Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/z_wCWrYPW21HLzZ8P-VD6w3FOlg.roa
File: z_wCWrYPW21HLzZ8P-VD6w3FOlg.roa (raw, json)
Hash identifier: wnH1IQPXbqKW8UuelYzrRHhWDJZcPB7SKFWsJirWCfQ=
Subject key identifier: CF:FC:02:5A:B6:0F:5B:6D:47:2F:36:7C:3F:E5:43:EB:0D:C5:3A:58
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0191FFEF7561CC8286C87D13C1176DFAD828
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/z_wCWrYPW21HLzZ8P-VD6w3FOlg.roa
Signing time: Tue 17 Sep 2024 12:22:48 +0000
ROA not before: Tue 17 Sep 2024 12:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42337
IP address blocks: 85.133.225.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Nov 2024 12:57:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:ef:75:61:cc:82:86:c8:7d:13:c1:17:6d:fa:d8:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Sep 17 12:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cffc025ab60f5b6d472f367c3fe543eb0dc53a58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:2d:c2:21:81:20:2b:94:bc:bb:87:60:25:19:
a0:25:95:90:f5:3e:06:d1:97:76:ed:e2:14:66:9e:
aa:3d:ef:04:15:5d:43:b5:b5:3e:1c:8b:3b:7e:51:
5a:91:e5:cc:c1:07:31:74:89:16:eb:a6:67:58:44:
39:53:32:c0:ba:fd:45:54:1a:3b:2b:2d:b4:8b:4c:
cf:73:f5:50:c1:84:0a:f2:1d:68:b8:c5:b8:e9:d1:
1a:17:48:ee:49:8e:eb:c6:55:d6:3d:3b:92:87:5c:
34:f4:83:15:30:03:bf:c0:4a:d4:5d:cc:9d:3c:73:
1d:6c:1d:af:80:5a:7f:98:03:bb:5b:3d:16:53:d1:
2d:c8:c9:24:05:e6:26:15:0a:28:ac:65:5e:a9:12:
c8:af:a8:3b:6c:e3:fc:53:0a:c8:2d:d2:49:e3:cf:
ce:e8:ee:91:b8:b0:09:40:ac:65:e3:c2:bd:27:da:
91:70:19:ec:76:b9:14:5a:a8:c1:b2:2e:57:57:6d:
08:79:bf:5e:be:82:59:7c:eb:0b:e5:c1:8a:eb:34:
a4:70:c3:23:b2:2d:c3:93:0e:5b:64:3e:0f:75:4b:
26:a4:2d:de:cf:38:96:55:cc:bd:32:cf:18:7e:fe:
57:0e:c2:65:83:a4:74:b9:d6:e0:3c:33:07:92:3c:
db:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:FC:02:5A:B6:0F:5B:6D:47:2F:36:7C:3F:E5:43:EB:0D:C5:3A:58
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/z_wCWrYPW21HLzZ8P-VD6w3FOlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.225.0/24
85.133.228.0/24
85.133.240.0/24
85.133.247.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:83:f3:16:c9:ee:98:79:f0:51:3d:a0:67:3c:cc:2e:e2:a2:
8d:7a:65:ae:01:3d:f0:9c:ed:17:b0:c2:7f:7a:50:ce:4a:b8:
73:f2:ad:2e:9c:5b:5c:9f:ab:5e:a2:99:a0:b7:1b:cd:a3:f2:
81:35:52:c0:ef:84:1a:1a:ef:5b:ea:f7:06:ab:c9:3c:a5:8a:
98:59:eb:1f:8e:74:5e:a0:ee:fb:d1:ce:d9:9e:ad:2f:70:e1:
6e:60:4a:50:18:02:06:66:8d:e3:a2:61:b8:71:9e:34:a9:d7:
01:15:41:2b:70:8f:8d:fc:a6:8d:a3:1b:9c:ad:8a:a9:28:a0:
2f:a6:e1:b8:ac:3f:7f:ac:1c:f4:2b:9a:3e:d5:8d:e2:c8:4e:
34:a1:29:54:d3:e6:30:10:6e:25:2b:a5:bf:eb:04:bd:34:9f:
f3:63:05:9a:bf:64:3c:bd:15:99:77:d9:d1:2a:6c:23:09:44:
42:fa:c9:48:5d:34:56:69:c8:29:f2:e2:57:d7:ef:94:b9:1e:
6e:42:d3:4c:00:72:9f:9a:d2:11:b5:f3:bc:05:f9:6f:06:e1:
14:7d:db:84:89:bb:c9:23:32:d8:d6:7a:d1:82:1d:f1:b3:6a:
9d:02:17:3f:1b:6f:2f:c9:22:a1:83:da:de:88:73:0e:db:03:
07:6b:bd:a9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZH/73VhzIKGyH0TwRdt+tgoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwOTE3MTIyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmZjMDI1YWI2MGY1YjZkNDcyZjM2N2MzZmU1NDNlYjBkYzUzYTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgi3CIYEgK5S8u4dgJRmgJZWQ9T4G
0Zd27eIUZp6qPe8EFV1DtbU+HIs7flFakeXMwQcxdIkW66ZnWEQ5UzLAuv1FVBo7
Ky20i0zPc/VQwYQK8h1ouMW46dEaF0juSY7rxlXWPTuSh1w09IMVMAO/wErUXcyd
PHMdbB2vgFp/mAO7Wz0WU9EtyMkkBeYmFQoorGVeqRLIr6g7bOP8UwrILdJJ48/O
6O6RuLAJQKxl48K9J9qRcBnsdrkUWqjBsi5XV20Ieb9evoJZfOsL5cGK6zSkcMMj
si3Dkw5bZD4PdUsmpC3ezziWVcy9Ms8Yfv5XDsJlg6R0udbgPDMHkjzbpQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM/8Alq2D1ttRy82fD/lQ+sNxTpYMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvel93Q1dyWVBXMjFITHpaOFAtVkQ2dzNGT2xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVYXhAwQA
VYXkAwQAVYXwAwQAVYX3MA0GCSqGSIb3DQEBCwUAA4IBAQB9g/MWye6YefBRPaBn
PMwu4qKNemWuAT3wnO0XsMJ/elDOSrhz8q0unFtcn6teopmgtxvNo/KBNVLA74Qa
Gu9b6vcGq8k8pYqYWesfjnReoO770c7Znq0vcOFuYEpQGAIGZo3jomG4cZ40qdcB
FUErcI+N/KaNoxucrYqpKKAvpuG4rD9/rBz0K5o+1Y3iyE40oSlU0+YwEG4lK6W/
6wS9NJ/zYwWav2Q8vRWZd9nRKmwjCURC+slIXTRWacgp8uJX1++UuR5uQtNMAHKf
mtIRtfO8BflvBuEUfduEibvJIzLY1nrRgh3xs2qdAhc/G28vySKhg9reiHMO2wMH
a72p
-----END CERTIFICATE-----
Generated at Sat Nov 2 14:42:35 2024 by rpki-client on console-ams.rpki-client.org