Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/1cXGtkRim_DM07P5yDKaaeFKo78.roa
File: 1cXGtkRim_DM07P5yDKaaeFKo78.roa (raw, json)
Hash identifier: zTAYPEeimqllwOqB1q665w6QE22PEaZwV9/f8SjVXQA=
Subject key identifier: D5:C5:C6:B6:44:62:9B:F0:CC:D3:B3:F9:C8:32:9A:69:E1:4A:A3:BF
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 019731FA02E0A3E9C080AECF206B237425C6
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/1cXGtkRim_DM07P5yDKaaeFKo78.roa
Signing time: Mon 02 Jun 2025 18:49:17 +0000
ROA not before: Mon 02 Jun 2025 18:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.10.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jun 2025 08:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:31:fa:02:e0:a3:e9:c0:80:ae:cf:20:6b:23:74:25:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Jun 2 18:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5c5c6b644629bf0ccd3b3f9c8329a69e14aa3bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8e:71:2e:0d:f3:4b:e5:24:18:0b:6f:ac:54:
ac:ea:37:8c:80:00:9e:b5:19:c7:e6:66:f3:b7:a1:
62:74:f1:84:3d:d0:70:a7:ba:4c:7a:4a:b5:74:da:
46:c3:0b:08:c1:e8:42:c1:77:eb:f0:31:51:1c:dc:
7c:12:53:06:a6:7e:6b:e5:ec:81:76:1c:b5:90:d6:
62:10:8c:0f:b8:8e:ab:62:b3:37:f0:e0:4d:c4:12:
c9:16:4d:ee:59:20:31:7c:a1:e7:c1:65:b0:e5:31:
0b:07:b4:fe:f2:90:a0:4f:1c:3c:1f:76:aa:bb:75:
b5:ea:ed:24:3d:58:9c:ef:10:a3:cd:a1:31:b2:af:
d7:0a:31:29:de:07:51:07:03:fc:22:f1:12:c4:0b:
2e:a4:46:6b:70:77:4a:ae:16:30:be:22:be:72:9a:
e2:b2:62:24:eb:50:30:15:f8:ec:ea:1b:80:ce:b5:
66:1e:33:bc:d7:49:5c:8b:9b:20:7c:ff:8d:7a:05:
46:e4:73:52:f0:51:d7:36:6a:28:34:3c:55:88:97:
48:29:53:4b:77:97:a5:9a:7b:c5:23:bc:35:bf:b9:
fd:96:40:e0:e7:7d:02:01:4a:b5:dc:7d:e8:64:78:
43:39:a0:b7:c2:66:a2:6e:16:b0:ac:ba:f3:b0:d0:
a7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C5:C6:B6:44:62:9B:F0:CC:D3:B3:F9:C8:32:9A:69:E1:4A:A3:BF
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/1cXGtkRim_DM07P5yDKaaeFKo78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.222.0/24
Signature Algorithm: sha256WithRSAEncryption
71:62:72:d8:78:f0:4e:b3:1f:5c:7f:40:f5:3b:ba:ca:15:fc:
ec:95:3b:b7:a1:88:bf:0a:9b:ad:9c:b7:1c:89:92:fe:49:82:
76:7a:ba:32:da:ca:dc:d2:67:10:dc:44:5e:68:a1:06:d8:91:
67:ba:a2:65:d1:f3:ea:78:df:93:0d:65:06:3a:6f:c8:dd:d2:
78:9b:af:36:3d:9c:b7:39:a3:1c:f7:b8:66:3b:27:c5:00:3b:
d4:d5:22:13:78:4c:88:8a:e6:3f:df:8e:e8:c3:19:27:c6:9e:
3d:03:a5:15:db:c1:c9:1a:12:b4:5b:ad:7c:c4:1c:b1:14:09:
45:3c:43:2d:f0:fb:6a:97:c7:7f:7a:72:78:04:bc:af:e9:d2:
c4:f0:b1:9f:80:51:8a:a0:3d:7b:0c:80:10:f1:81:66:dd:19:
3b:de:01:a4:db:85:12:de:07:7d:36:2e:32:2a:27:7b:29:85:
ca:cb:a0:9b:41:60:a0:01:18:b9:a2:6b:36:8f:ae:0c:b3:16:
e0:5f:61:ff:f5:7a:9f:0d:de:2c:e5:76:73:7c:a1:45:06:4c:
55:cb:18:14:ca:64:89:82:c0:cb:7a:4a:32:f4:60:ed:f6:e4:
08:f5:73:0f:fa:a0:c1:55:86:22:e5:f5:81:ed:51:9e:b0:b0:
e4:52:2a:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcx+gLgo+nAgK7PIGsjdCXGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwNjAyMTg0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWM1YzZiNjQ0NjI5YmYwY2NkM2IzZjljODMyOWE2OWUxNGFhM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmI5xLg3zS+UkGAtvrFSs6jeMgACe
tRnH5mbzt6FidPGEPdBwp7pMekq1dNpGwwsIwehCwXfr8DFRHNx8ElMGpn5r5eyB
dhy1kNZiEIwPuI6rYrM38OBNxBLJFk3uWSAxfKHnwWWw5TELB7T+8pCgTxw8H3aq
u3W16u0kPVic7xCjzaExsq/XCjEp3gdRBwP8IvESxAsupEZrcHdKrhYwviK+cpri
smIk61AwFfjs6huAzrVmHjO810lci5sgfP+NegVG5HNS8FHXNmooNDxViJdIKVNL
d5elmnvFI7w1v7n9lkDg530CAUq13H3oZHhDOaC3wmaibhawrLrzsNCnzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNXFxrZEYpvwzNOz+cgymmnhSqO/MB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvMWNYR3RrUmltX0RNMDdQNXlES2FhZUZLbzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQreMA0G
CSqGSIb3DQEBCwUAA4IBAQBxYnLYePBOsx9cf0D1O7rKFfzslTu3oYi/CputnLcc
iZL+SYJ2eroy2src0mcQ3EReaKEG2JFnuqJl0fPqeN+TDWUGOm/I3dJ4m682PZy3
OaMc97hmOyfFADvU1SITeEyIiuY/347owxknxp49A6UV28HJGhK0W618xByxFAlF
PEMt8Ptql8d/enJ4BLyv6dLE8LGfgFGKoD17DIAQ8YFm3Rk73gGk24US3gd9Ni4y
Kid7KYXKy6CbQWCgARi5oms2j64MsxbgX2H/9XqfDd4s5XZzfKFFBkxVyxgUymSJ
gsDLekoy9GDt9uQI9XMP+qDBVYYi5fWB7VGesLDkUipS
-----END CERTIFICATE-----
Generated at Fri Jun 6 04:56:07 2025 by rpki-client