
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/F3bufzfJED93Rq20f3zc1IJMm5s.roa
File: F3bufzfJED93Rq20f3zc1IJMm5s.roa (raw, json)
Hash identifier: cIYsCNfIALM6f2+x1bPIQ/pFDeEMmhfBj1MIiucfFRc=
Subject key identifier: 17:76:EE:7F:37:C9:10:3F:77:46:AD:B4:7F:7C:DC:D4:82:4C:9B:9B
Certificate issuer: /CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Certificate serial: 0196F618132870E3F4F93A37ADFFC7C06B80
Authority key identifier: 4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/F3bufzfJED93Rq20f3zc1IJMm5s.roa
Signing time: Thu 22 May 2025 03:44:54 +0000
ROA not before: Thu 22 May 2025 03:44:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57494
IP address blocks: 5.129.207.0/24 maxlen: 24
5.129.208.0/24 maxlen: 24
5.129.209.0/24 maxlen: 24
5.129.210.0/24 maxlen: 24
5.129.211.0/24 maxlen: 24
5.129.212.0/24 maxlen: 24
5.129.213.0/24 maxlen: 24
5.129.214.0/24 maxlen: 24
5.129.215.0/24 maxlen: 24
5.129.216.0/24 maxlen: 24
5.129.217.0/24 maxlen: 24
5.129.218.0/24 maxlen: 24
5.129.219.0/24 maxlen: 24
5.129.220.0/24 maxlen: 24
5.129.221.0/24 maxlen: 24
5.129.222.0/24 maxlen: 24
5.129.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 May 2025 09:03:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f6:18:13:28:70:e3:f4:f9:3a:37:ad:ff:c7:c0:6b:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Validity
Not Before: May 22 03:44:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1776ee7f37c9103f7746adb47f7cdcd4824c9b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c4:bc:5b:e6:2a:17:5b:f1:01:80:21:db:3a:
79:d6:12:f6:fb:5c:4e:f9:69:5c:76:02:30:9b:be:
70:09:6c:30:26:b4:41:99:5f:f4:12:7d:a6:20:fd:
88:d3:3d:b8:7e:30:0a:ad:d5:98:14:7c:31:5e:af:
f0:8a:f9:78:c4:4e:a1:92:92:bb:97:e7:a4:9c:49:
d7:b6:1f:1f:9b:bd:94:7d:de:ff:25:5e:65:91:01:
73:26:d5:80:f0:24:ae:0b:1c:cf:a6:8c:1c:b0:62:
e1:49:70:41:89:e2:8d:14:18:c5:77:80:95:89:76:
40:f3:91:f6:8f:8e:db:36:16:46:e7:a9:7b:d7:f4:
8b:12:fa:5e:49:03:9a:5c:b3:4c:03:e9:83:ec:e9:
ce:ae:e3:d0:03:8b:03:74:94:d2:51:62:5f:70:12:
66:06:fe:2b:7a:ef:e9:ee:cb:36:bf:26:31:0f:9a:
6a:47:a9:cc:fa:cd:7a:89:93:03:6b:84:38:58:3b:
14:01:8c:8d:04:ff:64:c9:21:dd:dd:ad:d9:da:69:
de:25:72:ab:37:21:93:1c:d2:bb:08:53:be:66:92:
ee:48:af:9b:d7:b6:a6:0d:09:dd:7a:c5:b5:57:3d:
c8:af:e5:bb:90:9d:63:cf:89:50:98:b2:43:a1:27:
37:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:76:EE:7F:37:C9:10:3F:77:46:AD:B4:7F:7C:DC:D4:82:4C:9B:9B
X509v3 Authority Key Identifier:
keyid:4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/F3bufzfJED93Rq20f3zc1IJMm5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.129.207.0-5.129.223.255
Signature Algorithm: sha256WithRSAEncryption
89:a5:c6:46:aa:b4:d3:5b:73:13:35:c2:63:ce:72:21:2b:c5:
57:ba:ca:7c:29:ea:fe:05:7b:b4:ed:1e:0f:a0:a2:30:dd:32:
ee:88:95:39:f8:4b:82:3d:93:2f:7c:8b:2a:80:36:ed:4b:8f:
53:52:2e:c7:72:c5:ca:f5:3d:84:f3:04:48:88:b0:bd:f1:6d:
34:96:ec:fd:43:3e:b2:68:6d:72:f1:43:f3:db:ff:86:4c:76:
f6:9e:e7:53:92:f8:81:4e:ec:c6:4b:68:7c:66:e3:77:a0:ff:
26:17:9f:ca:c8:e7:58:c4:f7:92:51:4a:9f:5a:6a:15:11:64:
c1:fa:03:1a:66:d4:de:57:42:ee:11:c0:ed:bc:a5:24:44:8e:
17:76:3c:31:7c:d4:ef:6e:9c:9d:9a:07:43:af:19:77:d5:76:
f5:f6:ed:8d:8b:8c:d9:92:59:95:64:c6:c5:b8:d7:00:78:63:
de:59:79:51:81:d6:ef:30:1e:5a:54:c6:8d:1c:6f:06:47:d6:
18:38:8a:1a:55:32:11:40:55:08:34:d2:51:fa:26:96:8c:47:
4a:d0:13:52:be:0e:92:9f:16:14:68:f2:3a:d6:da:d1:54:21:
5a:4d:fa:53:26:f4:04:33:b9:d3:86:a8:8e:75:85:4e:ac:00:
cf:da:e4:bd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZb2GBMocOP0+To3rf/HwGuAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZGIzZGNkZjVlNmJlZTA5ODI1YzM3YmYzYjhiZGYyOGI2
ZmI1OTMwHhcNMjUwNTIyMDM0NDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzc2ZWU3ZjM3YzkxMDNmNzc0NmFkYjQ3ZjdjZGNkNDgyNGM5YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsS8W+YqF1vxAYAh2zp51hL2+1xO
+WlcdgIwm75wCWwwJrRBmV/0En2mIP2I0z24fjAKrdWYFHwxXq/wivl4xE6hkpK7
l+eknEnXth8fm72Ufd7/JV5lkQFzJtWA8CSuCxzPpowcsGLhSXBBieKNFBjFd4CV
iXZA85H2j47bNhZG56l71/SLEvpeSQOaXLNMA+mD7OnOruPQA4sDdJTSUWJfcBJm
Bv4reu/p7ss2vyYxD5pqR6nM+s16iZMDa4Q4WDsUAYyNBP9kySHd3a3Z2mneJXKr
NyGTHNK7CFO+ZpLuSK+b17amDQndesW1Vz3Ir+W7kJ1jz4lQmLJDoSc3ZwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBd27n83yRA/d0attH983NSCTJubMB8GA1UdIwQY
MBaAFE3bPc315r7gmCXDe/O4vfKLb7WTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEt
MjE3MGM1YzFkM2VkLzEvRjNidWZ6ZkpFRDkzUnEyMGYzemMxSUpNbTVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEtMjE3MGM1YzFkM2Vk
LzEvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAFgc8D
BAUFgcAwDQYJKoZIhvcNAQELBQADggEBAImlxkaqtNNbcxM1wmPOciErxVe6ynwp
6v4Fe7TtHg+gojDdMu6IlTn4S4I9ky98iyqANu1Lj1NSLsdyxcr1PYTzBEiIsL3x
bTSW7P1DPrJobXLxQ/Pb/4ZMdvae51OS+IFO7MZLaHxm43eg/yYXn8rI51jE95JR
Sp9aahURZMH6Axpm1N5XQu4RwO28pSREjhd2PDF81O9unJ2aB0OvGXfVdvX27Y2L
jNmSWZVkxsW41wB4Y95ZeVGB1u8wHlpUxo0cbwZH1hg4ihpVMhFAVQg00lH6JpaM
R0rQE1K+DpKfFhRo8jrW2tFUIVpN+lMm9AQzudOGqI51hU6sAM/a5L0=
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:34:34 2025 by rpki-client