Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zwXuq-qJUhcrXOlEwvaKZJx1EgQ.roa
File: zwXuq-qJUhcrXOlEwvaKZJx1EgQ.roa (raw, json)
Hash identifier: 0ECve5IHl4ANaeHepxsPphkVgFtnQ+uQ96zA9SZ1rPA=
Subject key identifier: CF:05:EE:AB:EA:89:52:17:2B:5C:E9:44:C2:F6:8A:64:9C:75:12:04
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0191195B140C48F4468C5947F3ECEDC9EE62
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zwXuq-qJUhcrXOlEwvaKZJx1EgQ.roa
Signing time: Sat 03 Aug 2024 17:48:04 +0000
ROA not before: Sat 03 Aug 2024 17:48:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211056
IP address blocks: 85.133.216.0/24 maxlen: 24
85.133.233.0/24 maxlen: 24
85.133.236.0/24 maxlen: 24
85.133.237.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 09:26:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:19:5b:14:0c:48:f4:46:8c:59:47:f3:ec:ed:c9:ee:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Aug 3 17:48:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf05eeabea8952172b5ce944c2f68a649c751204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4e:e4:d2:be:3c:ae:04:eb:a3:fc:37:27:c4:
0e:9c:ff:85:4e:d0:8d:50:bb:e1:b2:d3:b9:34:77:
f7:4e:64:0a:fb:95:70:1f:86:d6:78:7e:22:09:4c:
32:2f:9a:30:74:a2:bf:7c:3f:7c:6f:8c:7e:ed:70:
1e:10:f9:ff:94:02:3d:d5:7d:cd:a2:45:c9:d2:1f:
d2:13:77:70:9e:dd:c8:c0:d4:97:d6:a7:2e:81:a8:
6b:48:15:66:5a:80:32:0f:18:dd:3c:46:58:96:d5:
e7:fa:d8:62:8b:4f:95:4a:ad:e8:4e:3a:29:ee:5d:
c6:62:f2:20:42:47:ce:a5:b9:cd:a6:56:3b:05:93:
68:a2:24:96:90:44:d0:ad:9a:2c:87:3b:fb:d8:a9:
97:22:9a:40:f5:b3:d2:0e:d4:93:45:10:b3:79:a7:
ca:aa:53:45:b2:8c:de:b8:a2:70:08:1d:2c:a9:44:
34:6e:9c:e3:53:60:7d:09:a1:d6:c9:66:5f:72:5f:
54:b1:d6:13:93:27:42:1e:cc:a7:f4:f8:74:64:73:
fc:d5:08:6c:86:35:f8:fd:47:e6:92:54:54:dc:9d:
1d:b2:09:d0:fc:c0:b6:68:c8:81:45:6a:1b:e5:99:
9b:9a:c9:22:dd:ca:09:80:5c:60:90:d2:d5:91:89:
8f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:05:EE:AB:EA:89:52:17:2B:5C:E9:44:C2:F6:8A:64:9C:75:12:04
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zwXuq-qJUhcrXOlEwvaKZJx1EgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.216.0/24
85.133.233.0/24
85.133.236.0-85.133.238.255
85.133.253.0/24
Signature Algorithm: sha256WithRSAEncryption
98:eb:55:ce:92:12:e2:bc:d9:8f:e3:6b:38:63:e6:b8:db:71:
05:d4:9b:01:7f:13:68:3f:03:9a:bc:76:ad:02:b8:6b:2f:01:
b3:48:a0:a0:ce:97:ce:97:d5:11:9e:ac:e9:3f:97:15:9a:00:
8d:f7:9d:2f:a3:1e:d4:c2:bc:a7:b1:f4:51:6c:fb:ec:b4:53:
d4:18:58:88:3f:06:a2:e3:d8:68:c9:dc:6d:05:90:41:ff:4c:
11:d1:60:7e:7f:38:6a:ec:d0:67:7a:5f:97:dd:d8:d1:e9:01:
16:f2:cf:0c:d2:3d:b9:9f:f9:ae:91:bc:9c:34:72:38:45:d9:
e3:4d:d9:bd:5e:e6:c9:61:74:00:d9:72:18:60:a3:c4:25:da:
45:21:1c:22:51:26:9c:7a:7f:31:0f:8a:bc:bd:af:17:77:43:
5d:e8:83:27:60:29:58:2a:61:c1:c0:99:b3:a0:cf:11:f3:6b:
94:83:64:64:4d:ac:5b:45:65:fd:e5:3c:6c:3c:7b:43:60:0c:
eb:05:85:13:11:30:a9:f2:f2:5c:50:56:93:c7:b9:9c:a2:14:
02:88:86:f2:60:72:c8:f5:54:fa:81:62:a1:9a:05:aa:28:2f:
7c:d3:01:90:83:8c:e3:b9:55:d5:6a:f0:d6:d9:6e:51:5e:38:
77:8c:f2:fb
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZEZWxQMSPRGjFlH8+ztye5iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwODAzMTc0ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjA1ZWVhYmVhODk1MjE3MmI1Y2U5NDRjMmY2OGE2NDljNzUxMjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsU7k0r48rgTro/w3J8QOnP+FTtCN
ULvhstO5NHf3TmQK+5VwH4bWeH4iCUwyL5owdKK/fD98b4x+7XAeEPn/lAI91X3N
okXJ0h/SE3dwnt3IwNSX1qcugahrSBVmWoAyDxjdPEZYltXn+thii0+VSq3oTjop
7l3GYvIgQkfOpbnNplY7BZNooiSWkETQrZoshzv72KmXIppA9bPSDtSTRRCzeafK
qlNFsozeuKJwCB0sqUQ0bpzjU2B9CaHWyWZfcl9UsdYTkydCHsyn9Ph0ZHP81Qhs
hjX4/UfmklRU3J0dsgnQ/MC2aMiBRWob5Zmbmski3coJgFxgkNLVkYmPwwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFM8F7qvqiVIXK1zpRML2imScdRIEMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvendYdXEtcUpVaGNyWE9sRXd2YUtaSngxRWdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVYXYAwQA
VYXpMAwDBAJVhewDBABVhe4DBABVhf0wDQYJKoZIhvcNAQELBQADggEBAJjrVc6S
EuK82Y/jazhj5rjbcQXUmwF/E2g/A5q8dq0CuGsvAbNIoKDOl86X1RGerOk/lxWa
AI33nS+jHtTCvKex9FFs++y0U9QYWIg/BqLj2GjJ3G0FkEH/TBHRYH5/OGrs0Gd6
X5fd2NHpARbyzwzSPbmf+a6RvJw0cjhF2eNN2b1e5slhdADZchhgo8Ql2kUhHCJR
Jpx6fzEPiry9rxd3Q13ogydgKVgqYcHAmbOgzxHza5SDZGRNrFtFZf3lPGw8e0Ng
DOsFhRMRMKny8lxQVpPHuZyiFAKIhvJgcsj1VPqBYqGaBaooL3zTAZCDjOO5VdVq
8NbZblFeOHeM8vs=
-----END CERTIFICATE-----
Generated at Thu Nov 7 13:09:04 2024 by rpki-client on console-fra.rpki-client.org