Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/sZxr_4QIIsAQCkMHu0XpQ3LPPr0.roa
File: sZxr_4QIIsAQCkMHu0XpQ3LPPr0.roa (raw, json)
Hash identifier: NL/mQ50DvQ5wvjl12m4hC6OmcXw1BX708mtLuBwAy+k=
Subject key identifier: B1:9C:6B:FF:84:08:22:C0:10:0A:43:07:BB:45:E9:43:72:CF:3E:BD
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0196C3E7CD39DEF1C5ED0AC710A1709E0FF0
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/sZxr_4QIIsAQCkMHu0XpQ3LPPr0.roa
Signing time: Mon 12 May 2025 09:51:10 +0000
ROA not before: Mon 12 May 2025 09:51:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.151.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.167.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.168.0/24 maxlen: 24
85.133.169.0/24 maxlen: 24
85.133.170.0/24 maxlen: 24
85.133.171.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.173.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.175.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.176.0/24 maxlen: 24
85.133.177.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.180.0/24 maxlen: 24
85.133.181.0/24 maxlen: 24
85.133.182.0/24 maxlen: 24
85.133.183.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.184.0/24 maxlen: 24
85.133.185.0/24 maxlen: 24
85.133.186.0/24 maxlen: 24
85.133.187.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.188.0/24 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.190.0/24 maxlen: 24
85.133.191.0/24 maxlen: 24
85.133.192.0/24 maxlen: 24
85.133.194.0/24 maxlen: 24
85.133.208.0/23 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.214.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.234.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/24 maxlen: 24
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 20 May 2025 06:38:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c3:e7:cd:39:de:f1:c5:ed:0a:c7:10:a1:70:9e:0f:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: May 12 09:51:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b19c6bff840822c0100a4307bb45e94372cf3ebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:16:87:5f:2e:68:44:9c:2e:e7:0f:75:38:72:
a6:14:84:02:6c:ed:0c:69:77:1a:d8:85:b9:59:0f:
8e:10:48:c2:4c:a9:7b:31:77:ff:12:22:ea:b1:db:
d4:48:d2:c4:7a:62:17:ca:21:cb:89:bd:99:f8:c4:
7d:6e:b7:77:62:6f:30:82:d3:fa:1f:99:b4:4c:aa:
74:68:fd:5e:48:22:77:81:91:4b:28:bc:97:48:9b:
ef:e4:8e:ee:76:4f:27:14:e0:07:58:59:bc:ce:8e:
b6:d4:53:6f:16:22:f4:3d:96:f2:5a:6b:46:26:98:
35:f7:bc:1f:a9:16:0c:22:4e:dc:0f:65:e2:f5:89:
85:35:04:fe:13:19:e9:ed:cf:90:e2:8b:6b:5b:a7:
49:50:3f:fa:ae:ce:72:3a:3c:f6:80:a8:3a:9d:eb:
09:42:a1:09:a1:28:51:0a:3c:6a:d8:93:8b:37:04:
4b:75:d0:89:f0:6e:bf:a4:95:1e:1f:03:c4:10:6a:
e4:95:c8:7b:a3:45:03:a3:a2:9e:bc:56:ac:40:b0:
e1:f5:60:42:eb:42:8c:0f:06:39:4c:a8:5b:c7:6c:
d4:3f:3b:ff:65:0d:69:90:82:7b:7c:bb:ae:33:c7:
1a:e6:89:7c:28:49:87:44:ab:98:73:16:47:b3:0d:
f3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:9C:6B:FF:84:08:22:C0:10:0A:43:07:BB:45:E9:43:72:CF:3E:BD
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/sZxr_4QIIsAQCkMHu0XpQ3LPPr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/19
85.133.164.0-85.133.192.255
85.133.194.0/24
85.133.208.0-85.133.214.255
85.133.220.0/24
85.133.222.0/23
85.133.225.0-85.133.232.255
85.133.234.0/23
85.133.239.0/24
85.133.244.0/23
85.133.251.0-85.133.252.255
85.133.254.0/23
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
86:dd:fe:a6:ce:e4:4e:42:cf:ce:0b:37:3d:c4:2d:6e:82:d6:
94:6d:75:0f:b1:e6:85:96:c7:be:58:f0:44:c5:06:1c:22:5f:
4a:81:d7:fb:3a:80:c8:28:ba:52:09:44:97:ba:22:af:93:d7:
19:a3:18:ac:2f:4f:2b:77:99:59:b8:f7:e3:81:63:62:ae:2c:
99:dd:32:d1:4e:0f:80:22:63:ce:47:a5:19:c2:15:11:ad:19:
40:7d:b2:53:f3:8d:d7:3d:85:e0:0b:a8:d0:b0:cb:2a:cd:19:
cc:7e:a8:78:50:85:e0:17:b5:23:4b:da:05:5d:93:e5:13:b5:
8a:92:c7:7c:f6:54:b3:a3:4a:03:91:11:4e:f0:6e:4d:a7:f9:
df:b4:c8:bb:a8:44:bb:05:89:f8:f4:3d:a6:d4:de:59:fd:4b:
90:53:b8:fc:15:33:b8:13:b4:0e:db:2a:d8:d4:cd:b8:1a:13:
01:1f:92:6e:85:89:2d:5c:f0:06:74:59:4f:e3:9a:d2:48:76:
82:cd:6c:2b:b8:4a:90:c1:02:a6:af:dd:51:38:d4:30:70:24:
64:42:5a:64:cc:ac:c8:99:ee:39:2f:e5:50:70:1c:0a:b6:96:
ca:1c:63:cc:e1:89:86:4c:3b:02:90:2b:c0:63:8c:dc:a5:31:
44:02:2a:54
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAZbD58053vHF7QrHEKFwng/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwNTEyMDk1MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTljNmJmZjg0MDgyMmMwMTAwYTQzMDdiYjQ1ZTk0MzcyY2YzZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBaHXy5oRJwu5w91OHKmFIQCbO0M
aXca2IW5WQ+OEEjCTKl7MXf/EiLqsdvUSNLEemIXyiHLib2Z+MR9brd3Ym8wgtP6
H5m0TKp0aP1eSCJ3gZFLKLyXSJvv5I7udk8nFOAHWFm8zo621FNvFiL0PZbyWmtG
Jpg197wfqRYMIk7cD2Xi9YmFNQT+Exnp7c+Q4otrW6dJUD/6rs5yOjz2gKg6nesJ
QqEJoShRCjxq2JOLNwRLddCJ8G6/pJUeHwPEEGrklch7o0UDo6KevFasQLDh9WBC
60KMDwY5TKhbx2zUPzv/ZQ1pkIJ7fLuuM8ca5ol8KEmHRKuYcxZHsw3znwIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFLGca/+ECCLAEApDB7tF6UNyzz69MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvc1p4cl80UUlJc0FRQ2tNSHUwWHBRM0xQUHIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MG4EAgABMGgDBAVVhYAw
DAMEAlWFpAMEAFWFwAMEAFWFwjAMAwQEVYXQAwQAVYXWAwQAVYXcAwQBVYXeMAwD
BABVheEDBABVhegDBAFVheoDBABVhe8DBAFVhfQwDAMEAFWF+wMEAFWF/AMEAVWF
/jANBAIAAjAHAwUDKgSHwDANBgkqhkiG9w0BAQsFAAOCAQEAht3+ps7kTkLPzgs3
PcQtboLWlG11D7HmhZbHvljwRMUGHCJfSoHX+zqAyCi6UglEl7oir5PXGaMYrC9P
K3eZWbj344FjYq4smd0y0U4PgCJjzkelGcIVEa0ZQH2yU/ON1z2F4Auo0LDLKs0Z
zH6oeFCF4Be1I0vaBV2T5RO1ipLHfPZUs6NKA5ERTvBuTaf537TIu6hEuwWJ+PQ9
ptTeWf1LkFO4/BUzuBO0Dtsq2NTNuBoTAR+SboWJLVzwBnRZT+Oa0kh2gs1sK7hK
kMECpq/dUTjUMHAkZEJaZMysyJnuOS/lUHAcCraWyhxjzOGJhkw7ApArwGOM3KUx
RAIqVA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:20:15 2025 by rpki-client