Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ZrX7diXr808oX5hLQMpsG7NUH3c.roa
File: ZrX7diXr808oX5hLQMpsG7NUH3c.roa (raw, json)
Hash identifier: 5spryt7S97brkokAm/aYOYMywPJqIiQSYAGyB+829CE=
Subject key identifier: 66:B5:FB:76:25:EB:F3:4F:28:5F:98:4B:40:CA:6C:1B:B3:54:1F:77
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 019773772E8AC50D4BE196648438B9B17386
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ZrX7diXr808oX5hLQMpsG7NUH3c.roa
Signing time: Sun 15 Jun 2025 12:01:19 +0000
ROA not before: Sun 15 Jun 2025 12:01:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214515
IP address blocks: 185.3.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Jun 2025 12:44:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:73:77:2e:8a:c5:0d:4b:e1:96:64:84:38:b9:b1:73:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jun 15 12:01:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66b5fb7625ebf34f285f984b40ca6c1bb3541f77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ca:dd:a8:fa:c1:2a:90:54:f1:73:40:d9:82:
39:4b:85:5a:12:0a:6b:b4:c9:b9:15:4b:c9:d2:76:
db:cd:1a:bc:9b:e3:3d:df:07:3a:25:9f:63:c8:a0:
df:da:3b:1d:dd:28:5c:0a:ad:7b:37:0e:fe:ee:1b:
d4:97:dc:3e:30:91:e9:50:a9:1d:72:5a:28:e7:43:
e2:0c:66:70:74:1d:9c:f7:e0:d7:82:dd:5c:98:d9:
4a:37:ec:4c:33:4e:e5:d2:68:06:d7:4f:fd:b8:09:
68:ca:50:93:fd:e7:82:40:70:46:66:4f:49:cd:69:
6c:79:db:17:01:3d:4d:31:d9:06:6f:aa:63:d6:00:
2f:04:dc:e8:8f:fd:1c:44:21:11:f7:80:37:e4:5e:
47:a7:47:eb:4e:13:ed:f6:17:52:c8:72:34:17:35:
bb:1e:84:9e:40:04:af:1f:dd:ec:e8:9a:87:12:2a:
62:a7:df:b0:ec:1d:25:3e:eb:fb:f4:16:c4:a3:b1:
27:74:99:14:43:5e:07:58:7b:0d:b5:2c:24:f4:2f:
23:79:98:1a:de:a5:79:ff:c5:b1:4d:0c:23:cf:21:
b6:1c:2d:84:a6:f6:68:9a:7e:6a:d1:9e:0c:16:4c:
a8:c8:fd:55:5d:57:47:f8:28:eb:98:f2:0e:98:75:
c0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:B5:FB:76:25:EB:F3:4F:28:5F:98:4B:40:CA:6C:1B:B3:54:1F:77
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ZrX7diXr808oX5hLQMpsG7NUH3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.3.200.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:d7:cc:4b:1a:98:71:9f:94:b5:2c:80:a9:40:43:55:dd:3f:
b5:ed:c5:4f:b9:7a:43:11:1a:89:f8:c5:66:02:cb:35:2a:77:
ea:70:df:db:69:c5:4f:a7:7f:45:fe:0f:48:2a:16:de:c3:ff:
c3:c0:74:e1:d9:9e:5c:57:91:08:0d:ca:d3:ca:25:58:fa:6b:
66:8b:aa:2f:09:04:a2:88:a7:a7:f6:88:9d:32:46:89:e8:b6:
f8:df:7a:5f:9c:01:2c:64:44:8d:4c:f8:87:ce:11:56:9f:e8:
4b:ff:a1:9d:20:3e:97:ba:72:14:48:bd:0e:9d:65:11:ef:fb:
dc:57:04:09:34:8a:24:78:f9:c4:40:63:21:66:6a:53:02:dd:
ae:3f:b3:0a:f2:f3:b6:b9:ea:45:3c:2f:78:1a:da:84:c3:b5:
39:3e:f0:09:0e:69:af:56:c7:a2:5b:4e:3c:b0:2c:10:ed:34:
4a:8c:27:b1:91:7c:a8:fe:52:e6:7a:1f:ce:f2:3f:b6:2f:42:
9f:0e:b3:48:03:67:ab:b3:e6:a9:cc:20:40:a9:a9:a0:e3:15:
59:f9:75:92:e6:90:06:6e:81:41:c0:f5:4d:a4:c4:7e:92:98:
da:8e:8a:16:37:13:83:60:f1:56:16:3f:ca:8e:9c:2c:c2:cd:
37:cd:c9:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdzdy6KxQ1L4ZZkhDi5sXOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjUwNjE1MTIwMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmI1ZmI3NjI1ZWJmMzRmMjg1Zjk4NGI0MGNhNmMxYmIzNTQxZjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsrdqPrBKpBU8XNA2YI5S4VaEgpr
tMm5FUvJ0nbbzRq8m+M93wc6JZ9jyKDf2jsd3ShcCq17Nw7+7hvUl9w+MJHpUKkd
cloo50PiDGZwdB2c9+DXgt1cmNlKN+xMM07l0mgG10/9uAloylCT/eeCQHBGZk9J
zWlsedsXAT1NMdkGb6pj1gAvBNzoj/0cRCER94A35F5Hp0frThPt9hdSyHI0FzW7
HoSeQASvH93s6JqHEipip9+w7B0lPuv79BbEo7EndJkUQ14HWHsNtSwk9C8jeZga
3qV5/8WxTQwjzyG2HC2EpvZomn5q0Z4MFkyoyP1VXVdH+CjrmPIOmHXAbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGa1+3Yl6/NPKF+YS0DKbBuzVB93MB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvWnJYN2RpWHI4MDhvWDVoTFFNcHNHN05VSDNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQPIMA0G
CSqGSIb3DQEBCwUAA4IBAQCp18xLGphxn5S1LICpQENV3T+17cVPuXpDERqJ+MVm
Ass1KnfqcN/bacVPp39F/g9IKhbew//DwHTh2Z5cV5EIDcrTyiVY+mtmi6ovCQSi
iKen9oidMkaJ6Lb433pfnAEsZESNTPiHzhFWn+hL/6GdID6XunIUSL0OnWUR7/vc
VwQJNIokePnEQGMhZmpTAt2uP7MK8vO2uepFPC94GtqEw7U5PvAJDmmvVseiW048
sCwQ7TRKjCexkXyo/lLmeh/O8j+2L0KfDrNIA2ers+apzCBAqamg4xVZ+XWS5pAG
boFBwPVNpMR+kpjajooWNxODYPFWFj/Kjpwsws03zcmm
-----END CERTIFICATE-----
Generated at Sun Jul 27 10:31:37 2025 by rpki-client