Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/DKh_70IOUVU8YJgcTNV3db5sO3E.roa
File: DKh_70IOUVU8YJgcTNV3db5sO3E.roa (raw, json)
Hash identifier: iGtTVcdSKzAbLccYNEoietbze4DPeJN6rWIvEdo06Uo=
Subject key identifier: 0C:A8:7F:EF:42:0E:51:55:3C:60:98:1C:4C:D5:77:75:BE:6C:3B:71
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0196ED45B43C4AD04858510AE131EDD347C0
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/DKh_70IOUVU8YJgcTNV3db5sO3E.roa
Signing time: Tue 20 May 2025 10:38:10 +0000
ROA not before: Tue 20 May 2025 10:38:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.151.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.167.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.168.0/24 maxlen: 24
85.133.169.0/24 maxlen: 24
85.133.170.0/24 maxlen: 24
85.133.171.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.173.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.175.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.176.0/24 maxlen: 24
85.133.177.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.180.0/24 maxlen: 24
85.133.181.0/24 maxlen: 24
85.133.182.0/24 maxlen: 24
85.133.183.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.184.0/24 maxlen: 24
85.133.185.0/24 maxlen: 24
85.133.186.0/24 maxlen: 24
85.133.187.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.188.0/24 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.190.0/24 maxlen: 24
85.133.191.0/24 maxlen: 24
85.133.192.0/24 maxlen: 24
85.133.208.0/23 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/24 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/24 maxlen: 24
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 25 May 2025 12:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ed:45:b4:3c:4a:d0:48:58:51:0a:e1:31:ed:d3:47:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: May 20 10:38:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ca87fef420e51553c60981c4cd57775be6c3b71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:42:94:cb:dd:65:4e:05:9f:58:22:7b:cc:5a:
39:97:6c:f8:d1:d0:14:b5:06:e6:18:c4:a6:26:09:
a0:e4:c0:fe:3b:e6:ae:64:9d:5e:1d:f3:f2:23:07:
57:cf:90:ea:1a:93:22:bb:f3:2b:5f:e3:15:60:fe:
87:64:72:27:e7:bd:d2:bd:ca:4b:8c:b8:0d:61:2c:
62:9e:4e:a9:72:b0:5a:9d:4b:d7:fb:87:de:18:1c:
2b:ce:9c:e6:aa:77:6a:40:fd:83:a1:6f:e5:99:3b:
07:76:9e:d1:c3:34:e4:0e:5e:be:fc:f7:e8:1c:a5:
f9:4f:79:70:cf:65:5e:d5:f5:0e:78:c1:99:d8:e7:
40:5f:9f:6c:3b:45:a3:4d:f5:bd:31:f1:cb:85:ec:
9c:cf:ad:95:8a:ae:13:9d:10:cb:3e:8e:43:b4:35:
02:a8:ad:93:ba:03:11:35:c6:f6:0e:73:b3:d1:bb:
50:81:e7:05:bd:f8:f4:32:42:75:3c:1f:aa:05:bb:
3a:66:c0:91:bd:a5:91:86:4c:7b:96:f4:a5:4e:2b:
5a:bf:4d:73:de:b5:78:9a:dc:7f:80:8c:71:b2:18:
dc:68:c1:1c:05:38:a7:c5:5d:69:48:79:73:de:5b:
9e:41:df:87:e7:da:07:dc:99:4c:17:55:58:3e:44:
4f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A8:7F:EF:42:0E:51:55:3C:60:98:1C:4C:D5:77:75:BE:6C:3B:71
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/DKh_70IOUVU8YJgcTNV3db5sO3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/19
85.133.164.0-85.133.192.255
85.133.208.0-85.133.213.255
85.133.220.0/24
85.133.222.0/23
85.133.225.0-85.133.232.255
85.133.235.0/24
85.133.239.0/24
85.133.244.0-85.133.249.255
85.133.251.0-85.133.252.255
85.133.254.0/23
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
ae:47:7f:77:cb:7d:e8:a9:2d:a3:65:09:17:04:cc:5a:bc:41:
0c:03:2c:59:2d:b7:37:a3:81:d4:76:e4:43:75:60:c9:c3:63:
39:c6:35:f8:3d:d3:3c:5f:bd:17:e0:29:1b:8b:4d:f3:32:64:
50:e6:d5:50:2a:12:e7:13:d4:ac:3f:2a:23:ce:20:52:a3:64:
68:41:5f:b7:24:f2:3c:6a:b3:40:bd:67:a0:11:32:aa:46:be:
22:2f:7e:0d:36:bc:c7:2d:c2:72:d9:aa:71:69:49:f0:66:3f:
d8:59:29:eb:bd:af:66:5b:69:0c:a5:23:0f:2a:90:ff:79:c6:
de:2b:61:f8:38:17:27:5c:f3:62:4c:87:b1:9f:28:53:37:6f:
02:b1:71:2b:a3:1f:98:a4:ce:7c:82:ee:c7:b0:6c:d5:0e:fa:
38:45:ce:a0:22:07:5c:d0:8f:bd:97:47:6e:47:fb:87:4e:cc:
70:41:14:13:15:28:5b:bf:70:5a:96:7b:37:50:44:39:80:99:
28:ae:fd:6f:2e:8d:7a:20:f7:76:af:37:c3:07:ff:9b:12:6a:
0f:87:c4:ef:98:b4:1d:db:42:af:47:25:0e:44:13:32:de:99:
f3:8d:3d:6a:ea:06:cf:b4:3b:c8:2d:5d:c3:44:fe:e8:cf:ec:
d1:f3:64:87
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZbtRbQ8StBIWFEK4THt00fAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwNTIwMTAzODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2E4N2ZlZjQyMGU1MTU1M2M2MDk4MWM0Y2Q1Nzc3NWJlNmMzYjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEKUy91lTgWfWCJ7zFo5l2z40dAU
tQbmGMSmJgmg5MD+O+auZJ1eHfPyIwdXz5DqGpMiu/MrX+MVYP6HZHIn573SvcpL
jLgNYSxink6pcrBanUvX+4feGBwrzpzmqndqQP2DoW/lmTsHdp7RwzTkDl6+/Pfo
HKX5T3lwz2Ve1fUOeMGZ2OdAX59sO0WjTfW9MfHLheycz62Viq4TnRDLPo5DtDUC
qK2TugMRNcb2DnOz0btQgecFvfj0MkJ1PB+qBbs6ZsCRvaWRhkx7lvSlTitav01z
3rV4mtx/gIxxshjcaMEcBTinxV1pSHlz3lueQd+H59oH3JlMF1VYPkRPSwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFAyof+9CDlFVPGCYHEzVd3W+bDtxMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvREtoXzcwSU9VVlU4WUpnY1ROVjNkYjVzTzNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBwBAIAATBqAwQFVYWA
MAwDBAJVhaQDBABVhcAwDAMEBFWF0AMEAVWF1AMEAFWF3AMEAVWF3jAMAwQAVYXh
AwQAVYXoAwQAVYXrAwQAVYXvMAwDBAJVhfQDBAFVhfgwDAMEAFWF+wMEAFWF/AME
AVWF/jANBAIAAjAHAwUDKgSHwDANBgkqhkiG9w0BAQsFAAOCAQEArkd/d8t96Kkt
o2UJFwTMWrxBDAMsWS23N6OB1HbkQ3VgycNjOcY1+D3TPF+9F+ApG4tN8zJkUObV
UCoS5xPUrD8qI84gUqNkaEFftyTyPGqzQL1noBEyqka+Ii9+DTa8xy3CctmqcWlJ
8GY/2Fkp672vZltpDKUjDyqQ/3nG3ith+DgXJ1zzYkyHsZ8oUzdvArFxK6MfmKTO
fILux7Bs1Q76OEXOoCIHXNCPvZdHbkf7h07McEEUExUoW79wWpZ7N1BEOYCZKK79
by6NeiD3dq83wwf/mxJqD4fE75i0HdtCr0clDkQTMt6Z8409auoGz7Q7yC1dw0T+
6M/s0fNkhw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:54:52 2025 by rpki-client