Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zjsXGw34kWJH-MVnwpu975kJYN0.roa
File: zjsXGw34kWJH-MVnwpu975kJYN0.roa (raw, json)
Hash identifier: 7PQ9MkB50wKpLjKw2uiIZling25/BMydmpYeu7ygOig=
Subject key identifier: CE:3B:17:1B:0D:F8:91:62:47:F8:C5:67:C2:9B:BD:EF:99:09:60:DD
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018D35700B6C60449C525262813D7ACD3FE5
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zjsXGw34kWJH-MVnwpu975kJYN0.roa
Signing time: Tue 23 Jan 2024 08:29:11 +0000
ROA not before: Tue 23 Jan 2024 08:29:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51889
IP address blocks: 85.133.199.0/24 maxlen: 24
85.133.203.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 11:50:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:35:70:0b:6c:60:44:9c:52:52:62:81:3d:7a:cd:3f:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 23 08:29:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce3b171b0df8916247f8c567c29bbdef990960dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:de:54:9a:d6:5b:40:52:2a:e7:04:3f:1f:d7:
98:68:38:ad:6c:22:37:55:2a:3b:b6:d3:99:66:45:
f0:d6:78:4d:f3:73:f8:ab:71:8f:7b:60:15:bd:d8:
19:21:6c:13:1f:90:9e:6c:2e:b3:d6:06:9e:7b:b8:
25:aa:4d:66:e5:55:9a:1e:d5:4c:2d:a5:2d:48:29:
2e:3c:7b:3d:8c:ca:06:b6:c4:d4:e1:51:e3:f9:43:
8a:c5:69:b2:97:ee:48:6d:32:bb:7a:62:b4:4a:51:
4d:7c:6a:1f:e1:1f:85:ff:a1:9f:fb:f2:3a:f5:de:
a3:70:fe:20:03:20:07:10:6f:da:0b:93:6b:f1:7f:
24:47:da:95:7c:92:f0:bc:95:e0:1d:ff:c8:9e:86:
3e:b5:ef:67:42:93:e4:ac:2d:c7:ab:70:d9:82:59:
3f:f7:39:62:e0:9e:cd:95:da:43:d3:ea:c3:84:16:
cf:cf:1a:3f:74:be:5d:3f:38:d6:87:63:2d:f8:1b:
f3:aa:65:e7:d3:7f:af:db:df:37:3a:22:06:b9:c4:
3d:a8:8c:3e:8e:a2:e5:55:eb:ae:ac:2a:6d:62:8f:
ff:5b:6b:4d:0f:29:7a:66:5a:a2:1f:93:e1:ae:cc:
52:7b:eb:fa:57:0b:2c:2a:d7:9a:ba:bd:9b:1b:68:
02:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:3B:17:1B:0D:F8:91:62:47:F8:C5:67:C2:9B:BD:EF:99:09:60:DD
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zjsXGw34kWJH-MVnwpu975kJYN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.199.0/24
85.133.203.0/24
85.133.250.0/24
Signature Algorithm: sha256WithRSAEncryption
08:68:67:fa:5d:10:b7:fb:bd:93:ef:3c:33:37:4d:48:97:4d:
88:55:9d:96:b9:8e:88:f7:c5:1a:fc:78:11:26:2c:53:0e:ff:
ea:37:85:03:f8:60:25:09:2d:ca:5b:6f:7a:a2:30:df:25:82:
c7:58:d0:2a:03:9c:a2:20:76:d8:7d:21:3b:70:11:d9:de:d1:
ef:2c:f2:bc:2a:24:0d:ea:c9:4c:d9:ae:1b:88:6f:04:1b:37:
34:ec:d4:28:c1:b1:0c:9c:62:35:d8:11:7b:7a:33:a6:2c:79:
17:99:f5:ad:31:3c:27:87:23:7c:b7:64:84:7a:4e:d6:14:8f:
b2:cd:29:37:b9:ef:37:38:68:07:81:55:07:45:f9:91:7c:56:
06:e2:cd:bb:38:e0:c0:0f:1e:86:b5:43:d8:e3:d3:10:cf:3a:
47:92:e7:2a:4d:bb:10:ae:3b:6d:eb:ed:49:bc:0b:0c:52:ed:
94:29:5f:82:33:a6:58:b3:a6:1b:8c:84:e4:13:ef:3d:22:97:
67:b5:9a:07:d1:db:7d:f6:5b:aa:1a:33:54:4e:be:c3:ad:2d:
e5:bb:69:35:c2:e7:f9:60:c5:ad:0d:93:25:a3:ed:e4:18:8e:
71:66:ed:8f:86:a5:55:5c:01:24:a7:28:61:2f:1b:15:ce:f4:
9b:d7:6e:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY01cAtsYEScUlJigT16zT/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMTIzMDgyOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTNiMTcxYjBkZjg5MTYyNDdmOGM1NjdjMjliYmRlZjk5MDk2MGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn95UmtZbQFIq5wQ/H9eYaDitbCI3
VSo7ttOZZkXw1nhN83P4q3GPe2AVvdgZIWwTH5CebC6z1gaee7glqk1m5VWaHtVM
LaUtSCkuPHs9jMoGtsTU4VHj+UOKxWmyl+5IbTK7emK0SlFNfGof4R+F/6Gf+/I6
9d6jcP4gAyAHEG/aC5Nr8X8kR9qVfJLwvJXgHf/InoY+te9nQpPkrC3Hq3DZglk/
9zli4J7NldpD0+rDhBbPzxo/dL5dPzjWh2Mt+BvzqmXn03+v2983OiIGucQ9qIw+
jqLlVeuurCptYo//W2tNDyl6ZlqiH5PhrsxSe+v6VwssKteaur2bG2gCPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM47FxsN+JFiR/jFZ8Kbve+ZCWDdMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvempzWEd3MzRrV0pILU1WbndwdTk3NWtKWU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVYXHAwQA
VYXLAwQAVYX6MA0GCSqGSIb3DQEBCwUAA4IBAQAIaGf6XRC3+72T7zwzN01Il02I
VZ2WuY6I98Ua/HgRJixTDv/qN4UD+GAlCS3KW296ojDfJYLHWNAqA5yiIHbYfSE7
cBHZ3tHvLPK8KiQN6slM2a4biG8EGzc07NQowbEMnGI12BF7ejOmLHkXmfWtMTwn
hyN8t2SEek7WFI+yzSk3ue83OGgHgVUHRfmRfFYG4s27OODADx6GtUPY49MQzzpH
kucqTbsQrjtt6+1JvAsMUu2UKV+CM6ZYs6YbjITkE+89IpdntZoH0dt99luqGjNU
Tr7DrS3lu2k1wuf5YMWtDZMlo+3kGI5xZu2PhqVVXAEkpyhhLxsVzvSb124Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org