Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/lK0fVHFYd-s-Zczxgigs3-q6NIA.roa
File: lK0fVHFYd-s-Zczxgigs3-q6NIA.roa (raw, json)
Hash identifier: hNKKGNpH7lEVycrG7IJ2tNkEm5djo9gRkiGgIYyyNm0=
Subject key identifier: 94:AD:1F:54:71:58:77:EB:3E:65:CC:F1:82:28:2C:DF:EA:BA:34:80
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0188EDB36622B674AE91E3354DC340CE97F1
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/lK0fVHFYd-s-Zczxgigs3-q6NIA.roa
Signing time: Sat 24 Jun 2023 13:58:57 +0000
ROA not before: Sat 24 Jun 2023 13:58:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.234.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/22 maxlen: 22
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.209.0/24 maxlen: 24
85.133.216.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.226.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.136.0/22 maxlen: 22
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ed:b3:66:22:b6:74:ae:91:e3:35:4d:c3:40:ce:97:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jun 24 13:58:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94ad1f54715877eb3e65ccf182282cdfeaba3480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:cf:9d:ee:fa:ae:69:2e:af:e4:c6:cb:65:49:
dc:65:30:9d:4b:5e:14:f6:ea:4c:4a:15:f2:10:a7:
1c:db:e2:5e:92:fe:d2:cd:df:ae:c6:53:3e:83:d2:
f1:56:6f:1f:bb:12:f2:f7:cf:46:4a:e9:a4:93:57:
0a:39:40:b8:9c:3e:77:59:8a:e7:20:93:c6:bb:12:
13:d3:01:b6:f5:dd:b5:6e:2f:ef:e7:f4:d6:80:4a:
fb:87:1f:08:cd:05:b8:4a:64:7e:c5:c2:34:01:b1:
89:e1:a0:7e:14:98:bc:48:0d:d6:ce:c1:b7:69:35:
3f:aa:7f:05:bb:65:be:41:88:08:fb:61:cf:a9:7a:
84:f1:1f:e5:8b:aa:84:2f:da:55:f9:1b:a8:22:4f:
fa:56:d3:69:68:de:a5:53:9f:f9:f3:d9:86:dc:4f:
3e:3d:2c:fc:4b:c9:34:0c:76:82:38:a3:ee:71:79:
7e:3e:c3:73:f5:28:93:94:22:9e:9c:d1:3d:cf:3d:
15:a6:b8:06:fb:5d:0d:c6:bf:a4:9e:dc:db:cf:87:
33:dc:38:93:87:10:1a:91:f8:85:42:2b:66:09:6f:
a7:51:00:f9:19:ce:80:70:c4:6f:4f:8f:51:8a:53:
08:ed:0d:07:e3:05:4a:c4:1c:9d:8f:13:2b:7a:4c:
91:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:AD:1F:54:71:58:77:EB:3E:65:CC:F1:82:28:2C:DF:EA:BA:34:80
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/lK0fVHFYd-s-Zczxgigs3-q6NIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.1.0-185.41.3.255
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
0a:d9:b0:65:9e:97:a6:0a:f0:5e:24:a7:a3:42:c1:ef:bd:51:
1d:01:9f:39:84:41:23:ca:2b:87:0e:99:e1:8c:8f:1b:29:96:
3a:4a:39:33:9a:09:58:35:0b:ef:a0:ca:9c:5e:53:f6:da:69:
e7:54:90:d7:0f:66:28:7c:9d:6d:26:0e:77:e6:4e:d2:19:ad:
b2:6c:c0:2d:22:78:dc:8f:65:fb:c1:e1:24:e3:af:aa:0d:6c:
21:0d:4d:d7:d4:54:42:0d:0b:28:81:af:83:1b:c2:c1:9b:4f:
e0:3c:63:43:29:33:54:20:4f:66:88:b2:3c:06:55:9a:df:b6:
36:1c:6f:5d:8e:31:79:68:f1:28:ae:a2:92:08:2b:80:bf:36:
22:91:18:27:12:e6:b2:8f:79:d4:38:9f:2e:44:2a:f6:2a:22:
ee:11:eb:c5:7b:34:ee:fc:27:4a:5a:be:12:fb:12:0c:86:10:
33:1f:1b:10:a8:53:4d:59:85:ab:b9:f3:a6:fe:6a:15:67:d5:
95:83:12:b2:2a:66:b7:83:bc:23:77:82:63:45:06:cf:73:4b:
2d:00:d0:75:78:80:c4:66:09:d1:13:cc:86:93:df:7b:e7:30:
d4:ff:8a:aa:83:aa:58:56:b9:a0:78:69:96:dd:3d:49:88:23:
b5:d4:ef:c2
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYjts2YitnSukeM1TcNAzpfxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNjI0MTM1ODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGFkMWY1NDcxNTg3N2ViM2U2NWNjZjE4MjI4MmNkZmVhYmEzNDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjc+d7vquaS6v5MbLZUncZTCdS14U
9upMShXyEKcc2+Jekv7Szd+uxlM+g9LxVm8fuxLy989GSumkk1cKOUC4nD53WYrn
IJPGuxIT0wG29d21bi/v5/TWgEr7hx8IzQW4SmR+xcI0AbGJ4aB+FJi8SA3WzsG3
aTU/qn8Fu2W+QYgI+2HPqXqE8R/li6qEL9pV+RuoIk/6VtNpaN6lU5/589mG3E8+
PSz8S8k0DHaCOKPucXl+PsNz9SiTlCKenNE9zz0VprgG+10Nxr+kntzbz4cz3DiT
hxAakfiFQitmCW+nUQD5Gc6AcMRvT49RilMI7Q0H4wVKxBydjxMrekyRRQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJStH1RxWHfrPmXM8YIoLN/qujSAMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvbEswZlZIRllkLXMtWmN6eGdpZ3MzLXE2TklBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQHVYWAMAwD
BAC5KQEDBAK5KQAwDQQCAAIwBwMFAyoEh8AwDQYJKoZIhvcNAQELBQADggEBAArZ
sGWel6YK8F4kp6NCwe+9UR0BnzmEQSPKK4cOmeGMjxspljpKOTOaCVg1C++gypxe
U/baaedUkNcPZih8nW0mDnfmTtIZrbJswC0ieNyPZfvB4STjr6oNbCENTdfUVEIN
CyiBr4MbwsGbT+A8Y0MpM1QgT2aIsjwGVZrftjYcb12OMXlo8SiuopIIK4C/NiKR
GCcS5rKPedQ4ny5EKvYqIu4R68V7NO78J0pavhL7EgyGEDMfGxCoU01Zhau586b+
ahVn1ZWDErIqZreDvCN3gmNFBs9zSy0A0HV4gMRmCdETzIaT33vnMNT/iqqDqlhW
uaB4aZbdPUmII7XU78I=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:51 2023 by rpki-client on console.sobornost.net