Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/z_JckSq4TxTNSjIQXvAg-wqiQ1I.roa
File: z_JckSq4TxTNSjIQXvAg-wqiQ1I.roa (raw, json)
Hash identifier: krUHPzBumyzWba8Yj2OjNasiy631ImKD2VWg7RCkRRo=
Subject key identifier: CF:F2:5C:91:2A:B8:4F:14:CD:4A:32:10:5E:F0:20:FB:0A:A2:43:52
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0188DDFDBDA5D12C3B1C11C409FDD110330E
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/z_JckSq4TxTNSjIQXvAg-wqiQ1I.roa
Signing time: Wed 21 Jun 2023 12:46:13 +0000
ROA not before: Wed 21 Jun 2023 12:46:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/22 maxlen: 22
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.209.0/24 maxlen: 24
85.133.216.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.226.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.136.0/22 maxlen: 22
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/22 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:dd:fd:bd:a5:d1:2c:3b:1c:11:c4:09:fd:d1:10:33:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jun 21 12:46:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cff25c912ab84f14cd4a32105ef020fb0aa24352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:62:33:d5:6f:08:6a:a0:ce:20:74:a3:cb:8b:
60:80:c7:42:a9:ad:66:d5:95:97:30:aa:9a:8f:5c:
9b:d3:14:04:f0:09:41:4c:98:29:97:83:7b:be:5e:
b9:02:eb:87:98:d1:6f:4e:8b:64:03:7f:df:90:58:
94:08:11:12:e5:bf:4a:ed:58:71:1b:24:9e:af:2e:
ff:f8:32:56:e4:a3:aa:bf:f5:e2:6e:72:e9:d4:79:
09:23:97:08:bf:80:9a:16:d6:c1:7e:28:bc:ef:2d:
a0:89:a2:e4:68:d5:6a:be:3f:bd:9b:f2:24:53:4d:
b8:cb:39:f7:bf:c7:67:98:9a:b0:ba:b2:cc:7f:8b:
c3:b9:cf:1c:d8:26:af:39:98:6a:8e:51:cd:96:d9:
8a:ee:e9:1a:1f:a6:5d:8a:e0:89:6a:db:83:9e:71:
cb:a7:66:a3:90:0e:f8:ff:1c:76:86:c4:94:d6:4e:
62:ea:63:a4:35:b6:c0:82:9e:35:c8:b4:dd:3c:b3:
52:93:80:cf:57:b8:88:21:b2:49:47:19:7b:6d:3f:
d5:8f:fe:8a:86:b9:b5:e5:17:87:6d:b3:64:1e:ce:
ce:a9:31:03:1f:ab:56:b7:70:a9:a6:85:56:88:42:
bf:27:e1:11:fd:96:88:b8:26:ed:9d:6a:09:47:ed:
67:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:F2:5C:91:2A:B8:4F:14:CD:4A:32:10:5E:F0:20:FB:0A:A2:43:52
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/z_JckSq4TxTNSjIQXvAg-wqiQ1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
37:4b:82:a2:f0:ac:b9:0d:91:85:21:ba:31:06:41:04:5e:36:
06:40:44:49:ed:2d:03:d1:16:91:af:d3:4f:ac:87:15:44:22:
04:6b:a6:8b:6d:bb:88:da:d5:3b:96:c4:4a:02:a6:92:1c:de:
73:99:6c:45:60:06:2d:77:fb:95:d1:35:46:b8:57:88:c7:d7:
6f:9a:d0:7a:3e:59:8a:fc:be:f4:3f:61:78:ac:9a:77:81:dc:
f4:43:e5:a3:e9:38:89:62:1e:53:ca:20:b4:0c:1e:dc:0f:97:
18:70:1e:6a:af:82:32:83:79:00:9e:fc:7a:f4:00:45:3e:ed:
d9:0a:f4:a5:7e:39:b5:3a:54:09:3c:95:eb:ed:fc:fa:67:db:
c7:63:08:f2:bf:9a:0d:fa:e6:25:e3:99:1f:2a:36:09:5d:4c:
4d:21:01:d8:10:7f:a5:3d:75:74:f7:f0:e3:23:06:50:54:27:
9e:04:7b:f0:e5:7d:c2:71:4b:75:39:7f:90:9e:0f:40:fc:d8:
78:ce:c4:4c:57:a6:a6:2f:72:6c:2f:e4:a8:1a:1c:dd:3c:2e:
ee:23:b7:71:50:2c:db:76:b4:82:b0:b0:d4:40:d3:4a:89:72:
4a:86:17:fe:bb:28:31:bc:dc:95:68:ec:76:03:43:96:e3:bc:
fa:9d:88:38
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYjd/b2l0Sw7HBHECf3REDMOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNjIxMTI0NjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmYyNWM5MTJhYjg0ZjE0Y2Q0YTMyMTA1ZWYwMjBmYjBhYTI0MzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmIz1W8IaqDOIHSjy4tggMdCqa1m
1ZWXMKqaj1yb0xQE8AlBTJgpl4N7vl65AuuHmNFvTotkA3/fkFiUCBES5b9K7Vhx
GySery7/+DJW5KOqv/XibnLp1HkJI5cIv4CaFtbBfii87y2giaLkaNVqvj+9m/Ik
U024yzn3v8dnmJqwurLMf4vDuc8c2CavOZhqjlHNltmK7ukaH6ZdiuCJatuDnnHL
p2ajkA74/xx2hsSU1k5i6mOkNbbAgp41yLTdPLNSk4DPV7iIIbJJRxl7bT/Vj/6K
hrm15ReHbbNkHs7OqTEDH6tWt3CppoVWiEK/J+ER/ZaIuCbtnWoJR+1nDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM/yXJEquE8UzUoyEF7wIPsKokNSMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvel9KY2tTcTRUeFROU2pJUVh2QWctd3FpUTFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQA3S4Ki8Ky5DZGFIboxBkEE
XjYGQERJ7S0D0RaRr9NPrIcVRCIEa6aLbbuI2tU7lsRKAqaSHN5zmWxFYAYtd/uV
0TVGuFeIx9dvmtB6PlmK/L70P2F4rJp3gdz0Q+Wj6TiJYh5TyiC0DB7cD5cYcB5q
r4Iyg3kAnvx69ABFPu3ZCvSlfjm1OlQJPJXr7fz6Z9vHYwjyv5oN+uYl45kfKjYJ
XUxNIQHYEH+lPXV09/DjIwZQVCeeBHvw5X3CcUt1OX+Qng9A/Nh4zsRMV6amL3Js
L+SoGhzdPC7uI7dxUCzbdrSCsLDUQNNKiXJKhhf+uygxvNyVaOx2A0OW47z6nYg4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:15 2023 by rpki-client on console-fra.rpki-client.org