Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/9ed4b2-32b9-498a-b8dc-769cd7dcc938/1/ZdKMN80PThBIX5ZvWH-0FWJG6ZQ.roa
File: ZdKMN80PThBIX5ZvWH-0FWJG6ZQ.roa (raw, json)
Hash identifier: XJ38r3orQJ8oxmt/rZPbidDpuV2JFgQ9Rpljsg9LLmE=
Subject key identifier: 65:D2:8C:37:CD:0F:4E:10:48:5F:96:6F:58:7F:B4:15:62:46:E9:94
Certificate issuer: /CN=6f4773f240cd6269c251b65170aa7e298ae8c41f
Certificate serial: 0196E4891163E774C048A9FCC23A7D97C2B7
Authority key identifier: 6F:47:73:F2:40:CD:62:69:C2:51:B6:51:70:AA:7E:29:8A:E8:C4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b0dz8kDNYmnCUbZRcKp-KYroxB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/9ed4b2-32b9-498a-b8dc-769cd7dcc938/1/ZdKMN80PThBIX5ZvWH-0FWJG6ZQ.roa
Signing time: Sun 18 May 2025 17:55:10 +0000
ROA not before: Sun 18 May 2025 17:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197731
IP address blocks: 185.148.20.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 19 May 2025 12:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e4:89:11:63:e7:74:c0:48:a9:fc:c2:3a:7d:97:c2:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f4773f240cd6269c251b65170aa7e298ae8c41f
Validity
Not Before: May 18 17:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65d28c37cd0f4e10485f966f587fb4156246e994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a2:fb:31:0e:a0:5a:25:06:87:e9:5c:11:1f:
7c:80:c9:19:0a:70:14:15:97:0c:ee:7a:52:12:bf:
6f:ed:6a:0b:88:df:4e:49:37:80:67:90:6a:f0:0f:
81:f0:f5:e0:20:25:0a:96:22:fc:8a:c2:15:2c:fc:
3f:51:16:7c:51:48:d4:7d:d6:7b:d6:cc:b0:b1:28:
b0:9c:6c:a6:d4:86:01:c9:ce:b7:79:97:e6:9d:1c:
55:30:52:be:49:4e:ca:93:4c:d5:90:5f:59:1e:18:
79:aa:e2:ea:d6:be:33:33:67:0c:b6:c3:5a:95:65:
5f:68:85:53:da:34:13:9e:17:a0:ca:52:c8:90:56:
fe:86:ab:8f:44:8d:8b:48:62:95:66:ee:67:1b:31:
07:21:1e:96:a8:78:3e:f0:89:77:67:84:00:aa:44:
ca:e1:52:79:bf:f8:c6:0a:19:ea:87:c9:ae:74:2d:
1f:a5:11:71:e0:50:73:40:2c:85:cd:64:1c:f8:52:
57:d5:ba:5f:76:e3:57:ca:38:21:d3:58:17:15:37:
ff:44:22:00:2f:e1:92:87:fa:42:43:5b:a8:0e:c4:
76:6c:dc:b8:63:4e:d0:fe:97:e0:33:72:36:e7:41:
82:29:b0:ef:9f:de:ac:98:10:7e:b6:58:36:65:59:
0d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:D2:8C:37:CD:0F:4E:10:48:5F:96:6F:58:7F:B4:15:62:46:E9:94
X509v3 Authority Key Identifier:
keyid:6F:47:73:F2:40:CD:62:69:C2:51:B6:51:70:AA:7E:29:8A:E8:C4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0dz8kDNYmnCUbZRcKp-KYroxB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/9ed4b2-32b9-498a-b8dc-769cd7dcc938/1/ZdKMN80PThBIX5ZvWH-0FWJG6ZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/9ed4b2-32b9-498a-b8dc-769cd7dcc938/1/b0dz8kDNYmnCUbZRcKp-KYroxB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.20.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:5c:81:2d:d5:93:ca:16:ad:08:cc:75:8c:e4:fa:cf:d6:8b:
66:5a:2d:93:df:13:fd:cf:19:28:4b:d0:76:3a:22:ab:67:fb:
10:11:02:65:11:c5:f0:40:ef:a3:0c:f8:c9:a5:88:05:ec:48:
e9:9f:0e:77:9c:25:c7:fd:2e:d9:2d:c2:9f:76:bd:71:28:e5:
59:c7:2d:cb:60:a3:cd:2d:5b:22:99:fa:b5:f7:e6:78:f2:99:
6c:95:c6:7e:89:f1:44:f1:19:bd:ba:f0:43:3f:85:53:02:1a:
8d:f9:01:11:41:26:86:fd:5b:62:fa:61:8e:88:48:7c:44:a1:
c2:a9:40:13:09:5e:d3:db:6d:e0:7c:05:25:a9:2d:67:4b:d7:
32:da:bc:ea:40:f7:4a:d1:c1:c3:75:95:98:9d:af:8b:e1:15:
b0:49:ee:7c:57:ae:27:e0:d9:af:bf:a4:c1:4a:5c:80:ac:5f:
85:d6:c7:bb:f4:de:90:db:57:8b:46:d6:ef:7b:b2:d4:1e:0f:
84:da:e0:2b:d2:0e:c5:08:f8:69:0f:4f:68:6e:c3:a4:b8:cd:
a2:2b:40:40:81:2d:ba:d4:9d:13:af:31:a5:7b:4d:ca:bf:73:
5e:d9:12:09:41:dc:9c:54:7f:35:7d:8b:a5:4a:56:18:46:39:
d7:7b:c9:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbkiRFj53TASKn8wjp9l8K3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNDc3M2YyNDBjZDYyNjljMjUxYjY1MTcwYWE3ZTI5OGFl
OGM0MWYwHhcNMjUwNTE4MTc1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWQyOGMzN2NkMGY0ZTEwNDg1Zjk2NmY1ODdmYjQxNTYyNDZlOTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6L7MQ6gWiUGh+lcER98gMkZCnAU
FZcM7npSEr9v7WoLiN9OSTeAZ5Bq8A+B8PXgICUKliL8isIVLPw/URZ8UUjUfdZ7
1sywsSiwnGym1IYByc63eZfmnRxVMFK+SU7Kk0zVkF9ZHhh5quLq1r4zM2cMtsNa
lWVfaIVT2jQTnhegylLIkFb+hquPRI2LSGKVZu5nGzEHIR6WqHg+8Il3Z4QAqkTK
4VJ5v/jGChnqh8mudC0fpRFx4FBzQCyFzWQc+FJX1bpfduNXyjgh01gXFTf/RCIA
L+GSh/pCQ1uoDsR2bNy4Y07Q/pfgM3I250GCKbDvn96smBB+tlg2ZVkN5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGXSjDfND04QSF+Wb1h/tBViRumUMB8GA1UdIwQY
MBaAFG9Hc/JAzWJpwlG2UXCqfimK6MQfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjBkejhrRE5ZbW5DVWJaUmNLcC1LWXJveEI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS85ZWQ0YjItMzJiOS00OThhLWI4ZGMt
NzY5Y2Q3ZGNjOTM4LzEvWmRLTU44MFBUaEJJWDVadldILTBGV0pHNlpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS85ZWQ0YjItMzJiOS00OThhLWI4ZGMtNzY5Y2Q3ZGNjOTM4
LzEvYjBkejhrRE5ZbW5DVWJaUmNLcC1LWXJveEI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZQUMA0G
CSqGSIb3DQEBCwUAA4IBAQBLXIEt1ZPKFq0IzHWM5PrP1otmWi2T3xP9zxkoS9B2
OiKrZ/sQEQJlEcXwQO+jDPjJpYgF7Ejpnw53nCXH/S7ZLcKfdr1xKOVZxy3LYKPN
LVsimfq19+Z48plslcZ+ifFE8Rm9uvBDP4VTAhqN+QERQSaG/Vti+mGOiEh8RKHC
qUATCV7T223gfAUlqS1nS9cy2rzqQPdK0cHDdZWYna+L4RWwSe58V64n4Nmvv6TB
SlyArF+F1se79N6Q21eLRtbve7LUHg+E2uAr0g7FCPhpD09obsOkuM2iK0BAgS26
1J0TrzGle03Kv3Ne2RIJQdycVH81fYulSlYYRjnXe8lX
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:28:41 2025 by rpki-client