPEKJJhkfhQGm3iGb4cI/TErN3djaMMlwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFMWsekhdbfc4Znw6O3BVJUOwQ1LjMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEveGF4NlNGMXQ5emhtZkRvN2NGVWxRN0JEVXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQAVYWuAwQA
VYXQAwQAVYXXMAwDBABVhdkDBAJVhdgwDAMEAFWF4wMEAFWF5DANBgkqhkiG9w0B
AQsFAAOCAQEAJidAGjgo1Jqq7g2Cq8ZbnTE3R8mnUcpryqJOgGSIRR/B+DbXT6bY
nxatDuMUH8yojVop3Xru1l+7H8+CEa64tyj8DH6SsGN4x2vFZ7M4tgjqBQ5wF95v
yTLjUGFjSlad//K1JoQXcRrv7NOEFCdphD67gDhxvCkf477v/1gj2AUKfYVPamAM
wW1cY3e/nY303sVByiLViq8Bs5jIXY8Fg/uYcQMrXZ1CzdADBLq9TEXnWJ8Pzy5a
UNziPZw5+f7zSz2x77C4yZAie61vxjtRiNTzZ15DiS/49xlLd5htrLjOk6m7z6Ed
JA01R1QeTiFKY82SXISjGBl6LTjuZco+DA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org