Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/F93-bkwBnndasLdzUFEzJkkIcyA.roa
File: F93-bkwBnndasLdzUFEzJkkIcyA.roa (raw, json)
Hash identifier: UWyUSQizW0kKJ/ahBthco6Ed5QCVPpC5dRtNn8eTboU=
Subject key identifier: 17:DD:FE:6E:4C:01:9E:77:5A:B0:B7:73:50:51:33:26:49:08:73:20
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 0197D6EA82BF7552DF7D7AEDE8B7338975F5
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/F93-bkwBnndasLdzUFEzJkkIcyA.roa
Signing time: Fri 04 Jul 2025 19:29:42 +0000
ROA not before: Fri 04 Jul 2025 19:29:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.10.213.0/24 maxlen: 24
5.10.218.0/24 maxlen: 24
5.10.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Jul 2025 13:45:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d6:ea:82:bf:75:52:df:7d:7a:ed:e8:b7:33:89:75:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Jul 4 19:29:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17ddfe6e4c019e775ab0b7735051332649087320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:99:9f:fa:4d:93:6a:45:16:ac:e3:12:a2:18:
9d:d4:ba:36:2c:57:a7:a6:22:6d:07:c5:98:e4:ef:
de:57:81:ce:74:0d:8c:e3:ba:c4:bd:7a:7f:0a:dc:
da:71:0c:b4:56:88:93:53:eb:2a:84:33:12:e4:2e:
dd:b1:89:04:5e:a3:3c:b7:af:a4:e0:0b:dc:31:b6:
9e:f9:13:f1:f1:db:c4:ca:5b:50:26:1d:4c:a6:16:
da:02:5e:dc:ec:10:c0:28:48:fe:e8:21:45:27:72:
4d:3c:62:ac:6c:da:74:87:44:33:7d:bb:38:e8:d4:
fa:e4:11:76:d5:ea:d6:e5:ed:51:f8:51:e3:5c:bc:
c2:89:05:32:17:f4:71:f8:63:3d:b1:0a:fb:5b:6a:
e6:ab:55:aa:ac:f2:a4:96:dd:87:ef:96:50:80:16:
53:ac:e2:b3:92:84:46:4b:d6:da:f5:a3:b7:37:c6:
a8:a4:52:bc:39:f2:c1:49:8c:44:5c:db:e4:5d:f3:
6e:1c:97:94:02:70:23:cd:32:5a:d9:5e:5c:f9:1d:
f6:14:84:c4:54:3f:3f:7b:ba:fa:96:46:0b:d1:01:
d3:51:80:b7:ea:0e:21:af:1d:14:c9:6a:06:6e:36:
81:5d:43:8d:18:be:96:01:64:22:5c:77:9b:00:50:
b9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:DD:FE:6E:4C:01:9E:77:5A:B0:B7:73:50:51:33:26:49:08:73:20
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/F93-bkwBnndasLdzUFEzJkkIcyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.213.0/24
5.10.218.0/24
5.10.222.0/24
Signature Algorithm: sha256WithRSAEncryption
32:41:31:1d:d4:48:08:a7:b4:3a:f9:29:3b:83:66:12:99:a4:
95:6c:8b:a1:9d:77:8a:4c:fc:89:b4:57:83:0d:25:b7:a2:c1:
4d:69:3b:73:f5:73:7b:b0:17:9b:c9:3c:7b:37:62:93:7c:e6:
8f:df:b7:38:34:4d:b3:fa:3f:82:6d:5a:11:44:28:5a:75:cb:
1d:e9:12:c0:5f:ed:3a:ac:a5:58:ba:53:7b:40:57:60:e2:0d:
18:0c:74:a4:53:7e:29:5a:29:92:e0:01:67:bb:39:68:46:ce:
9b:9b:22:56:80:a3:4b:d9:a9:d3:b3:b9:f9:09:fc:ff:13:12:
bf:72:e0:e3:29:e7:f8:8e:b3:39:eb:1a:3f:35:c8:4e:82:9b:
85:23:6b:32:03:89:00:cd:26:05:2c:22:cb:bd:6f:8f:8d:05:
e8:d4:03:ed:e2:b2:d8:b4:1a:59:07:0d:2f:6f:c5:5f:c5:98:
16:c2:2b:eb:05:44:c7:55:28:05:93:be:70:c4:62:4d:30:7b:
95:92:37:74:0a:41:bb:9e:3e:93:2b:ed:bf:69:c2:e0:65:3e:
f9:87:80:ee:fd:d1:e2:75:f0:d3:3d:52:c0:ad:12:87:d6:d5:
de:4c:d1:33:0b:c1:de:e8:96:f5:b0:7b:fd:99:c6:07:fa:b5:
48:66:7b:50
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZfW6oK/dVLffXrt6LcziXX1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwNzA0MTkyOTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2RkZmU2ZTRjMDE5ZTc3NWFiMGI3NzM1MDUxMzMyNjQ5MDg3MzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Zmf+k2TakUWrOMSohid1Lo2LFen
piJtB8WY5O/eV4HOdA2M47rEvXp/CtzacQy0VoiTU+sqhDMS5C7dsYkEXqM8t6+k
4AvcMbae+RPx8dvEyltQJh1MphbaAl7c7BDAKEj+6CFFJ3JNPGKsbNp0h0Qzfbs4
6NT65BF21erW5e1R+FHjXLzCiQUyF/Rx+GM9sQr7W2rmq1WqrPKklt2H75ZQgBZT
rOKzkoRGS9ba9aO3N8aopFK8OfLBSYxEXNvkXfNuHJeUAnAjzTJa2V5c+R32FITE
VD8/e7r6lkYL0QHTUYC36g4hrx0UyWoGbjaBXUONGL6WAWQiXHebAFC5EQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBfd/m5MAZ53WrC3c1BRMyZJCHMgMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvRjkzLWJrd0JubmRhc0xkelVGRXpKa2tJY3lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABQrVAwQA
BQraAwQABQreMA0GCSqGSIb3DQEBCwUAA4IBAQAyQTEd1EgIp7Q6+Sk7g2YSmaSV
bIuhnXeKTPyJtFeDDSW3osFNaTtz9XN7sBebyTx7N2KTfOaP37c4NE2z+j+CbVoR
RChadcsd6RLAX+06rKVYulN7QFdg4g0YDHSkU34pWimS4AFnuzloRs6bmyJWgKNL
2anTs7n5Cfz/ExK/cuDjKef4jrM56xo/NchOgpuFI2syA4kAzSYFLCLLvW+PjQXo
1APt4rLYtBpZBw0vb8VfxZgWwivrBUTHVSgFk75wxGJNMHuVkjd0CkG7nj6TK+2/
acLgZT75h4Du/dHidfDTPVLArRKH1tXeTNEzC8He6Jb1sHv9mcYH+rVIZntQ
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:36:35 2025 by rpki-client