Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/v4rkvmFyLKYxgRbzEfxDJCe2ebg.roa
File: v4rkvmFyLKYxgRbzEfxDJCe2ebg.roa (raw, json)
Hash identifier: JWLV08hPwN3VvHmujPVhanlLm4Kw+Mr9WQP9L0uIg98=
Subject key identifier: BF:8A:E4:BE:61:72:2C:A6:31:81:16:F3:11:FC:43:24:27:B6:79:B8
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01970D1CCC9C5E7474DE829AC6FB94B3B226
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/v4rkvmFyLKYxgRbzEfxDJCe2ebg.roa
Signing time: Mon 26 May 2025 15:01:20 +0000
ROA not before: Mon 26 May 2025 15:01:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.151.0/24 maxlen: 24
85.133.152.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.167.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.168.0/24 maxlen: 24
85.133.169.0/24 maxlen: 24
85.133.170.0/24 maxlen: 24
85.133.171.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.173.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.175.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.176.0/24 maxlen: 24
85.133.177.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.180.0/24 maxlen: 24
85.133.181.0/24 maxlen: 24
85.133.182.0/24 maxlen: 24
85.133.183.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.184.0/24 maxlen: 24
85.133.185.0/24 maxlen: 24
85.133.186.0/24 maxlen: 24
85.133.187.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.188.0/24 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.190.0/24 maxlen: 24
85.133.191.0/24 maxlen: 24
85.133.192.0/24 maxlen: 24
85.133.208.0/23 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/24 maxlen: 24
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 01 Jun 2025 12:13:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0d:1c:cc:9c:5e:74:74:de:82:9a:c6:fb:94:b3:b2:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: May 26 15:01:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf8ae4be61722ca6318116f311fc432427b679b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2e:d5:06:ba:e7:5e:c7:7d:bb:73:33:8e:07:
7f:b8:5f:14:96:58:a2:17:d9:ae:e9:73:ff:05:50:
58:d2:be:32:07:9d:42:12:4b:6d:5d:cd:e4:28:3d:
80:3d:bb:5c:79:52:bb:c7:6f:8a:13:bf:ac:f6:c2:
15:64:2c:f0:e4:60:53:9a:4f:9a:f5:7e:6b:67:27:
76:96:af:ce:17:67:54:ff:0f:e0:bf:64:e8:e1:44:
36:65:ae:0f:9d:9a:59:9a:17:79:98:00:3d:08:f5:
75:b3:9d:a2:4c:9a:c8:a5:58:dc:01:0e:3f:31:5c:
64:9b:42:b8:8d:17:d5:bf:05:7e:2c:e4:72:d8:84:
1c:f3:32:06:7d:c5:c3:1b:d5:f0:af:95:7e:27:2a:
c5:71:0d:8b:a1:2f:1d:6c:e6:c9:02:00:33:86:33:
dd:11:95:d2:80:57:8f:c7:e9:ab:73:4f:4b:93:f9:
08:49:e7:18:1a:82:93:d5:df:2b:ae:f7:48:3d:03:
b8:0d:aa:b5:51:0d:1e:2e:77:af:e3:bb:b1:5c:7f:
d6:53:d6:5c:71:bd:c3:d8:51:bd:0e:e7:9c:d4:7d:
7a:67:52:cc:86:e2:90:88:ba:1c:cc:48:cd:7a:a0:
bb:fd:9b:98:f1:5e:32:fe:62:fe:2f:df:8d:a6:ad:
43:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:8A:E4:BE:61:72:2C:A6:31:81:16:F3:11:FC:43:24:27:B6:79:B8
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/v4rkvmFyLKYxgRbzEfxDJCe2ebg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0-85.133.152.255
85.133.154.0-85.133.159.255
85.133.164.0-85.133.192.255
85.133.208.0-85.133.213.255
85.133.220.0/24
85.133.222.0/23
85.133.225.0-85.133.232.255
85.133.235.0/24
85.133.239.0/24
85.133.244.0-85.133.248.255
85.133.251.0-85.133.252.255
85.133.254.0/23
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
42:89:a6:92:e5:c4:9e:0a:71:a1:17:81:60:eb:31:02:f9:c7:
c1:05:b4:f2:69:4b:83:75:f7:b8:3d:a7:c8:32:39:d7:52:9d:
32:d7:90:c1:99:52:cc:17:b6:57:12:4c:f5:20:22:2d:44:1c:
b8:f8:7c:05:8c:da:4b:8f:89:2e:f4:13:06:fe:8a:cb:e9:70:
23:8d:b7:95:6e:af:13:2c:66:f3:7a:60:7d:7a:8a:f7:81:97:
4d:68:8d:85:7d:e0:ea:05:99:bd:b3:0e:2e:d2:74:a1:9e:55:
7d:a6:e1:a4:a4:ef:82:bd:6f:a3:c5:cc:0e:34:f6:15:51:5e:
2e:c9:99:61:db:b5:68:c7:92:a1:d6:60:49:9f:8c:d5:8d:9f:
76:a4:ef:2d:14:b0:59:70:c5:b4:cc:b5:59:e3:66:d5:5f:16:
d7:97:6a:6a:05:8f:e6:51:fd:2c:71:16:ad:bd:21:d1:f2:df:
88:62:8a:01:83:7c:c6:e5:2e:25:cf:e8:43:22:00:df:cc:6e:
fe:8b:4c:b6:ef:90:dc:d4:f0:e8:f6:27:f9:61:2f:43:96:6d:
2e:55:c1:1b:83:38:71:6a:0e:10:65:d8:9b:76:d3:bd:45:64:
d7:a6:4e:9e:88:bf:7f:a1:6b:80:e8:0a:e7:0a:be:75:f1:2c:
ba:7f:cf:df
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAZcNHMycXnR03oKaxvuUs7ImMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwNTI2MTUwMTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjhhZTRiZTYxNzIyY2E2MzE4MTE2ZjMxMWZjNDMyNDI3YjY3OWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwi7VBrrnXsd9u3Mzjgd/uF8Ullii
F9mu6XP/BVBY0r4yB51CEkttXc3kKD2APbtceVK7x2+KE7+s9sIVZCzw5GBTmk+a
9X5rZyd2lq/OF2dU/w/gv2To4UQ2Za4PnZpZmhd5mAA9CPV1s52iTJrIpVjcAQ4/
MVxkm0K4jRfVvwV+LORy2IQc8zIGfcXDG9Xwr5V+JyrFcQ2LoS8dbObJAgAzhjPd
EZXSgFePx+mrc09Lk/kISecYGoKT1d8rrvdIPQO4Daq1UQ0eLnev47uxXH/WU9Zc
cb3D2FG9Duec1H16Z1LMhuKQiLoczEjNeqC7/ZuY8V4y/mL+L9+Npq1D7wIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFL+K5L5hciymMYEW8xH8QyQntnm4MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvdjRya3ZtRnlMS1l4Z1JiekVmeERKQ2UyZWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBhwQCAAEwgYAwDAME
B1WFgAMEAFWFmDAMAwQBVYWaAwQFVYWAMAwDBAJVhaQDBABVhcAwDAMEBFWF0AME
AVWF1AMEAFWF3AMEAVWF3jAMAwQAVYXhAwQAVYXoAwQAVYXrAwQAVYXvMAwDBAJV
hfQDBABVhfgwDAMEAFWF+wMEAFWF/AMEAVWF/jANBAIAAjAHAwUDKgSHwDANBgkq
hkiG9w0BAQsFAAOCAQEAQommkuXEngpxoReBYOsxAvnHwQW08mlLg3X3uD2nyDI5
11KdMteQwZlSzBe2VxJM9SAiLUQcuPh8BYzaS4+JLvQTBv6Ky+lwI423lW6vEyxm
83pgfXqK94GXTWiNhX3g6gWZvbMOLtJ0oZ5VfabhpKTvgr1vo8XMDjT2FVFeLsmZ
Ydu1aMeSodZgSZ+M1Y2fdqTvLRSwWXDFtMy1WeNm1V8W15dqagWP5lH9LHEWrb0h
0fLfiGKKAYN8xuUuJc/oQyIA38xu/otMtu+Q3NTw6PYn+WEvQ5ZtLlXBG4M4cWoO
EGXYm3bTvUVk16ZOnoi/f6FrgOgK5wq+dfEsun/P3w==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:27:04 2025 by rpki-client