Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/ZO5G7Or2h5sgMqgZVuRBGsmSY90.roa
File: ZO5G7Or2h5sgMqgZVuRBGsmSY90.roa (raw, json)
Hash identifier: St/Hb5eDLj8qufxNrAxzW4l2rWCle8aJzrD/Gv1Wnz0=
Subject key identifier: 64:EE:46:EC:EA:F6:87:9B:20:32:A8:19:56:E4:41:1A:C9:92:63:DD
Certificate issuer: /CN=f8ad543624f8d3281ec970458ee752f10a424529
Certificate serial: 0196D35AE0552044ED569747A3091751A111
Authority key identifier: F8:AD:54:36:24:F8:D3:28:1E:C9:70:45:8E:E7:52:F1:0A:42:45:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-K1UNiT40ygeyXBFjudS8QpCRSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/ZO5G7Or2h5sgMqgZVuRBGsmSY90.roa
Signing time: Thu 15 May 2025 09:51:10 +0000
ROA not before: Thu 15 May 2025 09:51:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204666
IP address blocks: 176.119.192.0/24 maxlen: 24
185.87.142.0/23 maxlen: 24
185.230.172.0/22 maxlen: 24
185.243.172.0/22 maxlen: 24
2a05:aa00::/29 maxlen: 48
2a0d:1880::/29 maxlen: 48
2a0f:fec0::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 29 May 2025 21:42:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d3:5a:e0:55:20:44:ed:56:97:47:a3:09:17:51:a1:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8ad543624f8d3281ec970458ee752f10a424529
Validity
Not Before: May 15 09:51:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64ee46eceaf6879b2032a81956e4411ac99263dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:cb:56:0c:95:e4:14:13:16:f1:c0:24:15:2a:
a2:23:05:3c:2e:8a:20:79:e5:6c:e7:46:dd:74:bc:
04:a8:e3:6b:cc:4c:72:79:f5:ec:f6:e4:82:db:a8:
46:ad:b1:70:a0:aa:43:2f:34:1e:1a:b4:af:0f:6a:
ab:b3:be:95:4b:1d:aa:d5:bd:47:c5:79:02:f9:ed:
54:e1:0c:1e:16:2c:b9:10:a3:ab:f9:a5:4a:6c:08:
44:0f:71:d1:7d:a8:e2:1c:88:ac:64:41:a9:d1:5e:
53:ef:43:9a:9e:fd:d5:ee:f8:86:58:20:b3:21:c0:
3f:b4:05:a2:9a:e8:0c:36:6d:e2:9f:0b:7a:cf:d3:
c1:c8:86:9c:b1:72:3b:7b:0a:b9:c5:c2:f7:a1:a9:
77:30:a0:46:2c:76:7a:1d:9b:f8:c9:25:1a:ca:56:
2e:52:92:4d:0d:d2:b8:91:89:1d:c5:87:88:27:5e:
f4:15:e8:9e:58:ec:49:f4:8e:cd:0e:ff:27:1e:29:
2d:30:84:21:8d:78:71:cb:db:72:9d:ab:35:8e:d8:
80:f4:ec:8f:bf:33:27:d5:eb:31:73:2a:39:b3:b4:
6e:54:2f:97:f8:a4:f5:ea:12:e2:ca:ec:c2:13:65:
51:f1:60:00:71:c6:44:83:fb:4e:b2:3f:9e:24:58:
0c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:EE:46:EC:EA:F6:87:9B:20:32:A8:19:56:E4:41:1A:C9:92:63:DD
X509v3 Authority Key Identifier:
keyid:F8:AD:54:36:24:F8:D3:28:1E:C9:70:45:8E:E7:52:F1:0A:42:45:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-K1UNiT40ygeyXBFjudS8QpCRSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/ZO5G7Or2h5sgMqgZVuRBGsmSY90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/1-K1UNiT40ygeyXBFjudS8QpCRSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.192.0/24
185.87.142.0/23
185.230.172.0/22
185.243.172.0/22
IPv6:
2a05:aa00::/29
2a0d:1880::/29
2a0f:fec0::/29
Signature Algorithm: sha256WithRSAEncryption
6f:e3:c9:a2:73:d5:1b:5a:df:42:d0:54:2b:2f:6b:62:ef:c5:
22:79:41:79:37:d4:01:06:2f:ed:b4:40:34:30:af:71:dd:23:
10:0a:8a:a6:e9:1e:3e:1b:e7:97:03:ea:29:13:3e:f4:49:5b:
00:86:0f:b1:51:a6:58:c7:3d:ca:4d:bc:6d:6b:4d:9b:5e:37:
d4:ed:8f:e4:1f:48:84:10:b1:4a:31:8e:f7:db:5e:52:85:49:
d6:4d:5a:24:1d:67:bd:01:23:f6:e6:70:5a:cd:a9:fa:74:1d:
c1:35:04:bb:03:f0:7b:1f:4e:8d:68:6b:10:6d:8b:7c:1f:8c:
7a:a1:30:4e:a9:d6:5d:8c:c8:27:fe:76:7e:c3:a4:3d:bf:9d:
10:4d:ac:a8:6c:93:88:80:9f:af:fa:c2:5e:f2:26:b1:3b:fd:
af:91:86:7c:57:5f:f9:a4:56:58:c6:4c:5b:e4:c7:32:46:e2:
3c:05:9d:b0:c1:95:c0:f1:a4:b2:22:f5:c2:cb:0b:5d:52:a2:
85:77:ef:1b:96:87:55:0e:5e:89:f4:eb:92:3b:16:93:8e:bd:
7e:93:6e:65:17:1e:79:9d:8b:a4:8e:eb:9c:14:35:8b:1b:33:
6a:0d:fa:32:38:6b:ad:8d:10:fd:42:dd:b2:26:6b:59:32:d1:
34:c1:26:9d
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZbTWuBVIETtVpdHowkXUaERMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YWQ1NDM2MjRmOGQzMjgxZWM5NzA0NThlZTc1MmYxMGE0
MjQ1MjkwHhcNMjUwNTE1MDk1MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGVlNDZlY2VhZjY4NzliMjAzMmE4MTk1NmU0NDExYWM5OTI2M2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA68tWDJXkFBMW8cAkFSqiIwU8Loog
eeVs50bddLwEqONrzExyefXs9uSC26hGrbFwoKpDLzQeGrSvD2qrs76VSx2q1b1H
xXkC+e1U4QweFiy5EKOr+aVKbAhED3HRfajiHIisZEGp0V5T70Oanv3V7viGWCCz
IcA/tAWimugMNm3inwt6z9PByIacsXI7ewq5xcL3oal3MKBGLHZ6HZv4ySUaylYu
UpJNDdK4kYkdxYeIJ170FeieWOxJ9I7NDv8nHiktMIQhjXhxy9tynas1jtiA9OyP
vzMn1esxcyo5s7RuVC+X+KT16hLiyuzCE2VR8WAAccZEg/tOsj+eJFgM7wIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFGTuRuzq9oebIDKoGVbkQRrJkmPdMB8GA1UdIwQY
MBaAFPitVDYk+NMoHslwRY7nUvEKQkUpMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LMVVOaVQ0MHlnZXlYQkZqdWRTOFFwQ1JTay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAvYWYxZjY0LWMzNWYtNDdlOC04N2M5
LThhMTFiNDcxOWQ4Mi8xL1pPNUc3T3IyaDVzZ01xZ1pWdVJCR3NtU1k5MC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjAvYWYxZjY0LWMzNWYtNDdlOC04N2M5LThhMTFiNDcxOWQ4
Mi8xLzEtSzFVTmlUNDB5Z2V5WEJGanVkUzhRcENSU2suY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTgYIKwYBBQUHAQcBAf8EPzA9MB4EAgABMBgDBACwd8AD
BAG5V44DBAK55qwDBAK586wwGwQCAAIwFQMFAyoFqgADBQMqDRiAAwUDKg/+wDAN
BgkqhkiG9w0BAQsFAAOCAQEAb+PJonPVG1rfQtBUKy9rYu/FInlBeTfUAQYv7bRA
NDCvcd0jEAqKpukePhvnlwPqKRM+9ElbAIYPsVGmWMc9yk28bWtNm1431O2P5B9I
hBCxSjGO99teUoVJ1k1aJB1nvQEj9uZwWs2p+nQdwTUEuwPwex9OjWhrEG2LfB+M
eqEwTqnWXYzIJ/52fsOkPb+dEE2sqGyTiICfr/rCXvImsTv9r5GGfFdf+aRWWMZM
W+THMkbiPAWdsMGVwPGksiL1wssLXVKihXfvG5aHVQ5eifTrkjsWk469fpNuZRce
eZ2LpI7rnBQ1ixszag36MjhrrY0Q/ULdsiZrWTLRNMEmnQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:13:32 2025 by rpki-client