Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/fvoWdpThtu_XzxkClBWmj8yY7jA.roa
File: fvoWdpThtu_XzxkClBWmj8yY7jA.roa (raw, json)
Hash identifier: mZO5mnoTs/tKdOKFOeRlaBrqW4bHX5YP4v0EAOOq908=
Subject key identifier: 7E:FA:16:76:94:E1:B6:EF:D7:CF:19:02:94:15:A6:8F:CC:98:EE:30
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 0197BC87C03EF189F82162B8B9C5A17F04A9
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/fvoWdpThtu_XzxkClBWmj8yY7jA.roa
Signing time: Sun 29 Jun 2025 16:31:42 +0000
ROA not before: Sun 29 Jun 2025 16:31:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.10.212.0/24 maxlen: 24
5.10.213.0/24 maxlen: 24
5.10.218.0/23 maxlen: 23
5.10.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Jul 2025 19:08:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:bc:87:c0:3e:f1:89:f8:21:62:b8:b9:c5:a1:7f:04:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Jun 29 16:31:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7efa167694e1b6efd7cf19029415a68fcc98ee30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:39:e4:16:2f:48:e0:6b:65:9b:ac:80:f8:e1:
7c:20:b1:ae:0c:d4:63:2e:0c:11:7d:4f:f7:65:05:
6a:26:c4:37:9a:04:5f:88:8a:24:57:d2:a2:15:63:
5f:98:05:f2:4b:f9:e0:21:1c:78:01:37:f5:d7:a1:
0c:4f:95:1c:6c:af:3b:0d:03:ae:e8:bd:a7:ec:6b:
84:c6:67:76:36:1d:03:49:6f:bb:09:38:9f:57:65:
e3:67:28:19:a5:7c:2b:b6:67:71:11:eb:32:e4:b8:
7f:22:3e:43:e5:c1:28:47:b3:c5:81:80:f0:47:a1:
8d:44:23:8b:49:d3:c3:b3:5a:f8:28:c2:d3:ed:f6:
b2:2f:ec:cf:d1:b3:d1:17:a9:3f:80:bd:72:64:7b:
11:f7:88:ff:81:53:39:d7:58:60:b1:33:5f:1c:b4:
d4:f8:ad:cd:7f:f6:b3:86:92:fe:a6:44:14:24:65:
b1:52:d4:5e:c1:a8:f4:90:d4:77:4e:1d:cf:c5:fc:
f8:50:29:2f:09:c9:8a:77:ce:8e:07:bf:d1:9a:96:
e0:cd:f6:c0:c0:be:e5:83:5d:a4:d6:c0:20:13:b4:
75:da:69:c3:21:b3:5d:20:09:85:e1:c1:90:fd:8b:
01:16:f3:2a:eb:7c:cb:c5:b0:fa:c2:49:a3:41:9c:
0b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:FA:16:76:94:E1:B6:EF:D7:CF:19:02:94:15:A6:8F:CC:98:EE:30
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/fvoWdpThtu_XzxkClBWmj8yY7jA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.212.0/23
5.10.218.0/23
5.10.222.0/24
Signature Algorithm: sha256WithRSAEncryption
91:9a:37:a2:1f:31:a1:c4:b4:af:31:74:4a:6f:8d:02:82:01:
f0:ea:18:49:cb:b8:f9:0a:42:01:22:b6:e1:0c:07:e2:52:ed:
49:69:c6:3a:29:81:15:f8:a7:85:15:c2:e7:cc:ee:bd:99:62:
47:42:fa:63:61:d3:cc:06:d1:46:ad:0e:12:11:a5:95:84:38:
2e:02:52:1c:5c:6c:74:74:8e:e3:34:b6:37:2e:13:be:d6:7c:
27:00:b5:53:90:8e:c7:bb:0a:11:36:65:b3:2c:76:4b:cc:59:
6f:81:e8:b9:28:ed:d7:e2:e6:a9:09:3b:5a:9b:3d:45:4f:3a:
9d:3a:e5:db:a9:f3:52:f1:fb:bf:1e:9a:c5:ef:58:28:93:78:
f4:ec:18:01:3a:ca:7f:3f:f3:7c:95:a3:a5:98:b4:0d:f5:3f:
cf:ce:80:ea:bb:cf:b3:ae:6d:95:18:8a:81:01:f9:a2:08:ef:
e8:ac:ba:18:e6:2e:c5:62:fb:b1:16:5c:ed:6f:68:02:cc:d5:
bc:78:1c:d8:73:f5:4a:6b:07:42:47:46:f5:1e:13:89:bd:b6:
d9:3e:06:e7:1b:63:0d:ff:95:20:f4:68:95:8d:63:24:aa:bf:
59:69:c9:07:b4:d7:54:eb:30:47:ed:dc:c4:d4:4b:e2:ee:00:
4a:90:39:91
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZe8h8A+8Yn4IWK4ucWhfwSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwNjI5MTYzMTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWZhMTY3Njk0ZTFiNmVmZDdjZjE5MDI5NDE1YTY4ZmNjOThlZTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTnkFi9I4Gtlm6yA+OF8ILGuDNRj
LgwRfU/3ZQVqJsQ3mgRfiIokV9KiFWNfmAXyS/ngIRx4ATf116EMT5UcbK87DQOu
6L2n7GuExmd2Nh0DSW+7CTifV2XjZygZpXwrtmdxEesy5Lh/Ij5D5cEoR7PFgYDw
R6GNRCOLSdPDs1r4KMLT7fayL+zP0bPRF6k/gL1yZHsR94j/gVM511hgsTNfHLTU
+K3Nf/azhpL+pkQUJGWxUtRewaj0kNR3Th3Pxfz4UCkvCcmKd86OB7/RmpbgzfbA
wL7lg12k1sAgE7R12mnDIbNdIAmF4cGQ/YsBFvMq63zLxbD6wkmjQZwL6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH76FnaU4bbv188ZApQVpo/MmO4wMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvZnZvV2RwVGh0dV9YenhrQ2xCV21qOHlZN2pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBQrUAwQB
BQraAwQABQreMA0GCSqGSIb3DQEBCwUAA4IBAQCRmjeiHzGhxLSvMXRKb40CggHw
6hhJy7j5CkIBIrbhDAfiUu1JacY6KYEV+KeFFcLnzO69mWJHQvpjYdPMBtFGrQ4S
EaWVhDguAlIcXGx0dI7jNLY3LhO+1nwnALVTkI7HuwoRNmWzLHZLzFlvgei5KO3X
4uapCTtamz1FTzqdOuXbqfNS8fu/HprF71gok3j07BgBOsp/P/N8laOlmLQN9T/P
zoDqu8+zrm2VGIqBAfmiCO/orLoY5i7FYvuxFlztb2gCzNW8eBzYc/VKawdCR0b1
HhOJvbbZPgbnG2MN/5Ug9GiVjWMkqr9ZackHtNdU6zBH7dzE1Evi7gBKkDmR
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:28:27 2025 by rpki-client