Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/J5mibZoBtIeI12ykrp0FHXlYEAQ.roa
File: J5mibZoBtIeI12ykrp0FHXlYEAQ.roa (raw, json)
Hash identifier: Fu5xL47PYf5cICImCUlF65A1Mb2/TMRvCji7tNTYHa0=
Subject key identifier: 27:99:A2:6D:9A:01:B4:87:88:D7:6C:A4:AE:9D:05:1D:79:58:10:04
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 019551FC8B0DDD8CB9024A5137F2B9A6E42C
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/J5mibZoBtIeI12ykrp0FHXlYEAQ.roa
Signing time: Sat 01 Mar 2025 13:54:19 +0000
ROA not before: Sat 01 Mar 2025 13:54:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.151.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.167.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.168.0/24 maxlen: 24
85.133.169.0/24 maxlen: 24
85.133.170.0/24 maxlen: 24
85.133.171.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.173.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.175.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.176.0/24 maxlen: 24
85.133.177.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.180.0/24 maxlen: 24
85.133.181.0/24 maxlen: 24
85.133.182.0/24 maxlen: 24
85.133.183.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.184.0/24 maxlen: 24
85.133.185.0/24 maxlen: 24
85.133.186.0/24 maxlen: 24
85.133.187.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.188.0/24 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.190.0/24 maxlen: 24
85.133.191.0/24 maxlen: 24
85.133.192.0/24 maxlen: 24
85.133.193.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.214.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.234.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.248.0/24 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/24 maxlen: 24
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 17 Mar 2025 12:55:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:51:fc:8b:0d:dd:8c:b9:02:4a:51:37:f2:b9:a6:e4:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Mar 1 13:54:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2799a26d9a01b48788d76ca4ae9d051d79581004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:87:3c:3a:0f:b0:9d:84:e9:9b:18:1c:e0:95:
c4:57:02:10:b7:4d:e4:2c:21:a4:33:c3:a9:b9:6b:
85:e9:47:3a:e5:0e:cb:b5:cc:e1:7b:54:21:4f:07:
cc:d7:03:69:22:69:a1:56:a4:97:fe:9d:2c:b6:8a:
4d:55:4d:b0:ea:7c:98:62:47:86:aa:ef:e8:58:b4:
be:fd:fe:d1:ff:38:c3:47:ba:97:21:81:61:6b:af:
2e:09:ea:76:ce:2f:1b:dd:61:84:58:0d:93:dd:39:
a8:c1:6c:a8:49:22:2a:47:a6:49:c1:06:2e:02:ea:
07:08:46:07:b0:94:f6:96:9a:01:5a:e0:f7:69:5a:
b8:34:df:29:0a:ac:a0:7f:da:db:75:98:e0:04:14:
ef:0c:73:88:b7:22:5c:66:cd:12:8c:ba:44:88:0d:
a3:53:7f:42:04:3c:4f:1a:f1:e1:f5:c2:d8:20:f8:
08:21:59:09:04:2f:13:3d:18:f7:a0:67:9d:12:0e:
37:64:6f:a7:85:3c:03:88:24:70:89:90:50:ae:9d:
48:36:de:07:57:4e:42:f0:28:80:6c:2e:80:d3:4b:
8f:ab:38:17:42:fe:c5:87:47:cc:0f:c0:38:60:fc:
88:c4:02:a0:65:b9:70:5d:7f:cd:2d:d4:ac:40:3c:
8b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:99:A2:6D:9A:01:B4:87:88:D7:6C:A4:AE:9D:05:1D:79:58:10:04
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/J5mibZoBtIeI12ykrp0FHXlYEAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/19
85.133.164.0-85.133.193.255
85.133.208.0-85.133.214.255
85.133.220.0/24
85.133.222.0/23
85.133.225.0-85.133.232.255
85.133.234.0/23
85.133.239.0/24
85.133.244.0-85.133.249.255
85.133.251.0-85.133.252.255
85.133.254.0/23
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
23:c2:12:3c:79:27:d4:33:d0:2e:8c:04:64:1b:e2:62:c0:fa:
8c:ed:89:32:7f:63:1d:43:85:b9:83:07:65:f8:35:b0:85:9b:
37:12:a0:9a:cf:16:48:a8:88:1d:86:3f:3b:07:32:2f:03:3f:
f2:db:6c:55:35:a6:2f:01:e2:32:1f:12:40:14:c6:8d:73:af:
90:d1:c6:55:1e:03:bb:2f:42:87:ef:1d:a5:1e:06:32:87:5d:
0f:32:09:b6:4a:46:a8:6d:ce:3d:37:99:87:9a:dc:c4:76:24:
7d:f6:61:7e:fc:bb:cc:f2:05:b8:05:6f:a4:f3:4b:01:90:64:
97:5e:d1:0e:06:e5:1a:1a:a4:66:ad:f2:d4:06:16:e1:31:70:
5a:75:84:3f:69:78:19:bf:eb:4a:88:40:25:c0:8b:65:ec:37:
ff:70:4d:7a:c9:3c:3c:62:c4:2d:01:0c:bb:f8:09:0a:4b:bf:
3f:e1:d6:31:97:a0:4e:26:95:c2:dd:32:8f:e4:0e:b2:da:c1:
e2:19:55:a0:a0:44:71:f8:3c:0a:5f:54:b8:90:bd:dc:e2:a3:
70:b1:36:e0:44:e7:40:95:bd:ef:56:66:30:90:28:f7:91:00:
97:19:9a:c1:46:af:89:d5:ed:c5:d4:4a:26:bb:8c:f2:a0:ac:
84:27:2a:cb
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZVR/IsN3Yy5AkpRN/K5puQsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwMzAxMTM1NDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzk5YTI2ZDlhMDFiNDg3ODhkNzZjYTRhZTlkMDUxZDc5NTgxMDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYc8Og+wnYTpmxgc4JXEVwIQt03k
LCGkM8OpuWuF6Uc65Q7Ltczhe1QhTwfM1wNpImmhVqSX/p0stopNVU2w6nyYYkeG
qu/oWLS+/f7R/zjDR7qXIYFha68uCep2zi8b3WGEWA2T3TmowWyoSSIqR6ZJwQYu
AuoHCEYHsJT2lpoBWuD3aVq4NN8pCqygf9rbdZjgBBTvDHOItyJcZs0SjLpEiA2j
U39CBDxPGvHh9cLYIPgIIVkJBC8TPRj3oGedEg43ZG+nhTwDiCRwiZBQrp1INt4H
V05C8CiAbC6A00uPqzgXQv7Fh0fMD8A4YPyIxAKgZblwXX/NLdSsQDyLkwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFCeZom2aAbSHiNdspK6dBR15WBAEMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvSjVtaWJab0J0SWVJMTJ5a3JwMEZIWGxZRUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBwBAIAATBqAwQFVYWA
MAwDBAJVhaQDBAFVhcAwDAMEBFWF0AMEAFWF1gMEAFWF3AMEAVWF3jAMAwQAVYXh
AwQAVYXoAwQBVYXqAwQAVYXvMAwDBAJVhfQDBAFVhfgwDAMEAFWF+wMEAFWF/AME
AVWF/jANBAIAAjAHAwUDKgSHwDANBgkqhkiG9w0BAQsFAAOCAQEAI8ISPHkn1DPQ
LowEZBviYsD6jO2JMn9jHUOFuYMHZfg1sIWbNxKgms8WSKiIHYY/OwcyLwM/8tts
VTWmLwHiMh8SQBTGjXOvkNHGVR4Duy9Ch+8dpR4GModdDzIJtkpGqG3OPTeZh5rc
xHYkffZhfvy7zPIFuAVvpPNLAZBkl17RDgblGhqkZq3y1AYW4TFwWnWEP2l4Gb/r
SohAJcCLZew3/3BNesk8PGLELQEMu/gJCku/P+HWMZegTiaVwt0yj+QOstrB4hlV
oKBEcfg8Cl9UuJC93OKjcLE24ETnQJW971ZmMJAo95EAlxmawUavidXtxdRKJruM
8qCshCcqyw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:57:51 2025 by rpki-client