Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/F8EmM_fjaweHPkOMHA4hwVq2dQU.roa
File: F8EmM_fjaweHPkOMHA4hwVq2dQU.roa (raw, json)
Hash identifier: 2UIa7fzcVfkeKj6vY/BAhQJh800WN0Ust+vkcHWEESA=
Subject key identifier: 17:C1:26:33:F7:E3:6B:07:87:3E:43:8C:1C:0E:21:C1:5A:B6:75:05
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 019652D67D24BCAB446D878AAC7112ABF4A1
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/F8EmM_fjaweHPkOMHA4hwVq2dQU.roa
Signing time: Sun 20 Apr 2025 10:55:10 +0000
ROA not before: Sun 20 Apr 2025 10:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211056
IP address blocks: 85.133.193.0/24 maxlen: 24
85.133.216.0/24 maxlen: 24
85.133.237.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Apr 2025 12:46:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:52:d6:7d:24:bc:ab:44:6d:87:8a:ac:71:12:ab:f4:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Apr 20 10:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17c12633f7e36b07873e438c1c0e21c15ab67505
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7a:59:89:2e:3c:3a:38:d5:c7:5b:67:41:90:
2f:ee:2c:41:a3:0d:59:71:be:ce:ab:58:bd:8e:94:
76:1c:10:0a:bf:0a:ba:90:68:23:ac:83:78:81:ee:
0c:44:fb:e6:b6:32:7d:e1:e2:17:ab:a1:4f:05:5e:
cb:2f:0d:d4:b3:e1:54:fb:1c:ff:18:fd:30:f7:1a:
3c:7a:1a:7c:3c:91:14:db:82:93:53:74:24:68:67:
f3:99:1b:ea:eb:f3:ae:f2:b8:23:11:44:f7:75:8c:
48:48:c8:c0:da:33:67:a4:24:67:bf:7e:3a:18:ef:
39:40:09:37:47:7b:14:39:e1:ac:23:c3:d7:ef:a8:
2f:46:ec:c9:9e:72:ea:de:14:5d:ee:ae:1a:0d:75:
ad:62:43:d4:4d:e5:7e:1e:e5:dc:a3:c5:98:cc:48:
a1:0c:f7:7a:17:2d:2a:50:f7:9f:14:67:e5:cd:e8:
32:ed:b8:c3:4c:f0:20:b2:0c:b4:ba:a1:e6:16:77:
d7:f4:bd:dc:25:cd:64:1d:4d:59:fb:c3:4b:61:2e:
47:fe:ac:f6:07:82:fa:6b:b6:25:58:1d:77:da:44:
b7:15:58:15:ce:46:00:1a:d0:f1:13:2a:5d:66:4e:
d3:8d:1e:3e:f4:7d:26:86:ea:c9:b8:da:d1:4d:66:
bc:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:C1:26:33:F7:E3:6B:07:87:3E:43:8C:1C:0E:21:C1:5A:B6:75:05
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/F8EmM_fjaweHPkOMHA4hwVq2dQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.193.0/24
85.133.216.0/24
85.133.237.0-85.133.238.255
85.133.253.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:c6:4d:5a:8b:c7:1f:ca:a4:68:7c:16:ce:75:86:2c:34:66:
ba:40:2f:01:da:04:84:7c:4c:f2:ef:6e:25:0f:32:da:3b:d3:
66:2e:5d:14:f6:0b:98:20:49:40:bc:67:8d:e1:0b:45:19:03:
80:0a:ce:fb:dd:71:10:20:2c:d5:53:8f:4f:d6:97:db:f0:a1:
1f:85:97:b2:0c:0d:4c:a8:cc:e8:68:7a:64:db:cd:71:f3:ef:
28:e5:53:81:d6:3f:c0:2d:31:04:d4:67:35:c9:f0:7c:2e:f0:
b8:9d:16:71:f0:41:f9:83:15:8f:67:7e:77:7c:81:74:1b:33:
05:81:a5:56:f0:f2:bb:65:d4:1c:01:0e:d1:22:89:e9:5e:df:
de:1e:5a:48:48:1d:be:55:ff:b6:8c:8a:48:80:21:bf:45:2e:
81:19:a5:37:02:54:a2:36:11:77:f4:18:bf:0c:bf:a9:8e:ed:
b4:35:12:69:47:04:93:35:67:b0:17:62:8f:52:23:9a:04:41:
62:67:8a:62:55:5c:f4:89:09:72:78:31:a7:aa:77:e8:21:b3:
ff:5e:19:fe:9e:36:e0:4b:9e:bf:74:db:a6:2c:2d:05:10:4a:
01:46:38:ba:5c:02:d3:87:55:c3:3f:82:22:27:00:9c:83:e2:
22:fa:b7:cb
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZZS1n0kvKtEbYeKrHESq/ShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwNDIwMTA1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2MxMjYzM2Y3ZTM2YjA3ODczZTQzOGMxYzBlMjFjMTVhYjY3NTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3pZiS48OjjVx1tnQZAv7ixBow1Z
cb7Oq1i9jpR2HBAKvwq6kGgjrIN4ge4MRPvmtjJ94eIXq6FPBV7LLw3Us+FU+xz/
GP0w9xo8ehp8PJEU24KTU3QkaGfzmRvq6/Ou8rgjEUT3dYxISMjA2jNnpCRnv346
GO85QAk3R3sUOeGsI8PX76gvRuzJnnLq3hRd7q4aDXWtYkPUTeV+HuXco8WYzEih
DPd6Fy0qUPefFGflzegy7bjDTPAgsgy0uqHmFnfX9L3cJc1kHU1Z+8NLYS5H/qz2
B4L6a7YlWB132kS3FVgVzkYAGtDxEypdZk7TjR4+9H0mhurJuNrRTWa8vQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBfBJjP342sHhz5DjBwOIcFatnUFMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvRjhFbU1fZmphd2VIUGtPTUhBNGh3VnEyZFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVYXBAwQA
VYXYMAwDBABVhe0DBABVhe4DBABVhf0wDQYJKoZIhvcNAQELBQADggEBAF/GTVqL
xx/KpGh8Fs51hiw0ZrpALwHaBIR8TPLvbiUPMto702YuXRT2C5ggSUC8Z43hC0UZ
A4AKzvvdcRAgLNVTj0/Wl9vwoR+Fl7IMDUyozOhoemTbzXHz7yjlU4HWP8AtMQTU
ZzXJ8Hwu8LidFnHwQfmDFY9nfnd8gXQbMwWBpVbw8rtl1BwBDtEiiele394eWkhI
Hb5V/7aMikiAIb9FLoEZpTcCVKI2EXf0GL8Mv6mO7bQ1EmlHBJM1Z7AXYo9SI5oE
QWJnimJVXPSJCXJ4Maeqd+ghs/9eGf6eNuBLnr9026YsLQUQSgFGOLpcAtOHVcM/
giInAJyD4iL6t8s=
-----END CERTIFICATE-----
Generated at Tue Apr 29 12:03:53 2025 by rpki-client