Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/5cwIhL373IqSZQefI4amhdY3No4.roa
File: 5cwIhL373IqSZQefI4amhdY3No4.roa (raw, json)
Hash identifier: zGhcFEK+FkGr7SQqyxz2GwUqzh2LH1tbC7RERT8titA=
Subject key identifier: E5:CC:08:84:BD:FB:DC:8A:92:65:07:9F:23:86:A6:85:D6:37:36:8E
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 019657077BF33BFDEFF00E0D886B5BDC2DB9
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/5cwIhL373IqSZQefI4amhdY3No4.roa
Signing time: Mon 21 Apr 2025 06:27:10 +0000
ROA not before: Mon 21 Apr 2025 06:27:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 329007
IP address blocks: 152.89.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Apr 2025 13:16:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:57:07:7b:f3:3b:fd:ef:f0:0e:0d:88:6b:5b:dc:2d:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Apr 21 06:27:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5cc0884bdfbdc8a9265079f2386a685d637368e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:eb:1b:79:e4:9f:e1:da:3e:21:29:94:d9:a2:
5a:32:55:d2:50:28:8e:fc:28:55:79:bc:46:de:4d:
2e:52:83:f2:57:85:2f:42:b9:59:08:e4:55:cb:c8:
90:82:76:4e:16:39:dc:23:31:2d:48:1b:b8:23:c5:
69:c9:95:a7:b3:da:92:7b:dc:b6:7d:73:d7:4e:7d:
c3:77:a3:af:ba:41:d6:03:ab:c5:be:99:03:88:15:
9f:db:07:00:b6:52:a9:6d:a8:23:45:3e:0a:a9:81:
76:4c:d2:51:4e:5a:31:e3:2f:b0:92:3a:1c:cd:3a:
20:ee:17:90:42:0c:b7:52:93:80:77:fe:be:d0:4c:
c3:79:5f:68:63:cb:c9:a6:8b:bd:a7:c1:3f:15:d9:
1d:e0:92:21:ef:00:64:18:81:28:90:16:3b:70:bd:
13:d1:93:ff:e8:3a:04:2c:da:59:c9:57:bc:76:c1:
7d:a9:17:b9:f7:bc:61:48:76:af:c8:14:71:fc:37:
fc:ce:3e:41:7a:3a:b3:a5:4d:d6:a7:41:7e:83:15:
b4:f4:73:ad:ff:5d:f7:4e:97:f6:ba:fe:4b:bb:42:
78:16:a2:50:c7:de:62:7e:f9:24:7b:80:b8:42:30:
23:db:5c:a8:f3:ce:fa:17:94:e0:92:1a:e2:52:17:
eb:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:CC:08:84:BD:FB:DC:8A:92:65:07:9F:23:86:A6:85:D6:37:36:8E
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/5cwIhL373IqSZQefI4amhdY3No4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.28.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:0e:4f:2a:e3:38:7e:a1:04:a7:19:f5:0f:00:55:d6:7e:ef:
7e:a2:d3:a6:a7:67:d9:cc:c4:e6:a1:07:c2:2e:54:1e:81:43:
ae:91:b9:a2:a2:37:82:78:1e:0e:9d:36:08:79:02:4c:69:8c:
23:ab:57:a1:a5:3c:db:96:0d:f0:4d:31:fc:ea:3d:4a:d8:3e:
9a:d3:7b:44:76:16:48:ca:39:11:47:22:e1:d9:6a:70:c3:27:
4c:8c:11:79:51:90:fc:95:98:32:ad:65:5b:b1:52:05:7f:5f:
d7:b7:9a:0f:7c:3c:cd:23:ff:3b:5b:d9:66:e8:35:24:1c:9b:
3b:40:51:e3:2b:8f:f7:27:b0:e5:cb:f7:e2:25:d2:33:90:5f:
25:3f:f6:f9:a0:5e:9b:50:3f:4f:ea:ff:03:7f:a1:00:e4:bf:
08:29:dc:56:2a:a4:a0:74:a1:ff:2d:3a:70:e9:98:76:47:2b:
20:db:b0:78:d3:81:09:f7:5a:e5:c5:b1:1c:d4:14:8e:93:91:
19:13:16:39:95:79:fc:55:d9:bd:ec:9d:d6:5e:8e:53:83:94:
7e:19:82:9b:43:6f:2d:47:07:07:e5:84:ee:61:a6:92:17:1e:
91:61:ca:ae:2a:d2:b6:ac:cf:e0:0c:1b:0d:68:98:b0:eb:37:
bf:92:24:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZXB3vzO/3v8A4NiGtb3C25MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjUwNDIxMDYyNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWNjMDg4NGJkZmJkYzhhOTI2NTA3OWYyMzg2YTY4NWQ2MzczNjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOsbeeSf4do+ISmU2aJaMlXSUCiO
/ChVebxG3k0uUoPyV4UvQrlZCORVy8iQgnZOFjncIzEtSBu4I8VpyZWns9qSe9y2
fXPXTn3Dd6OvukHWA6vFvpkDiBWf2wcAtlKpbagjRT4KqYF2TNJRTlox4y+wkjoc
zTog7heQQgy3UpOAd/6+0EzDeV9oY8vJpou9p8E/Fdkd4JIh7wBkGIEokBY7cL0T
0ZP/6DoELNpZyVe8dsF9qRe597xhSHavyBRx/Df8zj5BejqzpU3Wp0F+gxW09HOt
/133Tpf2uv5Lu0J4FqJQx95ifvkke4C4QjAj21yo8876F5TgkhriUhfr0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOXMCIS9+9yKkmUHnyOGpoXWNzaOMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvNWN3SWhMMzczSXFTWlFlZkk0YW1oZFkzTm80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmFkcMA0G
CSqGSIb3DQEBCwUAA4IBAQBdDk8q4zh+oQSnGfUPAFXWfu9+otOmp2fZzMTmoQfC
LlQegUOukbmiojeCeB4OnTYIeQJMaYwjq1ehpTzblg3wTTH86j1K2D6a03tEdhZI
yjkRRyLh2WpwwydMjBF5UZD8lZgyrWVbsVIFf1/Xt5oPfDzNI/87W9lm6DUkHJs7
QFHjK4/3J7Dly/fiJdIzkF8lP/b5oF6bUD9P6v8Df6EA5L8IKdxWKqSgdKH/LTpw
6Zh2Rysg27B404EJ91rlxbEc1BSOk5EZExY5lXn8Vdm97J3WXo5Tg5R+GYKbQ28t
RwcH5YTuYaaSFx6RYcquKtK2rM/gDBsNaJiw6ze/kiSK
-----END CERTIFICATE-----
Generated at Tue Apr 29 18:02:00 2025 by rpki-client