Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/Zdy17cr1qxuabbXxTuTuPd1b9v8.roa
File: Zdy17cr1qxuabbXxTuTuPd1b9v8.roa (raw, json)
Hash identifier: 7lPiM/54fnz5W+7ZlMytQaOCR2NQkKQjPwODXEJpvN8=
Subject key identifier: 65:DC:B5:ED:CA:F5:AB:1B:9A:6D:B5:F1:4E:E4:EE:3D:DD:5B:F6:FF
Certificate issuer: /CN=e61bd7dd1f8ac8b4192ba78a592348b5dd0a1a66
Certificate serial: 0197D6C98D03F38EF7BC91CBB36398AF1EDA
Authority key identifier: E6:1B:D7:DD:1F:8A:C8:B4:19:2B:A7:8A:59:23:48:B5:DD:0A:1A:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5hvX3R-KyLQZK6eKWSNItd0KGmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/Zdy17cr1qxuabbXxTuTuPd1b9v8.roa
Signing time: Fri 04 Jul 2025 18:53:42 +0000
ROA not before: Fri 04 Jul 2025 18:53:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18811
IP address blocks: 185.69.120.0/22 maxlen: 22
185.129.208.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 10 Jul 2025 10:31:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d6:c9:8d:03:f3:8e:f7:bc:91:cb:b3:63:98:af:1e:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e61bd7dd1f8ac8b4192ba78a592348b5dd0a1a66
Validity
Not Before: Jul 4 18:53:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65dcb5edcaf5ab1b9a6db5f14ee4ee3ddd5bf6ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a1:d1:33:1a:9e:ed:ff:26:13:86:40:81:9c:
d4:cb:9c:15:7c:64:92:e3:f0:3b:f5:b8:4e:df:99:
c6:64:48:46:2e:fe:1e:ab:53:58:0c:d8:b8:69:4d:
44:fa:28:3a:ee:77:97:b7:39:49:b6:59:bb:19:52:
f1:a6:d3:a8:c6:28:9d:25:b8:90:61:c4:6a:4a:a0:
46:eb:f3:d9:ad:28:b7:4b:d6:be:fc:e3:51:a3:09:
9e:b4:c4:97:32:56:e8:90:0c:68:97:c3:3b:04:ed:
20:75:5d:c8:18:cc:da:44:fa:6c:fe:93:37:c2:ab:
68:91:c0:bd:dd:69:b9:98:42:90:7b:11:01:6c:e5:
94:d0:ff:dc:22:f9:70:bb:b5:93:48:07:e7:27:b9:
2f:52:f7:09:d0:db:b9:d4:7e:96:70:ab:23:2a:bc:
28:ca:d3:52:03:a8:ea:93:42:8a:a9:14:8b:9d:fb:
03:47:df:4d:23:1d:36:b6:03:63:ad:dd:f8:77:88:
33:2e:2a:3d:f8:75:c4:25:7c:ba:b4:48:82:c9:ef:
6b:f1:26:6e:24:ce:cd:d8:f6:cb:1d:66:da:89:f7:
36:7b:87:dd:39:0c:6f:89:6e:e2:72:a6:8c:a6:ab:
ac:66:a6:ae:94:4b:f9:ad:aa:64:f3:b9:89:52:a9:
00:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:DC:B5:ED:CA:F5:AB:1B:9A:6D:B5:F1:4E:E4:EE:3D:DD:5B:F6:FF
X509v3 Authority Key Identifier:
keyid:E6:1B:D7:DD:1F:8A:C8:B4:19:2B:A7:8A:59:23:48:B5:DD:0A:1A:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hvX3R-KyLQZK6eKWSNItd0KGmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/Zdy17cr1qxuabbXxTuTuPd1b9v8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/5hvX3R-KyLQZK6eKWSNItd0KGmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.120.0/22
185.129.208.0/22
Signature Algorithm: sha256WithRSAEncryption
63:77:00:a0:78:3b:a3:4c:6e:e0:e5:99:c1:a5:26:98:4e:14:
55:43:c5:c2:29:50:57:99:7d:d3:d7:4a:7a:a9:36:be:35:60:
3d:34:56:a7:bc:eb:69:80:3b:d3:4f:b0:bd:87:fb:6e:fc:7e:
b1:2e:7b:6e:54:11:63:97:42:e6:11:a7:f0:b8:1a:f9:ed:5a:
b0:e7:b4:18:59:15:c5:ab:d0:58:67:3f:e7:02:ff:f1:d1:75:
68:fd:8f:f0:91:1b:10:24:24:c4:a1:44:50:65:3f:54:6f:45:
40:e4:a8:41:4b:84:6e:c4:6e:83:eb:5c:53:ab:3e:65:6d:02:
df:3f:1b:81:af:6f:08:e6:b0:e7:91:07:7a:67:7c:68:a3:11:
35:91:35:01:c3:15:7d:02:bb:2f:b6:a0:30:b4:de:df:da:c8:
e0:ec:d5:4b:b5:a8:5a:cd:16:d2:d7:b9:f9:10:c5:cc:9a:89:
8e:d7:ec:92:9c:f0:2d:34:75:5c:c6:16:c4:e1:14:a5:cd:24:
4f:ab:96:79:e1:86:15:9c:6d:55:3c:c7:e6:b3:03:55:70:74:
f5:4e:b5:46:bb:e4:2f:27:c2:65:de:23:6e:ec:35:cc:a8:2a:
40:92:a5:0f:08:87:cf:30:42:02:bb:87:af:04:8f:3a:53:11:
82:b7:a0:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZfWyY0D8473vJHLs2OYrx7aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MWJkN2RkMWY4YWM4YjQxOTJiYTc4YTU5MjM0OGI1ZGQw
YTFhNjYwHhcNMjUwNzA0MTg1MzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWRjYjVlZGNhZjVhYjFiOWE2ZGI1ZjE0ZWU0ZWUzZGRkNWJmNmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaHRMxqe7f8mE4ZAgZzUy5wVfGSS
4/A79bhO35nGZEhGLv4eq1NYDNi4aU1E+ig67neXtzlJtlm7GVLxptOoxiidJbiQ
YcRqSqBG6/PZrSi3S9a+/ONRowmetMSXMlbokAxol8M7BO0gdV3IGMzaRPps/pM3
wqtokcC93Wm5mEKQexEBbOWU0P/cIvlwu7WTSAfnJ7kvUvcJ0Nu51H6WcKsjKrwo
ytNSA6jqk0KKqRSLnfsDR99NIx02tgNjrd34d4gzLio9+HXEJXy6tEiCye9r8SZu
JM7N2PbLHWbaifc2e4fdOQxviW7icqaMpqusZqaulEv5rapk87mJUqkAzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGXcte3K9asbmm218U7k7j3dW/b/MB8GA1UdIwQY
MBaAFOYb190fisi0GSunilkjSLXdChpmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWh2WDNSLUt5TFFaSzZlS1dTTkl0ZDBLR21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80YWNjMTUtYmJhMC00NDU5LTk2Njct
ZGU5YjJmOGY3ZTI5LzEvWmR5MTdjcjFxeHVhYmJYeFR1VHVQZDFiOXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80YWNjMTUtYmJhMC00NDU5LTk2NjctZGU5YjJmOGY3ZTI5
LzEvNWh2WDNSLUt5TFFaSzZlS1dTTkl0ZDBLR21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUV4AwQC
uYHQMA0GCSqGSIb3DQEBCwUAA4IBAQBjdwCgeDujTG7g5ZnBpSaYThRVQ8XCKVBX
mX3T10p6qTa+NWA9NFanvOtpgDvTT7C9h/tu/H6xLntuVBFjl0LmEafwuBr57Vqw
57QYWRXFq9BYZz/nAv/x0XVo/Y/wkRsQJCTEoURQZT9Ub0VA5KhBS4RuxG6D61xT
qz5lbQLfPxuBr28I5rDnkQd6Z3xooxE1kTUBwxV9ArsvtqAwtN7f2sjg7NVLtaha
zRbS17n5EMXMmomO1+ySnPAtNHVcxhbE4RSlzSRPq5Z54YYVnG1VPMfmswNVcHT1
TrVGu+QvJ8Jl3iNu7DXMqCpAkqUPCIfPMEICu4evBI86UxGCt6A3
-----END CERTIFICATE-----
Generated at Sun Jul 27 09:58:51 2025 by rpki-client