Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/7DYBqr6I7tamwuNRG2DUK0vlWBM.roa
File: 7DYBqr6I7tamwuNRG2DUK0vlWBM.roa (raw, json)
Hash identifier: ma7iHKEIlPx+D/2AYSu84MIh2AW95pwE0kcVLUz+OBI=
Subject key identifier: EC:36:01:AA:BE:88:EE:D6:A6:C2:E3:51:1B:60:D4:2B:4B:E5:58:13
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 019532272C27E233612AEAA4A39C1894E2FA
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/7DYBqr6I7tamwuNRG2DUK0vlWBM.roa
Signing time: Sun 23 Feb 2025 09:33:02 +0000
ROA not before: Sun 23 Feb 2025 09:33:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.151.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.167.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.168.0/24 maxlen: 24
85.133.169.0/24 maxlen: 24
85.133.170.0/24 maxlen: 24
85.133.171.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.173.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.175.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.176.0/24 maxlen: 24
85.133.177.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.180.0/24 maxlen: 24
85.133.181.0/24 maxlen: 24
85.133.182.0/24 maxlen: 24
85.133.183.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.184.0/24 maxlen: 24
85.133.185.0/24 maxlen: 24
85.133.186.0/24 maxlen: 24
85.133.187.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.188.0/24 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.190.0/24 maxlen: 24
85.133.191.0/24 maxlen: 24
85.133.192.0/24 maxlen: 24
85.133.193.0/24 maxlen: 24
85.133.199.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.214.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.248.0/24 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.252.0/24 maxlen: 24
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 23 Feb 2025 13:04:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:32:27:2c:27:e2:33:61:2a:ea:a4:a3:9c:18:94:e2:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Feb 23 09:33:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec3601aabe88eed6a6c2e3511b60d42b4be55813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c1:1b:1b:07:27:82:09:72:e3:5c:5a:24:94:
44:f7:29:a4:4c:aa:a1:ad:2d:6f:ad:a2:5f:03:74:
a6:7c:05:15:af:6a:01:34:86:c5:bd:46:49:e6:eb:
66:39:17:89:99:bb:c4:5f:9c:86:b1:80:1f:8c:d9:
ca:b4:c5:29:95:ec:a9:0d:e1:8f:5c:d1:29:ec:ee:
06:71:5f:82:34:10:70:dc:df:38:91:6c:c4:14:d3:
a1:04:d1:95:08:ef:9f:85:01:d3:58:e0:ea:02:d3:
9e:60:05:3d:08:f8:43:a1:f7:2c:ba:8b:cc:17:56:
97:dc:f8:31:69:0b:23:56:3b:59:9a:1d:07:f2:c7:
86:da:a3:75:ec:0c:92:48:54:d1:44:4d:1b:32:3d:
97:b4:28:5d:f6:19:f1:22:84:a8:19:c5:df:47:df:
f4:06:17:23:e1:44:34:ae:cf:bd:a5:98:6a:99:fb:
fc:3d:fd:11:70:65:1e:da:f1:00:85:83:c1:59:cc:
ce:92:da:02:8c:06:0c:22:d9:ac:f1:81:dc:64:15:
bc:51:f4:6a:c8:43:bf:1a:cd:56:8f:e1:9b:0a:45:
05:82:29:c3:51:8a:71:99:fe:48:ee:bf:69:89:f5:
1c:1a:b6:30:a9:cd:c7:d3:2c:d5:b5:fc:63:58:85:
2e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:36:01:AA:BE:88:EE:D6:A6:C2:E3:51:1B:60:D4:2B:4B:E5:58:13
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/7DYBqr6I7tamwuNRG2DUK0vlWBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/19
85.133.164.0-85.133.193.255
85.133.199.0/24
85.133.208.0-85.133.214.255
85.133.220.0/24
85.133.222.0/23
85.133.225.0-85.133.232.255
85.133.235.0/24
85.133.239.0/24
85.133.244.0/23
85.133.247.0-85.133.249.255
85.133.252.0/24
85.133.254.0/23
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
60:24:b0:96:32:0c:67:46:d2:d6:42:ca:d8:ba:57:76:2c:2b:
89:1f:db:a7:eb:d5:5b:4c:38:d8:7a:38:35:30:9e:08:fe:83:
5e:0c:33:43:92:82:88:24:42:0b:93:46:77:74:a5:5f:ad:55:
8a:e3:b2:03:41:79:c2:48:44:68:e1:0a:7e:46:49:cc:85:65:
d9:03:94:19:5a:38:5f:3b:4b:d6:bf:7e:28:f4:81:be:44:9e:
f9:64:1f:af:9c:59:2b:a9:99:20:19:e8:51:3d:99:69:4b:0b:
07:7c:5a:bb:24:02:80:56:b1:a1:ad:ff:38:c8:16:90:78:4b:
56:50:46:f0:02:23:09:16:bd:ea:63:81:8c:9c:0f:62:c3:85:
3f:68:d4:bb:0e:1b:21:8b:d1:26:7d:81:c0:97:4d:63:32:15:
07:26:c2:46:de:6e:50:f5:d6:ec:7f:e3:86:db:9c:17:bc:4f:
36:79:f2:61:0c:cf:9a:26:7f:54:0a:2f:8f:d6:90:40:23:9b:
02:6b:39:2d:e7:49:40:97:6f:41:13:25:c1:59:c4:74:be:85:
4d:79:15:bc:76:ba:c4:2a:a4:b4:7e:62:4d:bd:0e:8e:9f:2a:
d0:04:f5:40:3f:31:08:02:90:4d:92:fa:c2:e7:d1:6f:dc:12:
c8:7b:0a:de
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZUyJywn4jNhKuqko5wYlOL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwMjIzMDkzMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzM2MDFhYWJlODhlZWQ2YTZjMmUzNTExYjYwZDQyYjRiZTU1ODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sEbGwcnggly41xaJJRE9ymkTKqh
rS1vraJfA3SmfAUVr2oBNIbFvUZJ5utmOReJmbvEX5yGsYAfjNnKtMUpleypDeGP
XNEp7O4GcV+CNBBw3N84kWzEFNOhBNGVCO+fhQHTWODqAtOeYAU9CPhDofcsuovM
F1aX3PgxaQsjVjtZmh0H8seG2qN17AySSFTRRE0bMj2XtChd9hnxIoSoGcXfR9/0
Bhcj4UQ0rs+9pZhqmfv8Pf0RcGUe2vEAhYPBWczOktoCjAYMItms8YHcZBW8UfRq
yEO/Gs1Wj+GbCkUFginDUYpxmf5I7r9pifUcGrYwqc3H0yzVtfxjWIUuGwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFOw2Aaq+iO7WpsLjURtg1CtL5VgTMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvN0RZQnFyNkk3dGFtd3VOUkcyRFVLMHZsV0JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQFVYWA
MAwDBAJVhaQDBAFVhcADBABVhccwDAMEBFWF0AMEAFWF1gMEAFWF3AMEAVWF3jAM
AwQAVYXhAwQAVYXoAwQAVYXrAwQAVYXvAwQBVYX0MAwDBABVhfcDBAFVhfgDBABV
hfwDBAFVhf4wDQQCAAIwBwMFAyoEh8AwDQYJKoZIhvcNAQELBQADggEBAGAksJYy
DGdG0tZCyti6V3YsK4kf26fr1VtMONh6ODUwngj+g14MM0OSgogkQguTRnd0pV+t
VYrjsgNBecJIRGjhCn5GScyFZdkDlBlaOF87S9a/fij0gb5EnvlkH6+cWSupmSAZ
6FE9mWlLCwd8WrskAoBWsaGt/zjIFpB4S1ZQRvACIwkWvepjgYycD2LDhT9o1LsO
GyGL0SZ9gcCXTWMyFQcmwkbeblD11ux/44bbnBe8TzZ58mEMz5omf1QKL4/WkEAj
mwJrOS3nSUCXb0ETJcFZxHS+hU15Fbx2usQqpLR+Yk29Do6fKtAE9UA/MQgCkE2S
+sLn0W/cEsh7Ct4=
-----END CERTIFICATE-----
Generated at Wed May 14 08:00:28 2025 by rpki-client