Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/BFO3ymmoYYaIYHS5P0QYIRIduOE.roa
File: BFO3ymmoYYaIYHS5P0QYIRIduOE.roa (raw, json)
Hash identifier: XDEkRrXKYSyzazKlJgQxG/gD0C0jt2vFXpektMJym84=
Subject key identifier: 04:53:B7:CA:69:A8:61:86:88:60:74:B9:3F:44:18:21:12:1D:B8:E1
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 0195DDBFCFD7780152906F58E05DE1D878FC
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/BFO3ymmoYYaIYHS5P0QYIRIduOE.roa
Signing time: Fri 28 Mar 2025 17:14:49 +0000
ROA not before: Fri 28 Mar 2025 17:14:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.10.213.0/24 maxlen: 24
5.10.217.0/24 maxlen: 24
5.10.218.0/24 maxlen: 24
5.10.219.0/24 maxlen: 24
5.10.221.0/24 maxlen: 24
5.10.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 29 Mar 2025 21:11:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:dd:bf:cf:d7:78:01:52:90:6f:58:e0:5d:e1:d8:78:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Mar 28 17:14:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0453b7ca69a86186886074b93f441821121db8e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:31:ee:b9:a6:da:9b:7e:d7:e2:f8:62:92:f0:
be:29:c9:35:bf:10:97:fd:35:03:79:d4:ac:12:57:
d8:72:8b:73:b0:69:70:5a:82:8b:bf:ca:25:53:06:
f1:4e:9e:f4:7f:a8:ae:7a:5b:8c:61:af:da:ef:26:
17:32:bb:2a:46:1f:bf:b2:48:f4:6a:6c:d1:4e:94:
2f:c1:ee:4a:ca:ff:f1:0a:b2:11:d6:3a:cd:19:e9:
8f:d7:c3:13:85:17:9e:ea:74:89:c1:3c:41:0f:c0:
6e:b0:4a:ec:8f:f5:1e:b3:e9:04:fd:69:bb:01:e3:
1b:c5:70:6d:b0:dd:2a:9f:2b:c4:b9:68:94:d6:a9:
8d:5c:7c:ac:62:c9:b6:99:24:81:70:4c:ab:3d:62:
d4:a3:9e:41:a8:a1:d4:fd:98:01:3c:aa:5a:ea:77:
01:e9:d3:a0:0c:af:9e:06:f8:01:35:f4:bd:18:25:
59:59:35:77:07:75:af:59:2e:3c:e5:99:0e:38:f8:
b3:6e:7b:cb:42:85:de:21:41:95:89:df:e3:83:bb:
55:b4:5d:77:8b:09:e2:6f:92:8e:80:2e:50:03:16:
7a:b9:66:cf:42:3c:f0:21:77:7f:fc:de:ac:f9:d7:
b6:fb:50:6e:2a:3f:0d:8d:e1:8e:07:0d:51:aa:a8:
07:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:53:B7:CA:69:A8:61:86:88:60:74:B9:3F:44:18:21:12:1D:B8:E1
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/BFO3ymmoYYaIYHS5P0QYIRIduOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.213.0/24
5.10.217.0-5.10.219.255
5.10.221.0-5.10.222.255
Signature Algorithm: sha256WithRSAEncryption
2b:8d:2e:7f:b7:2b:85:1f:a0:13:a0:f9:e8:9d:6f:95:05:8b:
a0:9c:2b:51:e5:de:92:cb:24:69:b8:1e:3c:6b:92:19:c0:23:
fa:a7:5c:f6:34:ba:eb:c3:f9:c6:bd:c4:d8:cb:db:69:7f:e2:
c5:c1:0e:1a:9b:e7:02:15:61:b0:99:bb:7a:54:59:2d:c4:5e:
66:5d:c7:62:33:c4:f9:52:5a:66:69:31:65:22:6f:ea:68:bd:
3d:d8:cd:58:d2:02:17:b4:7a:63:85:aa:04:f9:a9:7a:63:99:
67:d1:7f:06:d9:95:0a:62:df:df:27:18:32:14:5f:3c:6c:a7:
b8:83:25:6e:6a:a6:19:46:4f:4d:3d:9f:dd:f2:40:b0:f0:20:
5d:05:a2:66:7a:aa:e8:07:bd:12:69:2d:40:8c:b8:5e:2d:ee:
ea:28:a8:51:d4:c2:bd:df:7b:4b:c3:54:eb:eb:38:b7:77:a6:
18:da:35:66:36:bb:17:b5:2d:8a:6d:78:23:c1:a1:97:1b:38:
92:fd:93:09:d2:aa:27:f2:f5:0f:11:0d:bc:fe:12:dc:d1:9b:
3b:03:20:33:c7:98:02:74:86:31:b4:f2:8b:f4:5a:7a:cc:98:
51:27:07:82:d0:b6:b9:90:1e:b9:1c:20:82:8d:cb:af:b4:b1:
3c:f8:4a:3c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZXdv8/XeAFSkG9Y4F3h2Hj8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwMzI4MTcxNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDUzYjdjYTY5YTg2MTg2ODg2MDc0YjkzZjQ0MTgyMTEyMWRiOGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzHuuabam37X4vhikvC+Kck1vxCX
/TUDedSsElfYcotzsGlwWoKLv8olUwbxTp70f6iueluMYa/a7yYXMrsqRh+/skj0
amzRTpQvwe5Kyv/xCrIR1jrNGemP18MThRee6nSJwTxBD8BusErsj/Ues+kE/Wm7
AeMbxXBtsN0qnyvEuWiU1qmNXHysYsm2mSSBcEyrPWLUo55BqKHU/ZgBPKpa6ncB
6dOgDK+eBvgBNfS9GCVZWTV3B3WvWS485ZkOOPizbnvLQoXeIUGVid/jg7tVtF13
iwnib5KOgC5QAxZ6uWbPQjzwIXd//N6s+de2+1BuKj8NjeGOBw1RqqgHrQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFARTt8ppqGGGiGB0uT9EGCESHbjhMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvQkZPM3ltbW9ZWWFJWUhTNVAwUVlJUklkdU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQABQrVMAwD
BAAFCtkDBAIFCtgwDAMEAAUK3QMEAAUK3jANBgkqhkiG9w0BAQsFAAOCAQEAK40u
f7crhR+gE6D56J1vlQWLoJwrUeXeksskabgePGuSGcAj+qdc9jS668P5xr3E2Mvb
aX/ixcEOGpvnAhVhsJm7elRZLcReZl3HYjPE+VJaZmkxZSJv6mi9PdjNWNICF7R6
Y4WqBPmpemOZZ9F/BtmVCmLf3ycYMhRfPGynuIMlbmqmGUZPTT2f3fJAsPAgXQWi
Znqq6Ae9EmktQIy4Xi3u6iioUdTCvd97S8NU6+s4t3emGNo1Zja7F7Utim14I8Gh
lxs4kv2TCdKqJ/L1DxENvP4S3NGbOwMgM8eYAnSGMbTyi/RaesyYUScHgtC2uZAe
uRwggo3Lr7SxPPhKPA==
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:39:38 2025 by rpki-client