Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/Z5GMryHXEzXSBqnslWj3NpOK3Mw.roa
File: Z5GMryHXEzXSBqnslWj3NpOK3Mw.roa (raw, json)
Hash identifier: zs6H+R0bVui6FCEYBWAzNnIf0ZtBqCBYvl9Iv0gOAH0=
Subject key identifier: 67:91:8C:AF:21:D7:13:35:D2:06:A9:EC:95:68:F7:36:93:8A:DC:CC
Certificate issuer: /CN=a65046d85ecf201fbef51e8bea1c4ed33f95b268
Certificate serial: 0196DD134814549088E32FC23E36021B45AC
Authority key identifier: A6:50:46:D8:5E:CF:20:1F:BE:F5:1E:8B:EA:1C:4E:D3:3F:95:B2:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/Z5GMryHXEzXSBqnslWj3NpOK3Mw.roa
Signing time: Sat 17 May 2025 07:09:10 +0000
ROA not before: Sat 17 May 2025 07:09:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59836
IP address blocks: 185.69.116.0/24 maxlen: 24
185.69.118.0/24 maxlen: 24
194.35.1.0/24 maxlen: 24
194.35.4.0/24 maxlen: 24
194.35.5.0/24 maxlen: 24
194.35.8.0/24 maxlen: 24
194.35.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 May 2025 19:36:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:dd:13:48:14:54:90:88:e3:2f:c2:3e:36:02:1b:45:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a65046d85ecf201fbef51e8bea1c4ed33f95b268
Validity
Not Before: May 17 07:09:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67918caf21d71335d206a9ec9568f736938adccc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1b:ec:b5:74:16:b8:cd:25:85:b5:57:51:86:
9d:34:dc:49:61:90:21:8b:e1:b3:d9:55:26:bd:46:
76:d9:eb:f0:83:e2:04:41:59:95:7a:48:e6:b0:1f:
70:2d:f4:1c:c1:0f:a7:1d:51:a7:32:48:12:60:c4:
a0:47:3a:2b:d4:44:c7:53:e5:b4:f1:94:3e:1e:9d:
9c:d0:b3:a5:71:81:d9:43:fd:2e:80:56:b2:7c:86:
d0:5f:19:a2:a2:22:ee:25:0b:37:d2:3c:c4:c3:5c:
91:28:96:3b:9e:78:41:45:ed:54:37:11:d8:5c:f8:
17:92:33:8a:6f:c9:d0:46:b8:09:d7:26:0f:52:f8:
c0:cd:21:4f:fd:30:09:9f:de:6d:5c:81:18:8c:6a:
1f:1b:5f:b1:05:06:f2:bb:4d:be:81:e0:f5:d2:3a:
52:90:dd:c1:75:9c:1e:96:2b:e6:d9:8e:5f:79:a9:
42:5b:be:e6:92:3c:1b:2b:39:5f:a7:2c:6a:37:ee:
6a:0a:d2:e0:f9:aa:a0:32:fd:59:8c:09:4d:64:25:
28:a2:6b:d9:ed:d9:ae:1a:d8:75:35:7b:46:b1:65:
f4:83:68:a4:ab:48:15:88:1b:0c:89:df:0a:4a:c6:
80:69:8b:a6:ae:10:2d:d5:bb:94:c2:3c:63:da:27:
f2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:91:8C:AF:21:D7:13:35:D2:06:A9:EC:95:68:F7:36:93:8A:DC:CC
X509v3 Authority Key Identifier:
keyid:A6:50:46:D8:5E:CF:20:1F:BE:F5:1E:8B:EA:1C:4E:D3:3F:95:B2:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/Z5GMryHXEzXSBqnslWj3NpOK3Mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.116.0/24
185.69.118.0/24
194.35.1.0/24
194.35.4.0/23
194.35.8.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:5c:5a:dd:45:83:3e:8f:69:87:a7:bd:e8:8b:68:42:d6:88:
43:53:a6:dc:b7:cf:da:7b:59:ea:80:e7:48:b9:fd:0d:c4:9e:
57:f8:21:1d:c4:5b:f2:ca:58:47:a8:64:71:89:af:8c:2e:f7:
36:f6:c9:45:3d:dc:c9:41:54:5b:c9:1d:0b:ff:e9:b4:d0:b9:
b6:21:f5:71:b4:4d:db:71:38:54:fb:7c:b9:dd:6d:e6:a6:45:
93:96:3d:05:aa:89:d5:4b:4e:98:bc:a8:dc:7a:ad:ad:e0:06:
12:7b:c4:82:df:4f:ec:29:19:27:fd:17:de:ba:0a:69:41:eb:
19:d2:45:54:b1:ec:bb:d6:c2:33:20:3d:e3:c5:e1:ba:ac:69:
7e:99:9c:e1:da:a3:16:fc:80:ef:1c:2c:0b:d5:ad:cd:18:79:
9d:9a:a2:44:54:26:10:47:74:cf:5f:ed:e8:69:f4:59:4a:41:
80:76:ee:3b:cb:9c:60:dd:c5:92:6d:a9:d8:60:d5:75:47:d9:
87:27:ac:e8:7e:df:31:58:a4:1d:5a:30:9e:64:5e:b5:65:42:
84:d0:ab:17:1a:b9:a9:c4:99:8b:3e:11:d3:12:09:95:73:21:
f4:23:15:fa:63:b6:73:3e:ef:89:52:bf:af:17:ef:20:b0:18:
eb:c1:18:93
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZbdE0gUVJCI4y/CPjYCG0WsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTA0NmQ4NWVjZjIwMWZiZWY1MWU4YmVhMWM0ZWQzM2Y5
NWIyNjgwHhcNMjUwNTE3MDcwOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzkxOGNhZjIxZDcxMzM1ZDIwNmE5ZWM5NTY4ZjczNjkzOGFkY2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhvstXQWuM0lhbVXUYadNNxJYZAh
i+Gz2VUmvUZ22evwg+IEQVmVekjmsB9wLfQcwQ+nHVGnMkgSYMSgRzor1ETHU+W0
8ZQ+Hp2c0LOlcYHZQ/0ugFayfIbQXxmioiLuJQs30jzEw1yRKJY7nnhBRe1UNxHY
XPgXkjOKb8nQRrgJ1yYPUvjAzSFP/TAJn95tXIEYjGofG1+xBQbyu02+geD10jpS
kN3BdZwelivm2Y5fealCW77mkjwbKzlfpyxqN+5qCtLg+aqgMv1ZjAlNZCUoomvZ
7dmuGth1NXtGsWX0g2ikq0gViBsMid8KSsaAaYumrhAt1buUwjxj2ifyBQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGeRjK8h1xM10gap7JVo9zaTitzMMB8GA1UdIwQY
MBaAFKZQRthezyAfvvUei+ocTtM/lbJoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxCRzJGN1BJQi0tOVI2TDZoeE8wei1Wc21nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYmQ3YzEtODFmYS00NTUzLTg1MDUt
YmNjZDMyYWY5N2ZlLzEvWjVHTXJ5SFhFelhTQnFuc2xXajNOcE9LM013LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYmQ3YzEtODFmYS00NTUzLTg1MDUtYmNjZDMyYWY5N2Zl
LzEvcGxCRzJGN1BJQi0tOVI2TDZoeE8wei1Wc21nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuUV0AwQA
uUV2AwQAwiMBAwQBwiMEAwQBwiMIMA0GCSqGSIb3DQEBCwUAA4IBAQCyXFrdRYM+
j2mHp73oi2hC1ohDU6bct8/ae1nqgOdIuf0NxJ5X+CEdxFvyylhHqGRxia+MLvc2
9slFPdzJQVRbyR0L/+m00Lm2IfVxtE3bcThU+3y53W3mpkWTlj0FqonVS06YvKjc
eq2t4AYSe8SC30/sKRkn/RfeugppQesZ0kVUsey71sIzID3jxeG6rGl+mZzh2qMW
/IDvHCwL1a3NGHmdmqJEVCYQR3TPX+3oafRZSkGAdu47y5xg3cWSbanYYNV1R9mH
J6zoft8xWKQdWjCeZF61ZUKE0KsXGrmpxJmLPhHTEgmVcyH0IxX6Y7ZzPu+JUr+v
F+8gsBjrwRiT
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:27:29 2025 by rpki-client