Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/bsWpy8oPUF7lSya2JvVuME6-_50.roa
File: bsWpy8oPUF7lSya2JvVuME6-_50.roa (raw, json)
Hash identifier: j0+GuCION1r2QBjrXBIxjODKQWD7SDdFaFf3kcNzljM=
Subject key identifier: 6E:C5:A9:CB:CA:0F:50:5E:E5:4B:26:B6:26:F5:6E:30:4E:BE:FF:9D
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 0195E3C010398EC96673784935363BC38B45
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/bsWpy8oPUF7lSya2JvVuME6-_50.roa
Signing time: Sat 29 Mar 2025 21:12:49 +0000
ROA not before: Sat 29 Mar 2025 21:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.10.217.0/24 maxlen: 24
5.10.221.0/24 maxlen: 24
5.10.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 30 Mar 2025 17:39:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e3:c0:10:39:8e:c9:66:73:78:49:35:36:3b:c3:8b:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Mar 29 21:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ec5a9cbca0f505ee54b26b626f56e304ebeff9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e2:79:bf:a7:27:a5:54:73:42:22:87:2e:d9:
37:f6:1e:b6:91:ce:f9:da:3e:6b:dd:97:0d:12:3b:
6a:6a:94:9b:39:af:cd:94:03:9b:d4:39:3c:4f:01:
4c:a8:1b:8c:f4:69:78:fb:73:ce:83:de:e7:34:88:
95:6d:c1:d2:38:92:62:c4:10:49:3c:96:48:8a:61:
ce:c3:7b:21:cf:19:be:b1:bd:b4:89:62:de:93:38:
d8:50:8b:af:c2:8f:6e:00:c5:4f:72:8c:50:19:64:
49:4c:e4:a0:c6:c4:75:6e:1e:ce:8b:01:5a:94:30:
39:39:b5:6c:b7:19:97:a5:cc:7e:ef:db:3e:8b:97:
39:fa:dc:5c:72:b6:11:ff:88:f5:4a:b3:84:95:e2:
ff:db:b5:d3:7b:b5:f0:fe:34:f5:7b:b7:ab:4b:9c:
0f:68:92:c1:ba:35:39:2e:8d:91:50:57:df:3b:28:
f4:5d:90:d1:93:54:f8:a6:ab:f8:c6:06:57:9c:d4:
be:4b:7b:c4:5a:0c:f5:fc:22:8d:0a:da:0e:8b:a2:
f8:f9:86:7f:2a:ab:d4:83:27:47:5a:25:8d:0d:9e:
76:61:e3:74:86:d5:c5:4f:87:10:40:69:90:0a:7c:
13:71:4c:40:ce:75:72:74:19:05:6e:58:aa:05:92:
9d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C5:A9:CB:CA:0F:50:5E:E5:4B:26:B6:26:F5:6E:30:4E:BE:FF:9D
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/bsWpy8oPUF7lSya2JvVuME6-_50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.217.0/24
5.10.221.0-5.10.222.255
Signature Algorithm: sha256WithRSAEncryption
40:44:85:3c:28:ae:12:3a:57:07:29:f7:75:93:e2:8f:da:b8:
7c:15:e1:73:72:17:c3:59:9a:47:fb:4f:19:c0:54:e6:ea:98:
e6:eb:49:0c:00:39:f6:91:3e:f7:b7:4a:d1:e8:47:06:62:aa:
7d:c4:2f:a8:1f:bd:f0:54:2a:89:68:42:6a:38:e6:a7:37:84:
a1:b0:10:27:90:f4:d7:34:5a:27:0d:7d:75:8b:c3:0f:8c:54:
87:67:61:e8:4f:3c:17:1b:2d:30:b7:52:69:2c:75:97:35:6d:
5f:c1:fe:2a:c4:b9:49:fd:f7:ee:1c:0c:5f:c0:50:ce:b2:71:
a6:89:9c:c2:41:20:34:5b:cb:03:02:fa:df:2e:bc:ba:d5:84:
52:3b:b9:21:f2:e3:97:ae:2b:e3:92:df:fa:f4:64:a2:61:37:
43:d9:6e:35:4f:33:51:1e:0b:28:ec:51:45:ab:60:1c:4f:17:
97:12:c7:c4:2c:d9:51:1a:48:2b:59:cd:26:f3:b5:16:cb:04:
36:ec:a2:ce:57:f1:6b:b5:4b:b6:81:4b:af:07:06:70:a9:e8:
a9:80:87:b0:54:8b:fc:b0:0f:e8:49:40:e6:28:3f:50:4d:c5:
07:ce:be:d1:a7:49:21:02:89:8e:65:18:83:c5:49:b1:4b:17:
b3:27:71:bb
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZXjwBA5jslmc3hJNTY7w4tFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwMzI5MjExMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWM1YTljYmNhMGY1MDVlZTU0YjI2YjYyNmY1NmUzMDRlYmVmZjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteJ5v6cnpVRzQiKHLtk39h62kc75
2j5r3ZcNEjtqapSbOa/NlAOb1Dk8TwFMqBuM9Gl4+3POg97nNIiVbcHSOJJixBBJ
PJZIimHOw3shzxm+sb20iWLekzjYUIuvwo9uAMVPcoxQGWRJTOSgxsR1bh7OiwFa
lDA5ObVstxmXpcx+79s+i5c5+txccrYR/4j1SrOEleL/27XTe7Xw/jT1e7erS5wP
aJLBujU5Lo2RUFffOyj0XZDRk1T4pqv4xgZXnNS+S3vEWgz1/CKNCtoOi6L4+YZ/
KqvUgydHWiWNDZ52YeN0htXFT4cQQGmQCnwTcUxAznVydBkFbliqBZKdZQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFG7FqcvKD1Be5Usmtib1bjBOvv+dMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvYnNXcHk4b1BVRjdsU3lhMkp2VnVNRTYtXzUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQABQrZMAwD
BAAFCt0DBAAFCt4wDQYJKoZIhvcNAQELBQADggEBAEBEhTworhI6Vwcp93WT4o/a
uHwV4XNyF8NZmkf7TxnAVObqmObrSQwAOfaRPve3StHoRwZiqn3EL6gfvfBUKolo
Qmo45qc3hKGwECeQ9Nc0WicNfXWLww+MVIdnYehPPBcbLTC3UmksdZc1bV/B/irE
uUn99+4cDF/AUM6ycaaJnMJBIDRbywMC+t8uvLrVhFI7uSHy45euK+OS3/r0ZKJh
N0PZbjVPM1EeCyjsUUWrYBxPF5cSx8Qs2VEaSCtZzSbztRbLBDbsos5X8Wu1S7aB
S68HBnCp6KmAh7BUi/ywD+hJQOYoP1BNxQfOvtGnSSECiY5lGIPFSbFLF7Mncbs=
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:35:41 2025 by rpki-client