Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/2ks4vWC_I-xnGfxJ-6RF41-eH1E.roa
File: 2ks4vWC_I-xnGfxJ-6RF41-eH1E.roa (raw, json)
Hash identifier: KiFgKDNEqJir55rhI31MnReydc1L8P//SLXlD55UDtM=
Subject key identifier: DA:4B:38:BD:60:BF:23:EC:67:19:FC:49:FB:A4:45:E3:5F:9E:1F:51
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0197400BB4734F4CD19ACFEE095F7CD4E7EB
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/2ks4vWC_I-xnGfxJ-6RF41-eH1E.roa
Signing time: Thu 05 Jun 2025 12:23:18 +0000
ROA not before: Thu 05 Jun 2025 12:23:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.151.0/24 maxlen: 24
85.133.152.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.167.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.168.0/24 maxlen: 24
85.133.169.0/24 maxlen: 24
85.133.170.0/24 maxlen: 24
85.133.171.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.173.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.175.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.176.0/24 maxlen: 24
85.133.177.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.180.0/24 maxlen: 24
85.133.181.0/24 maxlen: 24
85.133.182.0/24 maxlen: 24
85.133.183.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.184.0/24 maxlen: 24
85.133.185.0/24 maxlen: 24
85.133.186.0/24 maxlen: 24
85.133.187.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.188.0/24 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.190.0/24 maxlen: 24
85.133.191.0/24 maxlen: 24
85.133.192.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/24 maxlen: 24
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 07 Jun 2025 09:32:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:40:0b:b4:73:4f:4c:d1:9a:cf:ee:09:5f:7c:d4:e7:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jun 5 12:23:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da4b38bd60bf23ec6719fc49fba445e35f9e1f51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7e:b6:f7:a8:5e:63:05:d6:94:cf:21:32:af:
5a:61:e5:b0:8d:83:f2:15:16:aa:07:fb:25:05:7a:
86:54:73:7c:81:5c:3f:02:b0:99:7e:bf:b0:64:b4:
fd:1e:1b:a5:d7:b4:e9:54:23:a4:37:46:35:e7:64:
cd:d8:39:3c:4f:ff:7d:47:87:82:7c:40:d4:08:59:
2b:04:4e:dc:47:7d:99:f7:1f:50:03:8a:4c:63:ec:
cb:6a:fe:f6:47:fd:fc:72:2d:ae:81:2c:17:91:89:
2e:34:f5:38:b7:2f:80:d7:d7:8e:7b:a8:91:12:30:
fa:d6:47:3c:94:d2:fb:93:bc:d2:95:0d:62:e8:3c:
d3:e3:83:86:1b:98:71:dc:0a:65:76:9a:5b:d1:bc:
35:45:f9:1a:e8:e3:48:98:f4:fe:0b:eb:e7:1c:c1:
32:73:37:8a:ec:37:ad:fd:e0:11:05:20:a6:48:1a:
2c:e1:67:b6:e2:8e:41:fd:18:98:ef:5b:e7:e8:d6:
28:45:06:33:82:2f:15:a8:58:c4:33:d5:55:17:3a:
f2:4f:72:2d:c5:30:dc:d8:b3:0c:86:35:85:a1:ce:
9e:84:f3:4f:f7:04:35:e8:88:fe:ab:67:f2:26:8f:
e9:fa:65:32:14:fa:c8:1d:52:5d:7a:46:92:a6:65:
37:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:4B:38:BD:60:BF:23:EC:67:19:FC:49:FB:A4:45:E3:5F:9E:1F:51
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/2ks4vWC_I-xnGfxJ-6RF41-eH1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0-85.133.152.255
85.133.154.0-85.133.159.255
85.133.164.0-85.133.192.255
85.133.209.0-85.133.213.255
85.133.220.0/24
85.133.222.0/23
85.133.226.0/24
85.133.229.0-85.133.232.255
85.133.235.0/24
85.133.239.0/24
85.133.244.0/23
85.133.251.0-85.133.252.255
85.133.254.0/23
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
5d:74:6a:ab:04:9d:3e:1d:92:09:4d:cb:72:3c:82:77:ee:05:
86:ab:d5:49:1c:98:3b:d1:46:b2:0b:75:14:93:51:c9:36:0c:
23:3c:4a:de:41:dd:ec:29:7a:eb:4f:7f:ec:f8:9b:f3:68:d4:
84:7e:90:8f:98:b9:7c:cd:be:da:bc:f9:ab:3b:86:d7:aa:9b:
fa:99:e4:19:86:77:a8:2e:9b:a8:7a:40:d1:b3:c8:62:49:2e:
01:ca:42:3c:d1:ad:11:3e:43:4b:14:6f:db:27:8c:4f:a5:fd:
eb:af:eb:a3:42:78:be:91:ae:79:2f:a8:d6:38:0c:a4:18:07:
91:f4:d9:96:72:75:07:16:2a:74:7d:bb:4d:e7:f0:10:14:53:
12:6e:14:86:01:c1:9d:dc:22:17:42:35:12:8d:b4:bd:b3:e1:
b4:19:d8:6b:89:8c:b1:d3:a6:3f:67:d1:b9:7d:6d:96:25:0a:
fe:00:5c:9f:67:b9:7f:60:83:cc:95:06:06:0a:bc:48:45:54:
2e:97:5f:49:10:76:d0:22:99:64:b7:5e:fa:0f:ce:94:08:e8:
e5:7a:9b:da:1c:a5:84:5e:fa:1a:bc:8b:3e:1a:1e:8e:28:04:
04:35:b8:0f:52:d0:0c:31:ae:61:f9:c1:85:49:e6:1b:fc:09:
62:76:80:93
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZdAC7RzT0zRms/uCV981OfrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwNjA1MTIyMzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTRiMzhiZDYwYmYyM2VjNjcxOWZjNDlmYmE0NDVlMzVmOWUxZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH6296heYwXWlM8hMq9aYeWwjYPy
FRaqB/slBXqGVHN8gVw/ArCZfr+wZLT9Hhul17TpVCOkN0Y152TN2Dk8T/99R4eC
fEDUCFkrBE7cR32Z9x9QA4pMY+zLav72R/38ci2ugSwXkYkuNPU4ty+A19eOe6iR
EjD61kc8lNL7k7zSlQ1i6DzT44OGG5hx3Apldppb0bw1Rfka6ONImPT+C+vnHMEy
czeK7Det/eARBSCmSBos4We24o5B/RiY71vn6NYoRQYzgi8VqFjEM9VVFzryT3It
xTDc2LMMhjWFoc6ehPNP9wQ16Ij+q2fyJo/p+mUyFPrIHVJdekaSpmU3/wIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFNpLOL1gvyPsZxn8SfukReNfnh9RMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvMmtzNHZXQ19JLXhuR2Z4Si02UkY0MS1lSDFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBhAQCAAEwfjAMAwQH
VYWAAwQAVYWYMAwDBAFVhZoDBAVVhYAwDAMEAlWFpAMEAFWFwDAMAwQAVYXRAwQB
VYXUAwQAVYXcAwQBVYXeAwQAVYXiMAwDBABVheUDBABVhegDBABVhesDBABVhe8D
BAFVhfQwDAMEAFWF+wMEAFWF/AMEAVWF/jANBAIAAjAHAwUDKgSHwDANBgkqhkiG
9w0BAQsFAAOCAQEAXXRqqwSdPh2SCU3LcjyCd+4FhqvVSRyYO9FGsgt1FJNRyTYM
IzxK3kHd7Cl6609/7Pib82jUhH6Qj5i5fM2+2rz5qzuG16qb+pnkGYZ3qC6bqHpA
0bPIYkkuAcpCPNGtET5DSxRv2yeMT6X966/ro0J4vpGueS+o1jgMpBgHkfTZlnJ1
BxYqdH27TefwEBRTEm4UhgHBndwiF0I1Eo20vbPhtBnYa4mMsdOmP2fRuX1tliUK
/gBcn2e5f2CDzJUGBgq8SEVULpdfSRB20CKZZLde+g/OlAjo5Xqb2hylhF76GryL
PhoejigEBDW4D1LQDDGuYfnBhUnmG/wJYnaAkw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:38:04 2025 by rpki-client