Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/XPAeiG4peiGLOPVcNay-nWeNqv0.roa
File: XPAeiG4peiGLOPVcNay-nWeNqv0.roa (raw, json)
Hash identifier: y2hkSX+RROWDVj+lN72wBKWi3zZ2ITm+3CEdoLRhvkI=
Subject key identifier: 5C:F0:1E:88:6E:29:7A:21:8B:38:F5:5C:35:AC:BE:9D:67:8D:AA:FD
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0196EC6F7A4F5145DF2C154E9C3FE3C4C1C7
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/XPAeiG4peiGLOPVcNay-nWeNqv0.roa
Signing time: Tue 20 May 2025 06:44:10 +0000
ROA not before: Tue 20 May 2025 06:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211056
IP address blocks: 85.133.193.0/24 maxlen: 24
85.133.214.0/24 maxlen: 24
85.133.216.0/24 maxlen: 24
85.133.234.0/24 maxlen: 24
85.133.236.0/24 maxlen: 24
85.133.237.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Jun 2025 12:46:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ec:6f:7a:4f:51:45:df:2c:15:4e:9c:3f:e3:c4:c1:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: May 20 06:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cf01e886e297a218b38f55c35acbe9d678daafd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:05:5d:00:11:4d:f2:f8:96:c0:8e:b6:c2:e6:
cd:4f:4f:23:97:db:a6:4e:d4:bb:29:f7:24:c0:36:
f2:79:63:70:e5:7c:5f:94:62:34:b7:96:5f:81:ce:
51:07:ab:98:9b:b9:01:49:db:3a:e0:a0:23:a1:ea:
11:98:cc:2e:43:7d:3a:d7:b7:26:4c:76:b4:2f:49:
67:84:15:9b:69:9c:e5:a9:06:88:8d:b9:16:1f:3c:
6a:03:db:08:61:87:a2:eb:f9:e8:ab:cd:82:7b:d7:
8f:dc:79:e7:29:97:ac:b6:6b:8a:c0:fa:7e:49:61:
4e:0b:9c:36:68:26:5d:fa:5b:b4:d5:7e:94:5a:39:
0f:fb:0b:76:f4:cc:ca:03:5a:11:d2:3e:fd:6b:af:
8f:48:b4:97:e7:7e:b0:70:9e:e3:ad:e1:6a:bf:5b:
c7:4a:48:5a:c0:8b:50:52:39:27:2d:fb:b9:8d:ff:
f4:34:ca:11:cf:ad:ba:06:8e:4c:f3:a4:30:c2:ae:
00:89:2d:ce:6d:ff:30:50:ab:e4:a6:65:4b:a6:2d:
97:fe:90:a6:b4:35:08:49:9a:5b:5c:bc:30:8f:1e:
78:1b:2b:d4:8b:4f:93:9b:2c:13:86:4c:49:dc:d8:
14:64:51:41:96:b2:4d:f9:24:ee:82:26:c2:7e:3f:
cd:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F0:1E:88:6E:29:7A:21:8B:38:F5:5C:35:AC:BE:9D:67:8D:AA:FD
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/XPAeiG4peiGLOPVcNay-nWeNqv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.193.0/24
85.133.214.0/24
85.133.216.0/24
85.133.234.0/24
85.133.236.0-85.133.238.255
85.133.253.0/24
Signature Algorithm: sha256WithRSAEncryption
69:17:93:71:70:30:f4:25:2a:95:e7:b6:e5:ad:a6:5f:a0:0b:
e6:08:cf:52:5f:d0:73:a7:ed:b9:a3:f9:7e:f4:e1:fe:c4:fd:
9f:48:8f:74:e8:0e:e8:3c:70:3d:27:1c:f0:72:97:1b:9c:42:
aa:91:09:ab:ad:93:eb:a5:0f:81:9f:11:64:89:3c:76:d4:60:
c7:e0:d1:52:cd:8a:21:41:8b:18:27:2a:f5:df:f1:5a:ff:3f:
12:8b:41:82:03:6c:02:5f:90:94:58:5f:4f:60:92:cb:1e:3b:
cc:fe:72:46:b4:83:fa:0a:2a:6c:8d:35:ae:48:20:73:a6:3e:
08:60:65:2e:e6:86:54:e0:e9:7a:83:d0:c0:47:fe:dd:53:83:
70:67:23:26:bf:d0:72:4b:57:22:cf:9f:43:e8:b5:66:79:c7:
9a:be:56:e1:57:99:0a:e6:87:59:c9:32:34:2f:8b:21:69:67:
97:fe:b7:c2:c5:04:b5:b7:33:d9:cd:09:d4:9b:c9:6f:c8:d1:
65:bb:5a:7b:50:ee:fe:38:47:18:43:4d:66:1b:f8:03:83:b5:
ea:cb:c8:2e:05:d3:fe:02:3f:fe:67:bf:c3:59:5d:ce:96:f0:
55:be:1a:7f:5f:42:06:8a:05:4f:bb:1a:f8:16:05:34:ca:89:
22:f9:dd:98
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZbsb3pPUUXfLBVOnD/jxMHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwNTIwMDY0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2YwMWU4ODZlMjk3YTIxOGIzOGY1NWMzNWFjYmU5ZDY3OGRhYWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8wVdABFN8viWwI62wubNT08jl9um
TtS7KfckwDbyeWNw5XxflGI0t5Zfgc5RB6uYm7kBSds64KAjoeoRmMwuQ30617cm
THa0L0lnhBWbaZzlqQaIjbkWHzxqA9sIYYei6/noq82Ce9eP3HnnKZestmuKwPp+
SWFOC5w2aCZd+lu01X6UWjkP+wt29MzKA1oR0j79a6+PSLSX536wcJ7jreFqv1vH
SkhawItQUjknLfu5jf/0NMoRz626Bo5M86Qwwq4AiS3Obf8wUKvkpmVLpi2X/pCm
tDUISZpbXLwwjx54GyvUi0+TmywThkxJ3NgUZFFBlrJN+STugibCfj/NYwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFFzwHohuKXohizj1XDWsvp1njar9MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvWFBBZWlHNHBlaUdMT1BWY05heS1uV2VOcXYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAVYXBAwQA
VYXWAwQAVYXYAwQAVYXqMAwDBAJVhewDBABVhe4DBABVhf0wDQYJKoZIhvcNAQEL
BQADggEBAGkXk3FwMPQlKpXntuWtpl+gC+YIz1Jf0HOn7bmj+X704f7E/Z9Ij3To
Dug8cD0nHPBylxucQqqRCautk+ulD4GfEWSJPHbUYMfg0VLNiiFBixgnKvXf8Vr/
PxKLQYIDbAJfkJRYX09gksseO8z+cka0g/oKKmyNNa5IIHOmPghgZS7mhlTg6XqD
0MBH/t1Tg3BnIya/0HJLVyLPn0PotWZ5x5q+VuFXmQrmh1nJMjQviyFpZ5f+t8LF
BLW3M9nNCdSbyW/I0WW7WntQ7v44RxhDTWYb+AODterLyC4F0/4CP/5nv8NZXc6W
8FW+Gn9fQgaKBU+7GvgWBTTKiSL53Zg=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:50:01 2025 by rpki-client