Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/1-Sc__ODCmf6lAN3HbCmov_tAc1U.roa
File: 1-Sc__ODCmf6lAN3HbCmov_tAc1U.roa (raw, json)
Hash identifier: fO2tvblCsKqIvz8mYwcnFDiWJP6UGJt1YwrDRu2LBGU=
Subject key identifier: F9:27:3F:FC:E0:C2:99:FE:A5:00:DD:C7:6C:29:A8:BF:FB:40:73:55
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 0195CCA301FFFB14355F034C0CCFB91E9570
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/1-Sc__ODCmf6lAN3HbCmov_tAc1U.roa
Signing time: Tue 25 Mar 2025 09:29:49 +0000
ROA not before: Tue 25 Mar 2025 09:29:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.10.212.0/24 maxlen: 24
5.10.213.0/24 maxlen: 24
5.10.214.0/24 maxlen: 24
5.10.215.0/24 maxlen: 24
5.10.216.0/24 maxlen: 24
5.10.217.0/24 maxlen: 24
5.10.218.0/24 maxlen: 24
5.10.219.0/24 maxlen: 24
5.10.220.0/24 maxlen: 24
5.10.221.0/24 maxlen: 24
5.10.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Mar 2025 16:08:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cc:a3:01:ff:fb:14:35:5f:03:4c:0c:cf:b9:1e:95:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Mar 25 09:29:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9273ffce0c299fea500ddc76c29a8bffb407355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1d:2a:39:55:04:c3:b2:1b:de:16:41:6e:ea:
0b:4d:32:c6:02:1f:97:24:bb:a5:be:03:45:10:ce:
04:a7:83:69:29:a9:85:20:0a:63:24:29:9b:d5:84:
71:19:58:d9:79:70:01:0b:3f:75:42:c9:1f:05:bc:
30:f5:0b:00:69:16:47:c6:01:e4:92:9a:7f:2c:14:
01:4e:3e:16:00:9a:fc:17:e8:81:a1:ee:d2:4d:de:
c4:f5:b0:5e:7f:6c:f6:0b:f6:1a:61:23:cb:5d:27:
2c:91:77:bb:e5:d9:b0:95:dd:c8:f7:15:fb:f0:39:
5d:03:92:ec:bc:aa:05:f3:ef:07:22:c2:81:ce:ed:
d9:cb:cc:8c:d1:ce:d5:c8:f4:ad:d5:d2:a2:07:b5:
66:3c:60:34:6d:54:28:d9:a6:b1:dc:9d:09:5d:1d:
00:56:5c:5d:71:cf:1e:54:05:53:06:2a:8a:72:fc:
df:9e:8c:15:0e:8b:c9:22:b2:e2:16:b1:81:48:4f:
2e:68:e9:7b:e1:2c:fb:e5:cd:6c:54:5e:e2:60:e6:
28:4c:da:0a:90:d2:84:e3:67:6a:68:17:9b:00:d1:
ca:c2:4a:d8:5e:97:fb:55:fe:37:7c:e1:17:81:b1:
57:18:4a:eb:32:2b:f3:47:97:29:fa:34:8f:3f:dc:
91:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:27:3F:FC:E0:C2:99:FE:A5:00:DD:C7:6C:29:A8:BF:FB:40:73:55
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/1-Sc__ODCmf6lAN3HbCmov_tAc1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.212.0-5.10.222.255
Signature Algorithm: sha256WithRSAEncryption
89:c6:d2:14:af:cb:25:d3:30:e4:97:e5:36:8c:e6:0f:c8:09:
15:59:65:7e:8a:5b:1b:78:1d:df:d7:02:e2:f1:0e:64:b3:4c:
e3:ca:8c:ea:5b:9f:c1:ec:3d:e1:76:ae:76:a6:49:9a:50:c4:
4a:84:d7:4c:2a:75:37:f6:cb:ba:f0:40:a8:35:2f:93:ef:57:
56:85:fa:e7:7f:d1:23:1b:5a:a6:ed:98:92:d5:88:e1:61:03:
34:71:1a:a6:7a:02:3c:f3:90:85:fd:5a:87:99:17:5e:d7:42:
be:1a:94:b1:a8:9a:a0:d1:9a:ee:8a:ce:10:fb:7c:b9:9e:b6:
dc:b2:5e:8a:91:e1:fb:b7:7b:90:de:a0:f8:85:e0:c1:fa:a4:
0d:5e:0f:0e:83:bd:ec:44:47:d8:e8:c8:1c:af:9b:47:4b:1f:
21:2e:24:f1:b3:e3:13:54:fa:c6:8d:4c:53:6a:2b:e3:7b:16:
62:62:0e:ea:3a:cf:14:f9:13:02:92:eb:38:a5:0f:07:15:23:
6e:18:7c:5c:5a:85:cc:00:c0:8b:80:87:05:d2:43:c1:14:ae:
1c:01:48:61:ed:a8:67:42:5f:50:74:1a:87:ba:16:d8:72:2e:
65:39:10:c1:84:79:63:9a:e8:c8:9c:b5:5b:a2:60:d1:08:2a:
b2:5a:66:ca
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAZXMowH/+xQ1XwNMDM+5HpVwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwMzI1MDkyOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTI3M2ZmY2UwYzI5OWZlYTUwMGRkYzc2YzI5YThiZmZiNDA3MzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAox0qOVUEw7Ib3hZBbuoLTTLGAh+X
JLulvgNFEM4Ep4NpKamFIApjJCmb1YRxGVjZeXABCz91QskfBbww9QsAaRZHxgHk
kpp/LBQBTj4WAJr8F+iBoe7STd7E9bBef2z2C/YaYSPLXScskXe75dmwld3I9xX7
8DldA5LsvKoF8+8HIsKBzu3Zy8yM0c7VyPSt1dKiB7VmPGA0bVQo2aax3J0JXR0A
Vlxdcc8eVAVTBiqKcvzfnowVDovJIrLiFrGBSE8uaOl74Sz75c1sVF7iYOYoTNoK
kNKE42dqaBebANHKwkrYXpf7Vf43fOEXgbFXGErrMivzR5cp+jSPP9yRywIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFPknP/zgwpn+pQDdx2wpqL/7QHNVMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvMS1TY19fT0RDbWY2bEFOM0hiQ21vdl90QWMxVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2EvYmU0OTA5LTc0NWYtNGQwYy1iZmFiLWRlZTc2ODYwMDEz
ZC8xL0tYNzV2djBhZmlUQXpKY3BtSF9BWmRhM0V5OC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQCBQrU
AwQABQreMA0GCSqGSIb3DQEBCwUAA4IBAQCJxtIUr8sl0zDkl+U2jOYPyAkVWWV+
ilsbeB3f1wLi8Q5ks0zjyozqW5/B7D3hdq52pkmaUMRKhNdMKnU39su68ECoNS+T
71dWhfrnf9EjG1qm7ZiS1YjhYQM0cRqmegI885CF/VqHmRde10K+GpSxqJqg0Zru
is4Q+3y5nrbcsl6KkeH7t3uQ3qD4heDB+qQNXg8Og73sREfY6Mgcr5tHSx8hLiTx
s+MTVPrGjUxTaivjexZiYg7qOs8U+RMCkus4pQ8HFSNuGHxcWoXMAMCLgIcF0kPB
FK4cAUhh7ahnQl9QdBqHuhbYci5lORDBhHljmujInLVbomDRCCqyWmbK
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:37:01 2025 by rpki-client