Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/mZjPNvc0oqZZaXmkQOqwVmDKLWQ.roa
File: mZjPNvc0oqZZaXmkQOqwVmDKLWQ.roa (raw, json)
Hash identifier: yPVklsKXQutrSzeTRK0FNoeUV90wolW5v1KwQNzo7sk=
Subject key identifier: 99:98:CF:36:F7:34:A2:A6:59:69:79:A4:40:EA:B0:56:60:CA:2D:64
Certificate issuer: /CN=1372e0c2b83dd5109013c7f1c0bb9716d3618dd2
Certificate serial: 0196A6FBEEA3B53EEC47BD3B6411D0EF9968
Authority key identifier: 13:72:E0:C2:B8:3D:D5:10:90:13:C7:F1:C0:BB:97:16:D3:61:8D:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E3Lgwrg91RCQE8fxwLuXFtNhjdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/mZjPNvc0oqZZaXmkQOqwVmDKLWQ.roa
Signing time: Tue 06 May 2025 19:04:10 +0000
ROA not before: Tue 06 May 2025 19:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 5.252.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 May 2025 15:17:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a6:fb:ee:a3:b5:3e:ec:47:bd:3b:64:11:d0:ef:99:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1372e0c2b83dd5109013c7f1c0bb9716d3618dd2
Validity
Not Before: May 6 19:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9998cf36f734a2a6596979a440eab05660ca2d64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fd:f6:4f:aa:a4:23:40:e1:ef:c8:30:0f:a8:
de:f7:77:74:a4:62:3f:8d:65:85:f0:f1:5b:4c:18:
84:99:a1:c2:70:07:fd:45:2f:d2:90:19:97:f3:81:
1d:b0:28:8c:ab:b8:93:70:b8:5f:68:4e:35:bb:04:
73:0e:b3:0b:88:e5:fa:d6:e6:0e:66:76:f7:31:25:
e4:bd:e9:b6:8e:01:2d:26:85:28:ea:c1:f5:ac:38:
a1:61:1f:c8:dd:95:b5:64:89:85:4b:3f:24:65:61:
b0:5d:92:d9:4a:2d:d4:38:f9:08:17:cf:52:23:6d:
94:27:3f:96:e8:fe:de:e1:d5:fa:0a:d7:9b:4a:36:
12:3b:a7:12:d2:af:77:16:c4:5c:fa:e8:88:fe:5a:
4c:49:2b:45:95:51:21:0b:40:09:a7:b5:b3:9e:51:
4f:79:4b:a2:2d:e3:1a:c7:bf:d8:4f:b7:97:52:25:
1a:15:bc:f8:67:00:b8:44:7d:6d:81:09:2b:e7:4f:
06:97:5d:0a:70:9b:49:fd:45:6e:94:24:15:52:25:
29:21:b7:06:13:dd:94:38:95:e2:53:98:c4:30:2d:
5a:58:f1:55:68:6b:f3:e3:3c:e9:ea:ac:54:c9:6d:
fd:3f:66:b9:76:66:2b:87:77:d9:50:cd:dc:6b:93:
dd:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:98:CF:36:F7:34:A2:A6:59:69:79:A4:40:EA:B0:56:60:CA:2D:64
X509v3 Authority Key Identifier:
keyid:13:72:E0:C2:B8:3D:D5:10:90:13:C7:F1:C0:BB:97:16:D3:61:8D:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E3Lgwrg91RCQE8fxwLuXFtNhjdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/mZjPNvc0oqZZaXmkQOqwVmDKLWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/E3Lgwrg91RCQE8fxwLuXFtNhjdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.199.0/24
Signature Algorithm: sha256WithRSAEncryption
41:64:93:e8:2a:e1:37:97:17:5c:19:21:a0:b0:57:42:f1:1f:
07:db:ae:2d:1e:95:24:eb:d7:93:eb:95:30:f9:38:9f:36:52:
42:21:c4:a0:5e:96:ba:07:f0:a5:d9:19:ce:c7:3a:0d:78:5e:
c7:4d:ba:da:25:d8:d2:ac:2a:c8:77:6e:f5:02:24:8d:b7:eb:
b9:bb:ae:b4:33:95:ba:cf:21:a5:2c:e8:d2:fd:6d:20:f7:05:
6d:2b:ab:0a:c4:fe:c5:01:2a:99:e3:ef:27:88:5b:77:e1:cd:
f3:df:5b:ab:73:f1:ed:a1:32:55:ff:4c:25:3e:49:69:f2:af:
19:06:b5:b8:74:bb:43:28:d9:cd:39:63:05:d9:6e:a8:3a:dd:
ec:93:88:8d:de:c1:1e:15:3c:21:31:25:dd:55:ef:57:51:6f:
d3:f2:89:90:66:ec:af:98:5f:9f:1f:ee:7e:be:f2:1c:dc:9c:
b6:bb:c5:11:aa:1a:35:3d:56:17:e7:fe:23:fd:74:a1:5b:cc:
5e:fb:56:f6:cf:c3:9a:ba:0c:bf:c3:49:45:cb:18:06:0d:e6:
92:db:6c:02:83:df:cc:b5:db:5a:c2:92:32:30:d1:6e:58:7e:
a2:07:67:a5:1d:9d:b1:82:2a:9b:ed:28:c7:bf:7e:d2:ab:93:
28:e0:ee:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZam++6jtT7sR707ZBHQ75loMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNzJlMGMyYjgzZGQ1MTA5MDEzYzdmMWMwYmI5NzE2ZDM2
MThkZDIwHhcNMjUwNTA2MTkwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTk4Y2YzNmY3MzRhMmE2NTk2OTc5YTQ0MGVhYjA1NjYwY2EyZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/32T6qkI0Dh78gwD6je93d0pGI/
jWWF8PFbTBiEmaHCcAf9RS/SkBmX84EdsCiMq7iTcLhfaE41uwRzDrMLiOX61uYO
Znb3MSXkvem2jgEtJoUo6sH1rDihYR/I3ZW1ZImFSz8kZWGwXZLZSi3UOPkIF89S
I22UJz+W6P7e4dX6CtebSjYSO6cS0q93FsRc+uiI/lpMSStFlVEhC0AJp7WznlFP
eUuiLeMax7/YT7eXUiUaFbz4ZwC4RH1tgQkr508Gl10KcJtJ/UVulCQVUiUpIbcG
E92UOJXiU5jEMC1aWPFVaGvz4zzp6qxUyW39P2a5dmYrh3fZUM3ca5PdLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJmYzzb3NKKmWWl5pEDqsFZgyi1kMB8GA1UdIwQY
MBaAFBNy4MK4PdUQkBPH8cC7lxbTYY3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTNMZ3dyZzkxUkNRRThmeHdMdVhGdE5oamRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8yMjFmZDYtZTRmNi00M2UzLTk0NmQt
ZGQxZWM1N2Q3ZTc0LzEvbVpqUE52YzBvcVpaYVhta1FPcXdWbURLTFdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8yMjFmZDYtZTRmNi00M2UzLTk0NmQtZGQxZWM1N2Q3ZTc0
LzEvRTNMZ3dyZzkxUkNRRThmeHdMdVhGdE5oamRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABfzHMA0G
CSqGSIb3DQEBCwUAA4IBAQBBZJPoKuE3lxdcGSGgsFdC8R8H264tHpUk69eT65Uw
+TifNlJCIcSgXpa6B/Cl2RnOxzoNeF7HTbraJdjSrCrId271AiSNt+u5u660M5W6
zyGlLOjS/W0g9wVtK6sKxP7FASqZ4+8niFt34c3z31urc/HtoTJV/0wlPklp8q8Z
BrW4dLtDKNnNOWMF2W6oOt3sk4iN3sEeFTwhMSXdVe9XUW/T8omQZuyvmF+fH+5+
vvIc3Jy2u8URqho1PVYX5/4j/XShW8xe+1b2z8Oaugy/w0lFyxgGDeaS22wCg9/M
tdtawpIyMNFuWH6iB2elHZ2xgiqb7SjHv37Sq5Mo4O7R
-----END CERTIFICATE-----
Generated at Sat Jun 7 17:13:57 2025 by rpki-client