Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/BzO1fuPS5dLJ0aXSeTrftYpR2kE.roa
File: BzO1fuPS5dLJ0aXSeTrftYpR2kE.roa (raw, json)
Hash identifier: BQJqNjGxOSXt18vxkdISKCqfvVbM/RLSzAe3XogVJxo=
Subject key identifier: 07:33:B5:7E:E3:D2:E5:D2:C9:D1:A5:D2:79:3A:DF:B5:8A:51:DA:41
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 0197A2E70D3CE921A41AA00ED6AC2E794141
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/BzO1fuPS5dLJ0aXSeTrftYpR2kE.roa
Signing time: Tue 24 Jun 2025 17:05:40 +0000
ROA not before: Tue 24 Jun 2025 17:05:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 5.10.212.0/24 maxlen: 24
5.10.218.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 26 Jun 2025 14:07:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a2:e7:0d:3c:e9:21:a4:1a:a0:0e:d6:ac:2e:79:41:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Jun 24 17:05:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0733b57ee3d2e5d2c9d1a5d2793adfb58a51da41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0b:fa:51:53:f0:1c:df:f3:ee:2f:67:97:59:
9d:f7:83:af:11:7e:fd:ca:66:9f:fe:79:60:d0:3c:
10:57:66:0a:2e:66:90:42:b0:ef:9d:cc:f7:cc:77:
03:2f:2e:56:43:5b:1d:39:fa:96:6f:6b:30:4d:09:
da:78:84:4f:44:92:d9:53:f9:fd:40:01:41:9c:1d:
2f:df:50:65:01:1e:8b:fc:f2:ba:37:b8:42:38:ae:
23:9c:b2:ac:ee:ec:95:31:ec:b3:44:55:29:9b:fb:
87:89:85:60:31:75:87:f8:33:07:2c:84:7e:fc:09:
09:e4:7f:af:4b:31:14:ac:cd:7d:6e:ed:65:04:7c:
91:6e:8b:33:68:16:12:44:55:a3:9f:16:4c:01:36:
17:f7:d0:f9:af:dc:8e:f5:7c:1b:40:f8:1d:13:cb:
7a:d7:58:f7:5c:cc:ea:b5:61:98:a3:78:1a:05:e9:
48:84:f6:42:28:81:7f:0f:e6:84:b8:2d:26:dd:6d:
6b:0b:1e:47:4d:9b:09:42:db:69:35:04:71:f9:d9:
0c:fd:b3:cc:ec:54:62:4a:30:a8:74:00:01:01:3d:
e0:64:7d:1a:a6:b0:b0:e2:e8:a7:7b:9a:d4:0c:0d:
d9:0d:3d:7d:bb:98:71:10:7b:e3:ed:3c:ed:00:60:
00:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:33:B5:7E:E3:D2:E5:D2:C9:D1:A5:D2:79:3A:DF:B5:8A:51:DA:41
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/BzO1fuPS5dLJ0aXSeTrftYpR2kE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.212.0/24
5.10.218.0/23
Signature Algorithm: sha256WithRSAEncryption
11:71:67:07:c2:77:7b:f9:8b:38:41:33:0d:79:c1:34:54:77:
0a:ca:4c:8b:9a:6d:7c:ca:45:62:1d:b3:55:5b:0a:64:48:3f:
fa:dd:31:8c:8e:18:53:9b:3b:35:90:68:89:9a:51:4d:6c:09:
7d:dd:5f:56:a2:cf:fe:4e:fe:71:3d:df:be:ef:6e:47:33:da:
7c:42:6b:27:4f:29:2b:40:1d:17:38:c6:89:80:cf:b4:c3:cc:
15:f4:65:94:1e:fc:cc:f7:4a:b7:59:4a:90:2a:96:11:2f:84:
fa:bb:33:17:c0:9f:41:14:83:d0:cd:b3:57:c5:4c:56:9f:15:
fa:0c:62:e9:a7:df:fe:c3:78:24:da:76:81:8e:8c:cb:7b:05:
07:43:57:ce:39:99:d5:f0:f8:25:88:da:29:df:9d:b8:52:12:
2e:4b:7a:65:48:1c:62:54:54:1a:3f:c7:21:f0:e3:f0:eb:46:
11:e7:ba:ff:ae:de:08:65:6c:d4:24:a6:0b:01:f2:37:23:7f:
41:95:e4:12:73:b1:46:23:6f:ab:0e:6d:20:4b:b8:93:41:5d:
df:b7:96:bd:f6:31:14:23:a5:5c:96:35:76:47:8e:48:7e:ba:
b7:59:58:ff:18:9b:3f:73:55:24:dc:30:e6:e9:9d:82:21:7a:
f8:f1:64:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZei5w086SGkGqAO1qwueUFBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwNjI0MTcwNTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzMzYjU3ZWUzZDJlNWQyYzlkMWE1ZDI3OTNhZGZiNThhNTFkYTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswv6UVPwHN/z7i9nl1md94OvEX79
ymaf/nlg0DwQV2YKLmaQQrDvncz3zHcDLy5WQ1sdOfqWb2swTQnaeIRPRJLZU/n9
QAFBnB0v31BlAR6L/PK6N7hCOK4jnLKs7uyVMeyzRFUpm/uHiYVgMXWH+DMHLIR+
/AkJ5H+vSzEUrM19bu1lBHyRboszaBYSRFWjnxZMATYX99D5r9yO9XwbQPgdE8t6
11j3XMzqtWGYo3gaBelIhPZCKIF/D+aEuC0m3W1rCx5HTZsJQttpNQRx+dkM/bPM
7FRiSjCodAABAT3gZH0aprCw4uine5rUDA3ZDT19u5hxEHvj7TztAGAAaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAcztX7j0uXSydGl0nk637WKUdpBMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvQnpPMWZ1UFM1ZExKMGFYU2VUcmZ0WXBSMmtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABQrUAwQB
BQraMA0GCSqGSIb3DQEBCwUAA4IBAQARcWcHwnd7+Ys4QTMNecE0VHcKykyLmm18
ykViHbNVWwpkSD/63TGMjhhTmzs1kGiJmlFNbAl93V9Wos/+Tv5xPd++725HM9p8
QmsnTykrQB0XOMaJgM+0w8wV9GWUHvzM90q3WUqQKpYRL4T6uzMXwJ9BFIPQzbNX
xUxWnxX6DGLpp9/+w3gk2naBjozLewUHQ1fOOZnV8PgliNop3524UhIuS3plSBxi
VFQaP8ch8OPw60YR57r/rt4IZWzUJKYLAfI3I39BleQSc7FGI2+rDm0gS7iTQV3f
t5a99jEUI6VcljV2R45Ifrq3WVj/GJs/c1Uk3DDm6Z2CIXr48WSF
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:24:42 2025 by rpki-client