Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/POtWTPmaHy_K2GV4y7npmX8XIdY.roa
File: POtWTPmaHy_K2GV4y7npmX8XIdY.roa (raw, json)
Hash identifier: JKeyeNxzkU7AaicDpYdAwFpSM/Ihja0bfqVDli3k7ug=
Subject key identifier: 3C:EB:56:4C:F9:9A:1F:2F:CA:D8:65:78:CB:B9:E9:99:7F:17:21:D6
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 019427B7E78D2BD897066C6FF6680DC11FD1
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/POtWTPmaHy_K2GV4y7npmX8XIdY.roa
Signing time: Thu 02 Jan 2025 15:52:31 +0000
ROA not before: Thu 02 Jan 2025 15:52:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213999
IP address blocks: 5.10.208.0/20 maxlen: 20
Validation: Failed, certificate revoked on Fri 03 Jan 2025 22:24:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b7:e7:8d:2b:d8:97:06:6c:6f:f6:68:0d:c1:1f:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Jan 2 15:52:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ceb564cf99a1f2fcad86578cbb9e9997f1721d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d4:c3:6d:75:3f:89:cd:e4:83:69:63:2a:85:
7d:83:51:8e:66:c3:76:58:fc:ac:7f:4b:92:66:40:
86:5b:d6:d9:e6:d0:d6:26:70:f6:a9:8f:03:4a:90:
7b:93:36:b6:76:69:37:07:8d:32:a7:a4:b0:29:12:
06:ec:64:1e:1d:a0:54:28:12:56:f9:ef:16:49:78:
59:97:82:09:41:39:e0:41:37:56:87:f3:38:15:9a:
38:91:1e:78:34:56:65:b3:85:e6:68:c3:3b:95:6b:
03:a1:2a:a6:46:31:ce:83:19:2a:b5:e5:c7:c1:d6:
77:aa:0a:9c:92:8d:fe:58:79:79:5a:49:ef:96:a0:
6a:7d:87:dc:0b:49:c1:8d:ce:3d:90:c6:e6:bc:e1:
b0:86:96:c1:1f:21:26:c8:9e:ab:b3:9f:dd:6f:c7:
cb:c3:27:fb:23:fd:b1:fc:c1:70:5d:9b:fe:c1:ef:
93:92:e5:73:fe:7c:b3:78:69:f4:01:5b:b4:48:1f:
92:6f:4b:16:3b:07:06:50:da:33:ff:a0:bb:ed:43:
a9:47:1b:7b:90:fe:92:5f:27:9c:9d:a9:90:12:88:
be:96:dd:87:2d:58:78:a2:e5:ca:07:ef:8c:84:e6:
a0:9e:a9:6b:05:21:bf:43:a6:4b:64:a3:7d:9a:f2:
1e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:EB:56:4C:F9:9A:1F:2F:CA:D8:65:78:CB:B9:E9:99:7F:17:21:D6
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/POtWTPmaHy_K2GV4y7npmX8XIdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.208.0/20
Signature Algorithm: sha256WithRSAEncryption
14:ea:fb:44:80:70:31:17:9f:f0:47:39:ac:a1:3d:62:58:eb:
ba:7c:a4:51:c4:4c:1c:f9:a7:2a:ee:6b:8f:6f:e2:ee:9e:3e:
62:a9:d1:99:46:ba:87:81:91:ac:9e:74:a1:07:2d:24:1c:68:
2f:e5:8b:90:65:b6:73:e9:95:ad:bb:e2:de:9e:5c:09:dc:ff:
85:91:fb:34:ef:bd:b8:13:a7:71:6b:d8:a5:c4:3d:ae:64:71:
30:c1:d8:75:66:8f:cd:1a:f2:a4:dd:db:28:29:f6:f6:80:5d:
1a:14:9b:64:0e:f2:74:78:1f:98:46:ac:49:2c:3a:4c:5b:25:
9c:3e:ae:e6:b6:cb:a7:16:62:f9:de:c3:7b:2d:e7:2a:4c:68:
da:54:2b:f0:3d:f7:3d:04:c6:40:fb:43:a7:a6:02:ed:4a:ba:
97:70:65:dc:57:ac:71:08:22:da:91:bc:22:08:88:cf:d3:44:
cf:7f:e5:24:d7:49:cd:06:46:26:44:74:3e:ae:5d:24:c2:df:
41:1c:e2:0b:d5:01:96:6b:d1:2b:3a:62:a2:7a:87:83:85:11:
63:b7:25:95:07:49:c9:b1:73:42:70:cb:3c:74:54:f2:29:20:
ed:ea:aa:25:c9:ae:f8:15:1f:bf:be:4a:d1:5d:b1:b4:9d:e5:
c6:89:31:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnt+eNK9iXBmxv9mgNwR/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwMTAyMTU1MjMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2ViNTY0Y2Y5OWExZjJmY2FkODY1NzhjYmI5ZTk5OTdmMTcyMWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndTDbXU/ic3kg2ljKoV9g1GOZsN2
WPysf0uSZkCGW9bZ5tDWJnD2qY8DSpB7kza2dmk3B40yp6SwKRIG7GQeHaBUKBJW
+e8WSXhZl4IJQTngQTdWh/M4FZo4kR54NFZls4XmaMM7lWsDoSqmRjHOgxkqteXH
wdZ3qgqcko3+WHl5WknvlqBqfYfcC0nBjc49kMbmvOGwhpbBHyEmyJ6rs5/db8fL
wyf7I/2x/MFwXZv+we+TkuVz/nyzeGn0AVu0SB+Sb0sWOwcGUNoz/6C77UOpRxt7
kP6SXyecnamQEoi+lt2HLVh4ouXKB++MhOagnqlrBSG/Q6ZLZKN9mvIeMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDzrVkz5mh8vythleMu56Zl/FyHWMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvUE90V1RQbWFIeV9LMkdWNHk3bnBtWDhYSWRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEBQrQMA0G
CSqGSIb3DQEBCwUAA4IBAQAU6vtEgHAxF5/wRzmsoT1iWOu6fKRRxEwc+acq7muP
b+Lunj5iqdGZRrqHgZGsnnShBy0kHGgv5YuQZbZz6ZWtu+LenlwJ3P+Fkfs07724
E6dxa9ilxD2uZHEwwdh1Zo/NGvKk3dsoKfb2gF0aFJtkDvJ0eB+YRqxJLDpMWyWc
Pq7mtsunFmL53sN7LecqTGjaVCvwPfc9BMZA+0OnpgLtSrqXcGXcV6xxCCLakbwi
CIjP00TPf+Uk10nNBkYmRHQ+rl0kwt9BHOIL1QGWa9ErOmKieoeDhRFjtyWVB0nJ
sXNCcMs8dFTyKSDt6qolya74FR+/vkrRXbG0neXGiTHh
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:36:21 2025 by rpki-client