Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/NzBqGDHE_ujdzWbqXbqtcizqBK0.roa
File: NzBqGDHE_ujdzWbqXbqtcizqBK0.roa (raw, json)
Hash identifier: h3ac9w5c2h7UQHpeQWsNqAkzx8vvqUjsX8/mgP7Vkr4=
Subject key identifier: 37:30:6A:18:31:C4:FE:E8:DD:CD:66:EA:5D:BA:AD:72:2C:EA:04:AD
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 0195D3CBE50F8095097AA0CD16170E175802
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/NzBqGDHE_ujdzWbqXbqtcizqBK0.roa
Signing time: Wed 26 Mar 2025 18:51:49 +0000
ROA not before: Wed 26 Mar 2025 18:51:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.10.213.0/24 maxlen: 24
5.10.214.0/24 maxlen: 24
5.10.215.0/24 maxlen: 24
5.10.217.0/24 maxlen: 24
5.10.218.0/24 maxlen: 24
5.10.219.0/24 maxlen: 24
5.10.220.0/24 maxlen: 24
5.10.221.0/24 maxlen: 24
5.10.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Mar 2025 19:38:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d3:cb:e5:0f:80:95:09:7a:a0:cd:16:17:0e:17:58:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Mar 26 18:51:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37306a1831c4fee8ddcd66ea5dbaad722cea04ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:63:8f:3a:71:c1:68:00:1a:a7:fb:19:ab:d7:
55:22:a6:28:1a:9f:28:95:9e:ab:1a:cd:33:88:69:
95:a6:9c:91:16:9c:c5:58:87:41:37:57:a7:b2:2e:
65:39:78:f7:c6:2c:98:50:be:65:e5:26:0d:71:c4:
70:87:b9:2f:5b:ed:ba:57:1a:b6:52:31:0b:47:f8:
d2:62:22:6b:bb:46:f3:de:a7:21:c0:fa:71:b0:cc:
79:eb:a0:b5:88:ab:02:09:45:be:25:a7:ca:8f:99:
6e:79:f1:42:98:c0:ad:de:9d:71:b1:56:0c:d1:c0:
c4:8d:28:e0:96:de:a5:4c:9f:93:10:e4:32:8b:5d:
99:72:4a:00:00:29:80:55:4d:9e:80:2b:ef:c3:f0:
aa:c0:f5:d2:e2:43:42:54:5f:60:a9:48:8d:41:40:
96:29:a7:7b:e2:41:ec:c5:63:57:88:8c:08:5c:9e:
24:1e:16:17:d3:51:e4:d2:ff:4c:8e:c1:e1:e8:25:
08:d6:18:10:8a:89:6b:cc:82:c8:57:c4:f7:e9:ef:
69:ee:cc:85:71:c4:d8:81:a6:15:45:da:27:a6:0c:
4c:e2:e1:18:28:29:eb:7d:92:6a:8c:55:f6:ec:79:
ed:25:d6:95:a0:df:c7:ff:68:88:cb:85:32:de:e4:
6a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:30:6A:18:31:C4:FE:E8:DD:CD:66:EA:5D:BA:AD:72:2C:EA:04:AD
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/NzBqGDHE_ujdzWbqXbqtcizqBK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.213.0-5.10.215.255
5.10.217.0-5.10.222.255
Signature Algorithm: sha256WithRSAEncryption
42:bd:3c:18:f5:60:a6:13:6a:33:dd:b5:b8:ae:97:13:b9:b4:
c8:4d:7c:ea:17:46:ea:e1:d0:3e:84:86:88:1d:84:91:c2:49:
5e:48:5f:c9:9a:fc:9a:4f:18:65:77:5c:70:86:5b:d3:53:93:
d6:18:ed:df:9f:15:6f:3d:bf:a7:e7:f3:53:f6:a0:5e:2a:87:
e2:05:cc:43:d2:f4:fc:7a:d6:62:e1:05:5f:e4:30:a6:f7:a0:
e4:f5:20:a6:59:c5:35:03:9a:a3:41:6a:84:9c:38:da:ba:e8:
ea:d0:03:58:11:82:8e:65:3c:cb:40:1a:5d:71:d7:40:27:ea:
ab:1f:01:05:51:6e:90:0a:ed:65:8a:c8:98:3e:fe:06:19:04:
56:74:81:ce:d4:b7:b9:51:f2:5a:35:56:f9:be:c7:15:00:b5:
f0:b0:6b:fb:b2:cc:ac:1f:91:35:78:cd:b5:cd:3f:8c:06:24:
e1:47:bc:72:11:2e:7d:2e:e3:d1:61:1e:e6:1f:b1:dc:ea:74:
af:19:14:46:00:0e:42:7f:9f:7e:56:9a:08:a8:91:1a:a2:71:
9e:77:70:b5:f8:fa:59:e2:6f:ae:d0:b9:bf:58:9e:18:3f:3b:
5c:80:bb:83:4d:93:c7:fe:8f:8a:22:92:d3:77:44:c0:d8:01:
71:af:f4:c5
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZXTy+UPgJUJeqDNFhcOF1gCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwMzI2MTg1MTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzMwNmExODMxYzRmZWU4ZGRjZDY2ZWE1ZGJhYWQ3MjJjZWEwNGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWOPOnHBaAAap/sZq9dVIqYoGp8o
lZ6rGs0ziGmVppyRFpzFWIdBN1ensi5lOXj3xiyYUL5l5SYNccRwh7kvW+26Vxq2
UjELR/jSYiJru0bz3qchwPpxsMx566C1iKsCCUW+JafKj5luefFCmMCt3p1xsVYM
0cDEjSjglt6lTJ+TEOQyi12ZckoAACmAVU2egCvvw/CqwPXS4kNCVF9gqUiNQUCW
Kad74kHsxWNXiIwIXJ4kHhYX01Hk0v9MjsHh6CUI1hgQiolrzILIV8T36e9p7syF
ccTYgaYVRdonpgxM4uEYKCnrfZJqjFX27HntJdaVoN/H/2iIy4Uy3uRqHwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDcwahgxxP7o3c1m6l26rXIs6gStMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvTnpCcUdESEVfdWpkeldicVhicXRjaXpxQkswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAAFCtUD
BAMFCtAwDAMEAAUK2QMEAAUK3jANBgkqhkiG9w0BAQsFAAOCAQEAQr08GPVgphNq
M921uK6XE7m0yE186hdG6uHQPoSGiB2EkcJJXkhfyZr8mk8YZXdccIZb01OT1hjt
358Vbz2/p+fzU/agXiqH4gXMQ9L0/HrWYuEFX+Qwpveg5PUgplnFNQOao0FqhJw4
2rro6tADWBGCjmU8y0AaXXHXQCfqqx8BBVFukArtZYrImD7+BhkEVnSBztS3uVHy
WjVW+b7HFQC18LBr+7LMrB+RNXjNtc0/jAYk4Ue8chEufS7j0WEe5h+x3Op0rxkU
RgAOQn+fflaaCKiRGqJxnndwtfj6WeJvrtC5v1ieGD87XIC7g02Tx/6PiiKS03dE
wNgBca/0xQ==
-----END CERTIFICATE-----
Generated at Tue Apr 29 02:37:15 2025 by rpki-client