Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/fmAH5HnJun5EJ9fwg2XUo9gHhNc.roa
File: fmAH5HnJun5EJ9fwg2XUo9gHhNc.roa (raw, json)
Hash identifier: Ro1LBHk/OJzbBvzqpKt+cdwmUZheyOAYNBMS29r1SEQ=
Subject key identifier: 7E:60:07:E4:79:C9:BA:7E:44:27:D7:F0:83:65:D4:A3:D8:07:84:D7
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 0195E82369BCCC55B936C401184482F246EE
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/fmAH5HnJun5EJ9fwg2XUo9gHhNc.roa
Signing time: Sun 30 Mar 2025 17:39:49 +0000
ROA not before: Sun 30 Mar 2025 17:39:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.10.221.0/24 maxlen: 24
5.10.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Mar 2025 15:13:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e8:23:69:bc:cc:55:b9:36:c4:01:18:44:82:f2:46:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Mar 30 17:39:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e6007e479c9ba7e4427d7f08365d4a3d80784d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:01:74:99:ab:f9:b7:92:0b:c3:58:26:fe:3e:
f2:04:2b:df:ef:0d:ab:bc:c1:79:16:25:f8:08:6f:
dd:04:4c:85:38:d3:b9:3d:51:69:59:21:19:9c:28:
6a:e0:69:9e:2d:6a:cf:76:e3:5b:3b:9a:77:9d:38:
49:de:2b:6e:73:10:1b:b0:95:e4:50:fc:7c:32:5c:
52:c5:65:71:8d:f0:5d:23:13:e7:d1:ec:2b:c3:af:
1d:4b:35:6d:ee:10:ba:e4:9a:38:23:99:bc:1f:01:
e0:9a:bb:9b:4b:9e:93:45:0f:4f:47:8a:57:48:91:
b2:7a:3f:62:52:93:56:3d:ae:00:74:f5:56:e6:f8:
ae:e6:eb:a7:16:bb:0e:5b:80:07:58:ef:cf:41:d9:
ed:e5:e7:b0:c6:58:85:4f:fa:95:fc:1c:af:81:b3:
25:e2:f7:df:39:6b:b8:07:4c:69:e9:7f:aa:e8:39:
a4:9a:4d:11:b1:92:05:c8:a1:04:7c:69:7f:65:a6:
9b:f6:a4:b0:5f:de:87:e2:65:19:99:03:4c:88:c7:
a4:d0:74:06:72:33:9c:35:ed:c2:e8:6f:44:01:d3:
eb:7c:00:da:df:49:ec:6b:a3:fc:2b:65:97:5b:c3:
ed:5e:cf:3a:09:67:5b:fc:73:49:1d:61:0c:d8:5e:
b9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:60:07:E4:79:C9:BA:7E:44:27:D7:F0:83:65:D4:A3:D8:07:84:D7
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/fmAH5HnJun5EJ9fwg2XUo9gHhNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.221.0-5.10.222.255
Signature Algorithm: sha256WithRSAEncryption
6f:62:5e:65:bb:37:2c:c8:f8:3d:a1:a3:a9:20:39:70:09:2b:
67:85:54:7d:23:16:37:0e:c2:5a:4f:f1:0f:c6:6c:27:c2:ac:
68:b5:c3:cf:c2:0a:1e:47:e3:68:46:51:95:aa:61:7c:f8:80:
27:c7:6b:36:ee:39:23:ce:b7:69:66:8a:ea:8b:b2:18:2f:8a:
c2:3a:35:75:64:02:d9:8d:13:56:32:92:7e:2d:2a:f6:39:4f:
87:1e:47:6f:6f:e4:12:ae:a2:01:54:f4:ef:d5:d5:64:aa:cd:
c4:9b:5d:15:bd:97:e2:dc:3e:a5:6e:31:53:90:8f:11:35:59:
ad:1b:91:bc:d7:41:a8:0e:92:0f:b0:f6:d1:2e:6f:52:89:b8:
cd:c7:62:81:f3:26:55:d8:a1:c3:e2:95:c3:a5:e8:c0:8a:1c:
66:cd:a3:18:40:bd:6c:6a:d1:f8:d9:55:44:cf:2b:2e:a4:56:
f3:67:89:b9:88:44:ce:4d:ef:38:06:51:0e:98:d2:fe:e7:d9:
38:1e:a8:76:c5:5e:3f:83:75:96:5d:f4:e3:36:19:ad:bb:08:
81:86:12:1e:50:62:b5:56:51:52:4e:43:97:21:18:2d:7b:1f:
d7:97:d6:2a:cd:a4:4f:7e:26:a8:32:07:c1:83:19:ae:a8:a1:
86:69:7e:13
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZXoI2m8zFW5NsQBGESC8kbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwMzMwMTczOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTYwMDdlNDc5YzliYTdlNDQyN2Q3ZjA4MzY1ZDRhM2Q4MDc4NGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQF0mav5t5ILw1gm/j7yBCvf7w2r
vMF5FiX4CG/dBEyFONO5PVFpWSEZnChq4GmeLWrPduNbO5p3nThJ3itucxAbsJXk
UPx8MlxSxWVxjfBdIxPn0ewrw68dSzVt7hC65Jo4I5m8HwHgmrubS56TRQ9PR4pX
SJGyej9iUpNWPa4AdPVW5viu5uunFrsOW4AHWO/PQdnt5eewxliFT/qV/ByvgbMl
4vffOWu4B0xp6X+q6Dmkmk0RsZIFyKEEfGl/Zaab9qSwX96H4mUZmQNMiMek0HQG
cjOcNe3C6G9EAdPrfADa30nsa6P8K2WXW8PtXs86CWdb/HNJHWEM2F65mQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFH5gB+R5ybp+RCfX8INl1KPYB4TXMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvZm1BSDVIbkp1bjVFSjlmd2cyWFVvOWdIaE5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAFCt0D
BAAFCt4wDQYJKoZIhvcNAQELBQADggEBAG9iXmW7NyzI+D2ho6kgOXAJK2eFVH0j
FjcOwlpP8Q/GbCfCrGi1w8/CCh5H42hGUZWqYXz4gCfHazbuOSPOt2lmiuqLshgv
isI6NXVkAtmNE1Yykn4tKvY5T4ceR29v5BKuogFU9O/V1WSqzcSbXRW9l+LcPqVu
MVOQjxE1Wa0bkbzXQagOkg+w9tEub1KJuM3HYoHzJlXYocPilcOl6MCKHGbNoxhA
vWxq0fjZVUTPKy6kVvNnibmIRM5N7zgGUQ6Y0v7n2TgeqHbFXj+DdZZd9OM2Ga27
CIGGEh5QYrVWUVJOQ5chGC17H9eX1irNpE9+JqgyB8GDGa6ooYZpfhM=
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:37:42 2025 by rpki-client