Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/UDsA8ycViljBx5goLT5i-xlz49I.roa
File: UDsA8ycViljBx5goLT5i-xlz49I.roa (raw, json)
Hash identifier: uph1MIzfz1aCq9fcgUtf3XipUsi4mjqWCmimqd/HRN0=
Subject key identifier: 50:3B:00:F3:27:15:8A:58:C1:C7:98:28:2D:3E:62:FB:19:73:E3:D2
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 01958AE9725EF982F9310EC56253622DA063
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/UDsA8ycViljBx5goLT5i-xlz49I.roa
Signing time: Wed 12 Mar 2025 15:11:49 +0000
ROA not before: Wed 12 Mar 2025 15:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.10.208.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 24 Mar 2025 17:28:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8a:e9:72:5e:f9:82:f9:31:0e:c5:62:53:62:2d:a0:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Mar 12 15:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=503b00f327158a58c1c798282d3e62fb1973e3d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:28:44:8e:10:8b:0b:c4:5a:55:90:b1:24:fc:
f5:9e:12:23:8d:9e:01:71:bc:11:53:3f:b6:73:01:
c1:49:7e:42:a4:85:86:ea:3b:ad:c8:fb:47:b4:e7:
ab:e2:54:04:b5:c4:eb:92:c8:93:e2:93:f4:67:a8:
a6:f2:49:3f:6f:d0:fc:65:3e:0a:03:6b:9e:c1:4f:
ed:af:66:84:a0:bc:13:28:ca:1f:3f:6e:92:dc:7f:
f9:ad:4b:79:3c:31:c9:23:dc:19:ce:e1:68:5e:0c:
98:83:92:7b:40:9f:bb:e8:ae:64:63:43:0f:7a:1f:
a5:86:bc:ea:cf:a2:32:c6:63:32:0f:b4:01:97:38:
09:e0:92:a7:6c:13:e2:da:3c:43:8b:57:ec:6f:b2:
b8:2c:93:92:27:54:eb:6a:29:33:cb:7e:63:ee:38:
43:02:d3:ba:4b:56:a9:e2:d9:56:a0:5a:22:dd:99:
8a:51:bd:6d:d0:86:1f:7a:bb:6f:d9:5a:31:7b:87:
9b:df:12:de:27:41:25:98:a7:ea:95:0f:54:f2:bb:
9d:3c:23:42:fd:5d:5a:e3:d0:b7:4d:5f:c8:ae:f8:
05:a0:bb:f6:7c:fa:1a:91:c2:46:30:aa:81:22:ce:
ff:f9:cb:e5:aa:bc:2b:e0:f4:b3:76:69:40:ae:b3:
a7:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:3B:00:F3:27:15:8A:58:C1:C7:98:28:2D:3E:62:FB:19:73:E3:D2
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/UDsA8ycViljBx5goLT5i-xlz49I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.208.0/20
Signature Algorithm: sha256WithRSAEncryption
38:ab:fe:d0:ff:15:bf:a7:be:86:37:90:b9:82:b6:d1:73:73:
80:7f:6d:66:f8:b0:16:0f:33:dd:c2:0d:e2:e5:03:91:d5:1c:
75:6e:53:92:5c:20:82:0b:25:01:68:19:61:16:6e:a1:c8:ff:
ae:7f:22:47:14:cf:a4:57:b6:48:73:80:f0:af:36:cc:84:6a:
96:14:74:a4:57:d5:63:98:11:eb:02:d3:8c:1f:4c:67:a7:d5:
6c:97:97:c4:f0:e5:03:5b:7c:fe:95:b9:5b:b9:88:95:07:ab:
16:38:84:93:38:d6:f2:c6:d8:37:c6:95:4d:b9:95:c0:21:c7:
55:35:81:e6:cb:7d:77:6d:8b:28:f0:e4:dd:4c:d4:73:a8:3c:
ea:2a:e1:77:a6:e2:1b:13:ca:c5:1c:5a:dc:fa:99:80:d3:bd:
59:e1:8e:40:96:39:d2:28:52:17:d5:dc:7c:90:44:7e:d7:77:
bc:7c:fd:f4:62:5b:70:f8:a7:97:5a:ce:53:f5:83:82:46:aa:
9e:7d:cc:53:87:b5:69:f7:7c:6c:5c:3a:9e:b0:48:07:76:62:
46:eb:dc:a3:1a:2b:a6:3b:af:48:81:15:1a:55:06:da:71:c4:
4a:46:76:f0:f3:17:93:b1:fc:00:69:f8:64:1b:dd:f1:bd:68:
a1:d4:2c:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWK6XJe+YL5MQ7FYlNiLaBjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwMzEyMTUxMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDNiMDBmMzI3MTU4YTU4YzFjNzk4MjgyZDNlNjJmYjE5NzNlM2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyhEjhCLC8RaVZCxJPz1nhIjjZ4B
cbwRUz+2cwHBSX5CpIWG6jutyPtHtOer4lQEtcTrksiT4pP0Z6im8kk/b9D8ZT4K
A2uewU/tr2aEoLwTKMofP26S3H/5rUt5PDHJI9wZzuFoXgyYg5J7QJ+76K5kY0MP
eh+lhrzqz6IyxmMyD7QBlzgJ4JKnbBPi2jxDi1fsb7K4LJOSJ1Traikzy35j7jhD
AtO6S1ap4tlWoFoi3ZmKUb1t0IYfertv2Voxe4eb3xLeJ0ElmKfqlQ9U8rudPCNC
/V1a49C3TV/IrvgFoLv2fPoakcJGMKqBIs7/+cvlqrwr4PSzdmlArrOnmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFA7APMnFYpYwceYKC0+YvsZc+PSMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvVURzQTh5Y1ZpbGpCeDVnb0xUNWkteGx6NDlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEBQrQMA0G
CSqGSIb3DQEBCwUAA4IBAQA4q/7Q/xW/p76GN5C5grbRc3OAf21m+LAWDzPdwg3i
5QOR1Rx1blOSXCCCCyUBaBlhFm6hyP+ufyJHFM+kV7ZIc4DwrzbMhGqWFHSkV9Vj
mBHrAtOMH0xnp9Vsl5fE8OUDW3z+lblbuYiVB6sWOISTONbyxtg3xpVNuZXAIcdV
NYHmy313bYso8OTdTNRzqDzqKuF3puIbE8rFHFrc+pmA071Z4Y5AljnSKFIX1dx8
kER+13e8fP30Yltw+KeXWs5T9YOCRqqefcxTh7Vp93xsXDqesEgHdmJG69yjGium
O69IgRUaVQbaccRKRnbw8xeTsfwAafhkG93xvWih1Czv
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:40:57 2025 by rpki-client