Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/24C1LR8QkF_lI1VtiG8FDSXqj8Y.roa
File: 24C1LR8QkF_lI1VtiG8FDSXqj8Y.roa (raw, json)
Hash identifier: nsjirJNOYBikrd4glakvcrI6GSJC+DyHIGDiSukeywg=
Subject key identifier: DB:80:B5:2D:1F:10:90:5F:E5:23:55:6D:88:6F:05:0D:25:EA:8F:C6
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 019734A4FF887BAB322D191C6295941914A3
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/24C1LR8QkF_lI1VtiG8FDSXqj8Y.roa
Signing time: Tue 03 Jun 2025 07:15:17 +0000
ROA not before: Tue 03 Jun 2025 07:15:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.151.0/24 maxlen: 24
85.133.152.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.167.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.168.0/24 maxlen: 24
85.133.169.0/24 maxlen: 24
85.133.170.0/24 maxlen: 24
85.133.171.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.173.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.175.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.176.0/24 maxlen: 24
85.133.177.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.180.0/24 maxlen: 24
85.133.181.0/24 maxlen: 24
85.133.182.0/24 maxlen: 24
85.133.183.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.184.0/24 maxlen: 24
85.133.185.0/24 maxlen: 24
85.133.186.0/24 maxlen: 24
85.133.187.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.188.0/24 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.190.0/24 maxlen: 24
85.133.191.0/24 maxlen: 24
85.133.192.0/24 maxlen: 24
85.133.208.0/23 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.248.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/24 maxlen: 24
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 05 Jun 2025 12:23:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:34:a4:ff:88:7b:ab:32:2d:19:1c:62:95:94:19:14:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jun 3 07:15:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db80b52d1f10905fe523556d886f050d25ea8fc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fc:e9:55:c8:1d:18:11:9a:c9:18:37:69:20:
11:6c:e9:96:2e:05:41:a8:91:45:1a:bb:69:53:0b:
15:ad:3c:87:3b:02:5e:50:70:09:72:ba:fb:1e:0c:
49:00:dd:89:80:30:7b:b2:ce:df:bf:10:04:51:e7:
17:91:56:56:8d:ae:a4:03:d2:54:98:0b:e7:1e:d8:
8f:04:61:e4:e4:b8:e1:7a:42:0e:56:4a:bb:dc:c3:
52:8e:6e:f4:3e:9f:cf:4c:74:cb:79:9f:e3:3c:27:
52:89:bc:b3:bf:89:5d:bc:8d:48:08:26:cf:15:73:
eb:64:36:ac:98:b4:10:fd:05:c7:c3:81:2f:46:7c:
5b:9a:7d:bd:af:c9:98:e3:e6:ef:8f:9c:90:63:75:
c9:11:0e:01:c5:df:bc:8d:33:a5:4b:d3:ab:e8:71:
94:2f:32:47:3a:09:53:02:e8:78:90:7a:17:69:4a:
e0:bc:29:ae:2e:fb:17:02:80:e1:1f:ff:08:1c:cc:
a1:b5:f0:7e:5d:7b:8d:0f:1f:de:af:9a:87:d7:96:
72:79:83:73:18:fd:d0:74:9b:51:66:18:69:21:3e:
8d:26:3c:72:b9:37:0e:ed:75:7a:8e:3b:09:f5:98:
5e:1f:43:5f:32:1d:5e:fb:5f:a0:44:74:28:6e:23:
d7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:80:B5:2D:1F:10:90:5F:E5:23:55:6D:88:6F:05:0D:25:EA:8F:C6
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/24C1LR8QkF_lI1VtiG8FDSXqj8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0-85.133.152.255
85.133.154.0-85.133.159.255
85.133.164.0-85.133.192.255
85.133.208.0-85.133.213.255
85.133.220.0/24
85.133.222.0/23
85.133.225.0-85.133.227.255
85.133.229.0-85.133.232.255
85.133.235.0/24
85.133.239.0/24
85.133.244.0/23
85.133.248.0/24
85.133.251.0-85.133.252.255
85.133.254.0/23
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
3b:4f:7d:14:ab:c1:03:5f:fe:dc:49:16:3b:87:45:0d:f6:e8:
ea:23:90:92:89:4f:9e:c0:81:7d:a9:d8:74:0d:07:35:63:2f:
b5:67:a0:6e:db:72:0f:ab:be:0a:34:a1:1d:d5:31:1e:8e:34:
0d:1b:74:28:80:f3:e4:39:40:6c:8b:a4:74:c3:ed:c5:f7:62:
10:dc:bf:21:8c:24:a6:c9:09:d0:26:87:3e:3c:e7:a7:c4:a2:
20:65:c9:d5:09:a1:54:50:e5:34:36:85:4c:ab:2a:27:ad:ed:
e2:cc:6a:ca:56:61:fd:04:15:8a:1e:bb:bc:23:cb:e8:da:15:
ed:c0:59:1e:2a:ae:e6:37:9c:6b:13:36:c4:86:ce:9d:b3:85:
c0:6e:95:8c:55:4d:63:18:90:16:7e:92:a7:bf:a7:12:b3:18:
c2:c9:0d:7e:fc:70:f8:20:5a:16:86:43:95:b7:bf:8d:b8:9b:
54:c6:b3:9b:0f:dc:5d:43:c3:c6:c3:2f:d9:06:03:a3:1e:30:
a0:1a:0f:50:c4:e0:be:7f:f5:21:dc:cd:a3:ca:97:e7:10:9e:
49:15:41:c5:90:2d:ad:de:58:29:a0:85:2a:67:ef:7c:f8:04:
a8:af:09:9c:02:0c:b0:f6:17:99:1b:1e:e1:63:90:e4:bb:c3:
46:8b:ab:76
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAZc0pP+Ie6syLRkcYpWUGRSjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwNjAzMDcxNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjgwYjUyZDFmMTA5MDVmZTUyMzU1NmQ4ODZmMDUwZDI1ZWE4ZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/zpVcgdGBGayRg3aSARbOmWLgVB
qJFFGrtpUwsVrTyHOwJeUHAJcrr7HgxJAN2JgDB7ss7fvxAEUecXkVZWja6kA9JU
mAvnHtiPBGHk5LjhekIOVkq73MNSjm70Pp/PTHTLeZ/jPCdSibyzv4ldvI1ICCbP
FXPrZDasmLQQ/QXHw4EvRnxbmn29r8mY4+bvj5yQY3XJEQ4Bxd+8jTOlS9Or6HGU
LzJHOglTAuh4kHoXaUrgvCmuLvsXAoDhH/8IHMyhtfB+XXuNDx/er5qH15ZyeYNz
GP3QdJtRZhhpIT6NJjxyuTcO7XV6jjsJ9ZheH0NfMh1e+1+gRHQobiPX7QIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFNuAtS0fEJBf5SNVbYhvBQ0l6o/GMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvMjRDMUxSOFFrRl9sSTFWdGlHOEZEU1hxajhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTCBkwQCAAEwgYwwDAME
B1WFgAMEAFWFmDAMAwQBVYWaAwQFVYWAMAwDBAJVhaQDBABVhcAwDAMEBFWF0AME
AVWF1AMEAFWF3AMEAVWF3jAMAwQAVYXhAwQCVYXgMAwDBABVheUDBABVhegDBABV
hesDBABVhe8DBAFVhfQDBABVhfgwDAMEAFWF+wMEAFWF/AMEAVWF/jANBAIAAjAH
AwUDKgSHwDANBgkqhkiG9w0BAQsFAAOCAQEAO099FKvBA1/+3EkWO4dFDfbo6iOQ
kolPnsCBfanYdA0HNWMvtWegbttyD6u+CjShHdUxHo40DRt0KIDz5DlAbIukdMPt
xfdiENy/IYwkpskJ0CaHPjznp8SiIGXJ1QmhVFDlNDaFTKsqJ63t4sxqylZh/QQV
ih67vCPL6NoV7cBZHiqu5jecaxM2xIbOnbOFwG6VjFVNYxiQFn6Sp7+nErMYwskN
fvxw+CBaFoZDlbe/jbibVMazmw/cXUPDxsMv2QYDox4woBoPUMTgvn/1IdzNo8qX
5xCeSRVBxZAtrd5YKaCFKmfvfPgEqK8JnAIMsPYXmRse4WOQ5LvDRourdg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 21:16:04 2025 by rpki-client