Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/1-Io-WtWVvzt1qgoxQpkOKqCDiIw.roa
File: 1-Io-WtWVvzt1qgoxQpkOKqCDiIw.roa (raw, json)
Hash identifier: H1M0N7q5tr6n1dELLrbfcdAbDF2xzQRwIzvu2Y0KIQs=
Subject key identifier: F8:8A:3E:5A:D5:95:BF:3B:75:AA:0A:31:42:99:0E:2A:A0:83:88:8C
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0195A42CBBA013F1381BE26524A78888BAC5
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/1-Io-WtWVvzt1qgoxQpkOKqCDiIw.roa
Signing time: Mon 17 Mar 2025 12:55:49 +0000
ROA not before: Mon 17 Mar 2025 12:55:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36352
IP address blocks: 85.133.208.0/23 maxlen: 24
85.133.214.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.234.0/24 maxlen: 24
85.133.246.0/23 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/24 maxlen: 24
85.133.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 20:58:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a4:2c:bb:a0:13:f1:38:1b:e2:65:24:a7:88:88:ba:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Mar 17 12:55:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f88a3e5ad595bf3b75aa0a3142990e2aa083888c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:fa:a4:e9:8d:ac:ae:71:6b:6c:71:f7:28:03:
07:9f:3f:91:f0:28:a2:fa:b2:31:15:af:c8:92:a9:
e3:cf:f2:9c:94:6b:fc:5c:d1:06:22:c7:a9:b1:9b:
1b:6a:22:63:9b:ca:0d:2c:38:a3:77:bd:66:9d:29:
4d:f2:1a:64:af:dc:05:fc:4b:e5:e3:45:d4:1c:30:
2d:23:cb:73:2e:9b:c8:85:35:3e:e5:fa:38:b3:87:
0b:42:10:05:05:c4:91:c1:cc:78:20:2d:14:b2:76:
64:61:e2:a4:c9:c7:cc:cf:b1:bb:30:cb:c0:8c:51:
c6:55:65:fd:e3:f2:a5:1f:72:ae:44:06:a5:b5:71:
4e:ba:fe:66:49:81:e0:5f:a6:25:b7:64:6d:cd:8c:
e9:6d:66:73:1c:28:49:da:51:15:c6:f3:65:6d:81:
bb:bb:96:ae:96:f9:df:8e:79:f3:73:97:63:6e:8d:
fb:fb:c5:be:cb:99:90:d2:d6:47:ba:92:0f:db:cb:
2d:63:e6:4d:4b:9a:f5:eb:2e:3a:c3:76:53:54:f8:
32:69:67:71:e1:72:02:1a:3c:f0:90:30:a7:6a:84:
7c:6d:58:2a:0d:33:b5:d1:7e:7b:d9:dc:63:67:97:
72:72:9c:bd:e6:1a:ea:e3:4e:a8:24:51:79:1f:90:
b7:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:8A:3E:5A:D5:95:BF:3B:75:AA:0A:31:42:99:0E:2A:A0:83:88:8C
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/1-Io-WtWVvzt1qgoxQpkOKqCDiIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.208.0/23
85.133.214.0/24
85.133.222.0/24
85.133.225.0/24
85.133.227.0-85.133.228.255
85.133.234.0/24
85.133.246.0-85.133.249.255
85.133.251.0-85.133.252.255
85.133.254.0/24
Signature Algorithm: sha256WithRSAEncryption
16:43:96:e3:29:6b:68:97:5e:64:6a:f4:24:60:34:1f:5b:bc:
4f:55:3c:f4:24:cc:ae:8f:87:c8:3e:7e:42:d9:38:36:ee:38:
06:a7:80:06:56:ad:9d:3e:72:41:97:d7:76:d4:d7:bb:b0:51:
48:3d:d2:13:93:d7:22:cc:56:a1:48:37:5c:02:c7:ce:e7:1e:
93:d7:1f:7d:ed:20:64:91:49:23:2a:14:a8:76:05:33:e1:91:
7a:4c:2b:6d:e3:04:2e:2f:11:f4:72:bb:f4:13:97:f7:c4:3e:
09:95:92:b1:0a:4f:e9:f5:ad:84:53:7c:a7:2e:e2:e4:8f:bf:
7c:dc:41:04:28:2c:27:36:fe:b3:c7:b3:5b:3d:e3:96:98:94:
4c:ef:bb:dd:df:d1:d0:36:01:0c:21:79:29:af:4d:69:18:b4:
7c:3e:1e:40:57:77:56:1b:98:c2:e8:c9:af:b2:1d:b8:b5:0d:
a7:e6:56:d7:5f:25:e2:7b:13:29:b5:e4:32:df:43:dd:11:ca:
6f:86:71:5f:d9:54:5d:6a:e6:3b:5a:7d:f0:b6:1a:29:1b:23:
f2:aa:ce:b3:cb:6a:37:66:03:d3:3e:df:ae:a6:8f:9b:96:b7:
b2:02:11:40:c3:ab:ad:4a:a4:01:ee:2a:4e:54:fd:db:d8:e8:
8d:be:30:88
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZWkLLugE/E4G+JlJKeIiLrFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwMzE3MTI1NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODhhM2U1YWQ1OTViZjNiNzVhYTBhMzE0Mjk5MGUyYWEwODM4ODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/qk6Y2srnFrbHH3KAMHnz+R8Cii
+rIxFa/Ikqnjz/KclGv8XNEGIsepsZsbaiJjm8oNLDijd71mnSlN8hpkr9wF/Evl
40XUHDAtI8tzLpvIhTU+5fo4s4cLQhAFBcSRwcx4IC0UsnZkYeKkycfMz7G7MMvA
jFHGVWX94/KlH3KuRAaltXFOuv5mSYHgX6Ylt2RtzYzpbWZzHChJ2lEVxvNlbYG7
u5aulvnfjnnzc5djbo37+8W+y5mQ0tZHupIP28stY+ZNS5r16y46w3ZTVPgyaWdx
4XICGjzwkDCnaoR8bVgqDTO10X572dxjZ5dycpy95hrq406oJFF5H5C38QIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFPiKPlrVlb87daoKMUKZDiqgg4iMMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvMS1Jby1XdFdWdnp0MXFnb3hRcGtPS3FDRGlJdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjAvZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYz
Yi8xL3pWNDVaWW8tOXZFOG9oekJHazR6NjgyVVp3SS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBnBggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAVWF0AME
AFWF1gMEAFWF3gMEAFWF4TAMAwQAVYXjAwQAVYXkAwQAVYXqMAwDBAFVhfYDBAFV
hfgwDAMEAFWF+wMEAFWF/AMEAFWF/jANBgkqhkiG9w0BAQsFAAOCAQEAFkOW4ylr
aJdeZGr0JGA0H1u8T1U89CTMro+HyD5+Qtk4Nu44BqeABlatnT5yQZfXdtTXu7BR
SD3SE5PXIsxWoUg3XALHzucek9cffe0gZJFJIyoUqHYFM+GRekwrbeMELi8R9HK7
9BOX98Q+CZWSsQpP6fWthFN8py7i5I+/fNxBBCgsJzb+s8ezWz3jlpiUTO+73d/R
0DYBDCF5Ka9NaRi0fD4eQFd3VhuYwujJr7IduLUNp+ZW118l4nsTKbXkMt9D3RHK
b4ZxX9lUXWrmO1p98LYaKRsj8qrOs8tqN2YD0z7frqaPm5a3sgIRQMOrrUqkAe4q
TlT929jojb4wiA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:42:03 2025 by rpki-client