Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/beeiI4HFLOLeI5bu1OzHTa0wV6k.roa
File: beeiI4HFLOLeI5bu1OzHTa0wV6k.roa (raw, json)
Hash identifier: QhrnHeLuI2m6aP9w9o4Ldbru4fJa2nNzVoMzonqPOAY=
Subject key identifier: 6D:E7:A2:23:81:C5:2C:E2:DE:23:96:EE:D4:EC:C7:4D:AD:30:57:A9
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 0197A2E70CCF260FA745407EA47B6F3ADD4A
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/beeiI4HFLOLeI5bu1OzHTa0wV6k.roa
Signing time: Tue 24 Jun 2025 17:05:40 +0000
ROA not before: Tue 24 Jun 2025 17:05:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.10.222.0/24 maxlen: 24
5.10.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Jun 2025 14:07:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a2:e7:0c:cf:26:0f:a7:45:40:7e:a4:7b:6f:3a:dd:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Jun 24 17:05:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6de7a22381c52ce2de2396eed4ecc74dad3057a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3e:62:85:d4:24:89:d4:3a:d1:2b:b6:32:1e:
67:24:8d:4b:32:44:84:15:cc:92:29:e0:73:1b:56:
10:86:0a:da:56:a1:3a:e4:06:ad:bf:dd:d0:5e:68:
99:5a:f2:5d:93:85:fc:83:e1:59:03:39:aa:6d:36:
5c:de:8f:da:64:6a:2d:3a:cb:79:02:3e:01:1c:99:
79:fe:fa:8d:bd:bc:93:d2:67:7f:0e:5a:58:ea:b9:
22:03:27:bf:42:15:20:f5:d6:4a:b0:e5:60:a5:e0:
ea:d8:5e:dd:87:1d:6d:7c:a7:fc:e1:a3:4b:e3:42:
20:65:bd:77:51:f5:2d:d1:2a:48:d6:e3:9b:f5:c6:
e7:c2:87:07:e9:2d:1f:1a:43:77:8f:59:73:c9:9e:
b9:1d:3a:69:a8:1c:5a:1c:0b:17:97:8f:8e:98:13:
c8:1e:97:88:8d:90:fd:cc:35:4d:f9:3a:51:4a:80:
c5:34:37:88:1b:6f:48:b4:1f:ce:e4:20:88:a7:75:
83:b8:c7:8c:3e:68:54:2c:61:86:34:f7:bd:99:78:
4b:70:1b:3e:41:76:dc:55:ed:67:40:88:f9:eb:28:
bb:81:c8:37:ad:05:76:18:bd:f7:2c:81:81:7f:6d:
54:0e:f6:36:d7:bf:db:a9:dd:ab:06:af:a3:6f:3f:
ee:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:E7:A2:23:81:C5:2C:E2:DE:23:96:EE:D4:EC:C7:4D:AD:30:57:A9
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/beeiI4HFLOLeI5bu1OzHTa0wV6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.222.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:b4:79:9a:51:c2:75:0b:7e:7b:09:a6:59:c5:56:ac:16:1e:
3f:91:cc:54:8c:24:8f:d1:be:3e:f8:c8:62:32:a7:cb:c5:64:
08:df:04:bb:a9:fd:d6:e9:e3:d2:1c:02:cb:aa:21:8a:fb:f0:
21:3f:84:22:c3:eb:98:9e:cc:5a:ed:e2:09:ae:fc:27:03:71:
55:2a:e4:10:82:64:88:05:23:18:80:24:59:f3:eb:61:61:b2:
69:12:77:3c:72:52:ba:50:4f:3e:df:23:f1:e0:49:7b:d2:9c:
d2:ac:ba:87:d5:8f:e6:46:55:b2:fa:9c:2a:66:bf:18:96:e3:
c1:7a:e2:9a:83:76:36:ec:b3:8b:75:f7:d9:b0:b4:dc:84:c5:
a7:b8:50:db:81:29:25:85:ee:7b:4c:e0:59:bf:a3:eb:83:a8:
b1:72:7e:17:e2:9f:d8:e3:d9:6e:cd:60:a5:26:0a:e9:32:89:
67:bc:78:9f:87:9a:1b:df:42:bf:72:f2:94:c1:af:18:fe:f0:
09:8c:7b:2b:59:e3:68:8b:fb:55:73:1f:4f:12:ce:a0:88:7f:
cf:c2:b1:f3:0d:32:65:dd:12:00:96:d2:0e:bd:10:65:2e:1a:
2d:c3:8e:1f:b5:7e:c5:c4:61:ea:c5:dc:ec:6e:79:6c:d4:25:
48:92:99:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZei5wzPJg+nRUB+pHtvOt1KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwNjI0MTcwNTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGU3YTIyMzgxYzUyY2UyZGUyMzk2ZWVkNGVjYzc0ZGFkMzA1N2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvD5ihdQkidQ60Su2Mh5nJI1LMkSE
FcySKeBzG1YQhgraVqE65Aatv93QXmiZWvJdk4X8g+FZAzmqbTZc3o/aZGotOst5
Aj4BHJl5/vqNvbyT0md/DlpY6rkiAye/QhUg9dZKsOVgpeDq2F7dhx1tfKf84aNL
40IgZb13UfUt0SpI1uOb9cbnwocH6S0fGkN3j1lzyZ65HTppqBxaHAsXl4+OmBPI
HpeIjZD9zDVN+TpRSoDFNDeIG29ItB/O5CCIp3WDuMeMPmhULGGGNPe9mXhLcBs+
QXbcVe1nQIj56yi7gcg3rQV2GL33LIGBf21UDvY217/bqd2rBq+jbz/ujQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG3noiOBxSzi3iOW7tTsx02tMFepMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvYmVlaUk0SEZMT0xlSTVidTFPekhUYTB3VjZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBQreMA0G
CSqGSIb3DQEBCwUAA4IBAQArtHmaUcJ1C357CaZZxVasFh4/kcxUjCSP0b4++Mhi
MqfLxWQI3wS7qf3W6ePSHALLqiGK+/AhP4Qiw+uYnsxa7eIJrvwnA3FVKuQQgmSI
BSMYgCRZ8+thYbJpEnc8clK6UE8+3yPx4El70pzSrLqH1Y/mRlWy+pwqZr8YluPB
euKag3Y27LOLdffZsLTchMWnuFDbgSklhe57TOBZv6Prg6ixcn4X4p/Y49luzWCl
JgrpMolnvHifh5ob30K/cvKUwa8Y/vAJjHsrWeNoi/tVcx9PEs6giH/PwrHzDTJl
3RIAltIOvRBlLhotw44ftX7FxGHqxdzsbnls1CVIkpkt
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:28:22 2025 by rpki-client