Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/s58dzknNqM8p8uuP0xyTXnAa3mM.roa
File: s58dzknNqM8p8uuP0xyTXnAa3mM.roa (raw, json)
Hash identifier: ohDF+WfVO71zBjmGW1aWjT23AxuMVshaXn4fFxSJyYI=
Subject key identifier: B3:9F:1D:CE:49:CD:A8:CF:29:F2:EB:8F:D3:1C:93:5E:70:1A:DE:63
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0192E16D7B6B7111034944A9D7599E2D90FD
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/s58dzknNqM8p8uuP0xyTXnAa3mM.roa
Signing time: Thu 31 Oct 2024 07:15:01 +0000
ROA not before: Thu 31 Oct 2024 07:15:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.167.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.168.0/24 maxlen: 24
85.133.169.0/24 maxlen: 24
85.133.170.0/24 maxlen: 24
85.133.171.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.173.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.175.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.176.0/24 maxlen: 24
85.133.177.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.180.0/24 maxlen: 24
85.133.181.0/24 maxlen: 24
85.133.182.0/24 maxlen: 24
85.133.183.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.184.0/24 maxlen: 24
85.133.185.0/24 maxlen: 24
85.133.186.0/24 maxlen: 24
85.133.187.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.188.0/24 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.190.0/24 maxlen: 24
85.133.191.0/24 maxlen: 24
85.133.192.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/22 maxlen: 22
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.248.0/24 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 31 Oct 2024 07:46:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e1:6d:7b:6b:71:11:03:49:44:a9:d7:59:9e:2d:90:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Oct 31 07:15:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b39f1dce49cda8cf29f2eb8fd31c935e701ade63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:49:f9:8c:9a:5d:1b:d2:a8:12:a6:ba:73:e4:
7f:34:50:9d:6e:fb:b6:f1:f3:3c:2f:a5:89:6f:a7:
2c:4a:da:ca:8d:36:38:b3:7a:2b:1d:d8:66:35:dc:
6b:ee:da:de:45:3a:6a:2c:25:7f:54:26:a4:3d:96:
03:42:18:7c:ea:87:f3:c2:b0:ac:09:41:17:bc:2d:
11:6e:5a:92:7f:97:ce:54:de:47:bb:03:a3:59:54:
9d:b7:31:00:bd:c4:50:9c:00:05:05:ef:de:b5:d0:
fd:ed:14:0f:7c:74:5f:77:a2:55:70:77:9b:66:2b:
01:39:e0:4a:35:9e:8d:e0:14:b4:90:f0:bb:68:50:
07:95:94:a7:d6:fa:e6:b4:95:96:07:61:89:26:bc:
de:5f:9a:97:5b:b1:25:e3:fa:32:84:b7:26:2a:a9:
10:6a:7a:85:a2:b4:f6:8f:69:be:f8:78:b9:a4:18:
b3:b8:31:b4:4a:af:68:a9:07:d7:87:41:08:9b:98:
1a:56:d4:8f:20:4e:18:5c:67:69:17:5c:ac:8f:40:
3a:5f:2e:14:98:ea:e6:80:50:ca:ac:5c:94:70:17:
b4:65:b6:aa:d1:04:1b:77:50:58:c7:ad:ca:fd:e3:
64:9d:e2:4c:84:37:54:f3:5d:9e:35:16:56:ed:d2:
2f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:9F:1D:CE:49:CD:A8:CF:29:F2:EB:8F:D3:1C:93:5E:70:1A:DE:63
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/s58dzknNqM8p8uuP0xyTXnAa3mM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/19
85.133.164.0/23
85.133.167.0-85.133.192.255
85.133.196.0/22
85.133.207.0/24
85.133.209.0-85.133.215.255
85.133.217.0-85.133.223.255
85.133.226.0/24
85.133.229.0-85.133.235.255
85.133.239.0/24
85.133.244.0/23
85.133.248.0/23
85.133.255.0/24
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
44:24:76:28:f6:89:ec:77:c9:c3:8d:c6:9b:64:05:3a:6c:87:
ad:82:a1:a1:24:2d:0f:a2:0a:80:5a:64:0f:76:2d:48:ea:d3:
e7:55:8a:00:7f:71:4c:b8:12:bd:80:b8:e6:bd:8f:4d:04:8a:
12:c6:e7:e6:1a:b8:38:7b:93:1b:15:d6:bd:d3:20:b0:de:7c:
f9:7b:0b:57:e9:c3:b1:35:88:9c:f7:1e:c5:e1:6b:6a:18:c5:
55:9a:ff:84:c7:5a:bf:21:53:90:54:2e:b9:de:93:47:68:ba:
8d:ff:15:00:8b:44:0b:3d:2f:57:d3:86:ef:ad:50:ef:57:2e:
47:6a:da:96:85:08:bb:28:60:4b:fe:81:90:7e:3f:b6:1f:54:
56:7d:eb:0f:19:31:d6:de:37:50:0f:92:90:ba:dc:eb:70:31:
33:26:6d:21:94:7f:20:23:ab:f5:0a:0f:ea:13:3f:96:e1:46:
a1:cd:a5:c3:37:78:21:6c:51:a0:be:07:56:70:f2:f1:6d:00:
c8:6f:74:9d:c3:e7:9d:28:f8:95:4d:82:32:08:96:2d:dc:d4:
f1:be:04:20:2d:ee:f6:f9:71:7f:fb:bb:12:99:0f:ec:d4:d2:
70:a0:8d:6a:39:92:0a:61:8e:d1:43:42:95:a3:a0:52:6f:99:
3e:01:4f:16
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZLhbXtrcREDSUSp11meLZD9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQxMDMxMDcxNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzlmMWRjZTQ5Y2RhOGNmMjlmMmViOGZkMzFjOTM1ZTcwMWFkZTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0n5jJpdG9KoEqa6c+R/NFCdbvu2
8fM8L6WJb6csStrKjTY4s3orHdhmNdxr7treRTpqLCV/VCakPZYDQhh86ofzwrCs
CUEXvC0RblqSf5fOVN5HuwOjWVSdtzEAvcRQnAAFBe/etdD97RQPfHRfd6JVcHeb
ZisBOeBKNZ6N4BS0kPC7aFAHlZSn1vrmtJWWB2GJJrzeX5qXW7El4/oyhLcmKqkQ
anqForT2j2m++Hi5pBizuDG0Sq9oqQfXh0EIm5gaVtSPIE4YXGdpF1ysj0A6Xy4U
mOrmgFDKrFyUcBe0Zbaq0QQbd1BYx63K/eNkneJMhDdU812eNRZW7dIvbQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFLOfHc5JzajPKfLrj9Mck15wGt5jMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvczU4ZHprbk5xTThwOHV1UDB4eVRYbkFhM21NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQFVYWA
AwQBVYWkMAwDBABVhacDBABVhcADBAJVhcQDBABVhc8wDAMEAFWF0QMEA1WF0DAM
AwQAVYXZAwQFVYXAAwQAVYXiMAwDBABVheUDBAJVhegDBABVhe8DBAFVhfQDBAFV
hfgDBABVhf8wDQQCAAIwBwMFAyoEh8AwDQYJKoZIhvcNAQELBQADggEBAEQkdij2
iex3ycONxptkBTpsh62CoaEkLQ+iCoBaZA92LUjq0+dVigB/cUy4Er2AuOa9j00E
ihLG5+YauDh7kxsV1r3TILDefPl7C1fpw7E1iJz3HsXha2oYxVWa/4THWr8hU5BU
Lrnek0douo3/FQCLRAs9L1fThu+tUO9XLkdq2paFCLsoYEv+gZB+P7YfVFZ96w8Z
MdbeN1APkpC63OtwMTMmbSGUfyAjq/UKD+oTP5bhRqHNpcM3eCFsUaC+B1Zw8vFt
AMhvdJ3D550o+JVNgjIIli3c1PG+BCAt7vb5cX/7uxKZD+zU0nCgjWo5kgphjtFD
QpWjoFJvmT4BTxY=
-----END CERTIFICATE-----
Generated at Sun May 11 22:08:21 2025 by rpki-client