Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/1-o6113YUG2unTOW7IY_O3fJTMyw.roa
File: 1-o6113YUG2unTOW7IY_O3fJTMyw.roa (raw, json)
Hash identifier: AxSc/BDIPdr0SQB8R+xWNjVYl+sfesNaaV/fCLbDXvI=
Subject key identifier: FA:8E:B5:D7:76:14:1B:6B:A7:4C:E5:BB:21:8F:CE:DD:F2:53:33:2C
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0191F9E34DFB5B5CA35539EDD05D8A910FFA
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/1-o6113YUG2unTOW7IY_O3fJTMyw.roa
Signing time: Mon 16 Sep 2024 08:11:49 +0000
ROA not before: Mon 16 Sep 2024 08:11:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214922
IP address blocks: 85.133.201.0/24 maxlen: 24
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Sep 2024 09:41:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f9:e3:4d:fb:5b:5c:a3:55:39:ed:d0:5d:8a:91:0f:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Sep 16 08:11:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa8eb5d776141b6ba74ce5bb218fceddf253332c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:bd:50:bb:07:72:d3:87:0a:c9:15:c5:36:39:
52:28:fc:2e:d5:2b:02:7b:ff:b3:48:04:62:76:9b:
92:cc:14:43:7d:95:d7:c8:49:df:76:d8:10:17:13:
51:40:f5:95:4c:b5:21:53:77:01:45:2c:3a:59:00:
6a:31:78:7d:fa:6c:99:2d:1f:2b:e4:02:a0:47:29:
99:0a:00:0f:42:73:79:7d:56:ce:96:48:60:1a:cc:
15:27:6c:09:6e:b0:09:a3:53:0f:c4:d5:20:dc:8c:
f4:af:44:ec:9c:d1:b7:df:f9:53:13:4c:bc:fa:d3:
f5:eb:59:f4:4d:ae:1d:96:bd:65:1a:88:de:e0:80:
8c:04:37:a4:f6:14:08:6c:fe:57:9d:31:48:7c:f7:
c6:74:3c:34:88:df:25:dd:7c:5d:ba:9f:fd:ca:71:
ca:e0:ba:b2:4f:7e:fa:96:dd:fb:d6:9c:28:28:e1:
59:28:95:e4:bd:44:b6:a7:10:16:ca:bd:9e:69:ac:
e1:c8:29:d5:8f:2f:dd:3b:3a:15:a9:ec:0a:e1:79:
2f:81:17:a4:11:62:62:57:e5:d7:cb:19:ab:87:18:
42:92:e0:e3:68:f2:00:18:76:e0:be:d4:1d:0e:14:
70:7a:b0:56:29:29:41:34:78:1e:02:34:72:ce:fc:
a3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:8E:B5:D7:76:14:1B:6B:A7:4C:E5:BB:21:8F:CE:DD:F2:53:33:2C
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/1-o6113YUG2unTOW7IY_O3fJTMyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.201.0/24
85.133.203.0-85.133.204.255
Signature Algorithm: sha256WithRSAEncryption
34:ef:2d:af:b1:b6:4c:3e:12:56:a3:ee:46:29:67:47:2e:e0:
b4:1e:d6:44:9b:0a:37:57:b2:ac:45:cb:00:3d:43:ed:56:25:
ec:a7:df:03:26:e2:45:3c:16:e6:99:64:c2:11:4b:a5:72:15:
d7:a6:35:f0:69:f2:10:22:bf:9f:78:8f:84:6d:b4:d8:2e:12:
39:6a:a2:dc:cc:4f:e2:61:aa:75:7f:60:f9:6d:fd:e1:1c:56:
f4:20:d9:0a:d6:d2:ab:e2:f5:3e:b1:8c:44:75:05:93:bc:51:
59:d5:5e:79:92:88:fd:b7:64:c0:49:4f:be:aa:96:d4:7e:bd:
72:7a:04:aa:89:83:a8:39:b9:e5:af:2f:20:ec:54:c5:df:18:
3c:7b:ed:4b:b4:8a:3d:3b:89:53:3e:56:52:52:fb:60:29:18:
f2:a6:10:8c:86:e5:b7:b1:a3:e9:58:8d:46:60:69:b2:40:af:
fd:94:0e:ec:f6:84:c3:b7:01:15:14:47:22:de:99:5c:d0:b5:
8e:8d:b3:02:60:e7:c3:77:84:2d:a5:24:84:bf:0f:9b:3d:f9:
ff:9b:3e:93:c6:15:c7:d4:06:99:86:1b:62:34:1d:b0:ab:3c:
b7:16:ff:1a:92:89:34:2c:c2:b2:51:03:5e:0e:ae:46:8e:2b:
9a:6b:d4:80
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZH54037W1yjVTnt0F2KkQ/6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwOTE2MDgxMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYThlYjVkNzc2MTQxYjZiYTc0Y2U1YmIyMThmY2VkZGYyNTMzMzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAor1Quwdy04cKyRXFNjlSKPwu1SsC
e/+zSARidpuSzBRDfZXXyEnfdtgQFxNRQPWVTLUhU3cBRSw6WQBqMXh9+myZLR8r
5AKgRymZCgAPQnN5fVbOlkhgGswVJ2wJbrAJo1MPxNUg3Iz0r0TsnNG33/lTE0y8
+tP161n0Ta4dlr1lGoje4ICMBDek9hQIbP5XnTFIfPfGdDw0iN8l3Xxdup/9ynHK
4LqyT376lt371pwoKOFZKJXkvUS2pxAWyr2eaazhyCnVjy/dOzoVqewK4XkvgRek
EWJiV+XXyxmrhxhCkuDjaPIAGHbgvtQdDhRwerBWKSlBNHgeAjRyzvyj0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPqOtdd2FBtrp0zluyGPzt3yUzMsMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvMS1vNjExM1lVRzJ1blRPVzdJWV9PM2ZKVE15dy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjAvZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYz
Yi8xL3pWNDVaWW8tOXZFOG9oekJHazR6NjgyVVp3SS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAFWFyTAM
AwQAVYXLAwQAVYXMMA0GCSqGSIb3DQEBCwUAA4IBAQA07y2vsbZMPhJWo+5GKWdH
LuC0HtZEmwo3V7KsRcsAPUPtViXsp98DJuJFPBbmmWTCEUulchXXpjXwafIQIr+f
eI+EbbTYLhI5aqLczE/iYap1f2D5bf3hHFb0INkK1tKr4vU+sYxEdQWTvFFZ1V55
koj9t2TASU++qpbUfr1yegSqiYOoObnlry8g7FTF3xg8e+1LtIo9O4lTPlZSUvtg
KRjyphCMhuW3saPpWI1GYGmyQK/9lA7s9oTDtwEVFEci3plc0LWOjbMCYOfDd4Qt
pSSEvw+bPfn/mz6TxhXH1AaZhhtiNB2wqzy3Fv8akok0LMKyUQNeDq5Gjiuaa9SA
-----END CERTIFICATE-----
Generated at Tue Apr 29 01:50:51 2025 by rpki-client