Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/YsFbhaNpiHO0356ZktIVsRcHKyk.roa
File: YsFbhaNpiHO0356ZktIVsRcHKyk.roa (raw, json)
Hash identifier: MxHsBT3cPf9wXSjsXrHtLqqxxsXi/YvUatSVW0a1asQ=
Subject key identifier: 62:C1:5B:85:A3:69:88:73:B4:DF:9E:99:92:D2:15:B1:17:07:2B:29
Certificate issuer: /CN=4a8e68702ef5d48c4f2b072d9cb473e62b87b3e4
Certificate serial: 01941FFAA3AED5E3EF8A2337DD4826B1376A
Authority key identifier: 4A:8E:68:70:2E:F5:D4:8C:4F:2B:07:2D:9C:B4:73:E6:2B:87:B3:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/So5ocC711IxPKwctnLRz5iuHs-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/YsFbhaNpiHO0356ZktIVsRcHKyk.roa
Signing time: Wed 01 Jan 2025 03:48:27 +0000
ROA not before: Wed 01 Jan 2025 03:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47215
IP address blocks: 5.28.40.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 03 Jan 2025 10:18:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a3:ae:d5:e3:ef:8a:23:37:dd:48:26:b1:37:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a8e68702ef5d48c4f2b072d9cb473e62b87b3e4
Validity
Not Before: Jan 1 03:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62c15b85a3698873b4df9e9992d215b117072b29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ef:fb:65:6e:c8:1f:10:0f:b6:f5:95:b5:66:
5b:0c:61:ea:e5:21:77:8e:5a:29:5c:97:55:ec:ee:
42:b0:d8:a3:bd:e6:13:f6:9b:bc:68:c3:75:7c:90:
03:6d:bc:41:c1:0c:1f:58:76:b1:6f:52:6a:fe:69:
24:ed:02:6d:4c:bf:b7:f3:32:d7:12:65:06:2f:e2:
af:39:44:1f:e9:ae:0a:8e:46:32:7b:c5:9b:f5:ed:
af:4b:a1:4e:7a:f0:d4:d7:b0:6d:73:ed:47:d4:9c:
55:cf:de:3f:6f:f1:8a:19:ac:d2:b4:8a:ac:f7:8b:
f3:2e:20:af:24:c9:fd:67:a9:2d:60:ba:e2:1c:1d:
4f:ee:af:69:5f:d4:bd:4d:d2:08:f3:bc:66:cf:3f:
c9:5a:63:f3:89:74:b5:d2:6a:4e:db:7e:07:06:6a:
5e:6c:1e:4d:73:73:37:83:15:f4:a5:62:76:6b:b7:
83:a1:9d:17:af:10:94:29:65:d4:12:2f:30:18:f3:
ee:ab:e8:5e:f8:cf:ec:ec:d1:1c:fe:34:ec:ae:fd:
17:8b:a7:76:12:ae:68:43:c6:04:fa:cd:bc:dd:a7:
d5:75:58:06:58:3a:af:8c:38:4e:0e:cb:f1:8d:c6:
da:51:03:70:5f:9a:87:2d:aa:ba:8a:a1:4c:af:fb:
d4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:C1:5B:85:A3:69:88:73:B4:DF:9E:99:92:D2:15:B1:17:07:2B:29
X509v3 Authority Key Identifier:
keyid:4A:8E:68:70:2E:F5:D4:8C:4F:2B:07:2D:9C:B4:73:E6:2B:87:B3:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/So5ocC711IxPKwctnLRz5iuHs-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/YsFbhaNpiHO0356ZktIVsRcHKyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/So5ocC711IxPKwctnLRz5iuHs-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.40.0/21
Signature Algorithm: sha256WithRSAEncryption
08:e9:f3:62:14:4a:8b:28:6a:28:6c:32:ae:25:25:67:59:b5:
82:ce:c6:f6:50:04:2f:45:a0:29:78:f0:b3:f1:65:98:eb:b9:
6a:37:c7:45:d2:e6:ae:59:57:50:2b:36:c4:49:50:d8:db:35:
00:e6:71:32:b8:e6:9d:44:c8:c9:d6:55:c0:8e:c0:14:8b:df:
ff:4a:67:93:2d:3f:be:99:03:2c:d3:47:38:f1:da:f2:ce:96:
be:e8:aa:d4:79:4b:09:b2:fe:92:31:b1:c3:01:c4:d7:fe:49:
99:85:23:10:04:19:e9:5e:58:63:e6:87:a5:40:95:00:8d:ea:
37:65:90:65:10:7f:a2:bb:a8:f6:97:52:96:cc:d2:93:4b:97:
48:46:ae:5c:c5:e8:02:00:41:f2:a4:8f:06:88:f9:6e:cf:0d:
b3:f3:8d:32:00:02:8f:97:2b:30:9a:be:2b:70:3f:37:a4:c6:
fd:69:b6:e0:ec:fe:99:ec:f8:26:f9:84:fd:fa:d4:84:a8:e8:
c6:12:37:6e:b5:91:f0:dc:51:94:43:d1:10:4b:03:b2:84:e9:
ba:df:b1:68:18:fc:98:64:bf:93:b0:f2:55:0c:51:e2:34:6a:
e4:53:7f:7f:20:02:6f:5b:43:31:ef:93:7c:da:c0:33:4c:5b:
cc:63:66:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+qOu1ePviiM33UgmsTdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOGU2ODcwMmVmNWQ0OGM0ZjJiMDcyZDljYjQ3M2U2MmI4
N2IzZTQwHhcNMjUwMTAxMDM0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmMxNWI4NWEzNjk4ODczYjRkZjllOTk5MmQyMTViMTE3MDcyYjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmu/7ZW7IHxAPtvWVtWZbDGHq5SF3
jlopXJdV7O5CsNijveYT9pu8aMN1fJADbbxBwQwfWHaxb1Jq/mkk7QJtTL+38zLX
EmUGL+KvOUQf6a4KjkYye8Wb9e2vS6FOevDU17Btc+1H1JxVz94/b/GKGazStIqs
94vzLiCvJMn9Z6ktYLriHB1P7q9pX9S9TdII87xmzz/JWmPziXS10mpO234HBmpe
bB5Nc3M3gxX0pWJ2a7eDoZ0XrxCUKWXUEi8wGPPuq+he+M/s7NEc/jTsrv0Xi6d2
Eq5oQ8YE+s283afVdVgGWDqvjDhODsvxjcbaUQNwX5qHLaq6iqFMr/vUiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGLBW4WjaYhztN+emZLSFbEXByspMB8GA1UdIwQY
MBaAFEqOaHAu9dSMTysHLZy0c+Yrh7PkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU281b2NDNzExSXhQS3djdG5MUno1aXVIcy1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9kMTlmYzItODk0OS00ZmU2LTkzMWIt
MWM0YmI1OGFiNzIwLzEvWXNGYmhhTnBpSE8wMzU2Wmt0SVZzUmNIS3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9kMTlmYzItODk0OS00ZmU2LTkzMWItMWM0YmI1OGFiNzIw
LzEvU281b2NDNzExSXhQS3djdG5MUno1aXVIcy1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBRwoMA0G
CSqGSIb3DQEBCwUAA4IBAQAI6fNiFEqLKGoobDKuJSVnWbWCzsb2UAQvRaApePCz
8WWY67lqN8dF0uauWVdQKzbESVDY2zUA5nEyuOadRMjJ1lXAjsAUi9//SmeTLT++
mQMs00c48dryzpa+6KrUeUsJsv6SMbHDAcTX/kmZhSMQBBnpXlhj5oelQJUAjeo3
ZZBlEH+iu6j2l1KWzNKTS5dIRq5cxegCAEHypI8GiPluzw2z840yAAKPlyswmr4r
cD83pMb9abbg7P6Z7Pgm+YT9+tSEqOjGEjdutZHw3FGUQ9EQSwOyhOm637FoGPyY
ZL+TsPJVDFHiNGrkU39/IAJvW0Mx75N82sAzTFvMY2YZ
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:43:15 2025 by rpki-client