Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/1-gPYYFbNmFRSFWePbV4q_qKQJeQ.roa
File: 1-gPYYFbNmFRSFWePbV4q_qKQJeQ.roa (raw, json)
Hash identifier: 8mAmVOkQprqff9TLDfQ0Pnoxyr1SSfa/RU5TbkijDsU=
Subject key identifier: FA:03:D8:60:56:CD:98:54:52:15:67:8F:6D:5E:2A:FE:A2:90:25:E4
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0194C6E5A5F49AD663EF6916D30BE7156EB9
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/1-gPYYFbNmFRSFWePbV4q_qKQJeQ.roa
Signing time: Sun 02 Feb 2025 13:42:06 +0000
ROA not before: Sun 02 Feb 2025 13:42:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.151.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.167.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.168.0/24 maxlen: 24
85.133.169.0/24 maxlen: 24
85.133.170.0/24 maxlen: 24
85.133.171.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.173.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.175.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.176.0/24 maxlen: 24
85.133.177.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.180.0/24 maxlen: 24
85.133.181.0/24 maxlen: 24
85.133.182.0/24 maxlen: 24
85.133.183.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.184.0/24 maxlen: 24
85.133.185.0/24 maxlen: 24
85.133.186.0/24 maxlen: 24
85.133.187.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.188.0/24 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.190.0/24 maxlen: 24
85.133.191.0/24 maxlen: 24
85.133.192.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.248.0/24 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 16 Feb 2025 09:06:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c6:e5:a5:f4:9a:d6:63:ef:69:16:d3:0b:e7:15:6e:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Feb 2 13:42:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa03d86056cd98545215678f6d5e2afea29025e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:de:cc:2e:c6:87:7f:81:f6:6a:18:39:9e:a0:
6d:6b:aa:03:c6:14:61:2e:bf:5c:3f:04:a1:57:f9:
41:2b:cb:19:f8:71:88:18:1c:01:b7:f7:cf:a9:0a:
a5:29:45:cd:8d:a3:7f:e7:0f:18:48:cb:0a:f3:4f:
74:88:15:15:da:d8:51:b5:87:d8:c9:5b:e2:91:46:
d4:b1:47:a5:b2:ff:1c:cb:b5:0a:46:0c:10:f0:92:
d2:ab:e3:c6:a4:e3:34:37:77:9b:90:03:71:5f:00:
8d:00:b0:9a:97:be:0d:f1:9f:a2:7d:1f:dd:62:28:
53:8d:bd:3d:e4:fd:25:4f:b2:55:59:11:a0:75:15:
45:ea:4b:66:71:cc:b5:92:e7:fc:b5:de:a6:4e:fa:
e5:14:bd:9a:fb:96:06:f0:43:a2:06:a0:c2:63:ec:
97:c9:cc:97:87:ca:07:42:ef:df:05:ef:2e:62:c9:
18:ea:ae:e5:34:fd:8e:06:85:b4:06:b7:97:cb:c6:
bf:9d:07:5d:92:92:bf:4e:42:49:3a:4d:e6:44:b1:
15:70:09:73:c4:8e:a4:32:3f:2a:25:58:3a:ea:bc:
65:e0:d7:53:b5:d9:20:32:38:51:05:ae:87:26:70:
f0:19:60:52:91:69:fc:29:5c:94:9d:0a:2a:ad:8c:
b9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:03:D8:60:56:CD:98:54:52:15:67:8F:6D:5E:2A:FE:A2:90:25:E4
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/1-gPYYFbNmFRSFWePbV4q_qKQJeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/19
85.133.164.0-85.133.192.255
85.133.196.0/22
85.133.209.0-85.133.213.255
85.133.220.0/24
85.133.223.0/24
85.133.225.0-85.133.226.255
85.133.228.0-85.133.232.255
85.133.235.0/24
85.133.239.0/24
85.133.244.0/23
85.133.247.0-85.133.249.255
85.133.255.0/24
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
50:e1:4f:78:0f:34:d9:de:1b:61:f5:f3:21:23:21:5c:eb:8f:
c9:0b:99:83:07:ad:15:7e:83:a8:be:17:2c:ce:5b:5a:da:89:
cd:82:d4:03:2c:81:b3:5d:bd:88:95:d1:2f:8f:21:83:40:10:
ba:f6:63:a4:71:76:e8:1d:f7:0a:c8:f0:55:0f:bf:2b:87:f6:
71:69:63:53:e2:ea:e3:78:07:cc:a8:ee:a0:4a:37:19:b7:22:
f5:5b:d7:4b:d9:22:ef:29:c4:36:ba:5f:1a:03:08:08:e8:5f:
c4:5e:a8:52:bb:db:3c:3e:21:1c:61:02:6a:8d:d5:02:d4:4c:
1e:90:d8:fd:b9:a2:33:55:e1:b1:72:e0:02:6d:42:9f:94:a6:
6f:13:87:e2:b7:c8:7c:48:e0:db:59:98:93:c2:a0:7c:a6:48:
bb:6e:fb:71:d8:dc:e5:b3:cb:de:e9:c7:bb:33:ee:a5:10:d3:
7e:d2:68:aa:f0:60:53:4c:3d:f5:a0:a5:50:dc:ba:3f:1d:44:
6e:34:c4:71:c3:8b:01:ab:75:da:55:02:fe:f4:a6:f0:a5:e6:
a1:10:02:cd:29:97:c2:be:4b:3d:10:d8:f7:1e:56:fc:a6:ed:
c3:e0:70:2e:e2:4f:ef:7a:a8:7c:5b:ca:e9:31:76:85:0d:28:
e9:4f:db:3d
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZTG5aX0mtZj72kW0wvnFW65MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwMjAyMTM0MjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTAzZDg2MDU2Y2Q5ODU0NTIxNTY3OGY2ZDVlMmFmZWEyOTAyNWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2d7MLsaHf4H2ahg5nqBta6oDxhRh
Lr9cPwShV/lBK8sZ+HGIGBwBt/fPqQqlKUXNjaN/5w8YSMsK8090iBUV2thRtYfY
yVvikUbUsUelsv8cy7UKRgwQ8JLSq+PGpOM0N3ebkANxXwCNALCal74N8Z+ifR/d
YihTjb095P0lT7JVWRGgdRVF6ktmccy1kuf8td6mTvrlFL2a+5YG8EOiBqDCY+yX
ycyXh8oHQu/fBe8uYskY6q7lNP2OBoW0BreXy8a/nQddkpK/TkJJOk3mRLEVcAlz
xI6kMj8qJVg66rxl4NdTtdkgMjhRBa6HJnDwGWBSkWn8KVyUnQoqrYy5+QIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFPoD2GBWzZhUUhVnj21eKv6ikCXkMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvMS1nUFlZRmJObUZSU0ZXZVBiVjRxX3FLUUplUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjAvZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYz
Yi8xL3pWNDVaWW8tOXZFOG9oekJHazR6NjgyVVp3SS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBoAYIKwYBBQUHAQcBAf8EgZAwgY0wfAQCAAEwdgMEBVWF
gDAMAwQCVYWkAwQAVYXAAwQCVYXEMAwDBABVhdEDBAFVhdQDBABVhdwDBABVhd8w
DAMEAFWF4QMEAFWF4jAMAwQCVYXkAwQAVYXoAwQAVYXrAwQAVYXvAwQBVYX0MAwD
BABVhfcDBAFVhfgDBABVhf8wDQQCAAIwBwMFAyoEh8AwDQYJKoZIhvcNAQELBQAD
ggEBAFDhT3gPNNneG2H18yEjIVzrj8kLmYMHrRV+g6i+FyzOW1raic2C1AMsgbNd
vYiV0S+PIYNAELr2Y6Rxdugd9wrI8FUPvyuH9nFpY1Pi6uN4B8yo7qBKNxm3IvVb
10vZIu8pxDa6XxoDCAjoX8ReqFK72zw+IRxhAmqN1QLUTB6Q2P25ojNV4bFy4AJt
Qp+Upm8Th+K3yHxI4NtZmJPCoHymSLtu+3HY3OWzy97px7sz7qUQ037SaKrwYFNM
PfWgpVDcuj8dRG40xHHDiwGrddpVAv70pvCl5qEQAs0pl8K+Sz0Q2PceVvym7cPg
cC7iT+96qHxbyukxdoUNKOlP2z0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:43:40 2025 by rpki-client