Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/600a37-f967-45b1-a1dd-07a315e9033d/1/1tZ_YZmwLStENs-ey-yXJtFi7uY.roa
File: 1tZ_YZmwLStENs-ey-yXJtFi7uY.roa (raw, json)
Hash identifier: 1FUYoAYyi92KYCaWzCslZF2bkOHFUiCx1/Yujfr6zj4=
Subject key identifier: D6:D6:7F:61:99:B0:2D:2B:44:36:CF:9E:CB:EC:97:26:D1:62:EE:E6
Certificate issuer: /CN=9870bf4f95350d0377fa8938bf4f2dcb7e72ff12
Certificate serial: 018CC493331AC8871CB0C9E2ABF471374010
Authority key identifier: 98:70:BF:4F:95:35:0D:03:77:FA:89:38:BF:4F:2D:CB:7E:72:FF:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mHC_T5U1DQN3-ok4v08ty35y_xI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/600a37-f967-45b1-a1dd-07a315e9033d/1/1tZ_YZmwLStENs-ey-yXJtFi7uY.roa
Signing time: Mon 01 Jan 2024 10:30:30 +0000
ROA not before: Mon 01 Jan 2024 10:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3194
IP address blocks: 5.10.225.0/24 maxlen: 24
5.10.226.0/24 maxlen: 24
5.10.224.0/24 maxlen: 24
5.10.229.0/24 maxlen: 24
5.10.230.0/24 maxlen: 24
5.10.227.0/24 maxlen: 24
5.10.231.0/24 maxlen: 24
5.10.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:33:1a:c8:87:1c:b0:c9:e2:ab:f4:71:37:40:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9870bf4f95350d0377fa8938bf4f2dcb7e72ff12
Validity
Not Before: Jan 1 10:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6d67f6199b02d2b4436cf9ecbec9726d162eee6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:87:af:27:d8:6d:c1:1c:08:0e:22:a0:88:0d:
b9:fb:59:f3:36:31:c4:c4:11:0b:40:5e:80:cf:69:
b3:83:93:b0:94:f7:6a:b3:bd:da:84:0e:75:d6:63:
4b:9d:bd:4d:38:1d:e6:62:cf:97:fe:21:00:1d:08:
26:48:6f:c8:32:f1:a0:cd:7c:2c:cf:80:0e:18:0b:
30:fe:98:23:55:b9:4c:6e:16:69:00:d1:d6:f1:9a:
f0:16:59:34:f6:67:6b:17:ed:42:36:d3:72:1c:b3:
dc:8d:20:c3:46:c9:76:67:41:06:d6:f6:88:3a:70:
c9:3f:81:cb:07:89:27:96:59:07:6e:c2:a3:62:24:
48:3d:3c:58:4c:43:4b:75:3f:6a:c2:97:4b:29:df:
e1:11:6c:5b:3a:37:ef:ca:9f:db:c4:7a:f7:09:ee:
14:33:68:9d:ae:e6:28:ca:28:12:e5:27:b8:1a:5f:
d1:58:f4:d4:ce:da:2b:cf:40:f1:5a:8b:1f:80:3a:
1a:58:b8:36:84:b5:ec:2c:fa:3d:bc:7a:ef:fe:eb:
2e:b1:20:a9:bc:09:15:52:a8:4a:45:3c:65:d9:9e:
48:d4:3f:e9:56:f7:01:91:51:a3:76:00:66:df:17:
fa:4d:f1:be:54:eb:41:fc:69:ea:7a:15:42:ba:f7:
53:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D6:7F:61:99:B0:2D:2B:44:36:CF:9E:CB:EC:97:26:D1:62:EE:E6
X509v3 Authority Key Identifier:
keyid:98:70:BF:4F:95:35:0D:03:77:FA:89:38:BF:4F:2D:CB:7E:72:FF:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mHC_T5U1DQN3-ok4v08ty35y_xI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/600a37-f967-45b1-a1dd-07a315e9033d/1/1tZ_YZmwLStENs-ey-yXJtFi7uY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/600a37-f967-45b1-a1dd-07a315e9033d/1/mHC_T5U1DQN3-ok4v08ty35y_xI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.224.0/21
Signature Algorithm: sha256WithRSAEncryption
95:3e:b3:75:73:28:20:c3:da:af:57:c0:0c:57:82:0e:a4:90:
70:1d:15:59:51:0e:94:f2:1c:4b:88:0c:7c:d8:1c:ee:be:94:
b9:85:c1:ab:72:bd:d3:31:a4:f1:58:71:bd:11:63:fa:af:ba:
11:0e:77:66:95:a8:80:2f:87:1b:f1:bf:49:df:98:23:30:e7:
90:a1:ae:6b:54:6a:9c:fe:3f:a7:fd:e6:87:9f:d6:84:e4:9b:
ec:d1:d4:7f:43:21:74:9f:e4:fa:26:ea:10:83:8f:3d:be:f5:
e1:be:ec:19:95:27:87:3f:d4:a3:4c:da:70:57:4d:1f:3a:c1:
97:54:1d:80:a4:94:11:32:96:22:c7:ec:91:47:cb:d6:9a:d9:
e0:4b:81:a7:6b:a5:18:88:70:3f:2e:79:8a:cb:34:7d:87:46:
6c:4b:1a:ce:d2:12:78:d6:bd:06:3c:d7:ef:70:38:60:f4:c0:
37:fe:de:df:30:1a:e0:b4:bc:68:07:70:e7:f7:68:48:71:d7:
31:b3:47:8e:87:1f:f2:3d:6d:6e:39:8c:71:6d:7f:ad:b9:0c:
37:75:c6:53:45:d2:a3:18:d2:19:e1:64:df:c0:fc:98:dd:8b:
b8:1a:36:d2:5e:c5:0b:f8:7e:78:68:86:ec:a7:d4:97:2f:f6:
9d:ad:75:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkzMayIccsMniq/RxN0AQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NzBiZjRmOTUzNTBkMDM3N2ZhODkzOGJmNGYyZGNiN2U3
MmZmMTIwHhcNMjQwMTAxMTAzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQ2N2Y2MTk5YjAyZDJiNDQzNmNmOWVjYmVjOTcyNmQxNjJlZWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4evJ9htwRwIDiKgiA25+1nzNjHE
xBELQF6Az2mzg5OwlPdqs73ahA511mNLnb1NOB3mYs+X/iEAHQgmSG/IMvGgzXws
z4AOGAsw/pgjVblMbhZpANHW8ZrwFlk09mdrF+1CNtNyHLPcjSDDRsl2Z0EG1vaI
OnDJP4HLB4knllkHbsKjYiRIPTxYTENLdT9qwpdLKd/hEWxbOjfvyp/bxHr3Ce4U
M2idruYoyigS5Se4Gl/RWPTUztorz0DxWosfgDoaWLg2hLXsLPo9vHrv/ususSCp
vAkVUqhKRTxl2Z5I1D/pVvcBkVGjdgBm3xf6TfG+VOtB/GnqehVCuvdThQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNbWf2GZsC0rRDbPnsvslybRYu7mMB8GA1UdIwQY
MBaAFJhwv0+VNQ0Dd/qJOL9PLct+cv8SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUhDX1Q1VTFEUU4zLW9rNHYwOHR5MzV5X3hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi82MDBhMzctZjk2Ny00NWIxLWExZGQt
MDdhMzE1ZTkwMzNkLzEvMXRaX1labXdMU3RFTnMtZXkteVhKdEZpN3VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi82MDBhMzctZjk2Ny00NWIxLWExZGQtMDdhMzE1ZTkwMzNk
LzEvbUhDX1Q1VTFEUU4zLW9rNHYwOHR5MzV5X3hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBQrgMA0G
CSqGSIb3DQEBCwUAA4IBAQCVPrN1cyggw9qvV8AMV4IOpJBwHRVZUQ6U8hxLiAx8
2BzuvpS5hcGrcr3TMaTxWHG9EWP6r7oRDndmlaiAL4cb8b9J35gjMOeQoa5rVGqc
/j+n/eaHn9aE5Jvs0dR/QyF0n+T6JuoQg489vvXhvuwZlSeHP9SjTNpwV00fOsGX
VB2ApJQRMpYix+yRR8vWmtngS4Gna6UYiHA/LnmKyzR9h0ZsSxrO0hJ41r0GPNfv
cDhg9MA3/t7fMBrgtLxoB3Dn92hIcdcxs0eOhx/yPW1uOYxxbX+tuQw3dcZTRdKj
GNIZ4WTfwPyY3Yu4GjbSXsUL+H54aIbsp9SXL/adrXVu
-----END CERTIFICATE-----
Generated at Sun Jun 15 13:22:30 2025 by rpki-client