Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/boFyAcTwZmKxv2q-CeicgJZyk3c.roa
File: boFyAcTwZmKxv2q-CeicgJZyk3c.roa (raw, json)
Hash identifier: 8NO/S2o45weeJ3Vwlfx2ps+IPr6Az74VdM7jZTYPwEA=
Subject key identifier: 6E:81:72:01:C4:F0:66:62:B1:BF:6A:BE:09:E8:9C:80:96:72:93:77
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 0196B46AA7873CAE0AE32BB7ED94AFF5ECCB
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/boFyAcTwZmKxv2q-CeicgJZyk3c.roa
Signing time: Fri 09 May 2025 09:40:10 +0000
ROA not before: Fri 09 May 2025 09:40:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.10.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 May 2025 14:42:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b4:6a:a7:87:3c:ae:0a:e3:2b:b7:ed:94:af:f5:ec:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: May 9 09:40:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e817201c4f06662b1bf6abe09e89c8096729377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c6:2c:60:b9:b7:f6:b2:94:9f:16:4e:54:85:
c9:f0:ea:b5:f4:9f:2c:97:29:de:3d:0c:d8:66:a7:
a6:4c:66:0f:45:92:d2:75:05:84:9a:cb:c4:ba:6e:
bd:0b:16:1c:c0:d4:3f:da:d8:40:11:13:dd:4d:5d:
40:ae:be:d5:c2:28:6c:cf:fc:71:63:f8:71:b5:95:
46:6c:b1:b4:93:ff:c4:33:93:68:00:da:21:e9:d8:
ed:14:51:8b:11:21:18:ab:a8:93:a4:4f:c4:63:ef:
50:af:ef:3e:fa:d5:3c:d2:2c:1e:78:f7:73:8b:7a:
0f:b0:ce:e5:44:58:32:73:fc:bf:59:b1:b0:fb:6a:
d5:15:f0:dd:50:d3:af:d2:97:b4:43:63:2d:f2:67:
5e:4b:36:9a:e0:3a:5d:64:41:69:d8:9f:11:99:38:
28:06:0c:2c:7d:fc:1d:27:ec:5a:0e:8a:6b:8a:37:
e3:22:15:59:f3:20:1a:77:c4:b7:e2:e6:9b:6d:bb:
8b:be:79:0a:bd:82:e6:c0:bb:55:d9:99:cf:0c:1b:
bd:06:12:5b:cc:69:e5:dd:f5:fc:6a:26:dd:8c:f2:
9d:94:0d:ab:3e:ca:1d:19:bc:9e:55:70:67:2a:8d:
89:e5:8e:e7:86:77:5f:1f:81:93:16:87:e7:21:3d:
79:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:81:72:01:C4:F0:66:62:B1:BF:6A:BE:09:E8:9C:80:96:72:93:77
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/boFyAcTwZmKxv2q-CeicgJZyk3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.222.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:e4:fb:7f:de:53:ba:69:9e:e2:aa:69:bd:61:8f:97:dc:86:
29:d0:f2:94:b6:7c:b8:79:6b:d9:71:45:c4:d4:29:6b:5d:2c:
bd:81:bf:25:c3:8f:46:5c:06:8d:88:b5:f7:f7:c4:16:e7:69:
b8:67:50:09:54:0c:62:5a:66:09:0b:d8:15:37:27:c6:7a:71:
fa:89:87:57:b8:ef:32:c2:0e:99:ef:24:e0:26:e7:38:72:e6:
41:8f:5b:a7:82:e6:a0:fe:ff:97:93:1f:01:9a:7d:3c:15:51:
1f:21:a9:63:5f:f0:ba:71:55:1e:34:ae:dd:99:f4:8e:6a:d8:
14:73:05:bb:fa:09:19:b4:85:2d:c7:6e:bf:67:3b:09:7b:d7:
29:35:1f:9c:7c:cb:4a:86:ec:e5:b1:4b:6f:92:70:3d:85:e3:
be:62:c8:28:41:8e:53:7e:96:40:a0:b5:81:65:6e:fd:65:ee:
bd:2c:52:f4:25:45:d8:23:f3:f4:23:ed:c4:e8:72:7e:46:5e:
a3:fb:0e:32:4c:b6:b8:7d:28:b9:c3:51:2f:bb:cc:ee:60:b4:
e6:96:70:78:36:b2:04:99:a5:1b:00:08:43:66:20:b3:a1:24:
81:86:11:95:50:7b:31:c4:c5:80:9e:6d:a2:ba:38:2a:68:bd:
14:de:e7:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZa0aqeHPK4K4yu37ZSv9ezLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwNTA5MDk0MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTgxNzIwMWM0ZjA2NjYyYjFiZjZhYmUwOWU4OWM4MDk2NzI5Mzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcYsYLm39rKUnxZOVIXJ8Oq19J8s
lynePQzYZqemTGYPRZLSdQWEmsvEum69CxYcwNQ/2thAERPdTV1Arr7Vwihsz/xx
Y/hxtZVGbLG0k//EM5NoANoh6djtFFGLESEYq6iTpE/EY+9Qr+8++tU80iweePdz
i3oPsM7lRFgyc/y/WbGw+2rVFfDdUNOv0pe0Q2Mt8mdeSzaa4DpdZEFp2J8RmTgo
BgwsffwdJ+xaDoprijfjIhVZ8yAad8S34uabbbuLvnkKvYLmwLtV2ZnPDBu9BhJb
zGnl3fX8aibdjPKdlA2rPsodGbyeVXBnKo2J5Y7nhndfH4GTFofnIT15wQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG6BcgHE8GZisb9qvgnonICWcpN3MB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvYm9GeUFjVHdabUt4djJxLUNlaWNnSlp5azNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQreMA0G
CSqGSIb3DQEBCwUAA4IBAQCm5Pt/3lO6aZ7iqmm9YY+X3IYp0PKUtny4eWvZcUXE
1ClrXSy9gb8lw49GXAaNiLX398QW52m4Z1AJVAxiWmYJC9gVNyfGenH6iYdXuO8y
wg6Z7yTgJuc4cuZBj1unguag/v+Xkx8Bmn08FVEfIaljX/C6cVUeNK7dmfSOatgU
cwW7+gkZtIUtx26/ZzsJe9cpNR+cfMtKhuzlsUtvknA9heO+YsgoQY5TfpZAoLWB
ZW79Ze69LFL0JUXYI/P0I+3E6HJ+Rl6j+w4yTLa4fSi5w1Evu8zuYLTmlnB4NrIE
maUbAAhDZiCzoSSBhhGVUHsxxMWAnm2iujgqaL0U3uck
-----END CERTIFICATE-----
Generated at Sun Jun 1 03:06:44 2025 by rpki-client