Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/ezZ-jxZC3Kr08UvXf3oIEdI6QCY.roa
File: ezZ-jxZC3Kr08UvXf3oIEdI6QCY.roa (raw, json)
Hash identifier: DMAl+JMkK6O4Uab4kXhW+cQe3AgKn2j5QJFsETpP7j8=
Subject key identifier: 7B:36:7E:8F:16:42:DC:AA:F4:F1:4B:D7:7F:7A:08:11:D2:3A:40:26
Certificate issuer: /CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Certificate serial: 0194221FF5F3BAC56E0719F1D4508D6A4E94
Authority key identifier: CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/ezZ-jxZC3Kr08UvXf3oIEdI6QCY.roa
Signing time: Wed 01 Jan 2025 13:48:27 +0000
ROA not before: Wed 01 Jan 2025 13:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13150
IP address blocks: 85.255.16.0/24 maxlen: 24
85.255.17.0/24 maxlen: 24
85.255.19.0/24 maxlen: 24
85.255.20.0/24 maxlen: 24
85.255.21.0/24 maxlen: 24
85.255.23.0/24 maxlen: 24
85.255.24.0/24 maxlen: 24
85.255.25.0/24 maxlen: 24
85.255.26.0/24 maxlen: 24
85.255.27.0/24 maxlen: 24
85.255.28.0/24 maxlen: 24
85.255.29.0/24 maxlen: 24
85.255.30.0/24 maxlen: 24
85.255.31.0/24 maxlen: 24
185.114.120.0/24 maxlen: 24
185.114.121.0/24 maxlen: 24
185.114.122.0/24 maxlen: 24
185.114.123.0/24 maxlen: 24
209.206.0.0/24 maxlen: 24
209.206.1.0/24 maxlen: 24
209.206.2.0/24 maxlen: 24
209.206.3.0/24 maxlen: 24
209.206.4.0/24 maxlen: 24
209.206.5.0/24 maxlen: 24
209.206.6.0/24 maxlen: 24
209.206.7.0/24 maxlen: 24
209.206.8.0/24 maxlen: 24
209.206.9.0/24 maxlen: 24
209.206.10.0/24 maxlen: 24
209.206.11.0/24 maxlen: 24
209.206.12.0/24 maxlen: 24
209.206.13.0/24 maxlen: 24
209.206.14.0/24 maxlen: 24
209.206.15.0/24 maxlen: 24
209.206.16.0/24 maxlen: 24
209.206.17.0/24 maxlen: 24
209.206.18.0/24 maxlen: 24
209.206.19.0/24 maxlen: 24
209.206.20.0/24 maxlen: 24
209.206.21.0/24 maxlen: 24
209.206.22.0/24 maxlen: 24
209.206.23.0/24 maxlen: 24
209.206.24.0/24 maxlen: 24
209.206.25.0/24 maxlen: 24
209.206.26.0/24 maxlen: 24
209.206.27.0/24 maxlen: 24
209.206.28.0/24 maxlen: 24
209.206.29.0/24 maxlen: 24
209.206.30.0/24 maxlen: 24
209.206.31.0/24 maxlen: 24
216.252.177.0/24 maxlen: 24
216.252.178.0/24 maxlen: 24
216.252.179.0/24 maxlen: 24
216.252.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Mar 2025 09:27:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:f5:f3:ba:c5:6e:07:19:f1:d4:50:8d:6a:4e:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Validity
Not Before: Jan 1 13:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b367e8f1642dcaaf4f14bd77f7a0811d23a4026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9d:1a:a8:52:66:58:aa:b0:5b:6e:76:85:be:
d7:55:59:c4:ee:df:81:a2:48:7c:b7:e6:37:e3:c2:
e7:20:ae:cc:62:27:25:8e:08:13:30:57:c9:90:1f:
4a:73:f2:ea:a4:94:82:55:5e:8d:05:2d:62:60:25:
04:17:4b:00:04:27:65:42:02:38:7c:1c:ff:16:aa:
00:f0:0c:e8:a0:86:52:af:8a:14:8f:40:74:64:0c:
3a:16:bf:bd:49:c5:3e:8c:fa:cf:e8:99:92:2b:94:
e8:0f:de:eb:bd:65:89:16:d2:64:1c:8c:b0:86:2c:
ae:1d:65:a8:6a:3a:6f:20:a5:b3:d2:2b:35:31:91:
11:cd:fd:26:1a:61:99:a6:b2:f8:fc:cd:d0:30:61:
69:3f:3c:15:78:d3:c4:a0:16:8a:4a:8b:4a:8c:30:
e8:46:71:5c:1e:d5:6e:73:6d:59:c1:17:14:54:ab:
23:87:0c:6a:24:52:ae:86:38:f1:44:42:40:b0:05:
e7:ae:a9:7e:aa:71:5c:62:2b:6c:02:11:ff:81:72:
50:1a:cf:c7:e3:e9:a5:07:5a:80:db:d3:e3:34:5c:
c3:6b:94:a1:b8:fb:4e:44:8a:02:84:d7:23:8d:81:
d6:3e:22:5a:c2:70:27:5e:c7:ab:3b:6f:c2:a8:8d:
3e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:36:7E:8F:16:42:DC:AA:F4:F1:4B:D7:7F:7A:08:11:D2:3A:40:26
X509v3 Authority Key Identifier:
keyid:CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/ezZ-jxZC3Kr08UvXf3oIEdI6QCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.16.0/23
85.255.19.0-85.255.21.255
85.255.23.0-85.255.31.255
185.114.120.0/22
209.206.0.0/19
216.252.177.0-216.252.180.255
Signature Algorithm: sha256WithRSAEncryption
a2:7b:3f:13:df:43:03:84:34:97:85:6b:d9:4c:cf:f8:b8:7f:
f0:b7:cf:f4:d6:d8:cf:97:dc:5a:fb:10:89:79:ac:5e:a0:98:
b8:07:90:86:87:58:24:16:33:e5:00:5e:af:6a:ab:f9:aa:d9:
83:95:35:5a:53:53:2f:99:b4:f6:c6:94:73:68:34:00:58:81:
6f:61:76:36:b4:93:f8:81:52:1d:40:c4:18:5a:0f:50:bd:a2:
1b:50:0d:58:2a:20:79:b0:a1:02:96:85:45:51:c3:f4:47:15:
c5:b9:55:d5:56:50:41:8e:64:28:ef:e1:c6:a6:c8:dc:47:e5:
3e:0f:d8:1a:ad:32:f7:b3:03:39:c9:79:70:0d:e1:1b:cc:47:
de:e8:ed:63:05:1b:f9:8c:4f:1e:fa:54:0d:36:82:6a:af:30:
17:01:8c:7d:2a:54:1f:df:cf:e4:6c:61:bb:5c:41:f1:d7:ee:
a5:56:02:fd:68:b3:d0:08:a2:6d:05:ac:f4:33:66:e3:c5:86:
9c:c7:04:73:a5:9a:7d:23:c7:64:3e:03:c3:a2:9a:ec:ed:93:
ae:f4:89:e1:28:06:28:c7:5e:3e:cf:d9:78:67:f4:12:a5:a5:
06:3c:3c:68:bf:08:9b:a5:be:c8:6a:9c:ba:78:ce:fe:34:b4:
45:78:06:80
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQiH/XzusVuBxnx1FCNak6UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYjc1MTkxOTc4ODY2ZjFmYzk3ZjUyM2M3ZGRhNDBhODhm
N2U3NzcwHhcNMjUwMTAxMTM0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjM2N2U4ZjE2NDJkY2FhZjRmMTRiZDc3ZjdhMDgxMWQyM2E0MDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJ0aqFJmWKqwW252hb7XVVnE7t+B
okh8t+Y348LnIK7MYicljggTMFfJkB9Kc/LqpJSCVV6NBS1iYCUEF0sABCdlQgI4
fBz/FqoA8AzooIZSr4oUj0B0ZAw6Fr+9ScU+jPrP6JmSK5ToD97rvWWJFtJkHIyw
hiyuHWWoajpvIKWz0is1MZERzf0mGmGZprL4/M3QMGFpPzwVeNPEoBaKSotKjDDo
RnFcHtVuc21ZwRcUVKsjhwxqJFKuhjjxREJAsAXnrql+qnFcYitsAhH/gXJQGs/H
4+mlB1qA29PjNFzDa5ShuPtORIoChNcjjYHWPiJawnAnXserO2/CqI0+xQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFHs2fo8WQtyq9PFL1396CBHSOkAmMB8GA1UdIwQY
MBaAFM+3UZGXiGbx/Jf1I8fdpAqI9+d3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWIt
YzE5OWM3YjRjYWMyLzEvZXpaLWp4WkMzS3IwOFV2WGYzb0lFZEk2UUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWItYzE5OWM3YjRjYWMy
LzEvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBVf8QMAwD
BABV/xMDBAFV/xQwDAMEAFX/FwMEBVX/AAMEArlyeAMEBdHOADAMAwQA2PyxAwQA
2Py0MA0GCSqGSIb3DQEBCwUAA4IBAQCiez8T30MDhDSXhWvZTM/4uH/wt8/01tjP
l9xa+xCJeaxeoJi4B5CGh1gkFjPlAF6vaqv5qtmDlTVaU1MvmbT2xpRzaDQAWIFv
YXY2tJP4gVIdQMQYWg9QvaIbUA1YKiB5sKECloVFUcP0RxXFuVXVVlBBjmQo7+HG
psjcR+U+D9garTL3swM5yXlwDeEbzEfe6O1jBRv5jE8e+lQNNoJqrzAXAYx9KlQf
38/kbGG7XEHx1+6lVgL9aLPQCKJtBaz0M2bjxYacxwRzpZp9I8dkPgPDoprs7ZOu
9InhKAYox14+z9l4Z/QSpaUGPDxovwibpb7Iapy6eM7+NLRFeAaA
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:10:23 2025 by rpki-client