Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/csazUKjhqRWBX5pVDhjGjd1KKP0.roa
File: csazUKjhqRWBX5pVDhjGjd1KKP0.roa (raw, json)
Hash identifier: slD7I7tAnooDK0bHyMg2hb/0ALYeIR9c0XD4JR0KvnE=
Subject key identifier: 72:C6:B3:50:A8:E1:A9:15:81:5F:9A:55:0E:18:C6:8D:DD:4A:28:FD
Certificate issuer: /CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Certificate serial: 01970CB05F9A32956D8F43E495CC788D9286
Authority key identifier: CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/csazUKjhqRWBX5pVDhjGjd1KKP0.roa
Signing time: Mon 26 May 2025 13:02:54 +0000
ROA not before: Mon 26 May 2025 13:02:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13150
IP address blocks: 85.255.16.0/24 maxlen: 24
85.255.17.0/24 maxlen: 24
85.255.19.0/24 maxlen: 24
85.255.20.0/24 maxlen: 24
85.255.21.0/24 maxlen: 24
85.255.23.0/24 maxlen: 24
85.255.24.0/24 maxlen: 24
85.255.25.0/24 maxlen: 24
85.255.26.0/24 maxlen: 24
85.255.27.0/24 maxlen: 24
85.255.28.0/24 maxlen: 24
85.255.29.0/24 maxlen: 24
85.255.30.0/24 maxlen: 24
85.255.31.0/24 maxlen: 24
185.114.120.0/24 maxlen: 24
185.114.121.0/24 maxlen: 24
185.114.122.0/24 maxlen: 24
185.114.123.0/24 maxlen: 24
209.206.0.0/24 maxlen: 24
209.206.1.0/24 maxlen: 24
209.206.2.0/24 maxlen: 24
209.206.3.0/24 maxlen: 24
209.206.4.0/24 maxlen: 24
209.206.5.0/24 maxlen: 24
209.206.6.0/24 maxlen: 24
209.206.7.0/24 maxlen: 24
209.206.8.0/24 maxlen: 24
209.206.9.0/24 maxlen: 24
209.206.10.0/24 maxlen: 24
209.206.11.0/24 maxlen: 24
209.206.12.0/24 maxlen: 24
209.206.13.0/24 maxlen: 24
209.206.14.0/24 maxlen: 24
209.206.15.0/24 maxlen: 24
209.206.16.0/24 maxlen: 24
209.206.17.0/24 maxlen: 24
209.206.18.0/24 maxlen: 24
209.206.19.0/24 maxlen: 24
209.206.20.0/24 maxlen: 24
209.206.21.0/24 maxlen: 24
209.206.22.0/24 maxlen: 24
209.206.23.0/24 maxlen: 24
209.206.24.0/24 maxlen: 24
209.206.25.0/24 maxlen: 24
209.206.26.0/24 maxlen: 24
209.206.27.0/24 maxlen: 24
209.206.28.0/24 maxlen: 24
209.206.29.0/24 maxlen: 24
209.206.30.0/24 maxlen: 24
209.206.31.0/24 maxlen: 24
216.252.177.0/24 maxlen: 24
216.252.178.0/24 maxlen: 24
216.252.179.0/24 maxlen: 24
216.252.180.0/24 maxlen: 24
216.252.182.0/24 maxlen: 24
216.252.183.0/24 maxlen: 24
216.252.184.0/24 maxlen: 24
216.252.185.0/24 maxlen: 24
216.252.186.0/24 maxlen: 24
216.252.187.0/24 maxlen: 24
216.252.189.0/24 maxlen: 24
216.252.190.0/24 maxlen: 24
216.252.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 May 2025 11:57:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0c:b0:5f:9a:32:95:6d:8f:43:e4:95:cc:78:8d:92:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Validity
Not Before: May 26 13:02:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72c6b350a8e1a915815f9a550e18c68ddd4a28fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:26:26:04:49:31:21:35:94:11:d0:e3:3e:47:
34:10:01:08:49:2e:98:c6:65:97:0c:07:b0:3b:19:
b5:f8:24:ce:b8:c7:62:ed:d0:15:aa:d4:4c:9e:37:
84:77:d4:fe:42:d9:ec:01:97:93:8c:86:ed:aa:63:
8b:d4:bc:92:ab:f4:07:1c:57:ff:43:36:3b:1a:d5:
4f:06:f4:ee:4f:04:30:47:87:cf:d6:fa:0a:bb:7d:
36:63:8b:e7:4d:d9:f1:5a:81:e4:ce:28:e0:a2:2a:
09:8e:e8:7a:e5:aa:10:60:b0:3b:75:b7:29:8d:a4:
89:5f:d2:21:1c:e4:20:1b:46:11:b9:78:8f:cc:86:
20:3f:12:de:7f:e5:b5:9c:02:43:8a:f8:f8:a3:39:
0d:7c:ff:5b:f1:5d:85:2a:ef:f4:ca:3d:19:f4:8c:
08:4e:2e:5f:bf:bf:a3:df:19:79:79:69:38:30:87:
80:55:1d:b1:b2:e1:31:b8:a1:59:b4:ea:bc:4c:28:
59:ee:1b:bc:75:0a:9e:7e:aa:cc:ba:4e:75:d4:8f:
70:98:17:c6:7f:ea:85:ae:54:e2:73:da:3f:40:40:
1b:df:ad:8a:cc:98:6d:69:bd:1f:2a:b1:27:2a:d1:
59:7e:76:db:59:0f:e9:79:6a:9d:62:df:e0:bb:29:
85:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:C6:B3:50:A8:E1:A9:15:81:5F:9A:55:0E:18:C6:8D:DD:4A:28:FD
X509v3 Authority Key Identifier:
keyid:CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/csazUKjhqRWBX5pVDhjGjd1KKP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.16.0/23
85.255.19.0-85.255.21.255
85.255.23.0-85.255.31.255
185.114.120.0/22
209.206.0.0/19
216.252.177.0-216.252.180.255
216.252.182.0-216.252.187.255
216.252.189.0-216.252.191.255
Signature Algorithm: sha256WithRSAEncryption
a7:7f:94:8e:e5:b0:29:bf:ba:c8:44:ce:85:33:28:29:19:d8:
87:f4:49:8e:50:af:cc:50:51:31:ea:11:02:66:05:57:fb:c8:
53:bc:27:19:89:7a:a5:fb:33:f1:dd:ab:56:d0:28:f2:d9:83:
f1:52:8c:9c:f0:a5:95:5f:13:70:2b:53:e5:3f:fd:74:cb:a8:
5c:12:37:0b:07:a7:8e:62:a4:9c:ef:8a:67:f4:53:7e:7c:96:
7e:69:57:c1:74:b3:7d:7e:9a:24:a2:c9:51:0b:64:dd:5d:8d:
f3:07:c5:b3:0f:89:a2:d3:96:76:96:c8:06:0c:46:12:c6:21:
21:eb:4f:89:0f:87:1d:b9:5a:43:a2:1a:64:f2:c1:9d:55:59:
53:ca:12:5d:22:8b:2a:68:61:65:7f:6d:c6:c5:b8:d8:09:73:
81:6e:94:30:ff:12:9a:aa:3b:a0:10:3e:32:cf:66:73:b3:06:
5d:b6:f6:21:c0:f7:2d:e3:41:0e:20:41:97:73:df:27:19:92:
e2:cb:a3:d6:20:ae:5c:4b:9d:a8:16:7f:25:e9:1b:3d:d0:82:
cb:c6:0f:f5:79:fb:42:98:fc:47:cc:a3:9c:d8:08:e3:3c:fc:
b2:8e:6d:55:20:53:cf:dd:bc:c0:0b:bc:9b:74:b1:69:19:78:
ae:3d:3b:86
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZcMsF+aMpVtj0Pklcx4jZKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYjc1MTkxOTc4ODY2ZjFmYzk3ZjUyM2M3ZGRhNDBhODhm
N2U3NzcwHhcNMjUwNTI2MTMwMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmM2YjM1MGE4ZTFhOTE1ODE1ZjlhNTUwZTE4YzY4ZGRkNGEyOGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7yYmBEkxITWUEdDjPkc0EAEISS6Y
xmWXDAewOxm1+CTOuMdi7dAVqtRMnjeEd9T+QtnsAZeTjIbtqmOL1LySq/QHHFf/
QzY7GtVPBvTuTwQwR4fP1voKu302Y4vnTdnxWoHkzijgoioJjuh65aoQYLA7dbcp
jaSJX9IhHOQgG0YRuXiPzIYgPxLef+W1nAJDivj4ozkNfP9b8V2FKu/0yj0Z9IwI
Ti5fv7+j3xl5eWk4MIeAVR2xsuExuKFZtOq8TChZ7hu8dQqefqrMuk511I9wmBfG
f+qFrlTic9o/QEAb362KzJhtab0fKrEnKtFZfnbbWQ/peWqdYt/guymFHQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFHLGs1Co4akVgV+aVQ4Yxo3dSij9MB8GA1UdIwQY
MBaAFM+3UZGXiGbx/Jf1I8fdpAqI9+d3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWIt
YzE5OWM3YjRjYWMyLzEvY3NhelVLamhxUldCWDVwVkRoakdqZDFLS1AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWItYzE5OWM3YjRjYWMy
LzEvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQBVf8QMAwD
BABV/xMDBAFV/xQwDAMEAFX/FwMEBVX/AAMEArlyeAMEBdHOADAMAwQA2PyxAwQA
2Py0MAwDBAHY/LYDBALY/LgwDAMEANj8vQMEBtj8gDANBgkqhkiG9w0BAQsFAAOC
AQEAp3+UjuWwKb+6yETOhTMoKRnYh/RJjlCvzFBRMeoRAmYFV/vIU7wnGYl6pfsz
8d2rVtAo8tmD8VKMnPCllV8TcCtT5T/9dMuoXBI3CwenjmKknO+KZ/RTfnyWfmlX
wXSzfX6aJKLJUQtk3V2N8wfFsw+JotOWdpbIBgxGEsYhIetPiQ+HHblaQ6IaZPLB
nVVZU8oSXSKLKmhhZX9txsW42AlzgW6UMP8Smqo7oBA+Ms9mc7MGXbb2IcD3LeNB
DiBBl3PfJxmS4suj1iCuXEudqBZ/JekbPdCCy8YP9Xn7Qpj8R8yjnNgI4zz8so5t
VSBTz928wAu8m3SxaRl4rj07hg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:46:01 2025 by rpki-client