Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/Zn4e70XNQzW6H8wXVoJ23yq2uxc.roa
File: Zn4e70XNQzW6H8wXVoJ23yq2uxc.roa (raw, json)
Hash identifier: QTBUf4PAOkyEU2FEwwM5aPk5v/i/A7YCF3a7Xzqrrks=
Subject key identifier: 66:7E:1E:EF:45:CD:43:35:BA:1F:CC:17:56:82:76:DF:2A:B6:BB:17
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 0197EEB240697EE71E6F19001E169BE34986
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/Zn4e70XNQzW6H8wXVoJ23yq2uxc.roa
Signing time: Wed 09 Jul 2025 10:19:08 +0000
ROA not before: Wed 09 Jul 2025 10:19:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.148.132.0/22 maxlen: 24
95.155.128.0/24 maxlen: 24
95.155.129.0/24 maxlen: 24
95.155.130.0/24 maxlen: 24
95.155.131.0/24 maxlen: 24
95.155.132.0/24 maxlen: 24
95.155.133.0/24 maxlen: 24
95.155.134.0/24 maxlen: 24
95.155.144.0/24 maxlen: 24
95.155.145.0/24 maxlen: 24
95.155.146.0/24 maxlen: 24
95.155.147.0/24 maxlen: 24
95.155.148.0/24 maxlen: 24
95.155.149.0/24 maxlen: 24
95.155.150.0/24 maxlen: 24
95.155.151.0/24 maxlen: 24
95.155.156.0/24 maxlen: 24
95.155.157.0/24 maxlen: 24
95.155.158.0/24 maxlen: 24
95.155.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Jul 2025 07:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ee:b2:40:69:7e:e7:1e:6f:19:00:1e:16:9b:e3:49:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Jul 9 10:19:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=667e1eef45cd4335ba1fcc17568276df2ab6bb17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:ab:6e:b3:68:6e:f7:af:b4:e8:a8:5a:90:fc:
59:65:4b:1d:91:e0:7e:e1:3a:c2:ce:4b:57:49:e4:
1f:58:6e:b4:64:03:1c:cd:a1:05:01:c3:42:3a:0f:
bd:82:0e:cb:17:e4:06:32:ec:46:a5:44:d5:77:a3:
d3:37:7c:1e:bf:a3:48:76:a9:b6:2f:2e:8b:de:3e:
1d:25:0c:10:05:8d:5c:9a:80:69:91:da:02:57:81:
2c:28:62:67:fa:7c:e5:d9:85:e8:c1:0e:52:58:62:
80:7d:26:cb:c0:ed:29:8f:7d:1e:4e:39:19:08:8b:
2e:69:0c:06:87:9c:a5:73:19:1c:95:2d:c3:74:5e:
41:df:bc:a8:5f:d7:99:ed:94:c9:22:6c:96:ac:5c:
15:4c:0d:21:6b:b3:f6:06:69:7b:82:20:1a:d9:07:
a6:29:20:a4:f9:41:f8:2b:d2:54:8c:dd:f2:01:50:
7f:62:94:df:c8:58:a9:68:60:bb:51:7a:8f:d1:36:
9e:2f:44:5a:26:24:c6:fa:75:7a:cf:86:a4:47:c6:
82:52:f8:6d:40:ba:e9:7a:12:1c:b2:fa:1e:02:ca:
ad:34:8e:8b:06:79:f0:76:ab:d2:6b:b4:ba:6d:c0:
22:ea:9c:02:69:48:06:56:71:7d:3f:92:9c:2a:64:
87:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:7E:1E:EF:45:CD:43:35:BA:1F:CC:17:56:82:76:DF:2A:B6:BB:17
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/Zn4e70XNQzW6H8wXVoJ23yq2uxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.132.0/22
95.155.128.0-95.155.134.255
95.155.144.0/21
95.155.156.0/22
Signature Algorithm: sha256WithRSAEncryption
62:f2:c7:82:bf:cf:81:68:9e:42:be:bb:5f:cf:35:af:37:af:
b8:e6:e7:c7:68:71:a0:d8:5e:fd:de:20:59:9d:ee:e4:d2:da:
45:b0:6c:5b:e3:c1:38:47:cf:47:5d:35:e9:2b:71:1a:49:5e:
d9:c6:51:cf:48:13:69:3b:7d:93:6e:3c:15:76:c5:82:c8:ad:
a2:91:59:98:c3:cd:5b:e3:b6:16:fb:0d:98:c9:41:19:3d:b4:
65:4b:56:e1:af:f8:5c:f5:c8:3e:6d:a8:10:2d:b0:61:6a:3f:
89:f2:ce:b6:e2:4c:93:02:54:a1:9c:8a:6a:5d:e0:1b:07:ea:
3c:40:81:ea:3c:04:b2:b7:b3:52:e4:31:1a:1e:9e:d8:5f:fc:
cb:71:cf:78:46:32:e4:07:80:04:57:c9:c1:51:4d:59:89:9b:
fd:64:24:4f:81:42:90:fd:02:90:23:97:19:48:24:29:e2:d7:
e5:79:02:65:6a:98:ea:ea:34:88:b8:5a:35:30:b8:a5:f5:05:
09:4d:ff:86:09:87:13:02:2c:a7:61:3f:b7:58:aa:e1:fd:8d:
ab:e4:12:a3:1d:db:e1:d2:3f:6a:c4:24:ae:c2:89:8a:54:69:
3d:91:f9:f0:62:05:33:40:c9:a7:3e:bc:81:a4:7d:62:75:71:
63:8b:fc:70
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZfuskBpfucebxkAHhab40mGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjUwNzA5MTAxOTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjdlMWVlZjQ1Y2Q0MzM1YmExZmNjMTc1NjgyNzZkZjJhYjZiYjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+atus2hu96+06KhakPxZZUsdkeB+
4TrCzktXSeQfWG60ZAMczaEFAcNCOg+9gg7LF+QGMuxGpUTVd6PTN3wev6NIdqm2
Ly6L3j4dJQwQBY1cmoBpkdoCV4EsKGJn+nzl2YXowQ5SWGKAfSbLwO0pj30eTjkZ
CIsuaQwGh5ylcxkclS3DdF5B37yoX9eZ7ZTJImyWrFwVTA0ha7P2Bml7giAa2Qem
KSCk+UH4K9JUjN3yAVB/YpTfyFipaGC7UXqP0TaeL0RaJiTG+nV6z4akR8aCUvht
QLrpehIcsvoeAsqtNI6LBnnwdqvSa7S6bcAi6pwCaUgGVnF9P5KcKmSH5QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGZ+Hu9FzUM1uh/MF1aCdt8qtrsXMB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvWm40ZTcwWE5Relc2SDh3WFZvSjIzeXEydXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCJZSEMAwD
BAdfm4ADBABfm4YDBANfm5ADBAJfm5wwDQYJKoZIhvcNAQELBQADggEBAGLyx4K/
z4FonkK+u1/PNa83r7jm58docaDYXv3eIFmd7uTS2kWwbFvjwThHz0ddNekrcRpJ
XtnGUc9IE2k7fZNuPBV2xYLIraKRWZjDzVvjthb7DZjJQRk9tGVLVuGv+Fz1yD5t
qBAtsGFqP4nyzrbiTJMCVKGcimpd4BsH6jxAgeo8BLK3s1LkMRoenthf/Mtxz3hG
MuQHgARXycFRTVmJm/1kJE+BQpD9ApAjlxlIJCni1+V5AmVqmOrqNIi4WjUwuKX1
BQlN/4YJhxMCLKdhP7dYquH9javkEqMd2+HSP2rEJK7CiYpUaT2R+fBiBTNAyac+
vIGkfWJ1cWOL/HA=
-----END CERTIFICATE-----
Generated at Sat Jul 26 06:13:56 2025 by rpki-client