Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/Nr3quFM-dFRE4m9BdXS-atguMcs.roa
File: Nr3quFM-dFRE4m9BdXS-atguMcs.roa (raw, json)
Hash identifier: 4wniJ6XHyrjmyQQWdIFqbZJUMA2+85FPttFu0sde2Is=
Subject key identifier: 36:BD:EA:B8:53:3E:74:54:44:E2:6F:41:75:74:BE:6A:D8:2E:31:CB
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 01977DA77CF02D9162B9B750FB392BFE481D
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/Nr3quFM-dFRE4m9BdXS-atguMcs.roa
Signing time: Tue 17 Jun 2025 11:30:17 +0000
ROA not before: Tue 17 Jun 2025 11:30:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.10.216.0/24 maxlen: 24
5.10.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Jun 2025 09:52:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7d:a7:7c:f0:2d:91:62:b9:b7:50:fb:39:2b:fe:48:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Jun 17 11:30:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36bdeab8533e745444e26f417574be6ad82e31cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:12:24:29:b8:ad:2d:9a:ed:4b:ea:4d:73:fc:
63:05:79:32:c9:f2:27:78:c5:80:4b:94:0b:79:ac:
b9:16:2b:8e:c7:e5:46:bb:5f:43:37:ea:03:f6:6a:
55:30:80:bc:25:45:59:c0:4c:1d:d8:0b:b9:20:24:
78:a7:f8:06:ae:54:20:1f:8c:fc:35:fe:19:fa:90:
9e:c6:33:c7:88:99:b1:8d:4d:21:bb:b2:21:b3:59:
b5:62:0f:3d:50:b6:bd:43:87:9f:11:7f:57:f1:be:
c3:3c:d5:0c:c9:6d:8e:7a:e9:33:6b:cb:69:6b:3a:
c1:ef:81:2d:c1:4e:ea:ca:c0:17:11:2b:4e:55:41:
dd:ce:14:27:c9:43:7d:28:e4:d5:4f:5d:82:ee:23:
ac:2c:ac:23:b5:31:27:2b:38:c3:d7:63:1a:58:11:
1e:01:dd:ab:fa:a3:46:bb:63:c9:29:9c:a2:9f:d8:
89:4f:a3:3b:64:79:6b:60:d4:0b:07:1f:e3:9a:8f:
9a:dc:2d:f6:6d:65:f2:e7:48:dc:6a:12:78:82:1a:
1d:38:e9:f3:b6:be:e3:52:e2:c0:b7:c5:c0:72:a1:
b2:6d:4d:9d:63:be:45:20:8e:33:39:e7:7b:04:a9:
9b:c1:9e:01:fb:49:71:83:d9:c1:3a:bb:30:f3:63:
a5:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:BD:EA:B8:53:3E:74:54:44:E2:6F:41:75:74:BE:6A:D8:2E:31:CB
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/Nr3quFM-dFRE4m9BdXS-atguMcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.216.0/24
5.10.222.0/24
Signature Algorithm: sha256WithRSAEncryption
56:e5:7f:8a:7a:cf:36:97:20:43:95:12:23:da:e0:3d:c5:6d:
68:02:dd:3e:61:ff:51:07:2a:80:f0:34:b9:f1:80:fd:66:f1:
65:1f:39:c1:e3:b4:cf:f9:a5:b5:f9:ac:90:4a:89:6c:0a:99:
c2:92:a3:c4:bc:2b:bf:0b:ee:7d:a4:6f:3f:af:9b:f4:5c:59:
2a:21:6c:46:e1:19:f6:51:4e:72:a7:2e:f3:b7:1f:25:65:a8:
08:34:42:b4:3e:5f:ab:69:53:8f:41:44:3f:95:e8:28:50:b5:
3a:64:ce:8f:41:ce:f5:d7:2f:14:20:bc:18:49:30:d2:ff:06:
49:fa:4b:7c:84:90:eb:e1:f1:ec:12:ed:74:38:00:d2:ef:93:
6e:ec:df:48:ed:f4:a1:76:f0:70:4d:26:80:a1:c8:36:a0:d9:
38:0f:bb:3b:c9:4d:c5:c0:65:70:9d:ff:e1:b4:97:c3:99:bd:
eb:af:4c:27:dd:c4:aa:51:0a:11:55:6e:88:5f:44:44:c1:74:
5f:5e:fd:9b:78:6d:7e:c0:fa:dd:00:81:f2:e2:7f:6c:56:14:
8a:00:a7:05:1a:14:0a:e4:7d:c4:c6:13:76:3a:46:83:eb:21:
39:ce:1a:f0:25:38:3b:ae:d1:92:32:9c:77:b9:fe:28:e3:7f:
54:0d:6b:15
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZd9p3zwLZFiubdQ+zkr/kgdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwNjE3MTEzMDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmJkZWFiODUzM2U3NDU0NDRlMjZmNDE3NTc0YmU2YWQ4MmUzMWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9RIkKbitLZrtS+pNc/xjBXkyyfIn
eMWAS5QLeay5FiuOx+VGu19DN+oD9mpVMIC8JUVZwEwd2Au5ICR4p/gGrlQgH4z8
Nf4Z+pCexjPHiJmxjU0hu7Ihs1m1Yg89ULa9Q4efEX9X8b7DPNUMyW2Oeukza8tp
azrB74EtwU7qysAXEStOVUHdzhQnyUN9KOTVT12C7iOsLKwjtTEnKzjD12MaWBEe
Ad2r+qNGu2PJKZyin9iJT6M7ZHlrYNQLBx/jmo+a3C32bWXy50jcahJ4ghodOOnz
tr7jUuLAt8XAcqGybU2dY75FII4zOed7BKmbwZ4B+0lxg9nBOrsw82OlUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDa96rhTPnRUROJvQXV0vmrYLjHLMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvTnIzcXVGTS1kRlJFNG05QmRYUy1hdGd1TWNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABQrYAwQA
BQreMA0GCSqGSIb3DQEBCwUAA4IBAQBW5X+Kes82lyBDlRIj2uA9xW1oAt0+Yf9R
ByqA8DS58YD9ZvFlHznB47TP+aW1+ayQSolsCpnCkqPEvCu/C+59pG8/r5v0XFkq
IWxG4Rn2UU5ypy7ztx8lZagINEK0Pl+raVOPQUQ/legoULU6ZM6PQc711y8UILwY
STDS/wZJ+kt8hJDr4fHsEu10OADS75Nu7N9I7fShdvBwTSaAocg2oNk4D7s7yU3F
wGVwnf/htJfDmb3rr0wn3cSqUQoRVW6IX0REwXRfXv2beG1+wPrdAIHy4n9sVhSK
AKcFGhQK5H3ExhN2OkaD6yE5zhrwJTg7rtGSMpx3uf4o439UDWsV
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:26:11 2025 by rpki-client