Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/zlEWywHDvYVAGJz9aqa98J5Wp1k.roa
File: zlEWywHDvYVAGJz9aqa98J5Wp1k.roa (raw, json)
Hash identifier: UP1TTgecSTqbyX4QgYhLri7ApWn2lJleZy1hs/lOY9I=
Subject key identifier: CE:51:16:CB:01:C3:BD:85:40:18:9C:FD:6A:A6:BD:F0:9E:56:A7:59
Certificate issuer: /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial: 01964539FCEC5DF13D0B84E8D8D3676E59F6
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/zlEWywHDvYVAGJz9aqa98J5Wp1k.roa
Signing time: Thu 17 Apr 2025 19:29:10 +0000
ROA not before: Thu 17 Apr 2025 19:29:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59437
IP address blocks: 85.234.64.0/24 maxlen: 24
85.234.84.0/24 maxlen: 24
85.234.86.0/24 maxlen: 24
93.119.168.0/24 maxlen: 24
93.119.169.0/24 maxlen: 24
109.61.121.0/24 maxlen: 24
2a03:90c0:680::/44 maxlen: 44
Validation: Failed, certificate revoked on Fri 25 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:45:39:fc:ec:5d:f1:3d:0b:84:e8:d8:d3:67:6e:59:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Validity
Not Before: Apr 17 19:29:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce5116cb01c3bd8540189cfd6aa6bdf09e56a759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d6:cb:14:9c:71:d1:77:9d:91:8a:81:56:49:
6e:e7:83:4b:78:e3:a6:30:40:5c:fd:f5:78:4f:2a:
0d:f8:4b:12:b5:08:29:89:88:ec:e0:a2:f3:f1:98:
0f:97:f0:96:fe:b4:fa:f7:1c:3f:2d:a7:04:49:c5:
ed:b5:6c:39:e1:a2:47:ec:e5:0b:f1:e4:c3:20:3f:
69:f7:aa:41:a6:29:23:ca:1c:af:d5:c3:c6:b8:35:
a7:15:45:55:99:b6:ef:a9:a2:4c:f8:2e:22:4e:ea:
0b:86:01:ac:bf:83:50:e6:52:d4:02:d1:62:eb:f2:
96:91:05:1c:e9:94:da:d4:94:9f:eb:03:a7:d8:56:
04:7c:ad:f9:d2:44:f9:79:33:db:d5:15:3b:7b:bb:
53:f5:dd:4c:a9:0b:1b:26:92:ab:cc:58:0e:19:41:
4e:70:ea:94:0a:40:ea:27:b9:00:0e:a5:6a:25:a2:
7d:71:e7:28:17:4d:33:6b:b0:dd:9b:71:22:44:5d:
13:7a:82:04:8f:81:a0:7c:a1:15:e3:f0:16:4b:b0:
bf:c8:4e:03:0d:fc:00:7e:a8:a6:4b:c0:23:ec:be:
bc:a7:13:a5:7d:70:6a:40:4b:08:54:dd:ff:fd:92:
f3:e6:9a:f0:8f:28:62:a4:b1:52:2e:ba:43:2a:8b:
20:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:51:16:CB:01:C3:BD:85:40:18:9C:FD:6A:A6:BD:F0:9E:56:A7:59
X509v3 Authority Key Identifier:
keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/zlEWywHDvYVAGJz9aqa98J5Wp1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.64.0/24
85.234.84.0/24
85.234.86.0/24
93.119.168.0/23
109.61.121.0/24
IPv6:
2a03:90c0:680::/44
Signature Algorithm: sha256WithRSAEncryption
13:b5:90:51:33:fa:d0:89:2d:2d:3c:38:e0:2f:f6:63:9e:27:
26:e7:0c:ac:fa:eb:32:c9:bd:6b:6a:03:b3:17:e6:68:6a:11:
25:06:3f:06:e8:98:b3:28:c1:89:09:05:0f:97:3b:b8:51:b6:
bb:36:aa:d8:f2:79:85:2e:91:cd:1f:fa:5a:50:43:f0:2a:d1:
2c:c2:cf:5e:e5:9e:03:03:5f:d0:f4:b4:16:63:be:53:6e:91:
c1:cf:c3:4d:c7:8f:5f:41:e9:45:c9:3d:2c:70:4e:a7:09:f0:
fc:72:47:b0:19:88:15:36:ea:4a:fb:73:82:ee:2c:74:b8:ac:
b0:3a:e8:94:e8:f8:db:37:6b:8e:ca:d7:1c:3c:84:bd:08:65:
d1:09:c1:3f:b8:92:ab:0b:ac:ee:0d:a5:de:ac:f4:63:ea:b5:
45:83:dd:f0:1a:af:64:02:8f:ab:b9:53:e9:b1:db:8a:76:38:
e5:1b:a9:77:fe:9b:c5:23:68:bb:c1:5f:60:1f:15:ac:8c:e1:
c5:16:b2:f2:07:5c:c9:e5:c4:e6:ed:3c:54:72:e6:1c:32:2c:
71:b0:51:1f:37:ee:c4:53:69:dd:87:65:b2:22:46:0f:fe:48:
73:5d:e0:52:77:fe:d6:82:00:25:44:bc:47:fc:23:66:68:ca:
da:bc:44:ba
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZZFOfzsXfE9C4To2NNnbln2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw
MDhhZWMwHhcNMjUwNDE3MTkyOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTUxMTZjYjAxYzNiZDg1NDAxODljZmQ2YWE2YmRmMDllNTZhNzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdbLFJxx0XedkYqBVklu54NLeOOm
MEBc/fV4TyoN+EsStQgpiYjs4KLz8ZgPl/CW/rT69xw/LacEScXttWw54aJH7OUL
8eTDID9p96pBpikjyhyv1cPGuDWnFUVVmbbvqaJM+C4iTuoLhgGsv4NQ5lLUAtFi
6/KWkQUc6ZTa1JSf6wOn2FYEfK350kT5eTPb1RU7e7tT9d1MqQsbJpKrzFgOGUFO
cOqUCkDqJ7kADqVqJaJ9cecoF00za7Ddm3EiRF0TeoIEj4GgfKEV4/AWS7C/yE4D
DfwAfqimS8Aj7L68pxOlfXBqQEsIVN3//ZLz5prwjyhipLFSLrpDKosgJwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFM5RFssBw72FQBic/WqmvfCeVqdZMB8GA1UdIwQY
MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt
YjA3ZDg0MTZhZTRhLzEvemxFV3l3SER2WVZBR0p6OWFxYTk4SjVXcDFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh
LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAVepAAwQA
VepUAwQAVepWAwQBXXeoAwQAbT15MA8EAgACMAkDBwQqA5DABoAwDQYJKoZIhvcN
AQELBQADggEBABO1kFEz+tCJLS08OOAv9mOeJybnDKz66zLJvWtqA7MX5mhqESUG
PwbomLMowYkJBQ+XO7hRtrs2qtjyeYUukc0f+lpQQ/Aq0SzCz17lngMDX9D0tBZj
vlNukcHPw03Hj19B6UXJPSxwTqcJ8PxyR7AZiBU26kr7c4LuLHS4rLA66JTo+Ns3
a47K1xw8hL0IZdEJwT+4kqsLrO4Npd6s9GPqtUWD3fAar2QCj6u5U+mx24p2OOUb
qXf+m8UjaLvBX2AfFayM4cUWsvIHXMnlxObtPFRy5hwyLHGwUR837sRTad2HZbIi
Rg/+SHNd4FJ3/taCACVEvEf8I2Zoytq8RLo=
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:20:39 2025 by rpki-client