Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/Obh49N8haIkA0hx6GPOTSLLqdCc.roa
File: Obh49N8haIkA0hx6GPOTSLLqdCc.roa (raw, json)
Hash identifier: sXqg85AR2927Bhb4qdGhUDmKhe8sDVPyPDEd4NJSPLM=
Subject key identifier: 39:B8:78:F4:DF:21:68:89:00:D2:1C:7A:18:F3:93:48:B2:EA:74:27
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 0195D336AB86E63126B27F22CC8DE1676E1E
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/Obh49N8haIkA0hx6GPOTSLLqdCc.roa
Signing time: Wed 26 Mar 2025 16:08:50 +0000
ROA not before: Wed 26 Mar 2025 16:08:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 5.10.212.0/24 maxlen: 24
5.10.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 29 Mar 2025 21:11:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d3:36:ab:86:e6:31:26:b2:7f:22:cc:8d:e1:67:6e:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Mar 26 16:08:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39b878f4df21688900d21c7a18f39348b2ea7427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:7c:65:f9:89:25:3f:d0:d5:33:d2:00:91:66:
dd:1a:54:96:13:c9:7f:ae:83:6d:87:8a:ac:59:5b:
cb:d7:bc:07:72:a2:af:ee:10:ae:de:cb:3d:ff:50:
4f:52:3d:84:55:cb:d3:80:ce:df:68:38:94:ae:7e:
10:b9:fa:ea:02:48:52:ea:03:c4:54:3c:63:25:f8:
b9:4a:89:a1:af:66:7b:95:ba:9a:8f:ae:2d:f7:f7:
33:5b:ea:e6:58:e5:b4:7c:70:af:e5:68:e1:1c:b0:
b1:22:d7:4f:d4:1b:d9:19:a6:c1:84:68:80:36:49:
8d:d6:79:28:fc:cf:0a:3b:aa:37:6f:1d:76:44:35:
13:cd:ce:f1:dc:25:b9:6c:2e:4e:b7:d4:3b:4f:42:
96:87:82:fc:c1:b7:8a:36:ce:57:f6:cf:d8:28:d9:
e6:34:c5:70:9c:55:5a:1d:71:9c:77:aa:17:7a:fd:
3b:5f:c8:54:fd:2c:d1:1a:f4:e1:a6:ca:76:1d:48:
4e:20:08:85:a9:ab:18:ca:a9:89:44:c6:a5:96:54:
45:bd:c0:8c:c1:2f:18:b4:cb:69:94:88:73:b4:f4:
31:87:5d:48:ea:ef:21:1e:dd:6e:0e:e9:3b:b2:69:
f4:3a:97:7b:8c:2d:e4:0f:65:12:07:d2:36:f1:7b:
9d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B8:78:F4:DF:21:68:89:00:D2:1C:7A:18:F3:93:48:B2:EA:74:27
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/Obh49N8haIkA0hx6GPOTSLLqdCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.212.0/24
5.10.223.0/24
Signature Algorithm: sha256WithRSAEncryption
86:0c:3a:41:9d:0b:66:7f:f0:86:96:37:da:61:b8:f4:30:56:
59:2f:33:19:7a:f6:f1:a8:37:89:ba:37:fd:b0:26:46:b3:45:
9b:92:f5:5f:25:95:72:c9:16:61:cf:10:21:ff:64:f9:75:73:
15:6c:01:b4:ce:98:4b:3c:b5:c9:1d:6e:08:e9:c5:3d:db:21:
a7:3b:77:8f:0c:66:a7:d6:31:30:8a:10:11:ed:73:a8:52:05:
c0:c0:10:c1:4d:e1:ea:2a:b6:fb:a2:a4:98:86:f5:2e:74:58:
af:68:f8:a5:3f:cd:62:b6:10:2b:46:6b:3a:0c:bf:0a:70:82:
38:66:66:c1:79:cb:cf:d4:53:fd:26:d2:05:37:83:53:19:56:
a9:e4:ff:49:e5:e4:3c:2b:4a:8e:e5:47:55:25:d8:84:70:2b:
44:4e:73:95:f2:f2:3d:ce:61:3f:1b:bd:cf:74:aa:d1:09:79:
a9:38:c4:f6:de:ca:6a:51:10:0b:0f:e8:9f:2a:e3:f6:c8:a4:
08:d0:3e:66:6d:fa:54:fc:91:83:c6:e1:15:ee:2a:96:c2:71:
ea:1d:a2:b9:c5:cd:6f:b3:00:5a:20:e9:b8:17:47:88:fc:4a:
96:08:aa:cf:9d:18:e7:a3:59:6e:c0:fc:fb:2f:2f:5d:ce:0e:
06:16:eb:e6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZXTNquG5jEmsn8izI3hZ24eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwMzI2MTYwODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWI4NzhmNGRmMjE2ODg5MDBkMjFjN2ExOGYzOTM0OGIyZWE3NDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Xxl+YklP9DVM9IAkWbdGlSWE8l/
roNth4qsWVvL17wHcqKv7hCu3ss9/1BPUj2EVcvTgM7faDiUrn4QufrqAkhS6gPE
VDxjJfi5Somhr2Z7lbqaj64t9/czW+rmWOW0fHCv5WjhHLCxItdP1BvZGabBhGiA
NkmN1nko/M8KO6o3bx12RDUTzc7x3CW5bC5Ot9Q7T0KWh4L8wbeKNs5X9s/YKNnm
NMVwnFVaHXGcd6oXev07X8hU/SzRGvThpsp2HUhOIAiFqasYyqmJRMalllRFvcCM
wS8YtMtplIhztPQxh11I6u8hHt1uDuk7smn0Opd7jC3kD2USB9I28XudnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDm4ePTfIWiJANIcehjzk0iy6nQnMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvT2JoNDlOOGhhSWtBMGh4NkdQT1RTTExxZENjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABQrUAwQA
BQrfMA0GCSqGSIb3DQEBCwUAA4IBAQCGDDpBnQtmf/CGljfaYbj0MFZZLzMZevbx
qDeJujf9sCZGs0WbkvVfJZVyyRZhzxAh/2T5dXMVbAG0zphLPLXJHW4I6cU92yGn
O3ePDGan1jEwihAR7XOoUgXAwBDBTeHqKrb7oqSYhvUudFivaPilP81ithArRms6
DL8KcII4ZmbBecvP1FP9JtIFN4NTGVap5P9J5eQ8K0qO5UdVJdiEcCtETnOV8vI9
zmE/G73PdKrRCXmpOMT23spqURALD+ifKuP2yKQI0D5mbfpU/JGDxuEV7iqWwnHq
HaK5xc1vswBaIOm4F0eI/EqWCKrPnRjno1luwPz7Ly9dzg4GFuvm
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:41:36 2025 by rpki-client